Lucene search
K

1942 matches found

Nuclei
Nuclei
added 6 hours ago33 views

ownCloud Guests - User Enumeration

ownCloud Guests before 0.12.5 contains an unauthenticated user enumeration vulnerability caused by insufficient validation of the token in showPasswordForm at /apps/guests/register/email/token, letting unauthenticated attackers enumerate valid guest users, exploit requires no authentication. id:...

5.3CVSS6.1AI score0.00908EPSS
Exploits1References3
Nuclei
Nuclei
added yesterday301 views

OwnCloud - Phpinfo Configuration

An issue was discovered in ownCloud owncloud/graphapi 0.2.x before 0.2.1 and 0.3.x before 0.3.1. The graphapi app relies on a third-party GetPhpInfo.php library that provides a URL. When this URL is accessed, it reveals the configuration details of the PHP environment phpinfo. This information...

10CVSS7.1AI score0.78428EPSS
Exploits5References6
NVD
NVD
added 2026/07/06 5:16 p.m.10 views

CVE-2025-53831

DrawIO for ownCloud is an application for using DrawIO with the file storage, synchronization, and sharing application ownCloud Classic. In DrawIO for ownCloud prior to version 1.0.2, which corresponds to ownCloud 10 prior to version 10.15.3, attackers with access to the DrawIO app can leverage...

8.2CVSS0.00164EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/06 4:23 p.m.7 views

CVE-2025-53831

DrawIO for ownCloud is an application for using DrawIO with the file storage, synchronization, and sharing application ownCloud Classic. In DrawIO for ownCloud prior to version 1.0.2, which corresponds to ownCloud 10 prior to version 10.15.3, attackers with access to the DrawIO app can leverage...

8.2CVSS5.9AI score0.00164EPSS
Exploits0References2Affected Software2
EUVD
EUVD
added 2026/07/06 4:23 p.m.4 views

EUVD-2025-210435

DrawIO for ownCloud is an application for using DrawIO with the file storage, synchronization, and sharing application ownCloud Classic. In DrawIO for ownCloud prior to version 1.0.2, which corresponds to ownCloud 10 prior to version 10.15.3, attackers with access to the DrawIO app can leverage...

8.2CVSS5.9AI score0.00164EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/06 4:23 p.m.41 views

CVE-2025-53831 DrawIO for ownCloud 10 is vulnerable to Stored XSS

DrawIO for ownCloud is an application for using DrawIO with the file storage, synchronization, and sharing application ownCloud Classic. In DrawIO for ownCloud prior to version 1.0.2, which corresponds to ownCloud 10 prior to version 10.15.3, attackers with access to the DrawIO app can leverage...

8.2CVSS0.00164EPSS
Exploits0References1
CVE
CVE
added 2026/07/06 4:23 p.m.14 views

CVE-2025-53831

DrawIO for ownCloud is affected by a Stored XSS in older builds. The vulnerability stems from improper neutralization of user-supplied input during web page generation, enabling stored XSS when attackers have access to the DrawIO app. Affected range includes DrawIO for ownCloud < 1.0.2 (corres...

8.2CVSS5.9AI score0.00164EPSS
Exploits0References1
NVD
NVD
added 2026/07/06 4:16 p.m.9 views

CVE-2025-53830

Anti-Virus for ownCloud is an anti-virus application for file storage, synchronization, and sharing application ownCloud. Versions of Anti-Virus for ownCloud before 1.2.3 are vulnerable to Server-Side Request Forgery SSRF. This corresponds to versions of ownCloud 10 prior to 10.15.3. Upgrade...

9.1CVSS0.00257EPSS
Exploits0References1
NVD
NVD
added 2026/07/06 4:16 p.m.8 views

CVE-2025-53829

ownCloud is a file storage, synchronization, and sharing application. In ownCloud 10 prior to version 10.15.3, an attacker with administrative privileges can exploit a path traversal vulnerability in the system to execute arbitrary code. Upgrade ownCloud 10 to version 10.15.3 or later to receive ...

8CVSS0.00335EPSS
Exploits0References1
NVD
NVD
added 2026/07/06 4:16 p.m.9 views

CVE-2025-53828

SharePoint for ownCloud is an application for using SharePoint with the file storage, synchronization, and sharing application ownCloud Classic. In SharePoint for ownCloud prior to version 0.4.1, which corresponds to ownCloud 10 prior to 10.15.3, an attacker with administrative privileges can use...

