Description

The files_external app in ownCloud Server before 7.0.9, 8.0.x before 8.0.7, and 8.1.x before 8.1.2 allows remote authenticated users to instantiate arbitrary classes and possibly execute arbitrary code via a crafted mount point option, related to "objectstore."

Remediation

References

CVE-2015-7699

Related Vulnerabilities

Opencart Improper Restriction of XML External Entity Reference Vulnerability (CVE-2014-3990)

WordPress Plugin WP Super Cache Remote Code Execution (1.7.1)

WordPress Plugin Media Library Assistant SQL Injection (2.84)

Liferay DXP URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2023-44308)

WordPress Plugin wp-publications Local File Inclusion (0.0)

Severity

Critical

Classification

CVE-2015-7699 CWE-20

Tags

Missing Update Known Vulnerabilities