ownCloud Server (ownCloud Core) 8.0.8
Approved changes feed: RSS · Atom
cpe:2.3:a:owncloud:owncloud_server:8.0.8:*:*:*:*:*:*:*
part: a version: 8.0.8 update: *
| Vendor | Owncloud (7adb7c81-0e09-5084-ad84-9888a985e435) |
|---|---|
| Product | Owncloud Server (2291c676-bc20-574c-a431-505f3752afb3) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:github/owncloud/core |
purl2cpe | 2026-06-01 10:16:35.819834 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2016-1500 |
vulnerable | 2026-06-03 14:35:35.385995 |
Details available
ownCloud Server before 7.0.12, 8.0.x before 8.0.10, 8.1.x before 8.1.5, and 8.2.x before 8.2.2, when the "file_versions" application is enabled, does not properly check the return value of getOwner, which allows remote authenticated users to read the files with names starting with ".v" and belonging to a sharing user by leveraging an incoming share.
Published: 2016-01-08T21:00:00.000Z
Updated: 2024-08-05T22:55:14.649Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-1498 |
vulnerable | 2026-06-03 14:35:35.381080 |
Details available
Cross-site scripting (XSS) vulnerability in the OCS discovery provider component in ownCloud Server before 7.0.12, 8.0.x before 8.0.10, 8.1.x before 8.1.5, and 8.2.x before 8.2.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving a URL.
Published: 2016-01-08T21:00:00.000Z
Updated: 2024-08-05T22:55:14.840Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.