RSS   Vulnerabilities for 'Phamm'   RSS

2019-03-17
 
CVE-2018-20806

CWE-79
 

 
Phamm (aka PHP LDAP Virtual Hosting Manager) 0.6.8 allows XSS via the login page (the /public/main.php action parameter).

 
2017-07-20
 
CVE-2017-0378

 

 
XSS exists in the login_form function in views/helpers.php in Phamm before 0.6.7, exploitable via the PATH_INFO to main.php.

 


Copyright 2024, cxsecurity.com

 

Back to Top