Lucene search
K

27 matches found

Patchstack
Patchstack
added 2023/09/01 12:0 a.m.11 views

WordPress authLdap Plugin <= 2.5.8 is vulnerable to Cross Site Request Forgery (CSRF)

Software authLdap Type Plugin Vulnerable versions = 2.5.8 Fixed in 2.5.9 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-41654 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID efe4321d7644 Credits Rio Darmawan Required...

8.8CVSS6.6AI score0.00204EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/09/01 12:0 a.m.10 views

WordPress authLdap Plugin <= 2.6.0 is vulnerable to Cross Site Scripting (XSS)

Software authLdap Type Plugin Vulnerable versions = 2.6.0 Fixed in 2.6.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-41655 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 1c9c6ce8a2a5 Credits Rio Darmawan Required privileg...

5.9CVSS5.7AI score0.00316EPSS
Exploits0References2Affected Software1
OpenVAS
OpenVAS
added 2009/10/10 12:0 a.m.16 views

SLES9: Security update for authldap

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: authldap For more information, please visit the referenced security advisories. More details may also be found by searching for keyword 5018991 within the Su...

7.5CVSS6.5AI score0.05434EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2009/10/10 12:0 a.m.15 views

SLES9: Security update for authldap

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: authldap For more information, please visit the referenced security advisories. More details may also be found by searching for keyword 5018991 within the Su...

7.5CVSS0.3AI score0.05434EPSS
Exploits0
securityvulns
securityvulns
added 2008/04/22 12:0 a.m.48 views

DBMail unauthorized access

It's possible to access any account without password if authldap is used...

6.8CVSS2.8AI score0.02389EPSS
Exploits1References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2008/04/22 12:0 a.m.14 views

GLSA-200804-24 : DBmail: Data disclosure

The remote host is affected by the vulnerability described in GLSA-200804-24 DBmail: Data disclosure A vulnerability in DBMail's authldap module when used in conjunction with an Active Directory server has been reported by vugluskr. When passing a zero length password to the module, it tries to...

6.8CVSS5.5AI score0.02389EPSS
Exploits1References2
Gentoo Linux
Gentoo Linux
added 2008/04/18 12:0 a.m.18 views

DBmail: Data disclosure

Background DBMail is a mail storage and retrieval daemon that uses SQL databases as its data store. IMAP and POP3 can be used to retrieve mails from the database. Description A vulnerability in DBMail's authldap module when used in conjunction with an Active Directory server has been reported by...

6.8CVSS6.9AI score0.02389EPSS
Exploits1
Rows per page
Query Builder