Phpipam before v1.5.2 was discovered... CVE-2023-41580

- AV AC AU C I A
发布: 2023-10-02
修订: 2023-10-06

Phpipam before v1.5.2 was discovered to contain a LDAP injection vulnerability via the dname parameter at /users/ad-search-result.php. This vulnerability allows attackers to enumerate arbitrary fields in the LDAP server and access sensitive data via a crafted POST request.

0%
暂无可用Exp或PoC
当前有1条受影响产品信息