Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 8:42 a.m.10 views

CVE-2022-31087

LDAP Account Manager LAM is a webfrontend for managing entries e.g. users, groups, DHCP settings stored in an LDAP directory. In versions prior to 8.0 the tmp directory, which is accessible by /lam/tmp/, allows interpretation of .php and .php5/.php4/.phpt/etc files. An attacker capable of writing...

7.8CVSS7AI score0.00435EPSS
Exploits0References1
NVD
NVD
added 2022/06/27 9:15 p.m.24 views

CVE-2022-31087

LDAP Account Manager LAM is a webfrontend for managing entries e.g. users, groups, DHCP settings stored in an LDAP directory. In versions prior to 8.0 the tmp directory, which is accessible by /lam/tmp/, allows interpretation of .php and .php5/.php4/.phpt/etc files. An attacker capable of writing...

7.8CVSS0.00435EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2022/06/27 8:50 p.m.7 views

CVE-2022-31087 Incorrect Default Permissions in ldap-account-manager

LDAP Account Manager LAM is a webfrontend for managing entries e.g. users, groups, DHCP settings stored in an LDAP directory. In versions prior to 8.0 the tmp directory, which is accessible by /lam/tmp/, allows interpretation of .php and .php5/.php4/.phpt/etc files. An attacker capable of writing...

7.8CVSS7.9AI score0.00435EPSS
Exploits0References3
CVE
CVE
added 2022/06/27 8:50 p.m.101 views

CVE-2022-31087

CVE-2022-31087 affects LDAP Account Manager (LAM). The underlying issue is that in versions prior to 8.0 the tmp directory under /lam/tmp/ is capable of interpreting PHP files, enabling a writer with www-data privileges to place a web shell and achieve code execution on the host. The accepted rem...

7.8CVSS7.9AI score0.00435EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2022/06/27 8:50 p.m.20 views

CVE-2022-31087 Incorrect Default Permissions in ldap-account-manager

LDAP Account Manager LAM is a webfrontend for managing entries e.g. users, groups, DHCP settings stored in an LDAP directory. In versions prior to 8.0 the tmp directory, which is accessible by /lam/tmp/, allows interpretation of .php and .php5/.php4/.phpt/etc files. An attacker capable of writing...

7.8CVSS7.9AI score0.00435EPSS
Exploits0References5
Rows per page
Query Builder