6 matches found
Design/Logic Flaw
The external SMB storage driver in ownCloud Server before 6.0.8, 7.0.x before 7.0.6, and 8.0.x before 8.0.4 allows remote authenticated users to execute arbitrary SMB commands via a ; semicolon character in a file...
CVE-2015-4718
CVE-2015-4718 affects ownCloud Serverβs external SMB storage driver. Affected versions are ownCloud Server before 6.0.8, 7.0.x before 7.0.6, and 8.0.x before 8.0.4. The vulnerability allows remote authenticated users to execute arbitrary SMB commands via a semicolon character in a file, enabling ...
Command injection when using external SMB storage - ownCloud
The external legacy SMB storage not using php-libsmbclient of ownCloud was not properly neutralizing all special elements which allows an adversary to execute arbitrary SMB commands. Effectively this allows an attacker to gain access to any file on the system or overwrite it, potentially leading ...
Server: Command injection when using external SMB storage
The external legacy SMB storage not using php-libsmbclient of ownCloud was not properly neutralizing all special elements which allows an adversary to execute arbitrary SMB commands. Effectively this allows an attacker to gain access to any file on the system or overwrite it, potentially leading ...
Command injection when using external SMB storage - ownCloud
The external SMB storage of ownCloud was not properly neutralizing all special elements which allows an adversary to execute arbitrary SMB commands. This was caused by improperly sanitizing the ; character which is interpreted as command separator by smbclient the used software to connect to SMB...
Server: Command injection when using external SMB storage
The external SMB storage of ownCloud was not properly neutralizing all special elements which allows an adversary to execute arbitrary SMB commands. This was caused by improperly sanitizing the ; character which is interpreted as command separator by smbclient the used software to connect to SMB...