Описание
Incomplete blacklist vulnerability in ownCloud before 5.0.6 allows remote authenticated users to execute arbitrary PHP code by uploading a crafted file, then accessing it via a direct request to the file in /data.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 6.0.1+dfsg-1ubuntu1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected [6.0.1+dfsg-1ubuntu1]] |
| lucid | DNE | |
| precise | not-affected | |
| quantal | not-affected | 4.0.8debian-1.1ubuntu0.1 |
| raring | ignored | end of life |
| saucy | not-affected | 5.0.10+dfsg-1ubuntu1 |
| trusty | not-affected | 6.0.1+dfsg-1ubuntu1 |
| trusty/esm | DNE | trusty was not-affected [6.0.1+dfsg-1ubuntu1] |
| upstream | released | 5.0.6 |
Показывать по
EPSS
4.6 Medium
CVSS2
Связанные уязвимости
Incomplete blacklist vulnerability in ownCloud before 5.0.6 allows remote authenticated users to execute arbitrary PHP code by uploading a crafted file, then accessing it via a direct request to the file in /data.
Incomplete blacklist vulnerability in ownCloud before 5.0.6 allows rem ...
Incomplete blacklist vulnerability in ownCloud before 5.0.6 allows remote authenticated users to execute arbitrary PHP code by uploading a crafted file, then accessing it via a direct request to the file in /data.
EPSS
4.6 Medium
CVSS2