Description

The documents application in ownCloud Server 6.x before 6.0.6 and 7.x before 7.0.3 allows remote attackers to bypass the password-protection for shared files via the API.

Remediation

References

CVE-2014-9048

Related Vulnerabilities

Nginx Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9511)

MySQL CVE-2020-14827 Vulnerability (CVE-2020-14827)

IBM RTC Cross-site Scripting (XSS) Vulnerability (CVE-2020-4691)

WordPress Plugin Verve Meta Boxes TimThumb Arbitrary File Upload (1.2.8)

Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2018-1302)

Severity

Medium

Classification

CVE-2014-9048 CWE-264

Tags

Missing Update Known Vulnerabilities