Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/phpldapadmin@1.2.6.3-0.3%2Bdeb12u1?distro=trixie
Typedeb
Namespacedebian
Namephpldapadmin
Version1.2.6.3-0.3+deb12u1
Qualifiers
distro trixie
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version1.2.6.7-4
Latest_non_vulnerable_version1.2.6.7-4
Affected_by_vulnerabilities
0
url VCID-pfys-5bk6-kkgd
vulnerability_id VCID-pfys-5bk6-kkgd
summary A reflected cross-site scripting (XSS) vulnerability in the 'Entry Chooser' of phpLDAPadmin (version 1.2.1 through the latest version, 1.2.6.7) allows attackers to execute arbitrary JavaScript in the user's browser via the 'element' parameter, which is unsafely passed to the JavaScript 'eval' function. However, exploitation is limited to specific conditions where 'opener' is correctly set.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-9101
reference_id
reference_type
scores
0
value 0.00314
scoring_system epss
scoring_elements 0.54907
published_at 2026-06-06T12:55:00Z
1
value 0.00314
scoring_system epss
scoring_elements 0.54899
published_at 2026-06-09T12:55:00Z
2
value 0.00314
scoring_system epss
scoring_elements 0.54879
published_at 2026-06-08T12:55:00Z
3
value 0.00314
scoring_system epss
scoring_elements 0.54898
published_at 2026-06-07T12:55:00Z
4
value 0.00314
scoring_system epss
scoring_elements 0.54897
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-9101
1
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1090914
reference_id 1090914
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1090914
2
reference_url https://sourceforge.net/projects/phpldapadmin/files/phpldapadmin-php5/1.2.1/
reference_id 1.2.1
reference_type
scores
0
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-12-20T20:20:12Z/
url https://sourceforge.net/projects/phpldapadmin/files/phpldapadmin-php5/1.2.1/
3
reference_url https://github.com/leenooks/phpLDAPadmin/blob/master/htdocs/entry_chooser.php
reference_id entry_chooser.php
reference_type
scores
0
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-12-20T20:20:12Z/
url https://github.com/leenooks/phpLDAPadmin/blob/master/htdocs/entry_chooser.php
4
reference_url https://github.com/leenooks/phpLDAPadmin/commit/f713afc8d164169516c91b0988531f2accb9bce6#diff-c2d6d7678ada004e704ee055169395a58227aaec86a6f75fa74ca18ff49bca44R27
reference_id f713afc8d164169516c91b0988531f2accb9bce6#diff-c2d6d7678ada004e704ee055169395a58227aaec86a6f75fa74ca18ff49bca44R27
reference_type
scores
0
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-12-20T20:20:12Z/
url https://github.com/leenooks/phpLDAPadmin/commit/f713afc8d164169516c91b0988531f2accb9bce6#diff-c2d6d7678ada004e704ee055169395a58227aaec86a6f75fa74ca18ff49bca44R27
5
reference_url https://www.redguard.ch/blog/2024/12/19/security-advisory-phpldapadmin/
reference_id security-advisory-phpldapadmin
reference_type
scores
0
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-12-20T20:20:12Z/
url https://www.redguard.ch/blog/2024/12/19/security-advisory-phpldapadmin/
fixed_packages
0
url pkg:deb/debian/phpldapadmin@1.2.6.7-4?distro=trixie
purl pkg:deb/debian/phpldapadmin@1.2.6.7-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpldapadmin@1.2.6.7-4%3Fdistro=trixie
aliases CVE-2024-9101
risk_score 0.9
exploitability 0.5
weighted_severity 1.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pfys-5bk6-kkgd
Fixing_vulnerabilities
0
url VCID-2g51-4nua-jbea
vulnerability_id VCID-2g51-4nua-jbea
summary phpldapadmin before 0.9.6c allows remote attackers to gain anonymous access to the LDAP server, even when disable_anon_bind is set, via an HTTP request to login.php with the anonymous_bind parameter set.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2005-2654
reference_id
reference_type
scores
0
value 0.00769
scoring_system epss
scoring_elements 0.73863
published_at 2026-06-04T12:55:00Z
1
value 0.00769
scoring_system epss
scoring_elements 0.739
published_at 2026-06-05T12:55:00Z
2
value 0.00769
scoring_system epss
scoring_elements 0.73905
published_at 2026-06-06T12:55:00Z
3
value 0.00769
scoring_system epss
scoring_elements 0.73891
published_at 2026-06-07T12:55:00Z
4
value 0.00769
scoring_system epss
scoring_elements 0.73874
published_at 2026-06-08T12:55:00Z
5
value 0.00769
scoring_system epss
scoring_elements 0.73901
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2005-2654
1
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=322423
reference_id 322423
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=322423
fixed_packages
0
url pkg:deb/debian/phpldapadmin@0.9.6c-5?distro=trixie
purl pkg:deb/debian/phpldapadmin@0.9.6c-5?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpldapadmin@0.9.6c-5%3Fdistro=trixie
1
