Description

Incomplete blacklist vulnerability in lib/migrate.php in ownCloud before 4.0.7 allows remote attackers to execute arbitrary code by uploading a crafted .htaccess file in an import.zip file and accessing an uploaded PHP file.

Remediation

References

CVE-2012-4389

Related Vulnerabilities

Oracle Database Server Other Vulnerability (CVE-2007-0269)

Oracle JRE CVE-2013-2457 Vulnerability (CVE-2013-2457)

WordPress Plugin Post Custom Templates Lite Cross-Site Scripting (1.6)

WordPress Plugin WP-Stats-Dashboard SQL Injection (2.9.4)

WordPress 2.6.3 Cross-Site Scripting Vulnerability (0.6.2 - 2.6.3)

Severity

Medium

Classification

CVE-2012-4389

Tags

Missing Update Known Vulnerabilities