Vulnerabilities > Ldap Account Manager
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2013-11-05 | CVE-2013-4453 | Cross-Site Scripting vulnerability in Ldap-Account-Manager Ldap Account Manager 4.2.1/4.3 Cross-site scripting (XSS) vulnerability in templates/login.php in LDAP Account Manager (LAM) 4.3 and 4.2.1 allows remote attackers to inject arbitrary web script or HTML via the language parameter. | 4.3 |
2007-04-03 | CVE-2007-1840 | HTML Injection vulnerability in LDAP Account Manager lib/modules.inc in LDAP Account Manager (LAM) before 1.3.0 does not escape HTML special characters in LDAP data, which allows remote attackers to have an unknown impact, probably cross-site scripting (XSS). network ldap-account-manager | 4.3 |
2007-04-03 | CVE-2006-7191 | Local Privilege Escalation vulnerability in LDAP Account Manager Modified Path Untrusted search path vulnerability in lamdaemon.pl in LDAP Account Manager (LAM) before 1.0.0 allows local users to gain privileges via a modified PATH that points to a malicious rm program. | 7.2 |