CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

69 matches found

OSV•added 2012/02/11 2:55 a.m.•0 views

UBUNTU-CVE-2012-0834

Cross-site scripting XSS vulnerability in lib/QueryRender.php in phpLDAPadmin 1.2.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the base parameter in a queryengine action to cmd.php...

4.3CVSS5.9AI score0.06035EPSS

Exploits1References3

Prion•added 2012/02/11 2:55 a.m.•11 views

Cross site scripting

4.3CVSS6AI score0.06035EPSS

Exploits1References6Affected Software1

UbuntuCve•added 2012/02/11 2:55 a.m.•20 views

CVE-2012-0834

4.3CVSS5.9AI score0.06035EPSS

Exploits1References2

Debian CVE•added 2012/02/11 2:0 a.m.•22 views

CVE-2012-0834

4.3CVSS5.5AI score0.06035EPSS

Exploits1

OpenVAS•added 2011/11/03 12:0 a.m.•27 views

Mandriva Update for phpldapadmin MDVSA-2011:163 (phpldapadmin)

Check for the Version of phpldapadmin OpenVAS Vulnerability Test Mandriva Update for phpldapadmin MDVSA-2011:163 phpldapadmin Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

7.5CVSS0.5AI score0.84398EPSS

Exploits4References2

OpenVAS•added 2011/11/03 12:0 a.m.•26 views

phpLDAPadmin '_debug' Cross Site Scripting Vulnerability

This host is running phpLDAPadmin and is prone to cross site scripting vulnerability. OpenVAS Vulnerability Test $Id: gbphpldapadmindebugxssvuln.nasl 5793 2017-03-30 13:40:15Z cfi $ phpLDAPadmin 'debug' Cross Site Scripting Vulnerability Authors: Sooraj KS Copyright: Copyright c 2011 Greenbone...

4.3CVSS5.8AI score0.11833EPSS

Exploits1References4

OSV•added 2011/11/02 5:55 p.m.•2 views

DEBIAN-CVE-2011-4074

Cross-site scripting XSS vulnerability in cmd.php in phpLDAPadmin 1.2.x before 1.2.2 allows remote attackers to inject arbitrary web script or HTML via an debug command...

4.3CVSS5.7AI score0.11833EPSS

Exploits1References1

Prion•added 2011/11/02 5:55 p.m.•17 views

Cross site scripting

Cross-site scripting XSS vulnerability in cmd.php in phpLDAPadmin 1.2.x before 1.2.2 allows remote attackers to inject arbitrary web script or HTML via an debug command...

4.3CVSS6AI score0.11833EPSS

Exploits1References9Affected Software1

Positive Technologies•added 2011/11/02 12:0 a.m.•2 views

PT-2011-4839 · Phpldapadmin · Phpldapadmin

Name of the Vulnerable Software and Affected Versions: phpLDAPadmin versions 1.2.x before 1.2.2 Description: The issue allows remote attackers to execute arbitrary PHP code via the orderby parameter also known as the sortby variable in a query engine action to "cmd.php". This has been exploited i...

7.5CVSS7.3AI score0.84398EPSS

Exploits3References19

OSV•added 2011/10/31 12:0 a.m.•31 views

DSA-2333-1 phpldapadmin - several issues

Bulletin has no description...

7.5CVSS6AI score0.84398EPSS

Exploits4

seebug.org•added 2011/10/27 12:0 a.m.•439 views

phpLDAPadmin functions.php 远程PHP代码注入漏洞

BUGTRAQ ID: 50331 phpLDAPadmin是基于web的LDAP客户端，允许方便的管理LDAP服务器。 phpLDAPadmin在实现上存在远程PHP代码注入漏洞，攻击者可利用此漏洞在受影响应用程序中注入和执行PHP代码，控制系统。 1）cmd.php中的URL后附加的输入在返回给用户之前没有正确过滤，可被利用在受影响站点用户浏览器中执行任意HTML和脚本代码。 2）cmd.php中的"orderby"参数中传递的输入在用于"createfunction"函数调用之前，没有在lib/functions.php中正确过滤。可被利用注入和执行任意PHP代码。...

