Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
owncloudOwnCloudOC-SA-2013-009
HistoryMar 14, 2013 - 10:42 a.m.

Server: Incomplete blacklist vulnerability

2013-03-1410:42:22
owncloud.org
21

0.002 Low

EPSS

Percentile

64.9%

JSON

Incomplete blacklist vulnerability in apps/contacts/import.php and apps/contacts/ajax/uploadimport.php in ownCloud before 4.0.13 and 4.5.8 allows an authenticated remote attacker to upload a .htaccess file and therefore the execution of arbitrary PHP code in a standard Apache installation.

For more information please consult the official advisory.

This advisory is licensed CC BY-SA 4.0

Related

ubuntucve 1
prion 1
nvd 1
cvelist 1
cve 1
owncloud 1
openvas 1
ubuntucve
ubuntucve
CVE-2013-1850
2014-03-14 00:00:00
prion
prion
Input validation
2014-03-14 16:55:00
nvd
nvd
CVE-2013-1850
2014-03-14 16:55:04
cvelist
cvelist
CVE-2013-1850
2014-03-14 16:00:00
cve
cve
CVE-2013-1850
2014-03-14 16:55:04
owncloud
owncloud
Incomplete blacklist vulnerability - ownCloud
2013-03-14 17:42:17
openvas
openvas
ownCloud Multiple Code Execution & Local File Disclosure Vulnerabilities (May 2014)
2014-05-05 00:00:00

0.002 Low

EPSS

Percentile

64.9%

JSON
Related for OC-SA-2013-009
ubuntucve1prion1nvd1cvelist1cve1owncloud1openvas1