Description

Incomplete blacklist vulnerability in lib/migrate.php in ownCloud before 4.5.2 allows remote authenticated users to execute arbitrary PHP code by uploading a crafted mount.php file in a ZIP file.

Remediation

References

CVE-2012-5609

Related Vulnerabilities

WordPress Plugin Resim Ara Cross-Site Scripting (3.0)

Atlassian Jira Missing Authorization Vulnerability (CVE-2017-18101)

WordPress Plugin Classified Listing Pro & Directory Cross-Site Scripting (2.0.19)

WordPress Plugin WP Survey And Quiz Tool 'rowcount' Parameter Cross-Site Scripting (2.9.2)

WordPress Plugin GEO my WordPress Unspecified Vulnerability (2.6.1.1)

Severity

Medium

Classification

CVE-2012-5609

Tags

Missing Update Known Vulnerabilities