SQL injection vulnerability in lib/bookmarks.php in ownCloud Server 4.5.x before 4.5.11 and 5.x before 5.0.6 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
2014-03-09T13:16:56.287
2025-04-12T10:46:40.837
Deferred
CVSSv2: 6.5 (MEDIUM)
AV:N/AC:L/Au:S/C:P/I:P/A:P
8.0
6.4
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | owncloud | owncloud_server | 4.5.0 | Yes |
| Application | owncloud | owncloud_server | 4.5.1 | Yes |
| Application | owncloud | owncloud_server | 4.5.2 | Yes |
| Application | owncloud | owncloud_server | 4.5.3 | Yes |
| Application | owncloud | owncloud_server | 4.5.4 | Yes |
| Application | owncloud | owncloud_server | 4.5.5 | Yes |
| Application | owncloud | owncloud_server | 4.5.6 | Yes |
| Application | owncloud | owncloud_server | 4.5.7 | Yes |
| Application | owncloud | owncloud_server | 4.5.8 | Yes |
| Application | owncloud | owncloud_server | 4.5.9 | Yes |
| Application | owncloud | owncloud_server | 4.5.10 | Yes |
| Application | owncloud | owncloud_server | 5.0.0 | Yes |
| Application | owncloud | owncloud_server | 5.0.1 | Yes |
| Application | owncloud | owncloud_server | 5.0.2 | Yes |
| Application | owncloud | owncloud_server | 5.0.3 | Yes |
| Application | owncloud | owncloud_server | 5.0.4 | Yes |
| Application | owncloud | owncloud_server | 5.0.5 | Yes |