CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Nextcloud: >> Extract Security Vulnerabilities

CVE-2019-12739

lib/Controller/ExtractionController.php in the Extract add-on before 1.2.0 for Nextcloud allows Remote Code Execution via shell metacharacters in a RAR filename via ajax/extractRar.php (nameOfFile and directory parameters).

CVSS Score

9.0

EPSS Score

0.015

Published

2019-06-05

Page 1

Vulnerabilities

Vulnerable Software

Nextcloud: >> Extract Security Vulnerabilities

Products

Pricing

Contact Us