Lucene search
K

6 matches found

NVD
NVD
added 2024/12/19 2:15 p.m.12 views

CVE-2024-9101

A reflected cross-site scripting XSS vulnerability in the 'Entry Chooser' of phpLDAPadmin version 1.2.1 through the latest version, 1.2.6.7 allows attackers to execute arbitrary JavaScript in the user's browser via the 'element' parameter, which is unsafely passed to the JavaScript 'eval' functio...

2.1CVSS0.00466EPSS
Exploits0References4
OSV
OSV
added 2024/12/19 1:41 p.m.8 views

CVE-2024-9101 phpLDAPadmin: Reflected Cross-Site Scripting in entry_chooser.php

A reflected cross-site scripting XSS vulnerability in the 'Entry Chooser' of phpLDAPadmin version 1.2.1 through the latest version, 1.2.6.7 allows attackers to execute arbitrary JavaScript in the user's browser via the 'element' parameter, which is unsafely passed to the JavaScript 'eval' functio...

2.1CVSS6.4AI score0.00466EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2024/12/19 1:41 p.m.9 views

CVE-2024-9101 phpLDAPadmin: Reflected Cross-Site Scripting in entry_chooser.php

A reflected cross-site scripting XSS vulnerability in the 'Entry Chooser' of phpLDAPadmin version 1.2.1 through the latest version, 1.2.6.7 allows attackers to execute arbitrary JavaScript in the user's browser via the 'element' parameter, which is unsafely passed to the JavaScript 'eval' functio...

2.1CVSS6AI score0.00466EPSS
Exploits0References4
CVE
CVE
added 2024/12/19 1:41 p.m.58 views

CVE-2024-9101

Summary of CVE-2024-9101 : A reflected XSS in phpLDAPadmin’s “Entry Chooser” affects versions 1.2.1 through 1.2.6.7. The vulnerability arises from unsafely passing the user-controlled parameter “element” into JavaScript eval, with exploitation limited to conditions where the window opener is corr...

2.1CVSS5.8AI score0.00466EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/12/19 1:41 p.m.30 views

CVE-2024-9101 phpLDAPadmin: Reflected Cross-Site Scripting in entry_chooser.php

A reflected cross-site scripting XSS vulnerability in the 'Entry Chooser' of phpLDAPadmin version 1.2.1 through the latest version, 1.2.6.7 allows attackers to execute arbitrary JavaScript in the user's browser via the 'element' parameter, which is unsafely passed to the JavaScript 'eval' functio...

2.1CVSS0.00466EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2024/12/19 1:41 p.m.8 views

CVE-2024-9101

A reflected cross-site scripting XSS vulnerability in the 'Entry Chooser' of phpLDAPadmin version 1.2.1 through the latest version, 1.2.6.7 allows attackers to execute arbitrary JavaScript in the user's browser via the 'element' parameter, which is unsafely passed to the JavaScript 'eval' functio...

2.1CVSS5.4AI score0.00466EPSS
Exploits0
Rows per page
Query Builder