Linux Distros Unpatched Vulnerability : CVE-2018-12689

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - phpLDAPadmin 1.2.2 allows LDAP injection via a crafted serverid parameter in a cmd.php?cmd=loginform request, or a crafted username and password in the login...

DEBIAN-CVE-2024-9102

phpLDAPadmin since at least version 1.2.0 through the latest version 1.2.6.7 allows users to export elements from the LDAP directory into a Comma-Separated Value CSV file, but it does not neutralize special elements that could be interpreted as a command when the file is opened by a spreadsheet...

phpLDAPadmin Environmental Issues Vulnerabilities

PhpLdapAdmin is a web-based LDAP client from the individual developer of PhpLdapAdmin, which is primarily used to manage LDAP servers. An environmental issue vulnerability exists in phpLDAPadmin, which stems from an http request smuggling vulnerability in the makeHttpRequest function in...

CentOS 8 : php:8.0 (CESA-2022:7624)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2022:7624 advisory. - php: Use after free due to phpfilterfloat failing for ints CVE-2021-21708 - php: Uninitialized array in pgqueryparams leading to RCE CVE-2022-31625...

USN-4620-1 phpldapadmin vulnerability

It was discovered that phpLDAPadmin didn't properly sanitize before being echoed to the user. A remote attacker could inject arbitrary HTML/Javascript code in a user's context and cause a crash, resulting in denial of service or potential execution of arbitrary code...

Huawei EulerOS: Security Advisory for php (EulerOS-SA-2018-1224)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DEBIAN-CVE-2011-4082

A local file inclusion flaw was found in the way the phpLDAPadmin before 0.9.8 processed certain values of the "Accept-Language" HTTP header. A remote attacker could use this flaw to cause a denial of service via specially-crafted request...

Critical: php

Issue Overview: The asn1timetotimet function in ext/openssl/openssl.c in PHP before 5.3.28, 5.4.x before 5.4.23, and 5.5.x before 5.5.7 does not properly parse 1 notBefore and 2 notAfter timestamps in X.509 certificates, which allows remote attackers to execute arbitrary code or cause a denial of...

Fedora 19 : zabbix-2.0.8-3.fc19 (2013-18351)

New upstream version 2.0.8 - Patch for CVE-2013-5743 SQL injection vulnerability, ZBX-7091 - Patch for ZBX-6922 Failing host XML import - SQL speed-up patch for graphs ZBX-6804 - Require php-ldap and ZBX-6992 Service SQL - Create and configure a spooling directory for fping files outside of /tmp...

Fedora 18 : zabbix-2.0.8-3.fc18 (2013-18348)

New upstream version 2.0.8 - Patch for CVE-2013-5743 SQL injection vulnerability, ZBX-7091 - Patch for ZBX-6922 Failing host XML import - SQL speed-up patch for graphs ZBX-6804 - Require php-ldap and ZBX-6992 Service SQL - Create and configure a spooling directory for fping files outside of /tmp...

Fedora 20 : zabbix-2.0.8-3.fc20 (2013-18314)

New upstream version 2.0.8 - Patch for CVE-2013-5743 SQL injection vulnerability, ZBX-7091 - Patch for ZBX-6922 Failing host XML import - SQL speed-up patch for graphs ZBX-6804 - Require php-ldap and ZBX-6992 Service SQL - Create and configure a spooling directory for fping files outside of /tmp...

Oracle Linux 5 : php (ELSA-2009-0338)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2009-0338 advisory. - ext/gd: fix overflow2 usage for CVE-2007-3996, CVE-2008-3658 Tenable has extracted the preceding description block directly from the Oracle Linux...

PT-2011-4838 · Php · Phpldapadmin

Name of the Vulnerable Software and Affected Versions: phpLDAPadmin versions 1.2.x through 1.2.1 Description: The issue is related to a cross-site scripting XSS vulnerability. This vulnerability allows remote attackers to inject arbitrary web script or HTML via an debug command in the cmd.php fil...

php security update

CentOS Errata and Security Advisory CESA-2007:0076 Updated PHP packages that fix several security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having important security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting...

php security update

CentOS Errata and Security Advisory CESA-2006:0669 Updated PHP packages that fix multiple security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting...

DEBIAN-CVE-2005-2792

Directory traversal vulnerability in welcome.php in phpLDAPadmin 0.9.6 and 0.9.7 allows remote attackers to read arbitrary files via a .. dot dot in the customwelcomepage parameter...