VYPR
High severity8.5NVD Advisory· Published Jan 8, 2016· Updated Jun 17, 2026

CVE-2016-1499

CVE-2016-1499

Description

ownCloud Server before 8.0.10, 8.1.x before 8.1.5, and 8.2.x before 8.2.2 allow remote authenticated users to obtain sensitive information from a directory listing and possibly cause a denial of service (CPU consumption) via the force parameter to index.php/apps/files/ajax/scan.php.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

8
  • OwnCloud/Owncloud3 versions
    cpe:2.3:a:owncloud:owncloud:*:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:owncloud:owncloud:*:*:*:*:*:*:*:*range: <=8.0.9
    • cpe:2.3:a:owncloud:owncloud:8.2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:owncloud:owncloud:8.2.1:*:*:*:*:*:*:*
  • OwnCloud/Server5 versions
    cpe:2.3:a:owncloud:owncloud_server:8.1.0:*:*:*:*:*:*:*+ 4 more
    • cpe:2.3:a:owncloud:owncloud_server:8.1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:owncloud:owncloud_server:8.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:owncloud:owncloud_server:8.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:owncloud:owncloud_server:8.1.4:*:*:*:*:*:*:*
    • (no CPE)range: <8.0.10, >=8.1.0 <8.1.5, >=8.2.0 <8.2.2

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.