what you don't know can hurt you
Showing 1 - 25 of 100 RSS Feed

Files

ownCloud 3.0.0 Cross Site Scripting
Posted Apr 18, 2012
Authored by Tobias Glemser

ownCloud version 3.0.0 suffers from cross site scripting and open redirection vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2012-2269, CVE-2012-2270
SHA-256 | dcb41a8d27105adce78fe22f673e0fa7b51d9f521221de638e38bba3db43a2cf

Related Files

OwnCloud 8.1.8 Username Disclosure
Posted Nov 29, 2019
Authored by Daniel Moreno

OwnCloud version 8.1.8 suffers from a username disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | 0307de97c325435adcb9198b8abdd9f7094e634c0324db4c86daa7772020153a
ownCloud 10.3.0 Stable Cross Site Request Forgery
Posted Nov 1, 2019
Authored by Ozer Goker

ownCloud version 10.3.0 Stable suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | c22b2a37ba5d1cb6b5858d7411c84b3b052ad0aa8deb6f83ddf846ab7d9d2e99
ownCloud 0.1.2 User Impersonation Authorization Bypass
Posted Aug 31, 2018
Authored by Thierry Viaccoz

ownCloud version 0.1.2 suffers from a user impersonation authorization bypass vulnerability.

tags | exploit, bypass
SHA-256 | 29b952619c8992a8a4ce5753eaedfa7b6eaafa33618c92674d49b3731375dc42
ownCloud iOS Application 3.7.3 Cross Site Scripting
Posted Aug 15, 2018
Authored by Sylvain Heiniger

ownCloud version 3.7.3 for iOS suffers from a cross site scripting vulnerability.

tags | exploit, xss
systems | ios
SHA-256 | 60a743c516f85803a1928a7f4848da9eaf304718636f0a2239685f689d400f9c
OwnCloud Server 10.0 User Enumeration
Posted Jan 29, 2018
Authored by n4xh4ck5

OwnCloud Server versions 8.1 through 10.0 suffer from a user enumeration vulnerability.

tags | exploit
SHA-256 | f37e67829e665a898bf68c2848f71f8bc90ffbb5b72d6424387b5e59ac1e5c43
NextCloud / OwnCloud Cross Site Scripting
Posted May 16, 2017
Authored by Manuel Mancera

NextCloud and OwnCloud suffer from a cross site scripting vulnerability in their error pages. OwnCloud versions 9.1.5 and below are affected. NextCloud versions prior to 11.0.3, 10.0.5, and 9.0.58 are affected.

tags | exploit, xss
advisories | CVE-2017-0891
SHA-256 | 65879de6c3bc16a06a84fa76fc56c4fec014ee26d19bb377b0cde628a8e097a2
ownCloud 10.0.1 Cross Site Scripting
Posted Nov 7, 2016
Authored by Felix Matei

ownCloud version 10.0.1 appears to be missing multiple patches for cross site scripting and more.

tags | exploit, xss
SHA-256 | e3c48c0271c0c89ae80ecf8f0d0ab034e903539703cefb633858b163ea696d4b
ownCloud Desktop Client 2.2.2 Privilege Escalation
Posted Aug 19, 2016
Authored by Florian Bogner

ownCloud's desktop client versions up to 2.2.2 suffer from a local privilege escalation vulnerability.

tags | exploit, local
SHA-256 | b2623943c1aa93651044b4c1a58687459e6c32e5ec23cc3c6403bce318ee3b99
ownCloud 8.2.1 / 8.1.4 / 8.0.9 Information Exposure
Posted Jan 7, 2016
Authored by Dr. Erlijn van Genuchten

ownCloud versions 8.2.1 and below, 8.1.4 and below, and 8.0.9 and below suffer from an information exposure vulnerability via directory listings.

tags | exploit
advisories | CVE-2016-1499
SHA-256 | 2a03e49b47f5b92a36e0f7c8b25d095b6e9255abca3e8fe34b1f15409b04a89c
Debian Security Advisory 3373-1
Posted Oct 19, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3373-1 - Multiple vulnerabilities were discovered in ownCloud, a cloud storage web service for files, music, contacts, calendars and many more. These flaws may lead to the execution of arbitrary code, authorization bypass, information disclosure, cross-site scripting or denial of service.

