Description

ownCloud Server before 6.0.3 does not properly check permissions, which allows remote authenticated users to (1) access the contacts of other users via the address book or (2) rename files via unspecified vectors.

Remediation

References

CVE-2014-3834

Related Vulnerabilities

MySQL CVE-2019-2632 Vulnerability (CVE-2019-2632)

Magento Improper Input Validation Vulnerability (CVE-2022-42344)

WordPress Plugin Search Meter CSV Injection (2.13.2)

WordPress Plugin Forminator-Contact Form, Payment Form & Custom Form Builder Cross-Site Scripting (1.29.0)

WordPress Plugin Advanced Shipping Validation for WooCommerce Cross-Site Scripting (1.0.0)

Severity

High

Classification

CVE-2014-3834 CWE-264

Tags

Missing Update Known Vulnerabilities