Description
Incomplete blacklist vulnerability in lib/filesystem.php in ownCloud before 4.0.9 and 4.5.x before 4.5.2 allows remote authenticated users to execute arbitrary PHP code by uploading a file with a special crafted name.
Remediation
References
Related Vulnerabilities
Ruby on Rails Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-2694)
WordPress Plugin Add Product Tabs for WooCommerce Security Bypass (1.4.2)
PrestaShop Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2018-8823)
Serendipity Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-8101)
Moodle Improper Authentication Vulnerability (CVE-2010-1613)