LDAP Account Manager is a web front-end for managing entries (e.g., users, groups, DHCP settings) stored in the LDAP directory.An injection vulnerability exists in LDAP Account Manager (LAM) versions prior to 8.0, which stems from faulty access control and could be exploited by an attacker to pass the user name field at login can be used to enumerate LDAP data.