Lucene search
K

6 matches found

ATTACKERKB
ATTACKERKB
added 2014/10/06 11:55 p.m.3 views

CVE-2014-2044

Incomplete blacklist vulnerability in ajax/upload.php in ownCloud before 5.0, when running on Windows, allows remote authenticated users to bypass intended access restrictions, upload files with arbitrary names, and execute arbitrary code via an Alternate Data Stream ADS syntax in the filename...

7.5CVSS6.2AI score0.12388EPSS
Exploits7References11
CVE
CVE
added 2014/10/06 11:0 p.m.109 views

CVE-2014-2044

CVE-2014-2044 affects ownCloud before 5.0 on Windows. The vulnerability is in the Ajax upload handling (ajax/upload.php) where an incomplete blacklist allows an authenticated user to upload files with arbitrary names and execute code via Windows ADS syntax in the filename (for example .htaccess::...

7.5CVSS7.3AI score0.12388EPSS
Exploits7References9Affected Software2
Cvelist
Cvelist
added 2014/10/06 11:0 p.m.28 views

CVE-2014-2044

Incomplete blacklist vulnerability in ajax/upload.php in ownCloud before 5.0, when running on Windows, allows remote authenticated users to bypass intended access restrictions, upload files with arbitrary names, and execute arbitrary code via an Alternate Data Stream ADS syntax in the filename...

7.2AI score0.12388EPSS
Exploits7References9
exploitpack
exploitpack
added 2014/03/10 12:0 a.m.44 views

ownCloud 4.0.x4.5.x - upload.php?Filename Remote Code Execution

ownCloud 4.0.x4.5.x - upload.php?Filename Remote Code Execution Vulnerability title: Remote Code Execution in ownCloud CVE: CVE-2014-2044 Vendor: ownCloud Product: ownCloud Affected version: 4.0.x & 4.5.x Fixed version: 5.0 Reported by: Alejo Murillo Moya Details: A remote code execution has been...

7.5CVSS0.1AI score0.12388EPSS
Exploits7
Exploit DB
Exploit DB
added 2014/03/10 12:0 a.m.66 views

ownCloud 4.0.x/4.5.x - 'upload.php?Filename' Remote Code Execution

Vulnerability title: Remote Code Execution in ownCloud CVE: CVE-2014-2044 Vendor: ownCloud Product: ownCloud Affected version: 4.0.x & 4.5.x Fixed version: 5.0 Reported by: Alejo Murillo Moya Details: A remote code execution has been found and confirmed within ownCloud as an authenticated user. A...

7.5CVSS7AI score0.12388EPSS
Exploits7
Packet Storm
Packet Storm
added 2014/03/06 12:0 a.m.54 views

ownCloud 4.0.x / 4.5.x Remote Code Execution

Vulnerability title: Remote Code Execution in ownCloud CVE: CVE-2014-2044 Vendor: ownCloud Product: ownCloud Affected version: 4.0.x & 4.5.x Fixed version: 5.0 Reported by: Alejo Murillo Moya Details: A remote code execution has been found and confirmed within ownCloud as an authenticated user. A...

7.5CVSS6.5AI score0.12388EPSS
Exploits7
Rows per page
Query Builder