8.5CVSS0.00232EPSS
Exploits0References1
NVD
NVD
added 2026/07/06 4:16 p.m.7 views

CVE-2025-53827

ownCloud Core is the server-side component of the file storage, synchronization, and sharing application ownCloud Classic. In versions prior to 10.15.3, the Updater on ownCloud 10 before 10.15.3 has an exposed dangerous method or function. Attackers with administrative privileges may leverage...

9.1CVSS0.00342EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/06 3:17 p.m.5 views

EUVD-2025-210434

Anti-Virus for ownCloud is an anti-virus application for file storage, synchronization, and sharing application ownCloud. Versions of Anti-Virus for ownCloud before 1.2.3 are vulnerable to Server-Side Request Forgery SSRF. This corresponds to versions of ownCloud 10 prior to 10.15.3. Upgrade...

9.1CVSS6AI score0.00257EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/06 3:17 p.m.7 views

CVE-2025-53830

Anti-Virus for ownCloud is an anti-virus application for file storage, synchronization, and sharing application ownCloud. Versions of Anti-Virus for ownCloud before 1.2.3 are vulnerable to Server-Side Request Forgery SSRF. This corresponds to versions of ownCloud 10 prior to 10.15.3. Upgrade...

9.1CVSS6AI score0.00257EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2026/07/06 3:17 p.m.43 views

CVE-2025-53830 Anti-Virus for ownCloud 10 is vulnerable to Server-Side Request Forgery (SSRF)

Anti-Virus for ownCloud is an anti-virus application for file storage, synchronization, and sharing application ownCloud. Versions of Anti-Virus for ownCloud before 1.2.3 are vulnerable to Server-Side Request Forgery SSRF. This corresponds to versions of ownCloud 10 prior to 10.15.3. Upgrade...

9.1CVSS0.00257EPSS
Exploits0References1
CVE
CVE
added 2026/07/06 3:17 p.m.15 views

CVE-2025-53830

CVE-2025-53830 affects Anti-Virus for ownCloud prior to version 1.2.3 and corresponding ownCloud 10 releases prior to 10.15.3. The issue is a Server-Side Request Forgery (SSRF) vulnerability that could be exploited within the anti-virus integration for file storage, synchronization, and sharing. ...

9.1CVSS6AI score0.00257EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/06 2:46 p.m.8 views

CVE-2025-53829

ownCloud is a file storage, synchronization, and sharing application. In ownCloud 10 prior to version 10.15.3, an attacker with administrative privileges can exploit a path traversal vulnerability in the system to execute arbitrary code. Upgrade ownCloud 10 to version 10.15.3 or later to receive ...

8CVSS6.2AI score0.00335EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/07/06 2:46 p.m.15 views

CVE-2025-53829

ownCloud 10 before 10.15.3 is vulnerable to a path traversal flaw that an administrator can exploit to execute arbitrary code. The CVE-2025-53829 entry notes a patch is available in version 10.15.3 or later. CVSS v3.1 score is 8.0 (HIGH) with network attack vector, high complexity, required privi...

8CVSS6.2AI score0.00335EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/06 2:46 p.m.42 views

CVE-2025-53829 ownCloud 10 is vulnerable to Relative Path Traversal

ownCloud is a file storage, synchronization, and sharing application. In ownCloud 10 prior to version 10.15.3, an attacker with administrative privileges can exploit a path traversal vulnerability in the system to execute arbitrary code. Upgrade ownCloud 10 to version 10.15.3 or later to receive ...

8CVSS0.00335EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/06 2:46 p.m.7 views

EUVD-2025-210433

ownCloud is a file storage, synchronization, and sharing application. In ownCloud 10 prior to version 10.15.3, an attacker with administrative privileges can exploit a path traversal vulnerability in the system to execute arbitrary code. Upgrade ownCloud 10 to version 10.15.3 or later to receive ...

8CVSS6.2AI score0.00335EPSS
Exploits0References1
CVE
CVE
added 2026/07/06 2:41 p.m.16 views

CVE-2025-53828

CVE-2025-53828 describes a SSRF vulnerability in SharePoint for ownCloud prior to 0.4.1 (affecting ownCloud 10 prior to 10.15.3). An attacker with administrative privileges can trigger SSRF to execute arbitrary code on the system. The fixed version is SharePoint for ownCloud 0.4.1, delivered with...

8.5CVSS6.4AI score0.00232EPSS
Exploits0References1
Rows per page
Query Builder