Description
Incomplete blacklist vulnerability in lib/filesystem.php in ownCloud before 4.0.9 and 4.5.x before 4.5.2 allows remote authenticated users to execute arbitrary PHP code by uploading a file with a special crafted name.
Remediation
References
Related Vulnerabilities
WordPress Plugin ADIF Log Search Widget Cross-Site Scripting (1.0e)
MediaWiki Incorrect Authorization Vulnerability (CVE-2021-41801)
WordPress Plugin Sendit WP Newsletter 'id' Parameter SQL Injection (2.1.0)
WordPress Plugin Rotating Testimonial Cross-Site Scripting (1.1)
Apache Tomcat Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2018-1336)