Ldap Account Manager » Ldap Account Manager : Security Vulnerabilities, CVEs,
lib/modules.inc in LDAP Account Manager (LAM) before 1.3.0 does not escape HTML special characters in LDAP data, which allows remote attackers to have an unknown impact, probably cross-site scripting (XSS).
Max CVSS
4.3
EPSS Score
0.50%
Published
2007-04-03
Updated
2017-07-29
Untrusted search path vulnerability in lamdaemon.pl in LDAP Account Manager (LAM) before 1.0.0 allows local users to gain privileges via a modified PATH that points to a malicious rm program.
Max CVSS
7.2
EPSS Score
0.04%
Published
2007-04-03
Updated
2008-09-05
2 vulnerabilities found