phpLDAPadmin custom_welcome_page Parameter File Include Vulnerability

The remote host appears to be running phpLDAPadmin, a PHP-based LDAP browser. The version of phpLDAPadmin installed on the remote host fails to properly sanitize user-supplied input to the 'customwelcomepage' parameter of the 'welcome.php' script before using it to include PHP code. By leveraging...

phpLDAPadmin 0.9.6 - 0.9.7/alpha5 (possibly prior versions) system disclosure,

phpLDAPadmin 0.9.6 - 0.9.7/alpha5 possibly prior versions system disclosure, remote code execution, cross site scripting software: author site: http://phpldapadmin.sourceforge.net/ description: phpLDAPadmin is a web-based LDAP client. It provides easy, anywhere-accessible, multi-language...

phpLDAPadmin Anonymous Bind Security Bypass Vulnerability

The remote host is running phpLDAPadmin, a PHP-based LDAP browser. The version of phpLDAPadmin installed on the remote host may allow access to an LDAP server anonymously, even if anonymous binds have been disabled in the application's configuration. %NASLMINLEVEL 70300 C Tenable Network Security...

DEBIAN-CVE-2005-2654

phpldapadmin before 0.9.6c allows remote attackers to gain anonymous access to the LDAP server, even when disableanonbind is set, via an HTTP request to login.php with the anonymousbind parameter set...

CVE-2005-2654

phpldapadmin before 0.9.6c allows remote attackers to gain anonymous access to the LDAP server, even when disableanonbind is set, via an HTTP request to login.php with the anonymousbind parameter set...

CVE-2005-2654

phpldapadmin before 0.9.6c allows remote attackers to gain anonymous access to the LDAP server, even when disableanonbind is set, via an HTTP request to login.php with the anonymousbind parameter set...

CVE-2005-2654

phpldapadmin before 0.9.6c allows remote attackers to gain anonymous access to the LDAP server, even when disableanonbind is set, via an HTTP request to login.php with the anonymousbind parameter set...

[SECURITY] [DSA 790-1] New phpldapadmin packages fix unauthorised access

-------------------------------------------------------------------------- Debian Security Advisory DSA 790-1 [email protected] http://www.debian.org/security/ Martin Schulze August 30th, 2005 http://www.debian.org/security/faq -...

[SECURITY] [DSA 790-1] New phpldapadmin packages fix unauthorised access

-------------------------------------------------------------------------- Debian Security Advisory DSA 790-1 [email protected] http://www.debian.org/security/ Martin Schulze August 30th, 2005 http://www.debian.org/security/faq -...

CVE-2005-2654

CVE-2005-2654 affects phpldapadmin prior to 0.9.6c, where an HTTP request to login.php with the anonymous_bind parameter can bypass disable_anon_bind and grant anonymous access to the LDAP server. Connected sources corroborate this flaw and link to affected releases and upstream advisories. Gento...

CVE-2005-2654

phpldapadmin before 0.9.6c allows remote attackers to gain anonymous access to the LDAP server, even when disableanonbind is set, via an HTTP request to login.php with the anonymousbind parameter set...

CVE-2005-2654

phpldapadmin before 0.9.6c allows remote attackers to gain anonymous access to the LDAP server, even when disableanonbind is set, via an HTTP request to login.php with the anonymousbind parameter set...

phpLDAPadmin 0.9.6/0.9.7 - 'welcome.php' Arbitrary File Inclusion

source: https://www.securityfocus.com/bid/14695/info phpldapadmin is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. phpldapadmin is prone to a directory traversal vulnerability. An attacker can...

phpLDAPadmin 0.9.60.9.7 - welcome.php Arbitrary File Inclusion

phpLDAPadmin 0.9.60.9.7 - welcome.php Arbitrary File Inclusion source: https://www.securityfocus.com/bid/14695/info phpldapadmin is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. phpldapadmin is...

phpLDAPadmin < 0.9.6c Anonymous Bind Security Bypass

Binary data 3195.prm...

DSA-790-1 phpldapadmin - programming error

Bulletin has no description...