Sql injection

SQL injection vulnerability in lib/db.php in ownCloud Server 5.0.x before 5.0.6 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors...

CVE-2013-2045

CVE-2013-2045 affects ownCloud Server prior to 5.0.6 (and related advisory notes) where lib/db.php does not neutralize special elements passed to SQL queries, enabling SQL injection by remote authenticated users. The issue is limited to authenticated access and the impact is described as arbitrar...

Multiple SQL injection - ownCloud

ownCloud before 5.0.6 does not neutralize special elements that are passed to the SQL query in lib/db.php which therefore allows an authenticated attacker to execute arbitrary SQL commands. CVE-2013-2045 ownCloud before 5.0.6 and 4.5.11 does not neutralize special elements that are passed to the...

Server: Multiple SQL injection

ownCloud before 5.0.6 does not neutralize special elements that are passed to the SQL query in lib/db.php which therefore allows an authenticated attacker to execute arbitrary SQL commands. CVE-2013-2045 ownCloud before 5.0.6 and 4.5.11 does not neutralize special elements that are passed to the...