tags | advisory, web, denial of service, arbitrary, vulnerability, xss, info disclosure
systems | linux, debian
advisories | CVE-2015-4716, CVE-2015-4717, CVE-2015-4718, CVE-2015-5953, CVE-2015-5954, CVE-2015-6500, CVE-2015-6670, CVE-2015-7699
SHA-256 | 1bc9f55ce18ea43fc980ec3cf5109f1173d1f737ff38d3de1551ddf14db90a50
Debian Security Advisory 3363-1
Posted Sep 21, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3363-1 - Johannes Kliemann discovered a vulnerability in ownCloud Desktop Client, the client-side of the ownCloud file sharing services. The vulnerability allows man-in-the-middle attacks in situations where the server is using self-signed certificates and the connection is already established. If the user in the client side manually distrusts the new certificate, the file syncing will continue using the malicious server as valid.

tags | advisory
systems | linux, debian
advisories | CVE-2015-4456
SHA-256 | 838ab02bce7d5df058027fde7a8be27958a12c190fa0eaa403db96dd7e837939
Debian Security Advisory 3244-1
Posted May 4, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3244-1 - Multiple vulnerabilities were discovered in ownCloud, a cloud storage web service for files, music, contacts, calendars and many more.

tags | advisory, web, vulnerability
systems | linux, debian
advisories | CVE-2015-3011, CVE-2015-3012, CVE-2015-3013
SHA-256 | c48f4da91c626adbdf463cc9a563ebb5fb15d2e0f65687670230eb17c7d9d7ca
Mandriva Linux Security Advisory 2015-191
Posted Apr 2, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-191 - Multiple vulnerabilities has been discovered and corrected in owncloud. The updated packages have been upgraded to the 7.0.5 version where these security flaws has been fixed.

tags | advisory, vulnerability
systems | linux, mandriva
SHA-256 | f8a5e1a519b807d253347846f6363fdb094ab379701f13b264d2eead2d04dfb8
Mandriva Linux Security Advisory 2015-190
Posted Apr 2, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-190 - Multiple vulnerabilities have been discovered and corrected in owncloud. The updated packages have been upgraded to the 5.0.19 version where these security flaws has been fixed.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2014-9041, CVE-2014-9042, CVE-2014-9043, CVE-2014-9045
SHA-256 | 6fd377dd29bbd30e66c0b3e1c809d20c1adae98eff802df38dd47ec10d0d5bf9
ownCloud 7.0.0 Private RSA Key Disclosure
Posted Aug 4, 2014
Authored by Senderek Web Security

In consequence of an insufficient threat model, ownCloud is storing all user's private RSA keys in clear text in PHP session files. These unencrypted private keys can be accessed by every web application that has the privilege of the web server user. The affected files exposing cryptographic keys will be stored in the PHP session directory for a number of hours until they are removed. All versions of ownCloud since the introduction of the encryption module in version 5.0.7 including version 7.0.0 are affected.

tags | advisory, web, php, info disclosure
SHA-256 | a618a09a68105380a438f404228d67b0045ecb744d155c0bdce6d9697cc0177d
Mandriva Linux Security Advisory 2014-140
Posted Jul 30, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-140 - Owncloud versions 5.0.17 and 6.0.4 fix an unspecified security vulnerability, as well as many other bugs.

tags | advisory
systems | linux, mandriva
SHA-256 | 367ab066b22696b50ca46161ca38e28db8f30f3ee2f7ccdcce8b90c7d3e63a18
Mandriva Linux Security Advisory 2014-101
Posted May 19, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-101 - Owncloud versions 5.0.16 and 6.0.3 fix several unspecified security vulnerabilities, as well as many other bugs.

