owncloud
168 tracked vulnerabilities.
CVE-2012-5608
owncloud_server 4.5.x - Cross-Site Scripting via POST Parameters in User WebDAV Auth Settings
Dec 18, 2012
EPSS 0.00
CVE-2012-5607
ownCloud <4.0.9, <4.5.0 - Info Disclosure
Dec 18, 2012
EPSS 0.00
CVE-2012-5606
ownCloud < 4.0.9 - Cross-Site Scripting via File Name or Event Title
Dec 18, 2012
EPSS 0.01
CVE-2012-4753
owncloud < 4.0.4 - Cross-Site Request Forgery
Sep 05, 2012
EPSS 0.00
CVE-2012-4752
owncloud < 4.0.6 - Authenticated App Configuration Modification
Sep 05, 2012
EPSS 0.01
CVE-2012-4397
owncloud < 4.0.1 - Cross-Site Scripting via Calendar Displayname or Unspecified Vectors
Sep 05, 2012
EPSS 0.00
CVE-2012-4396
owncloud < 4.0.2 - Cross-Site Scripting via Multiple Input Vectors
Sep 05, 2012
EPSS 0.01
CVE-2012-4395
owncloud < 4.0.3 - Cross-Site Scripting via redirect_url Parameter
Sep 05, 2012
EPSS 0.00
CVE-2012-4394
owncloud < 4.0.5 - Cross-Site Scripting via File Parameter
Sep 05, 2012
EPSS 0.00
CVE-2012-4393
ownCloud < 4.0.6 - Cross-Site Request Forgery in Multiple AJAX Endpoints
Sep 05, 2012
EPSS 0.00
CVE-2012-4392
owncloud_server - Authentication Bypass via oc_token Cookie
Sep 05, 2012
EPSS 0.00
CVE-2012-4391
owncloud < 4.0.7 - Cross-Site Request Forgery in appconfig.php
Sep 05, 2012
EPSS 0.00
CVE-2012-4390
owncloud < 4.0.7 - Authenticated User Enumeration via Calendar and Contacts Remote Endpoints
Sep 05, 2012
EPSS 0.00
CVE-2012-4389
owncloud < 4.0.7 - Remote Code Execution via .htaccess File Upload
Sep 05, 2012
EPSS 0.02
CVE-2012-2398
owncloud < 3.0.3 - Cross-Site Scripting via Files Parameter
Apr 20, 2012
EPSS 0.00
CVE-2012-2397
owncloud < 3.0.3 - Cross-Site Request Forgery via Contacts XSS Sequence Insertion
Apr 20, 2012
EPSS 0.00
CVE-2012-2270
owncloud < 3.0.3 - Open Redirect via Login Page redirect_url Parameter
Apr 20, 2012
EPSS 0.16
CVE-2012-2269
ownCloud < 3.0.3 - Cross-Site Scripting via Multiple Input Parameters
Apr 20, 2012
EPSS 0.01