4993 matches found
Login and token disclosure to other Nextcloud services (NC-SA-2019-017)
Violation of Secure Design Principles in the iOS App 2.23.0 causes the app to leak its login and token to other Nextcloud services when search e.g. for federated users or registering for push notifications...
Nextcloud 17 - Cross-Site Request Forgery Vulnerability
Exploit for php platform in category web applications Exploit Title: Nextcloud 17 - Cross-Site Request Forgery Exploit Author: Ozer Goker Vendor Homepage: https://nextcloud.com Software Link: https://nextcloud.com/install/instructions-server Version: 17 CVE: N/A Nextcloud offers the...
Nextcloud: Improper integrity protection of server-side encryption keys
The public keys used for the server-side encryption are not integrity-protected. These can easily replaced by anyone who has access to the data-at-rest data even when the per-user-keys are enabled, as described in https://nextcloud.com/security/threat-model/. This holds true for all key types -...
Nextcloud 17 - Cross-Site Request Forgery
Nextcloud 17 - Cross-Site Request Forgery Exploit Title: Nextcloud 17 - Cross-Site Request Forgery Date: 08.11.2019 Exploit Author: Ozer Goker Vendor Homepage: https://nextcloud.com Software Link: https://nextcloud.com/install/instructions-server Version: 17 CVE: N/A Nextcloud offers the...
Nextcloud 17 Cross Site Request Forgery
Exploit Title: Nextcloud 17 - Cross-Site Request Forgery Date: 08.11.2019 Exploit Author: Ozer Goker Vendor Homepage: https://nextcloud.com Software Link: https://nextcloud.com/install/instructions-server Version: 17 Nextcloud offers the industry-leading, on-premises content collaboration platfor...
Nextcloud 17 - Cross-Site Request Forgery
Exploit Title: Nextcloud 17 - Cross-Site Request Forgery Date: 08.11.2019 Exploit Author: Ozer Goker Vendor Homepage: https://nextcloud.com Software Link: https://nextcloud.com/install/instructions-server Version: 17 CVE: N/A Nextcloud offers the industry-leading, on-premises content collaboratio...
Nextcloud: Bypass configured 2FA provider with another provider that can be set up at login
In Nextcloud 17 there is the possibility to set up 2FA providers at login. A missing check allows the following steps 1 Enforce 2FA for all users 2 As a user, configure a 2FA provider via settings or at login 3 Log out 4 Log in again password only 5 When prompted with the earlier set up provider,...
Duplicate setup of second factor allowed (NC-SA-2020-006)
A missing check in Nextcloud Server 17.0.0 allowed an attacker to set up a new second factor when trying to login...
Nextcloud: Docker image with FPM is vulnerable to CVE-2019-11043
The CVE-2019-11043 vulnerability can be exploited in the latest nextcloud:fpm image. This is due to the specific nginx configuration recommended for nextcloud: https://github.com/nextcloud/dockerbase-version---fpm...
File-drop content is visible through the gallery app (NC-SA-2019-012)
Improper authorization in Nextcloud server 17.0.0 causes leaking of previews and files when a file-drop share link is opened via the gallery app...
Nextcloud: File-drop content is visible through the gallery app
I set up a file-drop on NC 17 btw, according to https://nextcloud.com/security/ NC17 is not covered - but it should be once it's released!: created folder, set share as upload-only. I access that folder as https://cloud.domain.com/s/randompath - fine: I get the upload interface and cannot see...
Video_Converter app denial of service vulnerability
Nextcloud is an open source suite of self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany.VideoConverter app is a video file format converter. A denial of service vulnerability exists in VideoConverter app version 0.1.0 for Nextcloud, which...
CVE-2019-18214
The VideoConverter app 0.1.0 for Nextcloud allows denial of service CPU and memory consumption via multiple concurrent conversions because many FFmpeg processes may be running at once. The workload is not queued for serial execution...
CVE-2019-18214
The VideoConverter app 0.1.0 for Nextcloud allows denial of service CPU and memory consumption via multiple concurrent conversions because many FFmpeg processes may be running at once. The workload is not queued for serial execution...
Design/Logic Flaw
The VideoConverter app 0.1.0 for Nextcloud allows denial of service CPU and memory consumption via multiple concurrent conversions because many FFmpeg processes may be running at once. The workload is not queued for serial execution...
CVE-2019-18214
The CVE-2019-18214 entry concerns the Video_Converter app 0.1.0 for Nextcloud. The underlying issue is a denial-of-service condition caused by running many FFmpeg processes concurrently; the workload is not serialized, allowing CPU and memory usage to spike. Affected component is the Video_Conver...
CVE-2019-18214
The VideoConverter app 0.1.0 for Nextcloud allows denial of service CPU and memory consumption via multiple concurrent conversions because many FFmpeg processes may be running at once. The workload is not queued for serial execution...
Nextcloud: Only the file extensions are checked, not the MIME types as configured
The tool is not working as hoped. File access control speaks of MIME types that are blocked or not blocked. In fact, only the file extensions are checked. If a user renames an unauthorized file to an allowed file, he can upload and download it. The MIME type of the current file is insignificant,...
Nextcloud: Exposing debug.log file leads to server full path disclosure
At the following address i have found debug.log file disclose the application full path on the server. https://nextcloud.com/wp-content/debug.log Impact The server should not expose this log file as it could help an attacker to understand the environment that may lead to further attacks...
Nextcloud: WordPress Plugin Insert or Embed Articulate Content into WordPress Remote Code Execution (UNAUTHORIZED)
because in the burp suite, the build request is complicated, I only use curl 1. Create file index.html and index.php Index.html : Hello world Index.php : 2. Once created enter into .zip COMPRESS 3. LETS UPLOAD CURL : curl site.com/index.php/wp-json/articulate/v1/upload-data -F "name=NAMAFILE" -F...