CVE-2013-2045SQL Injection in Server

CWE-89SQL Injection4 documents4 sources
Severity
6.5MEDIUMNVD
EPSS
0.4%
top 42.39%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
OwncloudOwncloud Server
Timeline
PublishedMar 9
Latest updateMay 17

Description

SQL injection vulnerability in lib/db.php in ownCloud Server 5.0.x before 5.0.6 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 8.0 | Impact: 6.4

Affected Packages2 packages

NVDowncloud/owncloud_server6 versions+5
Ubuntuowncloud/owncloud< 6.0.1+dfsg-1ubuntu1

🔴Vulnerability Details

3
GHSA
GHSA-9vmc-cxvw-5ff4: SQL injection vulnerability in lib/db2022-05-17
OSV
CVE-2013-2045: SQL injection vulnerability in lib/db2014-03-09
CVEList
CVE-2013-2045: SQL injection vulnerability in lib/db2014-03-07
CVE-2013-2045 — SQL Injection in Owncloud Server | cvebase