8 matches found
EUVD-2013-0320
Malware in sbrugna...
CVE-2013-0300
Multiple cross-site request forgery CSRF vulnerabilities in ownCloud 4.5.x before 4.5.7 allow remote attackers to hijack the authentication of users for requests that 1 change the default view via the v parameter to apps/calendar/ajax/changeview.php, mount arbitrary 2 Google Drive or 3 Dropbox...
Cross site request forgery (csrf)
Multiple cross-site request forgery CSRF vulnerabilities in ownCloud 4.5.x before 4.5.7 allow remote attackers to hijack the authentication of users for requests that 1 change the default view via the v parameter to apps/calendar/ajax/changeview.php, mount arbitrary 2 Google Drive or 3 Dropbox...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in ownCloud 4.5.x before 4.5.8 allow remote authenticated users with administrator privileges to inject arbitrary web script or HTML via the 1 quota parameter to /core/settings/ajax/setquota.php, or remote authenticated users with group admin...
Server: Code execution in external storage
Due to not sufficiently sanitizing the user input in "settings/personal.php" in ownCloud 4.5.x before 4.5.6 an authenticated remote attackers may be able to execute arbitrary code by entering special crafted PHP code in the mount point settings. For more information please consult the official...
CVE-2012-5608
Cross-site scripting XSS vulnerability in apps/userwebdavauth/settings.php in ownCloud 4.5.x before 4.5.2 allows remote attackers to inject arbitrary web script or HTML via arbitrary POST parameters...
CVE-2012-5608
Cross-site scripting XSS vulnerability in apps/userwebdavauth/settings.php in ownCloud 4.5.x before 4.5.2 allows remote attackers to inject arbitrary web script or HTML via arbitrary POST parameters...
Server: XSS vulnerability in user_webdavauth
A cross-site scripting XSS vulnerability in ownCloud 4.5.x before 4.5.2 allow remote attackers to inject arbitrary web script or HTML via the POST data to settings.php in apps/userwebdavauth/ For more information please consult the official advisory. This advisory is licensed CC BY-SA 4.0...