Nextcloud: Session fixation in password protected public download.

Public downloads protected with a password are vulnerable to a session fixation attack. This finding was discovered during a penetration test of NextCloud version 10.0.2.7. 1 Pre-provision a victim with the attacker controlled cookie values: Firefox cookie manager: www.clouddrive.example FALSE %2...

Nextcloud Multiple Vulnerabilities-01 (May 2017) - Linux

Nextcloud is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:nextcloud:nextcloudserver";...

Nextcloud 'Calender and Addressbook' Information Disclosure Vulnerability - Linux

Nextcloud is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Nextcloud Multiple XSS Vulnerabilities - Linux

Nextcloud is prone to multiple XSS vulnerabilities SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:nextcloud:nextcloudserver";...

Nextcloud: [FG-VD-17-063] NextCloud Insufficient Attack Protection Vulnerability Notification

Subject: FG-VD-17-063 NextCloud Insufficient Attack Protection Vulnerability Notification ------- Vulnerability Notification May 26, 2017 Tracking Case : FG-VD-17-063 Dear NextCloud, The following information pertains to information discovered by Fortinet's FortiGuard Labs. It has been determined...

Nextcloud: Shared file link - password protection bypass under certain conditions

Summary An unauthenticated remote attacker can bypass password protection on certain shared file types through the file sharing app's publicpreview.php function. Vulnerable URL http://server/nextcloud/index.php/apps/filessharing/ajax/publicpreview.php?x=width&y=height&t=share ID Description...

Nextcloud: HTML injection and limited XSS via logo image upload - Nextcloud 12.0.0

Summary The logo image upload function in Nextcloud Server v12.0.0 does not validate the uploaded file, leading to XSS in certain circumstances. Vulnerable URLs Replace server with the IP address or hostname of your Nextcloud server. File upload -...

Nextcloud Unauthorized Access Vulnerability

Nextcloud is a suite of open source self-hosted file synchronization and sharing communication application platform. An unauthorized access vulnerability exists in Nextcloud. An attacker could use this vulnerability to bypass certain security restrictions and obtain sensitive information, leading...

Nextcloud: IDOR unsubscribe Anyone from NextClouds Newsletters by knowing their Email

Hi Team, I Was Looking around your website and then I found a subdomain newsletter.nextcloud.com on the main page it shows us 3 Options i choose 1st that was Subscribe to our newsletter , Then I click on this Option and I was Taken to https://newsletter.nextcloud.com/?p=subscribe&id=1 The page...

Nextcloud: Email Spoofing Vulnerability from nextcloud.

Hi nextcloud, Here is Shaifullah Shaon BlackEyE, An Ethical Hacker. a white hat cyber security researcher from Bangladesh reporting a serious 3'rd ranking in OWASP security vulnerability on your system. There is an Email Spoofing Vulnerability from nextcloud. Steps to reproduce: 1 Go to...

Nextcloud: RTLO character allowed in shared files

SUMMARY ------------- Hello, I have notices that you do not properly strip the RTLO right to left override character in the sharing page of the file, thus allowing someone to mask the real extension of a file and if the user downloads, then opens the file something may be executed on his machine...

Nextcloud: (Authenticated) RCE by bypassing of the .htaccess blacklist

Storage::copyFromStorage doesn't check the content of a folder it copies against the list of blacklisted files. Meaning that if a user has access to an external storage inc. fed. shares that contains a .htaccess file, he can move the .htaccess file to the local data directory. The attack works on...

NextCloud / OwnCloud Cross Site Scripting

================================================================== Nextcloud/Owncloud - Reflected Cross Site Scripting in error pages ================================================================== Information ------------------------------------------------------------------ Name:...

Nextcloud Server Cross-Site Scripting Vulnerability (CNVD-2017-06334)

Nextcloud is an open source self-hosted file synchronization and sharing communication application platform from Nextcloud Germany.Nextcloud Server is one of the server version. A cross-site scripting vulnerability exists in versions of Nextcloud Server prior to 11.0.3. This vulnerability allows...

Nextcloud Server Cross-Site Scripting Vulnerability (CNVD-2017-06335)

Nextcloud is an open source self-hosted file synchronization and sharing communication application platform from Nextcloud Germany.Nextcloud Server is one of the server version. A cross-site scripting vulnerability exists in several components of Nextcloud Server. This vulnerability could be...

Nextcloud Server Authentication Vulnerability

Nextcloud is an open source self-hosted file synchronization and sharing communication application platform from Nextcloud Germany.Nextcloud Server is one of the server version. An authentication vulnerability exists in versions of Nextcloud Server prior to 11.0.3 due to the program failing to...

Nextcloud Server Cross-Site Scripting Vulnerability (CNVD-2017-07616)

Nextcloud is an open source self-hosted file synchronization and sharing communication application platform from Nextcloud Germany.Nextcloud Server is one of the server version. A cross-site scripting vulnerability exists in several components of Nextcloud Server. A remote attacker can exploit th...

Nextcloud Server Information Disclosure Vulnerability

Nextcloud is an open source self-hosted file synchronization and sharing communication application platform from Nextcloud Germany.Nextcloud Server is one of the server version. An information disclosure vulnerability exists in versions of Nextcloud Server prior to 11.0.3. An attacker could explo...

Nextcloud Server Information Disclosure Vulnerability (CNVD-2017-07533)

Nextcloud is an open source self-hosted file synchronization and sharing communication application platform from Nextcloud Germany.Nextcloud Server is one of the server version. An information disclosure vulnerability exists in Nextcloud Server versions prior to 10.0.4 and versions prior to 11.0....

Design/Logic Flaw

Nextcloud Server before 11.0.3 is vulnerable to an improper session handling allowed an application specific password without permission to the files access to the users file...