ownCloud Improper Input Validation Vulnerability (CVE-2012-5336)

Description

lib/base.php in ownCloud before 4.0.8 does not properly validate the user_id session variable, which allows remote authenticated users to read arbitrary files via vectors related to WebDAV.

Remediation

References

CVE-2012-5336

Related Vulnerabilities

IBMHttpServer Other Vulnerability (CVE-2002-1822)

WordPress Plugin Newsletter CSV Injection (6.5.3)

LimeSurvey Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-7556)

WordPress 'xmlrpc.php' Remote Security Bypass Vulnerability (3.0.1 - 3.0.2)

WordPress Plugin AlertWire Information Disclosure (1.1.1)

Severity

Medium

Classification

CVE-2012-5336 CWE-20

Description

Remediation

References

Related Vulnerabilities

Severity

Classification

Tags

Take action and discover your vulnerabilities