CVE-2012-0834

Published: Feb 11, 2012

Modified: Aug 6, 2024

PUBLISHED

Description

Cross-site scripting (XSS) vulnerability in lib/QueryRender.php in phpLDAPadmin 1.2.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the base parameter in a query_engine action to cmd.php.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://phpldapadmin.git.sourceforge.net/git/gitweb.cgi?p=phpldapadmin/phpldapadmin%3Ba=commit%3Bh=7dc8d57d6952fe681cb9e8818df7f103220457bd

x_refsource_CONFIRM

47852

third-party-advisory

x_refsource_SECUNIA

https://sourceforge.net/tracker/index.php?func=detail&aid=3477910&group_id=61828&atid=498546

x_refsource_CONFIRM

[oss-security] 20120203 Re: CVE request: phpldapadmin "base" Cross-Site Scripting Vulnerability

mailing-list

x_refsource_MLIST

[oss-security] 20120202 CVE request: phpldapadmin "base" Cross-Site Scripting Vulnerability

mailing-list

x_refsource_MLIST

MDVSA-2012:020

vendor-advisory

x_refsource_MANDRIVA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2012-0834

Description

Affected Products

References