CVE-2013-1851 Information

Description

Incomplete blacklist vulnerability in lib/migrate.php in ownCloud before 4.0.13 and 4.5.x before 4.5.8 when the user_migrate application is enabled allows remote authenticated users to import arbitrary files to the user’s account via unspecified vectors.

Reference

http://owncloud.org/about/security/advisories/oC-SA-2013-010/