pkg:Debian/phpldapadmin

All known vulnerabilities

• CRITICAL9.8CVE-2018-12689phpLDAPadmin 1.2.2 allows LDAP injection via a crafted server_id parameter in a cmd.php?cmd=login_form request, or a crafted username and p…
  from 0
• HIGH7.5CVE-2011-4082A local file inclusion flaw was found in the way the phpLDAPadmin before 0.9.8 processed certain values of the "Accept-Language" HTTP heade…
  from 0, < 0.9.8-1
• MEDIUM6.1CVE-2012-1115A Cross-Site Scripting (XSS) vulnerability exists in LDAP Account Manager (LAM) Pro 3.6 in the export, add_value_form, and dn parameters to…
  from 0, < 1.2.2-3
• MEDIUM6.1A Cross-Site Scripting (XSS) vulnerability exists in LDAP Account Manager (LAM) Pro 3.6 in the filter parameter to cmd.php in an export and…
  from 0, < 1.2.2-3
• MEDIUM6.1phpldapadmin - security update
  from 0, < 1.2.2-5+deb7u1
• MEDIUM6.1phpldapadmin - security update
  from 0, < 1.2.2-5.2+deb8u1
• MEDIUM6.1phpldapadmin - security update
  from 0, < 1.2.2-6.2
• MEDIUM5.4An XSS issue has been discovered in phpLDAPadmin before 1.2.6.2 that allows users to store malicious values that may be executed by other u…
  from 0, < 1.2.6.3-0.3
• —phpLDAPadmin since at least version 1.2.0 through the latest version 1.2.6.7 allows users to export elements from the LDAP directory into a…
  from 0
• —A reflected cross-site scripting (XSS) vulnerability in the 'Entry Chooser' of phpLDAPadmin (version 1.2.1 through the latest version, 1.2.…
  from 0
• —A vulnerability classified as critical was found in mhuertos phpLDAPadmin up to 665dbc2690ebeb5392d38f1fece0a654225a0b38.
  from 0, < 1.2.6.3-0.1
• —Cross-site scripting (XSS) vulnerability in lib/QueryRender.php in phpLDAPadmin 1.2.2 and earlier allows remote attackers to inject arbitra…
  from 0, < 1.2.2-1
• —The masort function in lib/functions.php in phpLDAPadmin 1.2.x before 1.2.2 allows remote attackers to execute arbitrary PHP code via the o…
  from 0, < 1.2.0.5-2.1
• —phpldapadmin - several issues
  from 0, < 1.2.0.5-2+squeeze1
• —phpldapadmin - several issues
  from 0, < 1.2.0.5-2.1
• —phpldapadmin - remote file inclusion
  from 0, < 1.1.0.5-6+lenny1
• —phpldapadmin - remote file inclusion
  from 0, < 1.1.0.7-1.1
• —phpldapadmin - missing input sanitising
  from 0, < 0.9.5-3sarge3
• —phpldapadmin - missing input sanitising
  from 0, < 0.9.8.3-1
• —PHP remote file inclusion vulnerability in welcome.php in phpLDAPadmin 0.9.6 and 0.9.7 allows remote attackers to execute arbitrary PHP cod…
  from 0, < 0.9.6c-7
• —Directory traversal vulnerability in welcome.php in phpLDAPadmin 0.9.6 and 0.9.7 allows remote attackers to read arbitrary files via a ..
  from 0, < 0.9.6c-7
• —phpldapadmin - programming error
  from 0, < 0.9.6c-5
• —phpldapadmin - programming error
  from 0, < 0.9.5-3sarge2