Lucene search
OwnCloudOC-SA-2013-019HistoryMay 14, 2013 - 2:00 a.m.
Server: Multiple SQL injection
2013-05-1402:00:00
owncloud.org
29
0.002 Low
EPSS
Percentile
56.2%
ownCloud before 5.0.6 does not neutralize special elements that are passed to the SQL query in lib/db.php which therefore allows an authenticated attacker to execute arbitrary SQL commands. (CVE-2013-2045)
ownCloud before 5.0.6 and 4.5.11 does not neutralize special elements that are passed to the SQL query in lib/bookmarks.php which therefore allows an authenticated attacker to execute arbitrary SQL commands. (CVE-2013-2046)
For more information please consult the official advisory.
This advisory is licensed CC BY-SA 4.0
| CPE | Name | Operator | Version |
|---|---|---|---|
| owncloud server | lt | 5.0.6 | |
| owncloud server | lt | 4.5.11 |
Related
owncloud
owncloud
Multiple SQL injection - ownCloud
2013-05-14 18:06:53
prion
prion
Sql injection
2014-03-09 13:16:00
Sql injection
2014-03-09 13:16:00
cvelist
cvelist
CVE-2013-2046
2014-03-07 20:00:00
CVE-2013-2045
2014-03-07 20:00:00
nvd
nvd
CVE-2013-2046
2014-03-09 13:16:56
CVE-2013-2045
2014-03-09 13:16:56
openvas
openvas
ownCloud 'lib/bookmarks.php' SQL Injection Vulnerability
2014-03-14 00:00:00
ownCloud 'lib/db.php' SQL Injection Vulnerability
2014-03-14 00:00:00
Fedora Update for owncloud FEDORA-2013-10440
2013-06-24 00:00:00
ubuntucve
ubuntucve
CVE-2013-2046
2014-03-09 00:00:00
CVE-2013-2045
2014-03-09 00:00:00
cve
cve
CVE-2013-2045
2014-03-09 13:16:56
CVE-2013-2046
2014-03-09 13:16:56
fedora
fedora
[SECURITY] Fedora 18 Update: owncloud-4.5.12-1.fc18
2013-06-24 03:27:14
nessus
nessus
Fedora 18 : owncloud-4.5.12-1.fc18 (2013-10440)
2013-07-12 00:00:00
freebsd
freebsd
owncloud -- Multiple security vulnerabilities
2013-05-14 00:00:00