CVE-2013-7344

ownCloud < 4.0.12 and 4.5.x < 4.5.6 - Authenticated Remote Code Execution in core/settings.php

Title source: llm

Description

Unspecified vulnerability in core/settings.php in ownCloud before 4.0.12 and 4.5.x before 4.5.6 allows remote authenticated users to execute arbitrary PHP code via unknown vectors. NOTE: this issue was SPLIT from CVE-2013-0303 due to different affected versions.

References (1)

Core 1

Core References

Vendor Advisory x_refsource_confirm

http://owncloud.org/about/security/advisories/oC-SA-2013-006/

Scores

EPSS 0.0053

EPSS Percentile 67.4%

Details

Status published

Products (22)

owncloud/owncloud < 4.0.11

owncloud/owncloud_server 3.0.0

owncloud/owncloud_server 3.0.1

owncloud/owncloud_server 3.0.2

owncloud/owncloud_server 3.0.3

owncloud/owncloud_server 4.0.0

owncloud/owncloud_server 4.0.1

owncloud/owncloud_server 4.0.2

owncloud/owncloud_server 4.0.3

owncloud/owncloud_server 4.0.4

... and 12 more

Published Mar 24, 2014

Tracked Since Feb 18, 2026