Vulnerabilities > Ldap Account Manager

DATE	CVE	VULNERABILITY TITLE	RISK
2022-06-27	CVE-2022-31084	Argument Injection or Modification vulnerability in multiple products LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. network high complexity ldap-account-manager debian CWE-88	8.1
2022-06-27	CVE-2022-31085	Insufficiently Protected Credentials vulnerability in multiple products LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. network low complexity ldap-account-manager debian CWE-522	6.1
2022-06-27	CVE-2022-31086	Unrestricted Upload of File with Dangerous Type vulnerability in multiple products LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. network low complexity ldap-account-manager debian CWE-434	8.8
2022-06-27	CVE-2022-31087	Incorrect Authorization vulnerability in multiple products LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. local low complexity ldap-account-manager debian CWE-863	7.8
2022-06-27	CVE-2022-31088	Injection vulnerability in multiple products LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. network low complexity ldap-account-manager debian CWE-74	5.3
2022-04-15	CVE-2022-24851	Cross-site Scripting vulnerability in multiple products LDAP Account Manager (LAM) is an open source web frontend for managing entries stored in an LDAP directory. network low complexity ldap-account-manager debian CWE-79	4.8
2019-12-05	CVE-2012-1115	Cross-site Scripting vulnerability in multiple products A Cross-Site Scripting (XSS) vulnerability exists in LDAP Account Manager (LAM) Pro 3.6 in the export, add_value_form, and dn parameters to cmd.php. network low complexity ldap-account-manager fedoraproject debian CWE-79	6.1
2019-12-05	CVE-2012-1114	Cross-site Scripting vulnerability in multiple products A Cross-Site Scripting (XSS) vulnerability exists in LDAP Account Manager (LAM) Pro 3.6 in the filter parameter to cmd.php in an export and exporter_id action. network low complexity ldap-account-manager fedoraproject debian CWE-79	6.1
2018-03-27	CVE-2018-8764	Cross-Site Request Forgery (CSRF) vulnerability in multiple products Roland Gruber Softwareentwicklung LDAP Account Manager before 6.3 places a CSRF token in the sec_token parameter of a URI, which makes it easier for remote attackers to defeat a CSRF protection mechanism by leveraging logging. network low complexity debian ldap-account-manager CWE-352	8.8
2018-03-27	CVE-2018-8763	Cross-site Scripting vulnerability in multiple products Roland Gruber Softwareentwicklung LDAP Account Manager before 6.3 has XSS via the dn parameter to the templates/3rdParty/pla/htdocs/cmd.php URI or the template parameter to the templates/3rdParty/pla/htdocs/cmd.php?cmd=rename_form URI. network low complexity debian ldap-account-manager CWE-79	6.1

Vulnerabilities > Ldap Account Manager {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Ldap Account Manager"}]}

Vulnerabilities > Ldap Account Manager