Reports in owncloud program: S.No Title Bounty 1 Authentication Bypass with usage of PreSignedURL $2000.0 2 Possible to steal any protected files on Android $750.0 3 Federated share permissions can be increased by recipient $500.0 4 GitHub Security Lab (GHSL) Vulnerability Report: SQLInjection in FileContentProvider.kt (GHSL-2022-059) $300.0 5 HTML Injection in Owncloud $150.0 6 ownCloud 2.2.2.6192 DLL Hijacking Vulnerability $50.0 7 Theft of protected files on Android $50.0 8 GitHub Security Lab (GHSL) Vulnerability Report: Insufficient path validation in ReceiveExternalFilesActivity.java (GHSL-2022-060) $50.0 9 [forum.owncloud.org] IE, Edge XSS via Request-URI $0.0 10 Accessable Htaccess $0.0 11 [doc.owncloud.org] CRLF Injection $0.0 12 [api.owncloud.org] CRLF Injection $0.0 13 Arbitrary Code Injection in ownCloud’s Windows Client $0.0 14 SMB User Authentication Bypass and Persistence $0.0 15 Outdated Jenkins server hosted at OwnCloud.org $0.0 16 Stored xss $0.0 17 User Information Disclosure via REST API $0.0 18 bug reporting template encourages users to paste config file with passwords $0.0 19 password reset email spamming $0.0 20 HTML injection in Desktop Client $0.0 21 doc.owncloud.com: CVE-2015-5477 BIND9 TKEY Vulnerability + Exploit (Denial of Service) $0.0 22 This is not the security issue. $0.0 23 owncloud.com open redirect $0.0 24 Banner Grabbing - Apache Server Version Disclousure $0.0 25 Password Complexity Not Enforced On Password Change $0.0 26 Remote Code Execution through Deserialization Attack in OwnBackup app. $0.0 27 Remote Code Execution through "Files_antivirus" plugin $0.0 28 Protocol Smuggling over LDAP password field $0.0 29 File System Monitoring Queue Overflow $0.0 30 Remote Code Execution on ownCloud instances with ImageMagick installed $0.0 31 Cross-Site Request Forgery $0.0