CVE-2019-25337

CRITICAL

OwnCloud 8.1.8 - Username Enumeration via Share Endpoint Wildcard Search

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2019-25337. PoCs published by Daniel Moreno.

AI-analyzed exploit summary This exploit demonstrates an information disclosure vulnerability in OwnCloud 8.1.8 by manipulating the 'search' parameter in a GET request to retrieve all usernames via a JSON response.

Description

OwnCloud 8.1.8 contains a username enumeration vulnerability that allows remote attackers to discover user accounts by manipulating the share.php endpoint. Attackers can send crafted GET requests to /index.php/core/ajax/share.php with a wildcard search parameter to retrieve comprehensive user information.

Exploits (1)

exploitdb WORKING POC
by Daniel Moreno · textwebappsphp
https://www.exploit-db.com/exploits/47745

This exploit demonstrates an information disclosure vulnerability in OwnCloud 8.1.8 by manipulating the 'search' parameter in a GET request to retrieve all usernames via a JSON response.

Classification
Working Poc 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: OwnCloud 8.1.8
Auth required
Prerequisites: Valid OwnCloud account · Interception tool like Burp Suite
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Exploit, Third Party Advisory exploit
https://www.exploit-db.com/exploits/47745
Various Sources product
https://owncloud.org/
Third Party Advisory third-party-advisory
https://www.vulncheck.com/advisories/owncloud-username-disclosure

Scores

CVSS v3 9.8
EPSS 0.0041
EPSS Percentile 32.2%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable yes
Technical Impact total

Details

CWE
CWE-203
Status published
Products (1)
OwnCloud/OwnCloud 8.1.8
Published Feb 12, 2026
Tracked Since Feb 18, 2026