Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ldap-account-manager ldap account manager vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2018-8764
Roland Gruber Softwareentwicklung LDAP Account Manager prior to 6.3 places a CSRF token in the sec_token parameter of a URI, which makes it easier for remote malicious users to defeat a CSRF protection mechanism by leveraging logging.
Debian Debian Linux 9.0
Debian Debian Linux 8.0
Ldap-account-manager Ldap Account Manager
4.3
CVSSv2
CVE-2013-4453
Cross-site scripting (XSS) vulnerability in templates/login.php in LDAP Account Manager (LAM) 4.3 and 4.2.1 allows remote malicious users to inject arbitrary web script or HTML via the language parameter.
Ldap-account-manager Ldap Account Manager 4.3
Ldap-account-manager Ldap Account Manager 4.2.1
7.2
CVSSv2
CVE-2006-7191
Untrusted search path vulnerability in lamdaemon.pl in LDAP Account Manager (LAM) prior to 1.0.0 allows local users to gain privileges via a modified PATH that points to a malicious rm program.
Ldap Account Manager Ldap Account Manager
4.3
CVSSv2
CVE-2007-1840
lib/modules.inc in LDAP Account Manager (LAM) prior to 1.3.0 does not escape HTML special characters in LDAP data, which allows remote malicious users to have an unknown impact, probably cross-site scripting (XSS).
Ldap Account Manager Ldap Account Manager
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2