Vulnerabilities > Ldap Account Manager
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-06-27 | CVE-2022-31084 | LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. | 8.1 |
2022-06-27 | CVE-2022-31085 | Insufficiently Protected Credentials vulnerability in multiple products LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. | 6.1 |
2022-06-27 | CVE-2022-31086 | Unrestricted Upload of File with Dangerous Type vulnerability in multiple products LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. | 8.8 |
2022-06-27 | CVE-2022-31087 | Incorrect Authorization vulnerability in multiple products LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. | 7.8 |
2022-06-27 | CVE-2022-31088 | LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. | 5.3 |
2022-04-15 | CVE-2022-24851 | Cross-site Scripting vulnerability in multiple products LDAP Account Manager (LAM) is an open source web frontend for managing entries stored in an LDAP directory. | 4.8 |
2019-12-05 | CVE-2012-1115 | Cross-site Scripting vulnerability in multiple products A Cross-Site Scripting (XSS) vulnerability exists in LDAP Account Manager (LAM) Pro 3.6 in the export, add_value_form, and dn parameters to cmd.php. | 6.1 |
2019-12-05 | CVE-2012-1114 | Cross-site Scripting vulnerability in multiple products A Cross-Site Scripting (XSS) vulnerability exists in LDAP Account Manager (LAM) Pro 3.6 in the filter parameter to cmd.php in an export and exporter_id action. | 6.1 |
2018-03-27 | CVE-2018-8764 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products Roland Gruber Softwareentwicklung LDAP Account Manager before 6.3 places a CSRF token in the sec_token parameter of a URI, which makes it easier for remote attackers to defeat a CSRF protection mechanism by leveraging logging. | 8.8 |
2018-03-27 | CVE-2018-8763 | Cross-site Scripting vulnerability in multiple products Roland Gruber Softwareentwicklung LDAP Account Manager before 6.3 has XSS via the dn parameter to the templates/3rdParty/pla/htdocs/cmd.php URI or the template parameter to the templates/3rdParty/pla/htdocs/cmd.php?cmd=rename_form URI. | 6.1 |