Cross site scripting

Cross-site scripting XSS vulnerability in cmd.php in phpLDAPadmin 1.2.x before 1.2.2 allows remote attackers to inject arbitrary web script or HTML via an debug command...

CVE-2011-4074

Cross-site scripting XSS vulnerability in cmd.php in phpLDAPadmin 1.2.x before 1.2.2 allows remote attackers to inject arbitrary web script or HTML via an debug command...

CVE-2011-4075

The masort function in lib/functions.php in phpLDAPadmin 1.2.x before 1.2.2 allows remote attackers to execute arbitrary PHP code via the orderby parameter aka sortby variable in a queryengine action to cmd.php, as exploited in the wild in October 2011...

CVE-2011-4074

Cross-site scripting XSS vulnerability in cmd.php in phpLDAPadmin 1.2.x before 1.2.2 allows remote attackers to inject arbitrary web script or HTML via an debug command...

CVE-2011-4075

CVE-2011-4075 affects phpLDAPadmin 1.2.x prior to 1.2.2, where the orderby parameter sent to query_engine via cmd.php allowed remote PHP code execution due to unsanitized input in the PHP create_function() call. The vulnerability enables unauthenticated remote code execution on the web server run...

CVE-2011-4074

CVE-2011-4074 affects phpldapadmin 1.2.x up to 1.2.1.1, with an XSS in cmd.php via _debug . The root cause is improper handling of the _debug parameter, allowing injection of arbitrary script/HTML. Fedora/OpenVAS advisories confirm a fix in updates (upgrade to the latest upstream development code...

CVE-2011-4075

The masort function in lib/functions.php in phpLDAPadmin 1.2.x before 1.2.2 allows remote attackers to execute arbitrary PHP code via the orderby parameter aka sortby variable in a queryengine action to cmd.php, as exploited in the wild in October 2011...

PT-2011-4839 · Phpldapadmin · Phpldapadmin

Name of the Vulnerable Software and Affected Versions: phpLDAPadmin versions 1.2.x before 1.2.2 Description: The issue allows remote attackers to execute arbitrary PHP code via the orderby parameter also known as the sortby variable in a query engine action to "cmd.php". This has been exploited i...

DSA-2333-1 phpldapadmin - several issues

Bulletin has no description...

Debian DSA-2333-1 : phpldapadmin - several vulnerabilities

Two vulnerabilities have been discovered in phpLDAPadmin, a web-based interface for administering LDAP servers. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2011-4074 Input appended to the URL in cmd.php when 'cmd' is set to 'debug' is not properly...

[SECURITY] [DSA 2333-1] phpldapadmin security update

-------------------------------------------------------------------------- Debian Security Advisory DSA-2333-1 [email protected] http://www.debian.org/security/ Jonathan Wiltshire Oct 31th, 2011 http://www.debian.org/security/faq -...

phpLDAPadmin functions.php 远程PHP代码注入漏洞

BUGTRAQ ID: 50331 phpLDAPadmin是基于web的LDAP客户端，允许方便的管理LDAP服务器。 phpLDAPadmin在实现上存在远程PHP代码注入漏洞，攻击者可利用此漏洞在受影响应用程序中注入和执行PHP代码，控制系统。 1）cmd.php中的URL后附加的输入在返回给用户之前没有正确过滤，可被利用在受影响站点用户浏览器中执行任意HTML和脚本代码。 2）cmd.php中的"orderby"参数中传递的输入在用于"createfunction"函数调用之前，没有在lib/functions.php中正确过滤。可被利用注入和执行任意PHP代码。...

phpLDAPadmin 'functions.php' Remote PHP Code Injection Vulnerability

phpLDAPadmin is prone to a remote PHP code-injection vulnerability. An attacker can exploit this issue to inject and execute arbitrary PHP code in the context of the affected application. This may facilitate a compromise of the application and the underlying system; other attacks are also possibl...

phpLDAPadmin 'functions.php' Remote PHP Code Injection Vulnerability - Active Check

phpLDAPadmin is prone to a remote PHP code-injection vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

phpLDAPadmin query_engine Remote PHP Code Injection

This module exploits a vulnerability in the lib/functions.php for phpLDAPadmin versions 1.2.1.1 and earlier that allows attackers input parsed directly to the createfunction php function. A patch was issued that uses a whitelist regex expression to check the user supplied input before being parse...

phpLDAPadmin <= 1.2.1.1 (query_engine) Remote PHP Code Injection

Exploit for php platform in category web applications $Id: phpldapadminqueryengine.rb 14060 2011-10-25 05:25:39Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more informati...

FreeBSD : phpLDAPadmin -- Remote PHP code injection vulnerability (edf47177-fe3f-11e0-a207-0014a5e3cda6)

EgiX n0b0d13s at gmail dot com reports : The $sortby parameter passed to 'masort' function in file lib/functions.php isn't properly sanitized before being used in a call to createfunction at line 1080. This can be exploited to inject and execute arbitrary PHP code. The only possible attack vector...

phpLDAPadmin 0.9.4b - Denial of Service

phpLDAPadmin 0.9.4b - Denial of Service / Exploit Title: phpLDAPadmin 0.9.4b DoS Google Dork: "phpLDAPadmin - 0.9.4b" Date: 2011-10-23 Author: Alguien Software Link: http://sourceforge.net/projects/phpldapadmin/files/phpldapadmin/0.9.4b/ Version: 0.9.4b Tested on: Red Hat CVE : - Compilation:...

phpLDAPadmin 1.2.1.1 - Remote PHP Code Injection (1)

phpLDAPadmin 1.2.1.1 - Remote PHP Code Injection 1 ?php / ------------------------------------------------------------------------ phpLDAPadmin = 1.2.1.1 queryengine Remote PHP Code Injection Exploit ------------------------------------------------------------------------ author...............:...

phpLDAPadmin 1.2.1.1 Remote PHP Code Injection

$key \n"; 1018. $code .= " asort$a-$key;\n"; 1019. $code .= " $aa = arrayshift$a-$key;\n";...