90 matches found
Nextcloud Android app information disclosure vulnerability
Nextcloud Android app is an Android-based mobile application from Nextcloud Germany for accessing Nextcloud servers. An information disclosure vulnerability exists in the Nextcloud Android app versions prior to 3.3.0. The vulnerability stems from errors such as configuration during operation of t...
Nextcloud Android app SQL injection vulnerability
Nextcloud Android app is an Android-based mobile application from Nextcloud Germany for accessing Nextcloud servers. A SQL injection vulnerability exists in the Nextcloud Android app versions prior to 3.0.0. The vulnerability stems from a lack of validation of externally entered SQL statements in...
CVE-2019-5450
Improper sanitization of HTML in directory names in the Nextcloud Android app prior to version 3.7.0 allowed to style the directory name in the header bar when using basic HTML...
CVE-2019-5451
Bypass lock protection in the Nextcloud Android app prior to version 3.6.1 allows accessing the files when repeatedly opening and closing the app in a very short time...
Code injection
Bypassing lock protection exists in Nextcloud Android app 3.6.0 when creating a multi-account and aborting the process...
Hardcoded credentials
Improper sanitization of HTML in directory names in the Nextcloud Android app prior to version 3.7.0 allowed to style the directory name in the header bar when using basic HTML...
Design/Logic Flaw
Bypass lock protection in the Nextcloud Android app prior to version 3.6.1 allows accessing the files when repeatedly opening and closing the app in a very short time...
CVE-2019-5454
SQL Injection in the Nextcloud Android app prior to version 3.0.0 allows to destroy a local cache when a harmful query is executed requiring to resetup the account...
PT-2019-17684 · Nextcloud · Nextcloud Android App
Name of the Vulnerable Software and Affected Versions: Nextcloud Android app version 3.6.0 Description: The issue allows bypassing lock protection when creating a multi-account and aborting the process in the Nextcloud Android app. Recommendations: For Nextcloud Android app version 3.6.0, update ...
PT-2019-17683 · Nextcloud · Nextcloud Android App
Name of the Vulnerable Software and Affected Versions: Nextcloud Android app versions prior to 3.0.0 Description: The issue allows for the destruction of a local cache when a harmful query is executed, requiring the user to reset up the account. This occurs due to SQL Injection in the Nextcloud...