An attacker is logged in as a normal user and can somehow make admin to delete shared folders in ownCloud Server prior to 10.0.2.
owncloud owncloud