Nextcloud - Extract CVE - CVE Search - CVE Details

Filtered by vendor Nextcloud Subscribe

Filtered by product Extract

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2019-12739	1 Nextcloud	1 Extract	2019-06-06	6.5 MEDIUM	8.8 HIGH
lib/Controller/ExtractionController.php in the Extract add-on before 1.2.0 for Nextcloud allows Remote Code Execution via shell metacharacters in a RAR filename via ajax/extractRar.php (nameOfFile and directory parameters).

Vulnerabilities (CVE)