Lucene search
R0tEDB-ID:27721HistoryApr 21, 2006 - 12:00 a.m.
phpLDAPadmin 0.9.8 - 'search.php' Cross-Site Scripting
2006-04-2100:00:00
r0t
www.exploit-db.com
13
AI Score
7.4
Confidence
Low
source: https://www.securityfocus.com/bid/17643/info
PHPLDAPAdmin is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input.
An attacker can exploit these issues to execute arbitrary HTML and script code in the browser of a victim user in the context of the affected website. This may allow the attacker to steal cookie-based authentication credentials, to control how the site is rendered to the user, and to launch other attacks.
http://www.example.com/search.php?server_id=0&search=true&filter=objectClass%3D%2A&base_dn=cn%3Dtoto%2Cdc%3Dexample%2Cdc%3Dcom&form=advanced&scope=%22%3Cscript%3Ealert('r0t')%3C/script%3ERelated
debiancve
debiancve
CVE-2006-2016
2006-04-25 12:50:00
openvas
openvas
FreeBSD Ports: phpldapadmin098
2008-09-04 00:00:00
FreeBSD Ports: phpldapadmin098
2008-09-04 00:00:00
Debian: Security Advisory (DSA-1057-1)
2008-01-17 00:00:00
debian
debian
[SECURITY] [DSA 1057-1] New phpLDAPadmin packages fix cross-site scripting
2006-05-15 14:21:01
[SECURITY] [DSA 1057-1] New phpLDAPadmin packages fix cross-site scripting
2006-05-15 14:21:01
nessus
nessus
cve
cve
CVE-2006-2016
2006-04-25 12:50:00
freebsd
freebsd
phpldapadmin -- Cross-Site Scripting and Script Insertion vulnerabilities
2006-04-21 00:00:00
osv
osv
phpldapadmin - missing input sanitising
2006-05-15 00:00:00
prion
prion
Cross site scripting
2006-04-25 12:50:00
exploitdb
exploitdb
phpLDAPadmin 0.9.8 - 'rename_form.php' Cross-Site Scripting
2006-04-21 00:00:00
phpLDAPadmin 0.9.8 - 'template_engine.php' Cross-Site Scripting
2006-04-21 00:00:00
phpLDAPadmin 0.9.8 - 'copy_form.php' Cross-Site Scripting
2006-04-21 00:00:00
cvelist
cvelist
CVE-2006-2016
2006-04-25 10:00:00
ubuntucve
ubuntucve
CVE-2006-2016
2006-04-25 00:00:00
nvd
nvd
CVE-2006-2016
2006-04-25 12:50:00
