Description
lib/base.php in ownCloud before 4.0.8 does not properly validate the user_id session variable, which allows remote authenticated users to read arbitrary files via vectors related to WebDAV.
Remediation
References
Related Vulnerabilities
WordPress Plugin Learning Courses Privilege Escalation (4.7)
Python Uncontrolled Resource Consumption Vulnerability (CVE-2019-9674)
MySQL CVE-2022-21325 Vulnerability (CVE-2022-21325)
MySQL Other Vulnerability (CVE-2004-0457)
WordPress Plugin BuddyPress Customer.io Analytics Integration Cross-Site Request Forgery (1.1.6)