Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ldap account manager ldap account manager vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-23333
LDAP Account Manager (LAM) is a webfrontend for managing entries stored in an LDAP directory. LAM's log configuration allows to specify arbitrary paths for log files. Prior to version 8.7, an attacker could exploit this by creating a PHP file and cause LAM to log some PHP co...
8.8
CVSSv3
CVE-2022-31086
LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. users, groups, DHCP settings) stored in an LDAP directory. In versions before 8.0 incorrect regular expressions allow to upload PHP scripts to config/templates/pdf. This vulnerability could lead to a Remote Co...
Ldap-account-manager Ldap Account Manager
Debian Debian Linux 11.0
7.8
CVSSv3
CVE-2022-31087
LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. users, groups, DHCP settings) stored in an LDAP directory. In versions before 8.0 the tmp directory, which is accessible by /lam/tmp/, allows interpretation of .php (and .php5/.php4/.phpt/etc) files. An attack...
Ldap-account-manager Ldap Account Manager
Debian Debian Linux 11.0
5.3
CVSSv3
CVE-2022-31088
LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. users, groups, DHCP settings) stored in an LDAP directory. In versions before 8.0 the user name field at login could be used to enumerate LDAP data. This is only the case for LDAP search configuration. This is...
Ldap-account-manager Ldap Account Manager
Debian Debian Linux 11.0
6.1
CVSSv3
CVE-2022-31085
LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. users, groups, DHCP settings) stored in an LDAP directory. In versions before 8.0 the session files include the LDAP user name and password in clear text if the PHP OpenSSL extension is not installed or encryp...
Ldap-account-manager Ldap Account Manager
Debian Debian Linux 11.0
8.1
CVSSv3
CVE-2022-31084
LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. users, groups, DHCP settings) stored in an LDAP directory. In versions before 8.0 There are cases where LAM instantiates objects from arbitrary classes. An attacker can inject the first constructor argument. T...
Ldap-account-manager Ldap Account Manager
Debian Debian Linux 11.0
4.8
CVSSv3
CVE-2022-24851
LDAP Account Manager (LAM) is an open source web frontend for managing entries stored in an LDAP directory. The profile editor tool has an edit profile functionality, the parameters on this page are not properly sanitized and hence leads to stored XSS attacks. An authenticated us...
Ldap-account-manager Ldap Account Manager
Debian Debian Linux 11.0
6.1
CVSSv3
CVE-2012-1114
A Cross-Site Scripting (XSS) vulnerability exists in LDAP Account Manager (LAM) Pro 3.6 in the filter parameter to cmd.php in an export and exporter_id action. and the filteruid parameter to list.php.
Ldap-account-manager Ldap Account Manager 3.6
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Fedoraproject Fedora 16
Fedoraproject Fedora 17
Fedoraproject Fedora 18
6.1
CVSSv3
CVE-2012-1115
A Cross-Site Scripting (XSS) vulnerability exists in LDAP Account Manager (LAM) Pro 3.6 in the export, add_value_form, and dn parameters to cmd.php.
Ldap-account-manager Ldap Account Manager 3.6
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Fedoraproject Fedora 16
Fedoraproject Fedora 17
Fedoraproject Fedora 18
4.6
CVSSv3
CVE-2019-10224
A flaw has been found in 389-ds-base versions 1.4.x.x prior to 1.4.1.3. When executed in verbose mode, the dscreate and dsconf commands may display sensitive information, such as the Directory Manager password. An attacker, able to see the screen or record the terminal standard e...
Fedoraproject 389 Directory Server
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »