Description

Incomplete blacklist vulnerability in lib/migrate.php in ownCloud before 4.0.7 allows remote attackers to execute arbitrary code by uploading a crafted .htaccess file in an import.zip file and accessing an uploaded PHP file.

Remediation

References

CVE-2012-4389

Related Vulnerabilities

OpenSSL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-3738)

WordPress Plugin WooCommerce PayPal Checkout Payment Gateway Parameter Tampering (1.6.8)

WordPress Plugin Users Ultra SQL Injection (1.5.15)

Oracle JRE CVE-2013-0445 Vulnerability (CVE-2013-0445)

WordPress Plugin Favicon by RealFaviconGenerator Cross-Site Scripting (1.2.12)

Severity

Medium

Classification

CVE-2012-4389

Tags

Missing Update Known Vulnerabilities