CVE-2022-24851 – Stored XSS and path traversal in LDAPAccountManager/lam
https://notcve.org/view.php?id=CVE-2022-24851
LDAP Account Manager (LAM) is an open source web frontend for managing entries stored in an LDAP directory. The profile editor tool has an edit profile functionality, the parameters on this page are not properly sanitized and hence leads to stored XSS attacks. An authenticated user can store XSS payloads in the profiles, which gets triggered when any other user try to access the edit profile page. The pdf editor tool has an edit pdf profile functionality, the logoFile parameter in it is not properly sanitized and an user can enter relative paths like ../../../../../../../../../../../../../usr/share/icons/hicolor/48x48/apps/gvim.png via tools like burpsuite. • https://github.com/LDAPAccountManager/lam/commit/3c6f09a3579e048e224eb5a4c4e3eefaa8bccd49 https://github.com/LDAPAccountManager/lam/issues/170 https://github.com/LDAPAccountManager/lam/security/advisories/GHSA-f2fr-cccr-583v https://www.debian.org/security/2022/dsa-5177 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2018-8764 – LDAP Account Manager 6.2 Cross Site Scripting
https://notcve.org/view.php?id=CVE-2018-8764
Roland Gruber Softwareentwicklung LDAP Account Manager before 6.3 places a CSRF token in the sec_token parameter of a URI, which makes it easier for remote attackers to defeat a CSRF protection mechanism by leveraging logging. Roland Gruber Softwareentwicklung LDAP Account Manager en versiones anteriores a la 6.3 coloca un token CSRF en el parámetro sec_token de un URI. Esto facilita a los atacantes remotos acabar con los mecanismos de protección ante CSRF aprovechando el inicio de sesión. LDAP Account Manager version 6.2 suffers from cross site scripting vulnerabilities. • http://packetstormsecurity.com/files/146858/LDAP-Account-Manager-6.2-Cross-Site-Scripting.html http://seclists.org/fulldisclosure/2018/Mar/45 https://www.debian.org/security/2018/dsa-4165 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVE-2018-8763 – LDAP Account Manager 6.2 Cross Site Scripting
https://notcve.org/view.php?id=CVE-2018-8763
Roland Gruber Softwareentwicklung LDAP Account Manager before 6.3 has XSS via the dn parameter to the templates/3rdParty/pla/htdocs/cmd.php URI or the template parameter to the templates/3rdParty/pla/htdocs/cmd.php?cmd=rename_form URI. Roland Gruber Softwareentwicklung LDAP Account Manager, en versiones anteriores a la 6.3, contiene Cross-Site Scripting (XSS) mediante el parámetro dn en el URI templates/3rdParty/pla/htdocs/cmd.php o el parámetro template en el URI templates/3rdParty/pla/htdocs/cmd.php?cmd=rename_form. LDAP Account Manager version 6.2 suffers from cross site scripting vulnerabilities. • http://packetstormsecurity.com/files/146858/LDAP-Account-Manager-6.2-Cross-Site-Scripting.html http://seclists.org/fulldisclosure/2018/Mar/45 https://lists.debian.org/debian-lts-announce/2018/04/msg00007.html https://www.debian.org/security/2018/dsa-4165 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2007-1840
https://notcve.org/view.php?id=CVE-2007-1840
lib/modules.inc in LDAP Account Manager (LAM) before 1.3.0 does not escape HTML special characters in LDAP data, which allows remote attackers to have an unknown impact, probably cross-site scripting (XSS). lib/modules.inc en LDAP Account MAnager (LAM) anterior a 1.3.0 no escapa los caracteres especiales HTML en datos LDAP, lo cual permite a atacantes remotos tener un impacto desconocido, probablemente ataques de secuencias de comandos en sitios cruzados (XSS). • http://lam.cvs.sourceforge.net/lam/lam/lib/modules.inc?r1=1.173&r2=1.174 http://lam.sourceforge.net/changelog/index.htm http://secunia.com/advisories/24687 http://secunia.com/advisories/25157 http://www.securityfocus.com/bid/23190 http://www.us.debian.org/security/2007/dsa-1287 http://www.vupen.com/english/advisories/2007/1149 https://exchange.xforce.ibmcloud.com/vulnerabilities/33307 •
CVE-2006-7191
https://notcve.org/view.php?id=CVE-2006-7191
Untrusted search path vulnerability in lamdaemon.pl in LDAP Account Manager (LAM) before 1.0.0 allows local users to gain privileges via a modified PATH that points to a malicious rm program. Vulnerabilidad de ruta de búsqueda no confiable en lamdaemon.pl en LDAP Account Manager (LAM) anterior a 1.0.0 permite a usuarios locales ganar privilegios a través de un PATH modificada que apunta a un programa rm malicioso. • http://lam.cvs.sourceforge.net/lam/lam/lib/lamdaemon.pl http://lam.cvs.sourceforge.net/lam/lam/lib/lamdaemon.pl?r1=1.32&r2=1.33 http://lam.sourceforge.net/changelog/index.htm http://secunia.com/advisories/25157 http://www.securityfocus.com/bid/23857 http://www.us.debian.org/security/2007/dsa-1287 •