CVE-2026-49103

Webmin before 2.640 does not safely construct a filename for saving of an attachment within the mailboxes component. This occurs in mailboxes/detachall.cgi...

Linux Distros Unpatched Vulnerability : CVE-2022-49103

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NFSv4.2: fix reference count leaks in nfs42proccopynotify You don't often get email from [email protected]. Learn why this is important at...

CVE-2022-49103

In the Linux kernel, the following vulnerability has been resolved: NFSv4.2: fix reference count leaks in nfs42proccopynotify You don't often get email from [email protected]. Learn why this is important at http://aka.ms/LearnAboutSenderIdentification. The reference counting issue happens in...

CVE-2022-49103

In the Linux kernel, the following vulnerability has been resolved: NFSv4.2: fix reference count leaks in nfs42proccopynotify You don't often get email from [email protected]. Learn why this is important at http://aka.ms/LearnAboutSenderIdentification. The reference counting issue happens in...

CVE-2022-49103

In the Linux kernel, the following vulnerability has been resolved: NFSv4.2: fix reference count leaks in nfs42proccopynotify You don't often get email from [email protected]. Learn why this is important at http://aka.ms/LearnAboutSenderIdentification. The reference counting issue happens in...

CVE-2022-49103

CVE-2022-49103 is a Linux kernel issue where NFSv4.2 _nfs42_proc_copy_notify() leaks refcounts on two error paths after get_nfs_open_context() is called. The root cause is that refcount balancing is omitted on error returns, leading to leaks of the object ctx. The connected security documents con...

CVE-2024-49103

Windows Wireless Wide Area Network Service WwanSvc Information Disclosure Vulnerability...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Owncloud Graph_Api

🇮🇱 BringThemHome NeverAgainIsNow 🇮🇱 We demand the...

ownCloud Phpinfo Reader Exploit

Docker containers of ownCloud compiled after February 2023, which have version 0.2.0 before 0.2.1 or 0.3.0 before 0.3.1 of the app graph installed contain a test file which prints phpinfo to an unauthenticated user. A post file name must be appended to the URL to bypass the login filter. Docker m...

GHSA-MHHP-C3CM-2R86 Test code in published microsoft-graph-core package exposes phpinfo()

Impact The Microsoft Graph Core PHP SDK published packages which contained test code that enabled the use of the phpInfo function from any application that could access and execute the file at vendor/microsoft/microsoft-graph-core/tests/GetPhpInfo.php. The phpInfo function exposes system...

GHSA-CGWQ-6PRQ-8H9Q Test code in published microsoft-graph package exposes phpinfo()

Impact The Microsoft Graph PHP SDK published packages which contained test code that enabled the use of the phpInfo function from any application that could access and execute the file at vendor/microsoft/microsoft-graph/tests/GetPhpInfo.php. The phpInfo function exposes system information. The...

ownCloud Phpinfo Reader

Docker containers of ownCloud compiled after February 2023, which have version 0.2.0 before 0.2.1 or 0.3.0 before 0.3.1 of the app graph installed contain a test file which prints phpinfo to an unauthenticated user. A post file name must be appended to the URL to bypass the login filter. Docker m...

CVE-2023-49103 - Critical Information Disclosure in ownCloud Graph API

Rapid7 is responding to CVE-2023-49103, an unauthenticated information disclosure vulnerability impacting ownCloud. Background ownCloud is a file sharing platform designed for enterprise environments. On November 21, 2023, ownCloud disclosed CVE-2023-49103, an unauthenticated information disclosu...

ownCloud Critical Vulnerability is under active exploitation

Summary: Hackers are actively exploiting a critical vulnerability CVE-2023-49103 in ownCloud, a popular open-source file-sharing solution, exposing sensitive data in containerized deployments. Administrators are urged to promptly apply recommended fixes, including disabling the phpinfo function a...

OwnCloud “graphapi” App Vulnerability Exposes Sensitive Data

By Deeba Ahmed The vulnerability is tracked as CVE-2023-49103 and declared critical with a CVSS v3 Base Score 10. This is a post from HackRead.com Read the original post: OwnCloud "graphapi" App Vulnerability Exposes Sensitive Data...

ownCloud vulnerability can be used to extract admin passwords

ownCloud has warned users about three critical security flaws in its file-sharing software which, if exploited, could reveal sensitive information and modify files. An especially and potentially impactful one is a vulnerability that could lead to disclosure of sensitive credentials and...

ownCloud Information Disclosure Vulnerability (Nov 2023) - Active Check

ownCloud is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:owncloud:owncloud";...

CVE-2023-49103

creationtimestamp| type| source ---|---|--- 2023-11-22 17:10:53+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/5912 2023-11-23 07:46:50+00:00| published-proof-of-concept| https://t.me/proxybar/1841 2023-11-23 09:27:42+00:00| seen|...

CVE-2023-49103

The CVE-2023-49103 vulnerability affects ownCloud graphapi in versions 0.2.x before 0.2.1 and 0.3.x before 0.3.1. The issue stems from a third‑party GetPhpInfo.php that returns a phpinfo() output, exposing the PHP environment and webserver variables (potentially including admin passwords, mail cr...

Eaton Network Shutdown Module 3.21 PHP Code Injection

Eaton Network Shutdown module versions 3.21 and below suffer from a remote PHP code injection vulnerability. This is a python exploit for a previously disclosed finding. !/usr/bin/env python Quick 'n' Dirty - Metasploit module didn't do it for me 2013 - Filip Waeytens - http://www.wsec.be Usage...