Description

SQL injection vulnerability in addressbookprovider.php in ownCloud Server before 5.0.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, related to the contacts application.

Remediation

References

CVE-2013-1893

Related Vulnerabilities

XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-36469)

WordPress Plugin Rating-Widget:Star Review System Multiple Cross-Site Scripting Vulnerabilities (1.3.1)

MyBB CVE-2015-2786 Vulnerability (CVE-2015-2786)

WordPress Plugin Scout bazar Cross-Site Scripting (1.3.3)

WordPress Plugin Shortlinks by Pretty Links-Best WordPress Link Tracking Multiple Cross-Site Scripting and SQL Injection Vulnerabilities (1.5.2)

Severity

Medium

Classification

CVE-2013-1893 CWE-138

Tags

Missing Update Known Vulnerabilities