Description

The documents application in ownCloud Server 6.x before 6.0.6 and 7.x before 7.0.3 allows remote attackers to bypass the password-protection for shared files via the API.

Remediation

References

CVE-2014-9048

Related Vulnerabilities

WordPress Plugin Timed Popup Cross-Site Request Forgery (1.3)

WordPress Plugin Newsletters PHP Object Injection (4.6.8.5)

Liferay Portal Incorrect Default Permissions Vulnerability (CVE-2022-42127)

WordPress Plugin Ad Swapper Cross-Site Scripting (1.0.3)

PHP Deserialization of Untrusted Data Vulnerability (CVE-2018-19396)

Severity

Medium

Classification

CVE-2014-9048 CWE-264

Tags

Missing Update Known Vulnerabilities