Description

Incomplete blacklist vulnerability in lib/migrate.php in ownCloud before 4.0.7 allows remote attackers to execute arbitrary code by uploading a crafted .htaccess file in an import.zip file and accessing an uploaded PHP file.

Remediation

References

CVE-2012-4389

Related Vulnerabilities

WordPress Plugin SimpleFlickr Cross-Site Request Forgery (3.0.3)

WordPress Plugin Discount Rules for WooCommerce Multiple Vulnerabilities (2.0.2)

WordPress Plugin PayPlus Payment Gateway SQL Injection (7.0.7)

WordPress Plugin Contact Form by BestWebSoft Cross-Site Request Forgery (3.82)

WordPress Plugin WP Table Builder-WordPress Table Security Bypass (1.3.15)

Severity

Medium

Classification

CVE-2012-4389

Tags

Missing Update Known Vulnerabilities