Description
Directory traversal vulnerability in the routing component in ownCloud Server before 5.0.17 and 6.0.x before 6.0.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in a filename, related to index.php.
Remediation
References
Related Vulnerabilities
WordPress Plugin WordPress Infinite Scroll-Ajax Load More Local File Inclusion (2.11.1)
WordPress Plugin WooCommerce EnvioPack Cross-Site Scripting (1.2)
MongoDb Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2025-12657)
WordPress Plugin AJAX Random Post Cross-Site Scripting (2.00)
Sqlite Improper Handling of Exceptional Conditions Vulnerability (CVE-2019-19924)