2 matches found
CVE-2019-12739
lib/Controller/ExtractionController.php in the Extract add-on before 1.2.0 for Nextcloud allows Remote Code Execution via shell metacharacters in a RAR filename via ajax/extractRar.php nameOfFile and directory parameters...
CVE-2019-5441
CVE-2019-5441 is a reservation duplicate of CVE-2019-12739 and should not be used.