K55248799: phpLDAPAdmin vulnerabilities CVE-2005-2654, CVE-2005-2792, CVE-2005-2793, CVE-2006-2016, and CVE-2009-4427

Security Advisory Description CVE-2005-2654 phpldapadmin before 0.9.6c allows remote attackers to gain anonymous access to the LDAP server, even when disableanonbind is set, via an HTTP request to login.php with the anonymousbind parameter set. CVE-2005-2792 Directory traversal vulnerability in...

FreeBSD Ports: phpldapadmin098

The remote host is missing an update to the system as announced in the referenced advisory. VID 6d78202e-e2f9-11da-8674-00123ffe8333 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

[SECURITY] [DSA 1057-1] New phpLDAPadmin packages fix cross-site scripting

-------------------------------------------------------------------------- Debian Security Advisory DSA 1057-1 [email protected] http://www.debian.org/security/ Martin Schulze May 15th, 2006 http://www.debian.org/security/faq -...

CVE-2006-2016

Multiple cross-site scripting XSS vulnerabilities in phpLDAPadmin 0.9.8 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 dn parameter in a compareform.php, b copyform.php, c renameform.php, d templateengine.php, and e deleteform.php; 2 scope parameter in f...

CVE-2006-2016

CVE-2006-2016 is tied to phpLDAPadmin and is confirmed by multiple sources as a set of cross-site scripting (XSS) vulnerabilities in versions up to 0.9.8 and earlier. The vulnerabilities allow remote attackers to inject arbitrary web script or HTML via specific user-controllable inputs: the dn pa...