CyberSec.Space Logo
Back to CVE Browser

CVE-2015-4716

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0870%
EPSS Percentile26.24th
PublishedOct 21, 2015
Last ModifiedMay 6, 2026

Vulnerability Description

Directory traversal vulnerability in the routing component in ownCloud Server before 7.0.6 and 8.0.x before 8.0.4, when running on Windows, allows remote attackers to reinstall the application or execute arbitrary code via unspecified vectors.

Affected Platforms (CPE)

πŸ“¦
Owncloud

Owncloud

<= 7.0.5
πŸ“¦
Owncloud

Owncloud Server

= 8.0.0
πŸ“¦
Owncloud

Owncloud Server

= 8.0.2
πŸ“¦
Owncloud

Owncloud Server

= 8.0.3
πŸ’»
Microsoft

Windows

All versions

References & Advisories

πŸ”— http://www.debian.org/security/2015/dsa-3373
πŸ”— http://www.securityfocus.com/bid/76159
πŸ”— https://owncloud.org/security/advisory/?id=oc-sa-2015-006
πŸ”— http://www.debian.org/security/2015/dsa-3373
πŸ”— http://www.securityfocus.com/bid/76159
πŸ”— https://owncloud.org/security/advisory/?id=oc-sa-2015-006

Related Vulnerabilities

CVE-2014-20489.8

The user_openid app in ownCloud Server before 5.0.15 allows remote attackers to obtain access by leveraging an insecure OpenID imp...

CVE-2019-253379.8

OwnCloud 8.1.8 contains a username enumeration vulnerability that allows remote attackers to discover user accounts by manipulatin...

CVE-2021-359469.8

A receiver of a federated share with access to the database with ownCloud version before 10.8 could update the permissions and the...

CVE-2014-20529.8

Zend Framework, as used in ownCloud Server before 5.0.15 and 6.0.x before 6.0.2, allows remote attackers to read arbitrary files, ...