4 matches found
ownCloud 'lib/db.php' SQL Injection Vulnerability
ownCloud is prone to an SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:owncloud:owncloud"; if...
CVE-2013-2045
CVE-2013-2045 affects ownCloud Server prior to 5.0.6 (and related advisory notes) where lib/db.php does not neutralize special elements passed to SQL queries, enabling SQL injection by remote authenticated users. The issue is limited to authenticated access and the impact is described as arbitrar...
Multiple SQL injection - ownCloud
ownCloud before 5.0.6 does not neutralize special elements that are passed to the SQL query in lib/db.php which therefore allows an authenticated attacker to execute arbitrary SQL commands. CVE-2013-2045 ownCloud before 5.0.6 and 4.5.11 does not neutralize special elements that are passed to the...
Server: Multiple SQL injection
ownCloud before 5.0.6 does not neutralize special elements that are passed to the SQL query in lib/db.php which therefore allows an authenticated attacker to execute arbitrary SQL commands. CVE-2013-2045 ownCloud before 5.0.6 and 4.5.11 does not neutralize special elements that are passed to the...