Directory traversal vulnerability in ownCloud Server before 8.0.6 and 8.1.x before 8.1.1 allows remote authenticated users to list directory contents and possibly cause a denial of service (CPU consumption) via a .. (dot dot) in the dir parameter to index.php/apps/files/ajax/scan.php.
oryginał ENAV:N/AC:L/Au:S/C:P/I:N/A:COwncloud Server
APPOwncloud7.0.07.0.17.0.27.0.37.0.47.0.57.0.67.0.78.0.08.0.28.0.38.0.48.0.58.1.0
Powiązane podatności
OwnCloud: Pominięcie uwierzytelniania przez pre-signed URL (WebDAV API)
Zend Framework, as used in ownCloud Server before 5.0.15 and 6.0.x before 6.0.2, allows remote attackers to re...
ownCloud Server before 8.0.10, 8.1.x before 8.1.5, and 8.2.x before 8.2.2 allow remote authenticated users to ...
The files_external app in ownCloud Server before 7.0.9, 8.0.x before 8.0.7, and 8.1.x before 8.1.2 allows remo...
Directory traversal vulnerability in the routing component in ownCloud Server before 7.0.6 and 8.0.x before 8....