|
|
CVE Reference: CVE-2006-2016 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2006-2016 |
|
|
Description: Multiple cross-site scripting (XSS) vulnerabilities in phpLDAPadmin 0.9.8 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) dn parameter in (a) compare_form.php, (b) copy_form.php, (c) rename_form.php, (d) template_engine.php, and (e) delete_form.php; (2) scope parameter in (f) search.php; and (3) Container DN, (4) Machine Name, and (5) UID Number fields in (g) template_engine.php. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/25959 http://xforce.iss.net/xforce/xfdb/25958 SAID Secunia Advisory: SA19747 Secunia Advisory: SA20124 OSVDB 24794 24793 24792 24790 24789 24788 MISC http://pridels.blogspot.com/2006/04/phpldapadmin-multiple-vuln.html DEBIAN http://www.debian.org/security/2006/dsa-1057 BID 17643 |
|
| Return to the previous page. |
