25 matches found
EUVD-2012-5493
Malware in sbrugna...
EUVD-2012-2385
Malware in sbrugna...
EUVD-2013-2114
Malware in sbrugna...
EUVD-2013-2025
Malware in sbrugna...
EUVD-2014-2101
Malware in sbrugna...
EUVD-2020-2709
Malware in sbrugna...
EUVD-2012-5496
Malware in sbrugna...
EUVD-2013-6224
Malware in sbrugna...
EUVD-2014-3896
Malware in sbrugna...
EUVD-2014-8872
Malware in sbrugna...
CVE-2012-4389
Incomplete blacklist vulnerability in lib/migrate.php in ownCloud before 4.0.7 allows remote attackers to execute arbitrary code by uploading a crafted .htaccess file in an import.zip file and accessing an uploaded PHP file...
ownCloud Security Breach
ownCloud is a personal cloud storage solution from US-based ownCloud, Inc. A security vulnerability exists in ownCloud core versions 10.6.0 through 10.13.0, which can be exploited to bypass WebDAV Api authentication using a pre-signed URL...
ownCloud < 10.8 Multiple Vulnerabilities
ownCloud is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:owncloud:owncloud"; ifdescription...
CVE-2021-29659
ownCloud 10.7 has an incorrect access control vulnerability, leading to remote information disclosure. Due to a bug in the related API endpoint, the attacker can enumerate all users in a single request by entering three whitespaces. Secondary, the retrieval of all users on a large instance could...
Owncloud Cross-Site Request Forgery Vulnerability
Owncloud ownCloud is a set of personal cloud storage solutions from the American company ownCloud Owncloud. A cross-site request forgery vulnerability exists in OwnCloud Core, which stems from a WEB application that does not adequately validate whether a request is coming from a trusted user, and...
CVE-2020-16255
ownCloud Core before 10.5 allows XSS in login page 'forgot password.'...
MGASA-2016-0040 Updated owncloud packages fix security vulnerability
A Cross-site scripting XSS vulnerability in the OCS discovery provider in ownCloud Server before 8.0.10 allows remote attackers to inject arbitrary web script or HTML via the URL resulting in a reflected Cross-Site-Scripting CVE-2016-1498. ownCloud Server before 8.0.10 allows remote authenticated...
Server: Calendar export: Authorization Bypass Through User-Controlled Key
Due to not properly checking the ownership of an calendar, an authenticated attacker is able to download calendars of other users via the "calid" GET parameter to export.php in /apps/calendar/ For more information please consult the official advisory. This advisory is licensed CC BY-SA 4.0...
ownCloud: apps.owncloud.com: Malicious file upload leads to remote code execution
Hello ownCloud Security Team, i am here to report a critical security vulnerability . Proof of concept : https://apps.owncloud.com/CONTENT/content-pre1/171172-1.php5 code source of uploaded file :...
MGASA-2015-0314 Updated owncloud package fixes security vulnerabilities
In ownCloud before 6.0.8 and 8.0.4, a bug in the SDK used to connect ownCloud against the Dropbox server might allow the owner of "Dropbox.com" to gain access to any files on the ownCloud server if an external Dropbox storage was mounted CVE-2015-4715. In ownCloud before 6.0.8 and 8.0.4, the...