ownCloud Server before 8.0.10, 8.1.x before 8.1.5, and 8.2.x before 8.2.2 allow remote authenticated users to obtain sensitive information from a directory listing and possibly cause a denial of service (CPU consumption) via the force parameter to index.php/apps/files/ajax/scan.php.
oryginał ENCVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:HOwncloud
APPOwncloud8.2.08.2.1≤ 8.0.9Owncloud Server
APPOwncloud8.1.08.1.18.1.38.1.4
Powiązane podatności
OwnCloud: Pominięcie uwierzytelniania przez pre-signed URL (WebDAV API)
A receiver of a federated share with access to the database with ownCloud version before 10.8 could update the...
Deleting users with certain names caused system files to be deleted. Risk is higher for systems which allow us...
Zend Framework, as used in ownCloud Server before 5.0.15 and 6.0.x before 6.0.2, allows remote attackers to re...
The user_openid app in ownCloud Server before 5.0.15 allows remote attackers to obtain access by leveraging an...