url pkg:deb/debian/phpldapadmin@1.2.6.3-0.3%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpldapadmin@1.2.6.3-0.3%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-pfys-5bk6-kkgd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpldapadmin@1.2.6.3-0.3%252Bdeb12u1%3Fdistro=trixie
2
url pkg:deb/debian/phpldapadmin@1.2.6.7-4?distro=trixie
purl pkg:deb/debian/phpldapadmin@1.2.6.7-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpldapadmin@1.2.6.7-4%3Fdistro=trixie
aliases CVE-2005-2654
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2g51-4nua-jbea
1
url VCID-3unu-8bdf-u3fu
vulnerability_id VCID-3unu-8bdf-u3fu
summary Cross-site scripting (XSS) vulnerability in lib/QueryRender.php in phpLDAPadmin 1.2.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the base parameter in a query_engine action to cmd.php.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-0834
reference_id
reference_type
scores
0
value 0.06035
scoring_system epss
scoring_elements 0.90881
published_at 2026-06-04T12:55:00Z
1
value 0.06035
scoring_system epss
scoring_elements 0.90895
published_at 2026-06-06T12:55:00Z
2
value 0.06035
scoring_system epss
scoring_elements 0.90892
published_at 2026-06-07T12:55:00Z
3
value 0.06035
scoring_system epss
scoring_elements 0.90889
published_at 2026-06-08T12:55:00Z
4
value 0.06035
scoring_system epss
scoring_elements 0.90904
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-0834
1
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=658907
reference_id 658907
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=658907
2
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/36654.txt
reference_id CVE-2012-0834;OSVDB-78743
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/36654.txt
3
reference_url https://www.securityfocus.com/bid/51793/info
reference_id CVE-2012-0834;OSVDB-78743
reference_type exploit
scores
url https://www.securityfocus.com/bid/51793/info
fixed_packages
0
url pkg:deb/debian/phpldapadmin@1.2.2-1?distro=trixie
purl pkg:deb/debian/phpldapadmin@1.2.2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpldapadmin@1.2.2-1%3Fdistro=trixie
1
url pkg:deb/debian/phpldapadmin@1.2.6.3-0.3%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpldapadmin@1.2.6.3-0.3%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-pfys-5bk6-kkgd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpldapadmin@1.2.6.3-0.3%252Bdeb12u1%3Fdistro=trixie
2
url pkg:deb/debian/phpldapadmin@1.2.6.7-4?distro=trixie
purl pkg:deb/debian/phpldapadmin@1.2.6.7-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpldapadmin@1.2.6.7-4%3Fdistro=trixie
aliases CVE-2012-0834
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3unu-8bdf-u3fu
2
url VCID-47ys-64er-m7ch
vulnerability_id VCID-47ys-64er-m7ch
summary Directory traversal vulnerability in cmd.php in phpLDAPadmin 1.1.0.5 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the cmd parameter.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4427.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4427.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2009-4427
reference_id
reference_type
scores
0
value 0.18921
scoring_system epss
scoring_elements 0.95435
published_at 2026-06-04T12:55:00Z
1
value 0.18921
scoring_system epss
scoring_elements 0.95442
published_at 2026-06-05T12:55:00Z
2
value 0.18921
scoring_system epss
scoring_elements 0.95445
published_at 2026-06-06T12:55:00Z
3
value 0.18921
scoring_system epss
scoring_elements 0.95447
published_at 2026-06-07T12:55:00Z
4
value 0.18921
scoring_system epss
scoring_elements 0.95448
published_at 2026-06-08T12:55:00Z
5
value 0.18921
scoring_system epss
scoring_elements 0.95452
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2009-4427
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=549559
reference_id 549559
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=549559
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=561975
reference_id 561975
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=561975
4
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/10410.txt
reference_id OSVDB-61139;CVE-2009-4427
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/10410.txt
fixed_packages
0
url pkg:deb/debian/phpldapadmin@1.1.0.7-1.1?distro=trixie
purl pkg:deb/debian/phpldapadmin@1.1.0.7-1.1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpldapadmin@1.1.0.7-1.1%3Fdistro=trixie
1
url pkg:deb/debian/phpldapadmin@1.2.6.3-0.3%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpldapadmin@1.2.6.3-0.3%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-pfys-5bk6-kkgd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpldapadmin@1.2.6.3-0.3%252Bdeb12u1%3Fdistro=trixie
2
