Shodan
Vulnerabilities
Vulnerable Software
Owncloud:  >> Owncloud  >> 5.0.19  Security Vulnerabilities
CVE-2014-3836
Multiple cross-site request forgery (CSRF) vulnerabilities in ownCloud Server before 6.0.3 allow remote attackers to hijack the authentication of users for requests that (1) conduct cross-site scripting (XSS) attacks, (2) modify files, or (3) rename files via unspecified vectors.
CVSS Score
6.8
EPSS Score
0.001
Published
2014-06-04
CVE-2014-3837
The document application in ownCloud Server before 6.0.3 uses sequential values for the file_id, which allows remote authenticated users to enumerate shared files via unspecified vectors.
CVSS Score
4.0
EPSS Score
0.002
Published
2014-06-04
CVE-2014-2057
Multiple cross-site scripting (XSS) vulnerabilities in ownCloud before 6.0.2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
4.3
EPSS Score
0.003
Published
2014-03-24
CVE-2014-2047
Session fixation vulnerability in ownCloud before 6.0.2, when PHP is configured to accept session parameters through a GET request, allows remote attackers to hijack web sessions via unspecified vectors.
CVSS Score
6.8
EPSS Score
0.004
Published
2014-03-14


Products
Pricing
Contact Us

Shodan ® - All rights reserved