Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2023-24804
HistoryFeb 13, 2023 - 5:15 p.m.

Path traversal

2023-02-1317:15:00
PRIOn knowledge base
www.prio-n.com
3
owncloud
android app
path traversal
information disclosure
arbitrary file write
version 3.0 fix

4.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

30.7%

JSON

The ownCloud Android app allows ownCloud users to access, share, and edit files and folders. Prior to version 3.0, the app has an incomplete fix for a path traversal issue and is vulnerable to two bypass methods. The bypasses may lead to information disclosure when uploading the app’s internal files, and to arbitrary file write when uploading plain text files (although limited by the .txt extension). Version 3.0 fixes the reported bypasses.

CPENameOperatorVersion
owncloudlt3.0

Related

owncloud 1
nvd 1
hackerone 1
cve 1
osv 1
cvelist 1
owncloud
owncloud
Insufficient path validation in Android App - ownCloud
2023-02-13 00:00:00
nvd
nvd
CVE-2023-24804
2023-02-13 17:15:11
hackerone
hackerone
ownCloud: GitHub Security Lab (GHSL) Vulnerability Report: Insufficient path validation in ReceiveExternalFilesActivity.java (GHSL-2022-060)
2022-07-26 13:38:15
cve
cve
CVE-2023-24804
2023-02-13 17:15:11
osv
osv
CVE-2023-24804
2023-02-13 17:15:11
cvelist
cvelist
CVE-2023-24804 ownCloud Android app vulnerable to Path Traversal
2023-02-13 16:28:43

4.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

30.7%

JSON
Related for PRION:CVE-2023-24804
owncloud1nvd1hackerone1cve1osv1cvelist1