CVE-2012-4389

Published September 5th, 2012

View on NVD ↗

CVSS v3

N/A

CVSS v2

6.8

MEDIUM

Affected

PROJECT

Description

Incomplete blacklist vulnerability in lib/migrate.php in ownCloud before 4.0.7 allows remote attackers to execute arbitrary code by uploading a crafted .htaccess file in an import.zip file and accessing an uploaded PHP file.

owncloud/core

:cloud: ownCloud web server core (Files, DAV, etc.)

GitHub

8.79K