258571
|
- |
|
owncloud
|
owncloud
|
Cross-site scripting (XSS) vulnerability in settings.php in ownCloud before 4.0.12 and 4.5.x before 4.5.7 allows remote administrators to inject arbitrary web script or HTML via the group input field…
|
CWE-79
Cross-site Scripting
|
CVE-2013-0307
|
2014-03-26 09:41 |
2014-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258572
|
- |
|
owncloud
|
owncloud
|
Multiple cross-site scripting (XSS) vulnerabilities in ownCloud 4.5.x before 4.5.7 allow remote attackers to inject arbitrary web script or HTML via (1) a crafted iCalendar file to the calendar appli…
|
CWE-79
Cross-site Scripting
|
CVE-2013-0298
|
2014-03-26 09:40 |
2014-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258573
|
- |
|
owncloud
|
owncloud
|
Multiple cross-site scripting (XSS) vulnerabilities in ownCloud before 4.0.12 and 4.5.x before 4.5.7 allow remote authenticated administrators to inject arbitrary web script or HTML via the (1) site_…
|
CWE-79
Cross-site Scripting
|
CVE-2013-0297
|
2014-03-26 09:39 |
2014-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258574
|
- |
|
owncloud
|
owncloud
|
Incomplete blacklist vulnerability in lib/migrate.php in ownCloud before 4.0.13 and 4.5.x before 4.5.8, when the user_migrate application is enabled, allows remote authenticated users to import arbit…
|
NVD-CWE-Other
|
CVE-2013-1851
|
2014-03-26 09:23 |
2014-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258575
|
- |
|
owncloud
|
owncloud
|
Per: https://cwe.mitre.org/data/definitions/184.html
"CWE-184: Incomplete Blacklist"
|
NVD-CWE-Other
|
CVE-2013-1851
|
2014-03-26 09:23 |
2014-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258576
|
- |
|
trojita_project
|
trojita
|
The OpenConnectionTask::handleStateHelper function in Imap/Tasks/OpenConnectionTask.cpp in Trojita before 0.4.1 allows man-in-the-middle attackers to trigger use of cleartext for saving a message int…
|
CWE-200
Information Exposure
|
CVE-2014-2567
|
2014-03-26 09:20 |
2014-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258577
|
- |
|
owncloud
|
owncloud
|
Multiple cross-site scripting (XSS) vulnerabilities in ownCloud 4.5.x before 4.5.8 allow remote authenticated users with administrator privileges to inject arbitrary web script or HTML via the (1) qu…
|
CWE-79
Cross-site Scripting
|
CVE-2013-1822
|
2014-03-26 06:07 |
2014-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258578
|
- |
|
owncloud
|
owncloud
|
Multiple incomplete blacklist vulnerabilities in (1) import.php and (2) ajax/uploadimport.php in apps/contacts/ in ownCloud before 4.0.13 and 4.5.x before 4.5.8 allow remote authenticated users to ex…
|
CWE-94
Code Injection
|
CVE-2013-1850
|
2014-03-26 06:04 |
2014-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258579
|
- |
|
owncloud
|
owncloud
|
Multiple cross-site scripting (XSS) vulnerabilities in js/viewer.js in ownCloud before 4.5.12 and 5.x before 5.0.7 allow remote attackers to inject arbitrary web script or HTML via vectors related to…
|
CWE-79
Cross-site Scripting
|
CVE-2013-2150
|
2014-03-26 06:03 |
2014-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258580
|
- |
|
owncloud
|
owncloud
|
Per: http://owncloud.org/about/security/advisories/oC-SA-2013-028/
"Cross-site scripting (XSS) vulnerabilities in js/viewer.js inside the files_videoviewer application via multiple unspecified vecto…
|
CWE-79
Cross-site Scripting
|
CVE-2013-2150
|
2014-03-26 06:03 |
2014-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|