Owncloud Server@4.0.15 Security Vulnerabilities and Issues — Owncloud Server@4.0.15 CVE List

Lucene search

OwncloudOwncloud Server4.0.15

5 matches found

CVE•added 2014/10/06 11:55 p.m.•71 views

CVE-2014-2044

Incomplete blacklist vulnerability in ajax/upload.php in ownCloud before 5.0, when running on Windows, allows remote authenticated users to bypass intended access restrictions, upload files with arbitrary names, and execute arbitrary code via an Alternate Data Stream (ADS) syntax in the filename pa...

7.5CVSS7.3AI score0.17806EPSS

CVE•added 2014/03/14 4:55 p.m.•69 views

CVE-2014-2049

The default Flash Cross Domain policies in ownCloud before 5.0.15 and 6.x before 6.0.2 allows remote attackers to access user files via unspecified vectors.

5CVSS6.6AI score0.0025EPSS

CVE•added 2013/08/15 5:55 p.m.•60 views

CVE-2013-1942

Multiple cross-site scripting (XSS) vulnerabilities in actionscript/Jplayer.as in the Flash SWF component (jplayer.swf) in jPlayer before 2.2.20, as used in ownCloud Server before 5.0.4 and other products, allow remote attackers to inject arbitrary web script or HTML via the (1) jQuery or (2) id pa...

4.3CVSS5.6AI score0.09552EPSS

CVE•added 2014/03/24 4:31 p.m.•47 views

CVE-2014-2057

Multiple cross-site scripting (XSS) vulnerabilities in ownCloud before 6.0.2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3CVSS5.8AI score0.00263EPSS

CVE•added 2014/03/14 4:55 p.m.•45 views

CVE-2013-2150

Multiple cross-site scripting (XSS) vulnerabilities in js/viewer.js in ownCloud before 4.5.12 and 5.x before 5.0.7 allow remote attackers to inject arbitrary web script or HTML via vectors related to shared files.

3.5CVSS5.6AI score0.00185EPSS