Description

ownCloud Server before 8.0.9 and 8.1.x before 8.1.4 allow remote authenticated users to obtain sensitive information via unspecified vectors, which reveals the installation path in the resulting exception messages.

Remediation

References

CVE-2016-1501

Related Vulnerabilities

WordPress Plugin Portrait-Archiv.com Photostore Cross-Site Scripting (3.1)

WordPress Plugin Registrations for the Events Calendar-Event Registration SQL Injection (2.7.5)

WordPress Plugin Image Hover Effects Ultimate (Image Gallery, Effects, Lightbox, Comparison or Magnifier) Cross-Site Scripting (9.7.0)

WordPress Plugin Product Reviews Import Export for WooCommerce CSV Injection (1.4.8)

WP Plugin Contact Form 7 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-35489)

Severity

Medium

Classification

CVE-2016-1501 CWE-200 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Tags

Missing Update Known Vulnerabilities