jetlib.sec » Packet Storm Security Advisories » Mandriva Linux Security Advisory 2012-020

Feeds

133205 items (1 unread) in 27 feeds

• 1337day (was: Inj3ct0r, 1337db)
• OSVDB Vulnerabilities
• Exploit-DB
• SecurityFocus Vulnerabilities (1 unread)
• Bugtraq
• Full Disclosure
• XSSed
• Packet Storm Security Headlines
• Packet Storm Security Advisories
• Packet Storm Security Exploits
• Packet Storm Security Recent Files
• Packet Storm Security Tools
• Packet Storm Security Misc. Files
• Sophos security news
• Sophos product advisories
• Penetration Testing
• SecuriTeam
• BackTrack Linux Forums
• Threatpost
• SecDocs
• carnal0wnage.attackresearch.com
• Carnal0wnage
• Kernel Fun
• Darknet
• The Exploitant
• Hack a Day
• Wirevolution

Packet Storm Security Advisories

• February 15, 2012
• 

  Mandriva Linux Security Advisory 2012-020

  Posted: February 15th, 2012, 7:02pm PST

  Tags:  mandriva security linux mandriva-linux arbitrary-web linux-security  

  Mandriva Linux Security Advisory 2012-020 - Cross-site scripting vulnerability in lib/QueryRender.php in phpLDAPadmin 1.2.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the base parameter in a query_engine action to cmd.php. The updated packages have been patched to correct this issue.