Description

The external SMB storage driver in ownCloud Server before 6.0.8, 7.0.x before 7.0.6, and 8.0.x before 8.0.4 allows remote authenticated users to execute arbitrary SMB commands via a ; (semicolon) character in a file.

Remediation

References

CVE-2015-4718

Related Vulnerabilities

Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-10008)

Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-2158)

XOOPS Other Vulnerability (CVE-2005-0743)

WordPress Plugin 10Web Map Builder for Google Maps Cross-Site Scripting (1.0.71)

WordPress Plugin WooCommerce Affiliate-Coupon Affiliates Cross-Site Request Forgery (4.11.3.3)

Severity

Critical

Classification

CVE-2015-4718 CWE-138

Tags

Missing Update Known Vulnerabilities