CVE-2014-2056

ownCloud Server < 5.0.15 and 6.0.x < 6.0.2 - XML External Entity Injection via PHPDocX

Title source: llm
STIX 2.1

Description

PHPDocX, as used in ownCloud Server before 5.0.15 and 6.0.x before 6.0.2, allows remote attackers to read arbitrary files, cause a denial of service, or possibly have other impact via an XML External Entity (XXE) attack.

References (1)

Core 1
Core References

Scores

EPSS 0.0073
EPSS Percentile 72.8%

Details

Status published
Products (19)
owncloud/owncloud_server 5.0.0
owncloud/owncloud_server 5.0.1
owncloud/owncloud_server 5.0.2
owncloud/owncloud_server 5.0.3
owncloud/owncloud_server 5.0.4
owncloud/owncloud_server 5.0.5
owncloud/owncloud_server 5.0.6
owncloud/owncloud_server 5.0.7
owncloud/owncloud_server 5.0.8
owncloud/owncloud_server 5.0.9
... and 9 more
Published Jun 04, 2014
Tracked Since Feb 18, 2026