336 matches found
CVE-2009-4427
Directory traversal vulnerability in cmd.php in phpLDAPadmin 1.1.0.5 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the cmd parameter...
CVE-2009-4427
Directory traversal vulnerability in cmd.php in phpLDAPadmin 1.1.0.5 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the cmd parameter...
Fedora 11 : phpldapadmin-1.2.0.4-1.fc11 (2009-13598)
Upgrade to 1.2.0.4 A vulnerability has been discovered on phpLDAPadmin version 1.1.x, which can be exploited by malicious people to disclose sensitive information. See http://secunia.com/advisories/37848/ This update upgrades phpldapadmin to the latest version 1.2.0.4, which is not affected. Note...
[SECURITY] Fedora 11 Update: phpldapadmin-1.2.0.4-1.fc11
PhpLDAPadmin is a web-based LDAP client. It provides easy, anywhere-accessible, multi-language administration for your LDAP server. Its hierarchical tree-viewer and advanced search functionality make it intuitive to browse and administer your LDAP director y. Since it is a web application, this...
phpLDAPadmin cmd参数本地文件包含漏洞
BUGTRAQ ID: 37327 phpLDAPadmin是基于web的LDAP客户端,允许方便的管理LDAP服务器。 phpLDAPadmin的cmd.php页面用户通过URI所提交的参数: line 10 $www'cmd' = getrequest'cmd','REQUEST'; line 22-27 if defined'HOOKSDIR' && fileexistsHOOKSDIR.$www'cmd'.'.php' $file = HOOKSDIR.$www'cmd'.'.php'; elseif defined'HTDOCDIR' &&...
phpLDAPadmin Detection
The remote host is running phpLDAPadmin, an open source web-based LDAP client written in PHP. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid43401; scriptversion"1.10"; scriptsetattributeattribute:"pluginmodificationdate", value:"2022/06/01";...
phpLDAPadmin cmd.php cmd Parameter Local File Inclusion
The version of phpLDAPadmin installed on the remote host fails to sanitize user-supplied input to the 'cmd' parameter when passed to the 'cmd.php' script before using it to include PHP code. Regardless of PHP's 'registerglobals' and 'magicquotesgpc' settings, an unauthenticated attacker may be ab...
phpldapadmin 'cmd.php' Local File Include Vulnerability
phpldapadmin is prone to a local file-include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible. phpldapadmin 1.1.0.5 is vulnerable; other...
phpLDAPadmin 1.1.0.5 'cmd.php' LFI Vulnerability - Active Check
phpLDAPadmin is prone to a local file include LFI vulnerability because it fails to sufficiently sanitize user-supplied data. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
phpLDAPadmin Detection (HTTP)
HTTP based detection of phpLDAPadmin. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description scriptoid"1.3.6.1.4.1.25623.1.0.100395";...
phpLDAPadmin - Local File Inclusion
PHPLDAPADMIN LOCAL FILE INCLUSION author : ipsecs website : http://ipsecs.com Date : December, 10th, 2009 -i- Description "Phpldapadmin is web based LDAP client which provides easy, anywhere-accessible, multi-language administration for LDAP server." http://phpldapadmin.sourceforge.net vulnerable...
phpldapadmin Local File Inclusion
No description provided by source. PHPLDAPADMIN LOCAL FILE INCLUSION author : ipsecs website : http://ipsecs.com Date : December, 10th, 2009 -i- Description "Phpldapadmin is web based LDAP client which provides easy, anywhere-accessible, multi-language administration for LDAP server."...
phpLDAPadmin - Local File Inclusion
phpLDAPadmin - Local File Inclusion PHPLDAPADMIN LOCAL FILE INCLUSION author : ipsecs website : http://ipsecs.com Date : December, 10th, 2009 -i- Description "Phpldapadmin is web based LDAP client which provides easy, anywhere-accessible, multi-language administration for LDAP server."...
phpldapadmin Local File Inclusion
Exploit for unknown platform in category web applications ================================= phpldapadmin Local File Inclusion ================================= PHPLDAPADMIN LOCAL FILE INCLUSION author : ipsecs website : http://ipsecs.com Date : December, 10th, 2009 -i- Description "Phpldapadmin i...
Gentoo Security Advisory GLSA 200509-04 (phpLDAPadmin)
The remote host is missing updates announced in advisory GLSA 200509-04. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
Gentoo Security Advisory GLSA 200509-04 (phpLDAPadmin)
The remote host is missing updates announced in advisory GLSA 200509-04. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DSA-790-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DSA-1057-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian Security Advisory DSA 1057-1 (phpldapadmin)
The remote host is missing an update to phpldapadmin announced via advisory DSA 1057-1. Several cross-site scripting vulnerabilities have been discovered in phpLDAPadmin, a web based interface for administering LDAP servers, tha allows remote attackers to inject arbitrary web script or HTML. The...
Debian Security Advisory DSA 790-1 (phpldapadmin)
The remote host is missing an update to phpldapadmin announced via advisory DSA 790-1. Alexander Gerasiov discovered that phpldapadmin, a web based interface for administering LDAP servers, allows anybody to access the LDAP server anonymously, even if this is disabled in the configuration with th...