phpldapadmin: local file inclusion
| Package(s): | phpldapadmin |
CVE #(s): | |
| Created: | December 25, 2009 |
Updated: | January 6, 2010 |
| Description: |
From the Secunia
advisory:
A vulnerability has been discovered on phpLDAPadmin, which can be exploited
by malicious people to disclose sensitive information. Input passed via
the "cmd" parameter to cmd.php is not properly verified before being used
to include files. This can be exploited to include arbitrary files from
local resources. The vulnerability is confirmed in version 1.1.0.7. Other
versions may also be affected. |
| Alerts: |
|
