Description
Incomplete blacklist vulnerability in lib/migrate.php in ownCloud before 4.0.13 and 4.5.x before 4.5.8, when the user_migrate application is enabled, allows remote authenticated users to import arbitrary files to the user's account via unspecified vectors.
Remediation
References
Related Vulnerabilities
WordPress Plugin lasTunes Cross-Site Scripting (3.6.1)
ColdFusion CFC Deserialization RCE (CVE-2023-26359/CVE-2023-26360)
WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3126)
WordPress Plugin Translate Multilingual sites-TranslatePress Cross-Site Scripting (2.0.8)