Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in lib/QueryRender.php in phpLDAPadmin 1.2.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the base parameter in a query_engine action to cmd.php.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
phpLDAPadmin跨站脚本漏洞
Vulnerability Description
phpLDAPadmin是一款基于Web的LDAP客户端,它主要用于管理LDAP服务器。 phpLDAPadmin中存在漏洞,该漏洞源于输入传递借助lib/QueryRender.php在cmd.php (当 "cmd" 设置为"query_engine"时)的"base"参数返回给用户之前未经正确过滤。攻击者可利用该漏洞执行跨站脚本攻击,在受影响站点上下文内的用户浏览器会话中执行任意HTML或者脚本代码。1.2.2版本中存在该漏洞,其他版本中也可能受到影响。
CVSS Information
N/A
Vulnerability Type
N/A