EUVD-2007-4078

Malware in sbrugna...

Design/Logic Flaw

phpLDAPadmin 1.2.2 allows LDAP injection via a crafted serverid parameter in a cmd.php?cmd=loginform request, or a crafted username and password in the login panel...

CVE-2018-12689

phpLDAPadmin 1.2.2 allows LDAP injection via a crafted serverid parameter in a cmd.php?cmd=loginform request, or a crafted username and password in the login panel...

CVE-2018-12689

CVE-2018-12689 affects phpLDAPadmin 1.2.2. The vulnerability allows LDAP injection via a crafted server_id parameter in a cmd.php?cmd=login_form request, or a crafted username and password in the login panel. In the CVSS context, the issue has high/critical impact on confidentiality, integrity, a...

Cross site scripting

XSS exists in the loginform function in views/helpers.php in Phamm before 0.6.7, exploitable via the PATHINFO to main.php...

CVE-2017-0378

CVE-2017-0378 affects Phamm prior to 0.6.7. The vulnerability is a cross-site scripting issue in the login_form function within views/helpers.php, exploitable via PATH_INFO to main.php. Root cause: insufficient input validation leading to script/HTML injection. Affected product/version: Phamm

CVE-2017-0378

Removed by vendor...

Remote file inclusion

PHP remote file inclusion vulnerability in library/authorize.php in IDevSpot PhpHostBot allows remote attackers to execute arbitrary PHP code via a URL in the loginform parameter, a different vector than CVE-2006-3776...