phpLDAPadmin 0.9.8 - 'template_engine.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/17643/info PHPLDAPAdmin is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to execute arbitrary HTML and script code in...

phpLDAPadmin 0.9.8 - 'rename_form.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/17643/info PHPLDAPAdmin is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to execute arbitrary HTML and script code in...

phpldapadmin -- Cross-Site Scripting and Script Insertion vulnerabilities

Secunia reports: phpLDAPadmin have some vulnerabilities, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting attacks. 1 Some input isn't properly sanitised before being returned to the user. This can be exploited to...

phpLDAPadmin multiple vuln.

phpLDAPadmin multiple vuln. Vuln. discovered by : r0t Date: 21 april 2006 vendorlink:http://phpldapadmin.sourceforge.net/ affected versions:phpLDAPadmin 0.9.8 and prior orginal advisory: http://pridels.blogspot.com/2006/04/phpldapadmin-multiple-vuln.html Vuln. Description: phpLDAPadmin contains a...

phpLDAPadmin 0.9.8 - 'copy_form.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/17643/info PHPLDAPAdmin is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to execute arbitrary HTML and script code in...

GLSA-200509-04 : phpLDAPadmin: Authentication bypass

The remote host is affected by the vulnerability described in GLSA-200509-04 phpLDAPadmin: Authentication bypass Alexander Gerasiov discovered a flaw in login.php preventing the application from validating whether anonymous bind has been disabled in the target LDAP server configuration. Impact :...

Debian DSA-790-1 : phpldapadmin - programming error

Alexander Gerasiov discovered that phpldapadmin, a web-based interface for administering LDAP servers, allows anybody to access the LDAP server anonymously, even if this is disabled in the configuration with the 'disableanonbind' statement. The old stable distribution woody is not vulnerable to...

CVE-2005-2792

Directory traversal vulnerability in welcome.php in phpLDAPadmin 0.9.6 and 0.9.7 allows remote attackers to read arbitrary files via a .. dot dot in the customwelcomepage parameter...

CVE-2005-2792

Directory traversal vulnerability in welcome.php in phpLDAPadmin 0.9.6 and 0.9.7 allows remote attackers to read arbitrary files via a .. dot dot in the customwelcomepage parameter...

DEBIAN-CVE-2005-2793

PHP remote file inclusion vulnerability in welcome.php in phpLDAPadmin 0.9.6 and 0.9.7 allows remote attackers to execute arbitrary PHP code via the customwelcomepage parameter...

DEBIAN-CVE-2005-2792

Directory traversal vulnerability in welcome.php in phpLDAPadmin 0.9.6 and 0.9.7 allows remote attackers to read arbitrary files via a .. dot dot in the customwelcomepage parameter...

CVE-2005-2793

PHP remote file inclusion vulnerability in welcome.php in phpLDAPadmin 0.9.6 and 0.9.7 allows remote attackers to execute arbitrary PHP code via the customwelcomepage parameter...

CVE-2005-2792

Directory traversal vulnerability in welcome.php in phpLDAPadmin 0.9.6 and 0.9.7 allows remote attackers to read arbitrary files via a .. dot dot in the customwelcomepage parameter...

CVE-2005-2792

Directory traversal vulnerability in welcome.php in phpLDAPadmin 0.9.6 and 0.9.7 allows remote attackers to read arbitrary files via a .. dot dot in the customwelcomepage parameter...

CVE-2005-2793

PHP remote file inclusion vulnerability in welcome.php in phpLDAPadmin 0.9.6 and 0.9.7 allows remote attackers to execute arbitrary PHP code via the customwelcomepage parameter...

CVE-2005-2792

Directory traversal vulnerability in welcome.php in phpLDAPadmin 0.9.6 and 0.9.7 allows remote attackers to read arbitrary files via a .. dot dot in the customwelcomepage parameter...

CVE-2005-2793

PHP remote file inclusion vulnerability in welcome.php in phpLDAPadmin 0.9.6 and 0.9.7 allows remote attackers to execute arbitrary PHP code via the customwelcomepage parameter...

CVE-2005-2792

CVE-2005-2792 affects phpLDAPadmin 0.9.6 and 0.9.7, allowing remote attackers to read arbitrary files via a dot-dot in the custom_welcome_page parameter of welcome.php (directory traversal). Multiple connected records corroborate this vulnerability and classify it as a directory traversal issue i...

CVE-2005-2793

CVE-2005-2793 : phpLDAPadmin versions 0.9.6 and 0.9.7 contain a PHP remote file inclusion in welcome.php, exploitable via the custom_welcome_page parameter to execute arbitrary PHP code. The connected documents confirm the vulnerable component and the root cause (remote file inclusion) and vulner...

phpLDAPadmin.pl.txt

!/usr/bin/perl \ \ | / \ \ | // \ / | | | \ \ \ / \ / \ / \ | | \ // // | | \ | // / // | \ || /\ | / /| /\ / /|| / / / / / /// / Coded By Johnnie Walker Greets: sirh0t , Cute Eliisabeth And Tayphoon Suck My Dick: cobradriver , atmaca , kozan Red Dragon: Johhnie Walker . Nightmare . Erbil...