Description

Zend Framework, as used in ownCloud Server before 5.0.15 and 6.0.x before 6.0.2, allows remote attackers to read arbitrary files, cause a denial of service, or possibly have other impact via an XML External Entity (XXE) attack.

Remediation

References

CVE-2014-2052

Related Vulnerabilities

MySQL CVE-2017-3642 Vulnerability (CVE-2017-3642)

PHP Other Vulnerability (CVE-2005-1043)

WordPress Plugin Visual Composer Website Builder, Landing Page Builder, Custom Theme Builder, Maintenance Mode & Coming Soon Pages Multiple Cross-Site Scripting Vulnerabilities (45.0)

WordPress Plugin GigPress Multiple SQL Injection Vulnerabilities (2.3.8)

e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-15901)

Severity

Critical

Classification

CVE-2014-2052 CWE-611 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities