ownCloud vulnerability with maximum 10 severity score comes under “mass” exploitation | Ars Technica
“The vulnerability, which carries the maximum severity rating of 10, makes it possible to obtain passwords and cryptographic keys allowing administrative control of a vulnerable server by sending a simple Web request to a static URL”
Thanks, OP. Now if only I could figure out how to change the SQLite database password in ownCloud 10.10 (it’s not stored in config.php, but there is a “passwordsalt” configured there).