cve/CVE-2023-23948.md at b8bb3913ae5ed6689c69f4d953bda7435b2f2da7

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-06 02:31:38 +00:00

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

Description

The ownCloud Android app allows ownCloud users to access, share, and edit files and folders. Version 2.21.1 of the ownCloud Android app is vulnerable to SQL injection in FileContentProvider.kt. This issue can lead to information disclosure. Two databases, filelist and owncloud_database, are affected. In version 3.0, the filelist database was deprecated. However, injections affecting owncloud_database remain relevant as of version 3.0.

POC

Reference

https://securitylab.github.com/advisories/GHSL-2022-059_GHSL-2022-060_Owncloud_Android_app/

Github

https://github.com/fardeen-ahmed/Bug-bounty-Writeups

1.1 KiB Raw Blame History

CVE-2023-23948

Description

POC

Reference

Github

1.1 KiB

Raw Blame History