CVE-2013-0303 — Owncloud vulnerability

4 documents4 sources

Severity

6.5MEDIUMNVD

EPSS

11.3%

top 6.46%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Owncloud Owncloud Server

Timeline

PublishedMar 24

Latest updateMay 5

Description

Unspecified vulnerability in core/ajax/translations.php in ownCloud before 4.0.12 and 4.5.x before 4.5.6 allows remote authenticated users to execute arbitrary PHP code via unknown vectors. NOTE: this entry has been SPLIT due to different affected versions. The core/settings.php issue is covered by CVE-2013-7344.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 8.0 | Impact: 6.4

Affected Packages2 packages

▶NVDowncloud/owncloud4.0.11

▶NVDowncloud/owncloud_server17 versions+16

🔴Vulnerability Details

GHSA

GHSA-42m9-36rv-vf4h: Unspecified vulnerability in core/ajax/translations↗2022-05-05

▶

CVEList

CVE-2013-0303: Unspecified vulnerability in core/ajax/translations↗2014-03-23

▶

💥Exploits & PoCs

Exploit-DB

D-Link IP Cameras - Multiple Vulnerabilities↗2013-05-01

▶