Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
owncloudOwnCloudOC-SA-2013-012
HistoryApr 02, 2013 - 11:42 a.m.

Server: contacts: SQL Injection

2013-04-0211:42:22
owncloud.org
14

0.002 Low

EPSS

Percentile

56.2%

JSON

ownCloud before 5.0.1 does not neutralize special elements that are passed to the SQL query in addressbookprovider.php which therefore allows an authenticated attacker to execute arbitrary SQL commands.

For more information please consult the official advisory.

This advisory is licensed CC BY-SA 4.0

CPENameOperatorVersion
owncloud serverlt5.0.1

Related

cve 1
owncloud 1
cvelist 1
ubuntucve 1
nvd 1
prion 1
openvas 1
cve
cve
CVE-2013-1893
2014-03-09 13:16:56
owncloud
owncloud
contacts: SQL Injection - ownCloud
2013-04-02 17:48:19
cvelist
cvelist
CVE-2013-1893
2014-03-07 20:00:00
ubuntucve
ubuntucve
CVE-2013-1893
2014-03-09 00:00:00
nvd
nvd
CVE-2013-1893
2014-03-09 13:16:56
prion
prion
Sql injection
2014-03-09 13:16:00
openvas
openvas
ownCloud Multiple XSS and SQL Injection Vulnerabilities
2014-03-14 00:00:00

0.002 Low

EPSS

Percentile

56.2%

JSON
Related for OC-SA-2013-012
cve1owncloud1cvelist1ubuntucve1nvd1prion1openvas1