Nextcloud: Persistent XSS on favorite via filename

CVSS ---- Medium 6.4 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N Description ----------- The name of a file is echoed without encoding when favoring the file, leading to persistent XSS. POC --- To place the payload: - Create a file called test'".pdf and upload it. To trigger the payload: - click...

Nextcloud: The password recovery let users know whether an email address exists or not in the website

URL: https://apps.nextcloud.com/password/reset/ I have tried to recover the password for some emails: [email protected] exists [email protected] does not exists After I clicked the "reset my password"'s button, the website informed that the email did not exist. Impact This is a bad practice, and it ...

Nextcloud: potential RCE and XSS via file upload requiring user account and default settings

potential RCE and XSS via file upload requiring user account and default settings Requirements 1. User account that can upload files NO admin 2. User account name on creation usually the same as on creation/displayed name 3. data directory inside of nextcloud server folder suggested by...

Nextcloud: Circle email-members have still access to a shared folder/file after they are removed from the circle

If a email-address is added to a circle, the email user has still access after the email-address is removed from the circle. Requirements ------- circles app and share by mail app enabled Steps to reproduce ------------- 1. add an email address to a circle 2. share a folder/file with the circle 3...

Nextcloud: Username and Access Token Disclousure

Versions ===================== Nextcloud Server Version: 16.0.3.0 it.tsweb.Nextcloud iOS App Version: 2.23.7 Description ===================== While logging in to an owncloud instance the iOS client sends the Username and password to the ressource /login?redirecturl=/login/flow/grant and recieves...

Nextcloud Lookup-Server SQL Injection Vulnerability

Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. An SQL injection vulnerability exists in Nextcloud Lookup-Server, which can be exploited by an attacker to execute illegal SQL commands...

Group admins can create users with IDs of system folders (NC-SA-2019-015)

Improper Input Validation in Nextcloud Server 15.0.7 allows group admins to create users with IDs of system folders...

Nextcloud: Veracode and security audit record are publicly available

Leakage of sensitive data through open endpoint Risk management and Compliance Document written by NCC Here is what the document says: 𝘗𝘳𝘰𝘱𝘳𝘪𝘦𝘵𝘢𝘳𝘺 𝘐𝘯𝘧𝘰𝘳𝘮𝘢𝘵𝘪𝘰𝘯 𝘛𝘩𝘪𝘴 𝘥𝘰𝘤𝘶𝘮𝘦𝘯𝘵 𝘤𝘰𝘯𝘵𝘢𝘪𝘯𝘴 𝘥𝘦𝘵𝘢𝘪𝘭𝘦𝘥 𝘤𝘰𝘮𝘮𝘦𝘳𝘤𝘪𝘢𝘭, 𝘧𝘪𝘯𝘢𝘯𝘤𝘪𝘢𝘭 𝘢𝘯𝘥 𝘭𝘦𝘨𝘢𝘭 𝘪𝘯𝘧𝘰𝘳𝘮𝘢𝘵𝘪𝘰𝘯, 𝘸𝘩𝘪𝘤𝘩 𝘪𝘴 𝘤𝘰𝘯𝘧𝘪𝘥𝘦𝘯𝘵𝘪𝘢𝘭 𝘢𝘯𝘥 𝘤𝘰𝘮𝘮𝘦𝘳𝘤𝘪𝘢𝘭𝘭𝘺 𝘴𝘦𝘯𝘴𝘪𝘵𝘪𝘷𝘦. 𝘛𝘩𝘦 𝘳𝘦𝘭𝘦𝘢𝘴𝘦...

CVE-2019-5476

An SQL Injection in the Nextcloud Lookup-Server v0.3.0 running on https://lookup.nextcloud.com caused unauthenticated users to be able to execute arbitrary SQL commands...

CVE-2019-5476

An SQL Injection in the Nextcloud Lookup-Server v0.3.0 running on https://lookup.nextcloud.com caused unauthenticated users to be able to execute arbitrary SQL commands...

Sql injection

An SQL Injection in the Nextcloud Lookup-Server v0.3.0 running on https://lookup.nextcloud.com caused unauthenticated users to be able to execute arbitrary SQL commands...

CVE-2019-5476

An SQL Injection in the Nextcloud Lookup-Server v0.3.0 running on https://lookup.nextcloud.com caused unauthenticated users to be able to execute arbitrary SQL commands...

CVE-2019-5476

CVE-2019-5476 concerns an SQL injection in the Nextcloud Lookup-Server before version 0.3.0 (lookup.nextcloud.com). The vulnerability allows unauthenticated users to execute arbitrary SQL commands due to improper input handling in the Lookup-Server. Several sources confirm the issue, including Re...

PT-2019-17697 · Nextcloud · Nextcloud Lookup-Server

Name of the Vulnerable Software and Affected Versions: Nextcloud Lookup-Server versions prior to 0.3.0 Description: The issue allows unauthenticated users to execute arbitrary SQL commands due to an SQL Injection. This affects the Nextcloud Lookup-Server running on https://lookup.nextcloud.com...

Nextcloud: Username Enumeration

Hi, it is possible to determine the existence of a user account. It reveals username which can open new attack vectors. Version: Nextcloud 16.0.3 Request for existing account: GET /avatar/admin/80?v=-472 HTTP/1.1 Host: localhost:8084 User-Agent: Mozilla/5.0 Macintosh; Intel Mac OS X 10.14; rv:68....

Nextcloud: Content Spoofing /Text Injection in https://docs.nextcloud.com

Hello Team, I have found a Content Spoofing / Text Injection on this domain https://docs.nextcloud.com Go to https://docs.nextcloud.com/!!!ATENTION!%20This%20server%20is%20on%20Maintenance%20please%20go%20to%20WWW.EVIL.COM%20%20%20%20%20%20% 20% 20% 20% 20% 20% 20% 20% 20% 20% 20% 20% 20% 20% 20%...

Nextcloud Android app input validation error vulnerability (CNVD-2019-41896)

Nextcloud Android app is an Android-based mobile application from Nextcloud Germany for accessing Nextcloud servers. An input validation error vulnerability exists in the Nextcloud Android app. An attacker could exploit the vulnerability to repeatedly open and close target files...

Nextcloud Android app input validation error vulnerability

Nextcloud Android app is an Android-based mobile application from Nextcloud Germany for accessing Nextcloud servers. An input validation error vulnerability exists in the Nextcloud Android app. An attacker can exploit the vulnerability to obtain sensitive information...

Nextcloud: SignUp using Fake Email

In this trial I used the email '[email protected]' and after pressing the SIGN UP button it will automatically redirect to https://ppp.woelkli.com/apps/preferredproviders/password/set/emailfakeforregister/H2qlEWHxQ3yiJgCsEXkR8, not through the account verification process first. For full the link Po...

Nextcloud Android Authorization Issues Vulnerability

Nextcloud Android is an Android-based mobile application from Nextcloud Germany for accessing Nextcloud servers. Nextcloud Android is vulnerable to an authorization issue. The vulnerability stems from a lack of authentication measures or insufficient authentication strength in a networked system ...