owncloud

173 tracked vulnerabilities.

CVE-2012-5056
owncloud < 4.0.8 - Cross-Site Scripting via Multiple Parameters
Jun 04, 2014
EPSS 0.01
CVE-2012-5666
owncloud_server 4.0.x-4.0.10 and 4.5.x-4.5.5 - Cross-Site Scripting via PATH_INFO to Bookmark Index
Jan 03, 2013
EPSS 0.02
CVE-2012-5665
ownCloud <4.0.10-4.5.5 - Info Disclosure
Jan 03, 2013
EPSS 0.02
CVE-2012-5610
owncloud < 4.0.9 and 4.5.x < 4.5.2 - Authenticated Remote Code Execution via Crafted Filename
Dec 18, 2012
EPSS 0.02
CVE-2012-5609
owncloud < 4.5.2 - Authenticated Remote Code Execution via ZIP File Upload
Dec 18, 2012
EPSS 0.02
CVE-2012-5608
owncloud_server 4.5.x - Cross-Site Scripting via POST Parameters in User WebDAV Auth Settings
Dec 18, 2012
EPSS 0.02
CVE-2012-5607
ownCloud <4.0.9, <4.5.0 - Info Disclosure
Dec 18, 2012
EPSS 0.02
CVE-2012-5606
ownCloud < 4.0.9 - Cross-Site Scripting via File Name or Event Title
Dec 18, 2012
EPSS 0.02
CVE-2012-4753
owncloud < 4.0.4 - Cross-Site Request Forgery
Sep 05, 2012
EPSS 0.01
CVE-2012-4752
owncloud < 4.0.6 - Authenticated App Configuration Modification
Sep 05, 2012
EPSS 0.02
CVE-2012-4397
owncloud < 4.0.1 - Cross-Site Scripting via Calendar Displayname or Unspecified Vectors
Sep 05, 2012
EPSS 0.02
CVE-2012-4396
owncloud < 4.0.2 - Cross-Site Scripting via Multiple Input Vectors
Sep 05, 2012
EPSS 0.02
CVE-2012-4395
owncloud < 4.0.3 - Cross-Site Scripting via redirect_url Parameter
Sep 05, 2012
EPSS 0.02
CVE-2012-4394
owncloud < 4.0.5 - Cross-Site Scripting via File Parameter
Sep 05, 2012
EPSS 0.02
CVE-2012-4393
ownCloud < 4.0.6 - Cross-Site Request Forgery in Multiple AJAX Endpoints
Sep 05, 2012
EPSS 0.01
CVE-2012-4392
owncloud_server - Authentication Bypass via oc_token Cookie
Sep 05, 2012
EPSS 0.03
CVE-2012-4391
owncloud < 4.0.7 - Cross-Site Request Forgery in appconfig.php
Sep 05, 2012
EPSS 0.01
CVE-2012-4390
owncloud < 4.0.7 - Authenticated User Enumeration via Calendar and Contacts Remote Endpoints
Sep 05, 2012
EPSS 0.02
CVE-2012-4389
owncloud < 4.0.7 - Remote Code Execution via .htaccess File Upload
Sep 05, 2012
EPSS 0.03
CVE-2012-2398
owncloud < 3.0.3 - Cross-Site Scripting via Files Parameter
Apr 20, 2012
EPSS 0.01
CVE-2012-2397
owncloud < 3.0.3 - Cross-Site Request Forgery via Contacts XSS Sequence Insertion
Apr 20, 2012
EPSS 0.01
CVE-2012-2270
owncloud < 3.0.3 - Open Redirect via Login Page redirect_url Parameter
Apr 20, 2012
EPSS 0.06
CVE-2012-2269
ownCloud < 3.0.3 - Cross-Site Scripting via Multiple Input Parameters
Apr 20, 2012
EPSS 0.03