Description

PHPDocX, as used in ownCloud Server before 5.0.15 and 6.0.x before 6.0.2, allows remote attackers to read arbitrary files, cause a denial of service, or possibly have other impact via an XML External Entity (XXE) attack.

Remediation

References

CVE-2014-2056

Related Vulnerabilities

WordPress Plugin Duplicator-WordPress Migration Cross-Site Request Forgery (1.1.2)

Django URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2017-7233)

WordPress Plugin 123devis-affiliation Cross-Site Scripting (1.0.4)

WordPress Plugin MStore API-Create Native Android & iOS Apps On The Cloud Security Bypass (4.10.7)

Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20328)

Severity

High

Classification

CVE-2014-2056

Tags

Missing Update Known Vulnerabilities