jetlib.sec » Bugtraq » XSS phpLDAPadmin: 1.2.0.5 (Debian package) and 1.2.2 (sourceforge)

Feeds

132968 items (0 unread) in 27 feeds

• 1337day (was: Inj3ct0r, 1337db)
• OSVDB Vulnerabilities
• Exploit-DB
• SecurityFocus Vulnerabilities
• Bugtraq
• Full Disclosure
• XSSed
• Packet Storm Security Headlines
• Packet Storm Security Advisories
• Packet Storm Security Exploits
• Packet Storm Security Recent Files
• Packet Storm Security Tools
• Packet Storm Security Misc. Files
• Sophos security news
• Sophos product advisories
• Penetration Testing
• SecuriTeam
• BackTrack Linux Forums
• Threatpost
• SecDocs
• carnal0wnage.attackresearch.com
• Carnal0wnage
• Kernel Fun
• Darknet
• The Exploitant
• Hack a Day
• Wirevolution

Bugtraq

• February 01, 2012
• 

  XSS phpLDAPadmin: 1.2.0.5 (Debian package) and 1.2.2 (sourceforge)

  Posted: February 1st, 2012, 10:04am PST

  Tags:   

  Posted by andsarmiento on Feb 01

  Attach some PoC analysis related to a XSS vulnerability to phpldapadmin. I previously coordinate with the Cert-US in
  order they contact with Sourceforge and Debian, but receive they was unable to put in contact with them.
  
  The first discover was on January 10 for 1.1.6 version, where after noticed that the same vulnerability was discover
  previously. For that reason I tested later for version 1.2.2 (sourceforge) and 1.2.0.5 (Debian package)....