Description

ownCloud Server before 8.0.10, 8.1.x before 8.1.5, and 8.2.x before 8.2.2 allow remote authenticated users to obtain sensitive information from a directory listing and possibly cause a denial of service (CPU consumption) via the force parameter to index.php/apps/files/ajax/scan.php.

Remediation

References

CVE-2016-1499

Related Vulnerabilities

Artifactory Exposure of Resource to Wrong Sphere Vulnerability (CVE-2021-46687)

WordPress Plugin ProfileGrid-User Profiles, Groups and Communities Unspecified Vulnerability (2.6.4)

MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-9478)

WordPress Plugin Import and export users and customers Directory Traversal (1.14.2)

Oracle HTTP Server CVE-2006-0435 Vulnerability (CVE-2006-0435)

Severity

High

Classification

CVE-2016-1499 CWE-200 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:H

Tags

Missing Update Known Vulnerabilities