27 matches found
WordPress authLdap Plugin <= 2.5.8 is vulnerable to Cross Site Request Forgery (CSRF)
Software authLdap Type Plugin Vulnerable versions = 2.5.8 Fixed in 2.5.9 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-41654 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID efe4321d7644 Credits Rio Darmawan Required...
WordPress authLdap Plugin <= 2.6.0 is vulnerable to Cross Site Scripting (XSS)
Software authLdap Type Plugin Vulnerable versions = 2.6.0 Fixed in 2.6.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-41655 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 1c9c6ce8a2a5 Credits Rio Darmawan Required privileg...
SLES9: Security update for authldap
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: authldap For more information, please visit the referenced security advisories. More details may also be found by searching for keyword 5018991 within the Su...
SLES9: Security update for authldap
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: authldap For more information, please visit the referenced security advisories. More details may also be found by searching for keyword 5018991 within the Su...
DBMail unauthorized access
It's possible to access any account without password if authldap is used...
GLSA-200804-24 : DBmail: Data disclosure
The remote host is affected by the vulnerability described in GLSA-200804-24 DBmail: Data disclosure A vulnerability in DBMail's authldap module when used in conjunction with an Active Directory server has been reported by vugluskr. When passing a zero length password to the module, it tries to...
DBmail: Data disclosure
Background DBMail is a mail storage and retrieval daemon that uses SQL databases as its data store. IMAP and POP3 can be used to retrieve mails from the database. Description A vulnerability in DBMail's authldap module when used in conjunction with an Active Directory server has been reported by...