Vulnerabilities > Owncloud > Owncloud > 7.0.3
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-11-21 | CVE-2023-49105 | Improper Authentication vulnerability in Owncloud An issue was discovered in ownCloud owncloud/core before 10.13.1. | 9.8 |
2022-11-10 | CVE-2022-43679 | Unspecified vulnerability in Owncloud The Docker image of ownCloud Server through 10.11 contains a misconfiguration that renders the trusted_domains config useless. | 5.3 |
2022-06-09 | CVE-2022-31649 | Exposure of Resource to Wrong Sphere vulnerability in Owncloud ownCloud owncloud/core before 10.10.0 Improperly Removes Sensitive Information Before Storage or Transfer. | 7.5 |
2017-07-17 | CVE-2017-9340 | Unspecified vulnerability in Owncloud An attacker is logged in as a normal user and can somehow make admin to delete shared folders in ownCloud Server before 10.0.2. | 4.0 |
2017-07-17 | CVE-2017-9339 | Unspecified vulnerability in Owncloud A logical error in ownCloud Server before 10.0.2 caused disclosure of valid share tokens for public calendars. | 5.0 |
2017-07-17 | CVE-2017-9338 | Cross-site Scripting vulnerability in Owncloud Inadequate escaping lead to XSS vulnerability in the search module in ownCloud Server before 8.2.12, 9.0.x before 9.0.10, 9.1.x before 9.1.6, and 10.0.x before 10.0.2. | 3.5 |
2015-10-26 | CVE-2015-7699 | Improper Input Validation vulnerability in Owncloud The files_external app in ownCloud Server before 7.0.9, 8.0.x before 8.0.7, and 8.1.x before 8.1.2 allows remote authenticated users to instantiate arbitrary classes and possibly execute arbitrary code via a crafted mount point option, related to "objectstore." | 9.0 |
2015-10-26 | CVE-2015-6670 | Unauthorized Access vulnerability in ownCloud ownCloud Server before 7.0.8, 8.0.x before 8.0.6, and 8.1.x before 8.1.1 does not properly check ownership of calendars, which allows remote authenticated users to read arbitrary calendars via the calid parameter to apps/calendar/export.php. | 4.0 |
2015-10-26 | CVE-2015-6500 | Path Traversal vulnerability in Owncloud Directory traversal vulnerability in ownCloud Server before 8.0.6 and 8.1.x before 8.1.1 allows remote authenticated users to list directory contents and possibly cause a denial of service (CPU consumption) via a .. | 7.5 |
2015-10-21 | CVE-2015-5954 | Unspecified vulnerability in Owncloud The virtual filesystem in ownCloud Server before 6.0.9, 7.0.x before 7.0.7, and 8.0.x before 8.0.5 does not consider that NULL is a valid getPath return value, which allows remote authenticated users to bypass intended access restrictions and gain access to users files via a sharing link to a file with a deleted parent folder. | 4.0 |