RSS   Vulnerabilities for 'Ldap account manager'   RSS

2007-04-02
 
CVE-2007-1840

 

 
lib/modules.inc in LDAP Account Manager (LAM) before 1.3.0 does not escape HTML special characters in LDAP data, which allows remote attackers to have an unknown impact, probably cross-site scripting (XSS).

 
 
CVE-2006-7191

 

 
Untrusted search path vulnerability in lamdaemon.pl in LDAP Account Manager (LAM) before 1.0.0 allows local users to gain privileges via a modified PATH that points to a malicious rm program.

 


Copyright 2024, cxsecurity.com

 

Back to Top