Description
Incomplete blacklist vulnerability in lib/migrate.php in ownCloud before 4.0.13 and 4.5.x before 4.5.8, when the user_migrate application is enabled, allows remote authenticated users to import arbitrary files to the user's account via unspecified vectors.
Remediation
References
Related Vulnerabilities
WordPress Plugin Social Media Widget by Acurax Cross-Site Scripting (2.2)
WordPress Plugin Clever Addons for Elementor Multiple Cross-Site Scripting Vulnerabilities (2.0.15)
WordPress Plugin AccessPress Anonymous Post Pro Arbitrary File Upload (3.1.9)
Apache HTTP Server Improper Input Validation Vulnerability (CVE-2011-4415)