CVE-2012-5665

Published January 3rd, 2013

View on NVD ↗

CVSS v3

N/A

CVSS v2

4.3

MEDIUM

Affected

PROJECT

Description

ownCloud 4.0.x before 4.0.10 and 4.5.x before 4.5.5 does not properly restrict access to settings.php, which allows remote attackers to edit app configurations of user_webdavauth and user_ldap by editing this file.

owncloud/core

:cloud: ownCloud web server core (Files, DAV, etc.)

GitHub

8.79K