Description

Directory traversal vulnerability in apps/files_trashbin/index.php in ownCloud Server before 5.0.6 allows remote authenticated users to access arbitrary files via a .. (dot dot) in the dir parameter.

Remediation

References

CVE-2013-2085

Related Vulnerabilities

XWiki Improper Encoding or Escaping of Output Vulnerability (CVE-2023-45135)

WordPress Plugin SlideDeck 2 Lite Responsive Content Slider Local/Remote File Inclusion (2.3.3)

PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-1283)

SharePoint CVE-2024-49070 Vulnerability (CVE-2024-49070)

OpenSSL Uncontrolled Resource Consumption Vulnerability (CVE-2016-8610)

Severity

Medium

Classification

CVE-2013-2085 CWE-22

Tags

Missing Update Known Vulnerabilities