Directory Traversal Vulnerability in ownCloud Server Allows Remote Users to List Directory Contents and Cause Denial of Service

Directory Traversal Vulnerability in ownCloud Server Allows Remote Users to List Directory Contents and Cause Denial of Service

CVE-2015-6500 · HIGH Severity

AV:N/AC:L/AU:S/C:P/I:N/A:C

Directory traversal vulnerability in ownCloud Server before 8.0.6 and 8.1.x before 8.1.1 allows remote authenticated users to list directory contents and possibly cause a denial of service (CPU consumption) via a .. (dot dot) in the dir parameter to index.php/apps/files/ajax/scan.php.

Learn more about our Cis Benchmark Audit For Server Software.