CVE-2023-41580 in phpipaminformación

Resumen

por MITRE • 2023-10-25

Phpipam before v1.5.2 was discovered to contain a LDAP injection vulnerability via the dname parameter at /users/ad-search-result.php. This vulnerability allows attackers to enumerate arbitrary fields in the LDAP server and access sensitive data via a crafted POST request.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservar

2023-08-30

Divulgación

2023-10-25

Moderación

aceptado

Artículo

VDB-241071

CPE

listo

EPSS

0.00710

KEV

no

Actividades

muy bajo

Fuentes

Want to stay up to date on a daily basis?

Enable the mail alert feature now!