2 matches found
CVE-2013-2085
Directory traversal vulnerability in apps/filestrashbin/index.php in ownCloud Server before 5.0.6 allows remote authenticated users to access arbitrary files via a .. dot dot in the dir parameter...
CVE-2013-2085
CVE-2013-2085: ownCloud Server directory traversal via apps/files_trashbin/index.php (dir parameter). Affected: ownCloud Server prior to 5.0.6; vulnerability allows remote authenticated users to access arbitrary local files. Root cause: improper handling of .. in dir parameter enabling directory ...