Vulnerability Details CVE-2013-2046
SQL injection vulnerability in lib/bookmarks.php in ownCloud Server 4.5.x before 4.5.11 and 5.x before 5.0.6 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 53.0%
CVSS Severity
CVSS v2 Score 6.5
References
- http://osvdb.org/93383
- http://owncloud.org/about/security/advisories/oC-SA-2013-019
- http://seclists.org/oss-sec/2013/q2/324
- http://www.securityfocus.com/bid/59969
- http://osvdb.org/93383
- http://owncloud.org/about/security/advisories/oC-SA-2013-019
- http://seclists.org/oss-sec/2013/q2/324
- http://www.securityfocus.com/bid/59969
Products affected by CVE-2013-2046
-
cpe:2.3:a:owncloud:owncloud_server:4.5.0
-
cpe:2.3:a:owncloud:owncloud_server:4.5.1
-
cpe:2.3:a:owncloud:owncloud_server:4.5.10
-
cpe:2.3:a:owncloud:owncloud_server:4.5.2
-
cpe:2.3:a:owncloud:owncloud_server:4.5.3
-
cpe:2.3:a:owncloud:owncloud_server:4.5.4
-
cpe:2.3:a:owncloud:owncloud_server:4.5.5
-
cpe:2.3:a:owncloud:owncloud_server:4.5.6
-
cpe:2.3:a:owncloud:owncloud_server:4.5.7
-
cpe:2.3:a:owncloud:owncloud_server:4.5.8
-
cpe:2.3:a:owncloud:owncloud_server:4.5.9
-
cpe:2.3:a:owncloud:owncloud_server:5.0.0
-
cpe:2.3:a:owncloud:owncloud_server:5.0.1
-
cpe:2.3:a:owncloud:owncloud_server:5.0.2
-
cpe:2.3:a:owncloud:owncloud_server:5.0.3
-
cpe:2.3:a:owncloud:owncloud_server:5.0.4
-
cpe:2.3:a:owncloud:owncloud_server:5.0.5