Lucene search
HistoryMar 14, 2014 - 4:55 p.m.
CVE-2013-1850
owncloud
incomplete blacklist vulnerabilities
.htaccess
remote authenticated users
nvd
cve-2013-1850
6.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
7.4 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
64.9%
Multiple incomplete blacklist vulnerabilities in (1) import.php and (2) ajax/uploadimport.php in apps/contacts/ in ownCloud before 4.0.13 and 4.5.x before 4.5.8 allow remote authenticated users to execute arbitrary PHP code by uploading a .htaccess file.
Affected configurations
Node
owncloudowncloudMatch4.5.0
ORowncloudowncloudMatch4.5.1
ORowncloudowncloudMatch4.5.2
ORowncloudowncloudMatch4.5.3
ORowncloudowncloudMatch4.5.4
ORowncloudowncloudMatch4.5.5
ORowncloudowncloudMatch4.5.6
ORowncloudowncloudMatch4.5.7
Node
owncloudowncloudRange≤4.0.12
ORowncloudowncloudMatch3.0.0
ORowncloudowncloudMatch3.0.1
ORowncloudowncloudMatch3.0.2
ORowncloudowncloudMatch3.0.3
ORowncloudowncloudMatch4.0.0
ORowncloudowncloudMatch4.0.1
ORowncloudowncloudMatch4.0.2
ORowncloudowncloudMatch4.0.3
ORowncloudowncloudMatch4.0.4
ORowncloudowncloudMatch4.0.5
ORowncloudowncloudMatch4.0.6
ORowncloudowncloudMatch4.0.7
ORowncloudowncloudMatch4.0.8
ORowncloudowncloudMatch4.0.9
ORowncloudowncloudMatch4.0.10
ORowncloudowncloudMatch4.0.11
Related
cvelist
cvelist
CVE-2013-1850
2014-03-14 16:00:00
ubuntucve
ubuntucve
CVE-2013-1850
2014-03-14 00:00:00
prion
prion
Input validation
2014-03-14 16:55:00
nvd
nvd
CVE-2013-1850
2014-03-14 16:55:04
owncloud
owncloud
Server: Incomplete blacklist vulnerability
2013-03-14 10:42:22
Incomplete blacklist vulnerability - ownCloud
2013-03-14 17:42:17
openvas
openvas
6.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
7.4 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
64.9%
Related for CVE-2013-1850