tags | advisory, vulnerability
systems | linux, mandriva
SHA-256 | bdf9b2bd496204828ef8370a8b35d1424c6743cfd4e0f4cdb1f5eaa2978d08cb
Mandriva Linux Security Advisory 2014-055
Posted Mar 13, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-055 - Owncloud versions 5.0.15 and 6.0.2 fix several unspecified security vulnerabilities, as well as many other bugs. See the upstream Changelog for more information.

tags | advisory, vulnerability
systems | linux, mandriva
SHA-256 | a9374eda146b1f80a69f3b2e5eb37ffa6b8eccdab53a92eeeb22ce221025494b
ownCloud 4.0.x / 4.5.x Remote Code Execution
Posted Mar 6, 2014
Authored by Alejo Murillo Moya | Site portcullis-security.com

ownCloud versions 4.0.x and 4.5.x suffer from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2014-2044
SHA-256 | c65453c7d509deaa48610d2f613f6869f087ed9c465830cd85a1506f6c8ea17c
ownCloud 6.0.0a File Deletion / XSS / CSRF
Posted Feb 6, 2014
Authored by absane

ownCloud version 6.0.0a suffers from file deletion, cross site request forgery, and cross site scripting vulnerabilities. It has also been reported that the same cross site scripting issue also affects Pydio version 5.20.

tags | exploit, vulnerability, xss, csrf
advisories | CVE-2014-1665
SHA-256 | 0fb9c931db1a45e7410c265273eefb3fe38de107452c5df50cfa8b1d1f8f8615
Mandriva Linux Security Advisory 2013-289
Posted Dec 19, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-289 - Possible security bypass on admin page under certain circumstances and MariaDB. The owncloud package has been updated to version 5.0.13, fixing this and many other issues.

tags | advisory
systems | linux, mandriva
advisories | CVE-2013-6403
SHA-256 | 2be9f28fc7baf97fcf0451a03c839ede1e68d3aff1131963db3c1c04ac9ef0e3
Mandriva Linux Security Advisory 2013-206
Posted Aug 5, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-206 - Updated owncloud package fixes security vulnerabilities. This update provides OwnCloud 5.0.9, which fixes these issues, as well as several other bugs.

tags | advisory, vulnerability
systems | linux, mandriva
SHA-256 | 3eb51aeedb33cebb10b94645c0e7b11c107847b8624dab381d23858d411d4ad3
Mandriva Linux Security Advisory 2013-175
Posted Jun 18, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-175 - Cross-site scripting vulnerabilities in js/viewer.js inside the files_videoviewer application via multiple unspecified vectors in all ownCloud versions prior to 5.0.7 and 4.5.12 allows authenticated remote attackers to inject arbitrary web script or HTML via shared files. Cross-site scripting vulnerabilities in core/js/oc-dialogs.js via multiple unspecified vectors in all ownCloud versions prior to 5.0.7 and other versions before 4.0.16 allows authenticated remote attackers to inject arbitrary web script or HTML via shared files. This advisory provides the latest versions of owncloud which is not vulnerable to these issues.

tags | advisory, remote, web, arbitrary, vulnerability, xss
systems | linux, mandriva
advisories | CVE-2013-2150, CVE-2013-2149
SHA-256 | 16f100b70ba225304cca8fb72249be12ecd48ace8433b1c00a0c74d79b895e96
Secunia Security Advisory 51872
Posted Jan 23, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in ownCloud, which can be exploited by malicious users to conduct script insertion attacks and compromise a vulnerable system and by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
SHA-256 | 5119c1655c6de8d45fb7fbf5310276f66a8eedd7928b069fa5c4b6cc1920857d
Secunia Security Advisory 51614
Posted Dec 27, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue and a vulnerability has been reported in ownCloud, which can be exploited by malicious people to conduct cross-site scripting attacks and bypass certain security restrictions.

tags | advisory, xss
SHA-256 | aea82d5bddcdce50365aacf9018fd929d68065c0a329d9b74771c5dca3f27f54
Page 1 of 4
Back1234Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    6 Files
  • 24
    May 24th
    19 Files
  • 25
    May 25th
    5 Files
  • 26
    May 26th
    12 Files
  • 27
    May 27th
    12 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close