Description
ownCloud Server before 5.0.16 and 6.0.x before 6.0.3 does not check permissions to the files_external application, which allows remote authenticated users to add external storage via unspecified vectors.
Remediation
References
Related Vulnerabilities
WordPress Plugin Post Grid Multiple Vulnerabilities (2.0.71)
TYPO3 Improper Input Validation Vulnerability (CVE-2013-4250)
Craft CMS Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-41892)
Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-7853)
WordPress Plugin EZPZ One Click Backup Remote Code Execution (12.03.10)