phpLDAPadmin <= 1.2.3 - Reflected XSS

phpLDAPadmin = 1.2.3 contains a reflected cross-site scripting caused by unsanitized input in htdocs/entrychooser.php via the form, element, rdn, or container parameter, letting attackers execute malicious scripts in victim browsers, exploit requires sending crafted input. id: CVE-2017-11107 info...

CVE-2018-12689

phpLDAPadmin 1.2.2 allows LDAP injection via a crafted serverid parameter in a cmd.php?cmd=loginform request, or a crafted username and password in the login panel...

ROS-20251215-7308

Vulnerability in phpldapadmin related to failure to take measures to protect web page structure. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

EUVD-2005-2655

Malware in sbrugna...

EUVD-2011-4033

Malware in sbrugna...

EUVD-2016-10783

Malware in sbrugna...

EUVD-2020-22824

Malware in sbrugna...

EUVD-2017-2744

Malware in sbrugna...

EUVD-2005-2794

Malware in sbrugna...

EUVD-2018-4642

Malware in sbrugna...

EUVD-2024-50428

Malicious code in bioql PyPI...

EUVD-2024-50429

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2024-9101

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A reflected cross-site scripting XSS vulnerability in the 'Entry Chooser' of phpLDAPadmin version 1.2.1 through the latest version, 1.2.6.7 allows attackers to...

Linux Distros Unpatched Vulnerability : CVE-2024-9102

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - phpLDAPadmin since at least version 1.2.0 through the latest version 1.2.6.7 allows users to export elements from the LDAP directory into a Comma-Separated Valu...

Linux Distros Unpatched Vulnerability : CVE-2020-35132

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An XSS issue has been discovered in phpLDAPadmin before 1.2.6.2 that allows users to store malicious values that may be executed by other users at a later time...

Linux Distros Unpatched Vulnerability : CVE-2016-15039

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability classified as critical was found in mhuertos phpLDAPadmin up to 665dbc2690ebeb5392d38f1fece0a654225a0b38. Affected by this vulnerability is the...

CVE-2016-15039

A vulnerability classified as critical was found in mhuertos phpLDAPadmin up to 665dbc2690ebeb5392d38f1fece0a654225a0b38. Affected by this vulnerability is the function makeHttpRequest of the file htdocs/js/ajaxfunctions.js. The manipulation leads to http request smuggling. The attack can be...

CVE-2011-4082

A local file inclusion flaw was found in the way the phpLDAPadmin before 0.9.8 processed certain values of the "Accept-Language" HTTP header. A remote attacker could use this flaw to cause a denial of service via specially-crafted request...

CVE-2024-9102

phpLDAPadmin since at least version 1.2.0 through the latest version 1.2.6.7 allows users to export elements from the LDAP directory into a Comma-Separated Value CSV file, but it does not neutralize special elements that could be interpreted as a command when the file is opened by a spreadsheet...

CVE-2024-9101

A reflected cross-site scripting XSS vulnerability in the 'Entry Chooser' of phpLDAPadmin version 1.2.1 through the latest version, 1.2.6.7 allows attackers to execute arbitrary JavaScript in the user's browser via the 'element' parameter, which is unsafely passed to the JavaScript 'eval' functio...