Vulnerabilities > LTB Project

DATE	CVE	VULNERABILITY TITLE	RISK
2023-12-21	CVE-2023-49032	Unspecified vulnerability in Ltb-Project Self Service Password An issue in LTB Self Service Password before v.1.5.4 allows a remote attacker to execute arbitrary code and obtain sensitive information via hijack of the SMS verification code function to arbitrary phone. network low complexity ltb-project critical	9.8
2018-06-14	CVE-2018-12421	Weak Password Recovery Mechanism for Forgotten Password vulnerability in Ltb-Project Ldap Tool BOX Self Service Password LTB (aka LDAP Tool Box) Self Service Password before 1.3 allows a change to a user password (without knowing the old password) via a crafted POST request, because the ldap_bind return value is mishandled and the PHP data type is not constrained to be a string. network low complexity ltb-project CWE-640 critical	9.8

Vulnerabilities > LTB Project {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"LTB Project"}]}