62 matches found
SurgeLDAP 1.0 d - User.cgi Cross-Site Scripting
SurgeLDAP 1.0 d - User.cgi Cross-Site Scripting source: https://www.securityfocus.com/bid/8407/info SurgeLDAP is prone to cross-site scripting attacks. Remote attackers may exploit this issue by enticing a user to visiting a malicious link that includes hostile HTML and script code. This code may...
SurgeLDAP 1.0 d - Full Path Disclosure
SurgeLDAP 1.0 d - Full Path Disclosure source: https://www.securityfocus.com/bid/8406/info SurgeLDAP is prone to a path disclosure vulnerability. It is possible to gain access to sensitive path information by issuing an HTTP GET request for an invalid resource. This issue exists in the web server...