Lucene search

[email protected]NVD:CVE-2012-0834

HistoryFeb 11, 2012 - 2:55 a.m.

CVE-2012-0834

2012-02-1102:55:01

CWE-79

[email protected]

web.nvd.nist.gov

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.5 Medium

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

75.5%

JSON

Cross-site scripting (XSS) vulnerability in lib/QueryRender.php in phpLDAPadmin 1.2.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the base parameter in a query_engine action to cmd.php.

Affected configurations

NVD

Node

phpldapadmin_projectphpldapadminRange≤1.2.2

References

openwall.com/lists/oss-security/2012/02/02/9

openwall.com/lists/oss-security/2012/02/03/3

phpldapadmin.git.sourceforge.net/git/gitweb.cgi?p=phpldapadmin/phpldapadmin%3Ba=commit%3Bh=7dc8d57d6952fe681cb9e8818df7f103220457bd

secunia.com/advisories/47852

www.mandriva.com/security/advisories?name=MDVSA-2012:020

sourceforge.net/tracker/index.php?func=detail&aid=3477910&group_id=61828&atid=498546

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.5 Medium

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

75.5%

JSON

Related for NVD:CVE-2012-0834

nessus6 openvas13 prion1 debiancve1 fedora3 cve1 ubuntucve1 cvelist1