CVE-2021-33828

The filesantivirus component before 1.0.0 for ownCloud mishandles the protection mechanism by which malicious files that have been uploaded to a public share are supposed to be deleted upon detection...

CVE-2021-33828

The filesantivirus component before 1.0.0 for ownCloud mishandles the protection mechanism by which malicious files that have been uploaded to a public share are supposed to be deleted upon detection...

CVE-2021-33827

The filesantivirus component before 1.0.0 for ownCloud allows OS Command Injection via the administration settings...

CVE-2021-33827

The filesantivirus component before 1.0.0 for ownCloud allows OS Command Injection via the administration settings...

CVE-2021-33828

The filesantivirus component before 1.0.0 for ownCloud mishandles the protection mechanism by which malicious files that have been uploaded to a public share are supposed to be deleted upon detection...

Command injection

The filesantivirus component before 1.0.0 for ownCloud allows OS Command Injection via the administration settings...

CVE-2021-33827

The CVE-2021-33827 entry concerns the files_antivirus component for ownCloud (before 1.0.0) and describes an OS command injection vulnerability via the administration settings. Multiple connected documents corroborate this issue, stating that remote code execution is possible through admin-config...

CVE-2021-33828

The CVE-2021-33828 issue affects the ownCloud files_antivirus component prior to 1.0.0. The root problem is mishandling the deletion protection mechanism for malicious files uploaded to a public share; although these files are detected, they were not deleted as intended. Connected records (Red Ha...

CVE-2021-33828

The filesantivirus component before 1.0.0 for ownCloud mishandles the protection mechanism by which malicious files that have been uploaded to a public share are supposed to be deleted upon detection...

files_antivirus 操作系统命令注入漏洞

filesantivirus is a ClamAV-based ownCloud antivirus application. filesantivirus before 1.0.0 suffers from an operating system command injection vulnerability that allows remote users to execute arbitrary shell commands on the target system...

Code injection

When using an object storage like S3 as the file store, when a user creates a public link to a folder where anonymous users can upload files, and another user uploads a virus the files antivirus app would detect the virus but fails to delete it due to permission issues. This affects the...

CVE-2020-16144

When using an object storage like S3 as the file store, when a user creates a public link to a folder where anonymous users can upload files, and another user uploads a virus the files antivirus app would detect the virus but fails to delete it due to permission issues. This affects the...