WEB APPLICATION VULNERABILITIES Standard & Premium

ownCloud Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-2048)

Description

ownCloud before 5.0.6 does not properly check permissions, which allows remote authenticated users to execute arbitrary API commands via unspecified vectors. NOTE: this can be leveraged using CSRF to allow remote attackers to execute arbitrary API commands.

Remediation

References

Related Vulnerabilities

MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2014-3454)

WordPress Plugin News Element Elementor Blog Magazine Local File Inclusion (1.0.5)

MySQL CVE-2020-14620 Vulnerability (CVE-2020-14620)

WordPress Plugin Easy Contact Form Solution Cross-Site Scripting (1.6)

XWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2023-29517)

Severity

Medium

Classification

CVE-2013-2048 CWE-264

Tags

Missing Update Known Vulnerabilities