Description

settings/personal.php in ownCloud 4.5.x before 4.5.6 allows remote authenticated users to execute arbitrary PHP code via crafted mount point settings.

Remediation

References

CVE-2013-0204

Related Vulnerabilities

WordPress Plugin Photo Gallery by 10Web-Mobile-Friendly Image Gallery Cross-Site Scripting (1.5.67)

Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2008-3325)

WordPress Plugin WatchMan-Site7 Cross-Site Request Forgery (3.0.2)

Microsoft SQL Server Other Vulnerability (CVE-2002-0721)

WordPress Plugin Cart All In One For WooCommerce Cross-Site Request Forgery (1.1.10)

Severity

Medium

Classification

CVE-2013-0204 CWE-94

Tags

Missing Update Known Vulnerabilities