6.9AI score

Exploits0

exploitpack•added 2010/02/18 12:0 a.m.•10 views

New-CMS 1.08 - Multiple Local File Inclusion HTML Injection Vulnerabilities

New-CMS 1.08 - Multiple Local File Inclusion HTML Injection Vulnerabilities source: https://www.securityfocus.com/bid/38307/info New-CMS is prone to multiple local file-include vulnerabilities and an HTML-Injection vulnerability because it fails to properly sanitize user-supplied input. An attack...

0.3AI score

Exploits0

Tenable Nessus•added 2009/12/23 12:0 a.m.•44 views

phpLDAPadmin cmd.php cmd Parameter Local File Inclusion

The version of phpLDAPadmin installed on the remote host fails to sanitize user-supplied input to the 'cmd' parameter when passed to the 'cmd.php' script before using it to include PHP code. Regardless of PHP's 'registerglobals' and 'magicquotesgpc' settings, an unauthenticated attacker may be ab...

7.5CVSS6AI score0.18921EPSS

Exploits1References1

exploitpack•added 2009/12/10 12:0 a.m.•14 views

phpLDAPadmin - Local File Inclusion

phpLDAPadmin - Local File Inclusion PHPLDAPADMIN LOCAL FILE INCLUSION author : ipsecs website : http://ipsecs.com Date : December, 10th, 2009 -i- Description "Phpldapadmin is web based LDAP client which provides easy, anywhere-accessible, multi-language administration for LDAP server."...

Exploits0

0day.today•added 2009/12/10 12:0 a.m.•18 views

phpldapadmin Local File Inclusion

Exploit for unknown platform in category web applications ================================= phpldapadmin Local File Inclusion ================================= PHPLDAPADMIN LOCAL FILE INCLUSION author : ipsecs website : http://ipsecs.com Date : December, 10th, 2009 -i- Description "Phpldapadmin i...

7.1AI score

Exploits0

seebug.org•added 2009/03/31 12:0 a.m.•25 views

BandSite CMS 1.1.4 (members.php memid) SQL Injection Vulnerability

No description provided by source. + BandSite CMS 1.1.4 SQL/Upload Shell Multiple Remote Vulnerabilites + Discovered By SirGod + www.mortal-team.org + www.h4cky0u.org + Remote SQL Injection - The script is full of SQLI bugs.This is one of them. - Vulnerable code in...

7.1AI score

Exploits0

Packet Storm•added 2009/03/30 12:0 a.m.•11 views

BandSite CMS 1.1.4 SQL Injection

BandSite CMS 1.1.4 SQL/Upload Shell Multiple Remote Vulnerabilites + Discovered By SirGod + www.mortal-team.org + www.h4cky0u.org + Remote SQL Injection - The script is full of SQLI bugs.This is one of them. - Vulnerable code in includes\content\membercontent.php...

0.3AI score

Exploits0

exploitpack•added 2009/03/30 12:0 a.m.•13 views

BandSite CMS 1.1.4 - members.php SQL Injection

BandSite CMS 1.1.4 - members.php SQL Injection + BandSite CMS 1.1.4 SQL/Upload Shell Multiple Remote Vulnerabilites + Discovered By SirGod + www.mortal-team.org + www.h4cky0u.org + Remote SQL Injection - The script is full of SQLI bugs.This is one of them. - Vulnerable code in...

0.3AI score

Exploits0

0day.today•added 2009/03/30 12:0 a.m.•22 views

BandSite CMS 1.1.4 (members.php memid) SQL Injection Vulnerability

Exploit for unknown platform in category web applications ================================================================== BandSite CMS 1.1.4 members.php memid SQL Injection Vulnerability ================================================================== + Remote SQL Injection - The script is...

7.1AI score

Exploits0

UbuntuCve•added 2008/01/09 12:46 a.m.•15 views

CVE-2008-0148

TUTOS 1.3 does not restrict access to php/admin/cmd.php, which allows remote attackers to execute arbitrary shell commands via the cmd parameter in a direct request...

10CVSS6.1AI score0.05981EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by