Vulnerability Details CVE-2013-2046
SQL injection vulnerability in lib/bookmarks.php in ownCloud Server 4.5.x before 4.5.11 and 5.x before 5.0.6 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.016
EPSS Ranking 72.5%
CVSS Severity
CVSS v2 Score 6.5
References
- http://osvdb.org/93383
- http://owncloud.org/about/security/advisories/oC-SA-2013-019
- http://seclists.org/oss-sec/2013/q2/324
- http://www.securityfocus.com/bid/59969
- http://osvdb.org/93383
- http://owncloud.org/about/security/advisories/oC-SA-2013-019
- http://seclists.org/oss-sec/2013/q2/324
- http://www.securityfocus.com/bid/59969
Products affected by CVE-2013-2046
-
cpe:2.3:a:owncloud:owncloud_server:4.5.0
-
cpe:2.3:a:owncloud:owncloud_server:4.5.1
-
cpe:2.3:a:owncloud:owncloud_server:4.5.10
-
cpe:2.3:a:owncloud:owncloud_server:4.5.2
-
cpe:2.3:a:owncloud:owncloud_server:4.5.3
-
cpe:2.3:a:owncloud:owncloud_server:4.5.4
-
cpe:2.3:a:owncloud:owncloud_server:4.5.5
-
cpe:2.3:a:owncloud:owncloud_server:4.5.6
-
cpe:2.3:a:owncloud:owncloud_server:4.5.7
-
cpe:2.3:a:owncloud:owncloud_server:4.5.8
-
cpe:2.3:a:owncloud:owncloud_server:4.5.9
-
cpe:2.3:a:owncloud:owncloud_server:5.0.0
-
cpe:2.3:a:owncloud:owncloud_server:5.0.1
-
cpe:2.3:a:owncloud:owncloud_server:5.0.2
-
cpe:2.3:a:owncloud:owncloud_server:5.0.3
-
cpe:2.3:a:owncloud:owncloud_server:5.0.4
-
cpe:2.3:a:owncloud:owncloud_server:5.0.5