4 matches found
CVE-2025-40538 SolarWinds Serv-U Broken Access Control Remote Code Execution Vulnerability
A broken access control vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to create a system admin user and execute arbitrary code as a privileged account via domain admin or group admin privileges. This issue requires administrative privileges to abuse. On...
CVE-2013-1822
Multiple cross-site scripting XSS vulnerabilities in ownCloud 4.5.x before 4.5.8 allow remote authenticated users with administrator privileges to inject arbitrary web script or HTML via the 1 quota parameter to /core/settings/ajax/setquota.php, or remote authenticated users with group admin...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in ownCloud 4.5.x before 4.5.8 allow remote authenticated users with administrator privileges to inject arbitrary web script or HTML via the 1 quota parameter to /core/settings/ajax/setquota.php, or remote authenticated users with group admin...
CVE-2013-1822
Multiple cross-site scripting XSS vulnerabilities in ownCloud 4.5.x before 4.5.8 allow remote authenticated users with administrator privileges to inject arbitrary web script or HTML via the 1 quota parameter to /core/settings/ajax/setquota.php, or remote authenticated users with group admin...