Description
Incomplete blacklist vulnerability in lib/filesystem.php in ownCloud before 4.0.9 and 4.5.x before 4.5.2 allows remote authenticated users to execute arbitrary PHP code by uploading a file with a special crafted name.
Remediation
References
Related Vulnerabilities
WordPress Plugin CIP4 Folder Download Widget Local File Inclusion (1.10)
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-1579)
WordPress Plugin FireStorm Professional Real Estate Multiple SQL Injection Vulnerabilities (2.05.01)
WordPress Plugin bib2html Cross-Site Scripting (0.9.3)
WordPress Plugin WP Mobile Menu-The Mobile-Friendly Responsive Menu Cross-Site Scripting (2.8.2.2)