CVE-2013-0303
published 2014-03-24CVE-2013-0303: Unspecified vulnerability in core/ajax/translations.php in ownCloud before 4.0.12 and 4.5.x before 4.5.6 allows remote authenticated users to execute arbitrary…
PriorityP335medium6.5CVSS 2.0
AVNACLAuSCPIPAP
EPSS
2.58%
83.3th percentile
Unspecified vulnerability in core/ajax/translations.php in ownCloud before 4.0.12 and 4.5.x before 4.5.6 allows remote authenticated users to execute arbitrary PHP code via unknown vectors. NOTE: this entry has been SPLIT due to different affected versions. The core/settings.php issue is covered by CVE-2013-7344.
Affected
22 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| owncloud | owncloud | <= 4.0.11 | — |
| owncloud | owncloud_server | — | — |
| owncloud | owncloud_server | — | — |
| owncloud | owncloud_server | — | — |
| owncloud | owncloud_server | — | — |
| owncloud | owncloud_server | — | — |
| owncloud | owncloud_server | — | — |
| owncloud | owncloud_server | — | — |
| owncloud | owncloud_server | — | — |
| owncloud | owncloud_server | — | — |
| owncloud | owncloud_server | — | — |
| owncloud | owncloud_server | — | — |
| owncloud | owncloud_server | — | — |
| owncloud | owncloud_server | — | — |
| owncloud | owncloud_server | — | — |
| owncloud | owncloud_server | — | — |
| owncloud | owncloud_server | — | — |
| owncloud | owncloud_server | — | — |
| owncloud | owncloud_server | — | — |
| owncloud | owncloud_server | — | — |
| owncloud | owncloud_server | — | — |
| owncloud | owncloud_server | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
ownCloud up to 4.5.5 privilege escalation (ID 801070)
vuldb·2026-05-08·CVSS 6.5
CVE-2013-0303 [MEDIUM] ownCloud up to 4.5.5 privilege escalation (ID 801070)
A vulnerability marked as critical has been reported in ownCloud. This issue affects some unknown processing. This manipulation causes privilege escalation.
This vulnerability appears as CVE-2013-0303. The attack may be initiated remotely. There is no available exploit.
It is suggested to upgrade the affected component.
GHSA
GHSA-7pcc-qp95-233j: Unspecified vulnerability in core/settings
ghsa_unreviewed·2022-05-17·CVSS 6.5
CVE-2013-7344 [MEDIUM] GHSA-7pcc-qp95-233j: Unspecified vulnerability in core/settings
Unspecified vulnerability in core/settings.php in ownCloud before 4.0.12 and 4.5.x before 4.5.6 allows remote authenticated users to execute arbitrary PHP code via unknown vectors. NOTE: this issue was SPLIT from CVE-2013-0303 due to different affected versions.
GHSA
GHSA-42m9-36rv-vf4h: Unspecified vulnerability in core/ajax/translations
ghsa_unreviewed·2022-05-05·CVSS 6.5
CVE-2013-0303 [MEDIUM] GHSA-42m9-36rv-vf4h: Unspecified vulnerability in core/ajax/translations
Unspecified vulnerability in core/ajax/translations.php in ownCloud before 4.0.12 and 4.5.x before 4.5.6 allows remote authenticated users to execute arbitrary PHP code via unknown vectors. NOTE: this entry has been SPLIT due to different affected versions. The core/settings.php issue is covered by CVE-2013-7344.
No detection rules found.
No writeups or analysis indexed.
2014-03-24
Published