url pkg:deb/debian/phpldapadmin@1.2.6.7-4?distro=trixie
purl pkg:deb/debian/phpldapadmin@1.2.6.7-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpldapadmin@1.2.6.7-4%3Fdistro=trixie
aliases CVE-2009-4427
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-47ys-64er-m7ch
3
url VCID-5ywq-zhuj-wbhd
vulnerability_id VCID-5ywq-zhuj-wbhd
summary A Cross-Site Scripting (XSS) vulnerability exists in LDAP Account Manager (LAM) Pro 3.6 in the export, add_value_form, and dn parameters to cmd.php.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-1115
reference_id
reference_type
scores
0
value 0.0084
scoring_system epss
scoring_elements 0.75067
published_at 2026-06-04T12:55:00Z
1
value 0.0084
scoring_system epss
scoring_elements 0.75096
published_at 2026-06-05T12:55:00Z
2
value 0.0084
scoring_system epss
scoring_elements 0.751
published_at 2026-06-06T12:55:00Z
3
value 0.0084
scoring_system epss
scoring_elements 0.75092
published_at 2026-06-07T12:55:00Z
4
value 0.0084
scoring_system epss
scoring_elements 0.75078
published_at 2026-06-08T12:55:00Z
5
value 0.0084
scoring_system epss
scoring_elements 0.75105
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-1115
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1115
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1115
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=661904
reference_id 661904
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=661904
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=662050
reference_id 662050
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=662050
fixed_packages
0
url pkg:deb/debian/phpldapadmin@1.2.2-3?distro=trixie
purl pkg:deb/debian/phpldapadmin@1.2.2-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpldapadmin@1.2.2-3%3Fdistro=trixie
1
url pkg:deb/debian/phpldapadmin@1.2.6.3-0.3%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpldapadmin@1.2.6.3-0.3%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-pfys-5bk6-kkgd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpldapadmin@1.2.6.3-0.3%252Bdeb12u1%3Fdistro=trixie
2
url pkg:deb/debian/phpldapadmin@1.2.6.7-4?distro=trixie
purl pkg:deb/debian/phpldapadmin@1.2.6.7-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpldapadmin@1.2.6.7-4%3Fdistro=trixie
aliases CVE-2012-1115
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5ywq-zhuj-wbhd
4
url VCID-87py-9pum-1kg1
vulnerability_id VCID-87py-9pum-1kg1
summary phpLDAPadmin through 1.2.3 has XSS in htdocs/entry_chooser.php via the form, element, rdn, or container parameter.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-11107
reference_id
reference_type
scores
0
value 0.00032
scoring_system epss
scoring_elements 0.09557
published_at 2026-06-09T12:55:00Z
1
value 0.00044
scoring_system epss
scoring_elements 0.14027
published_at 2026-06-06T12:55:00Z
2
value 0.00044
scoring_system epss
scoring_elements 0.1399
published_at 2026-06-07T12:55:00Z
3
value 0.00044
scoring_system epss
scoring_elements 0.13906
published_at 2026-06-08T12:55:00Z
4
value 0.00082
scoring_system epss
scoring_elements 0.24009
published_at 2026-06-04T12:55:00Z
5
value 0.00082
scoring_system epss
scoring_elements 0.24106
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-11107
1
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867719
reference_id 867719
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867719
2
reference_url https://usn.ubuntu.com/4620-1/
reference_id USN-4620-1
reference_type
scores
url https://usn.ubuntu.com/4620-1/
fixed_packages
0
url pkg:deb/debian/phpldapadmin@1.2.2-6.2?distro=trixie
purl pkg:deb/debian/phpldapadmin@1.2.2-6.2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpldapadmin@1.2.2-6.2%3Fdistro=trixie
1
url pkg:deb/debian/phpldapadmin@1.2.6.3-0.3%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpldapadmin@1.2.6.3-0.3%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-pfys-5bk6-kkgd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpldapadmin@1.2.6.3-0.3%252Bdeb12u1%3Fdistro=trixie
2
url pkg:deb/debian/phpldapadmin@1.2.6.7-4?distro=trixie
purl pkg:deb/debian/phpldapadmin@1.2.6.7-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpldapadmin@1.2.6.7-4%3Fdistro=trixie
aliases CVE-2017-11107
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-87py-9pum-1kg1
5
url VCID-esgk-7sdb-vuay
vulnerability_id VCID-esgk-7sdb-vuay
summary A Cross-Site Scripting (XSS) vulnerability exists in LDAP Account Manager (LAM) Pro 3.6 in the filter parameter to cmd.php in an export and exporter_id action. and the filteruid parameter to list.php.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-1114
reference_id
reference_type
scores
0
value 0.0084
scoring_system epss
scoring_elements 0.75067
published_at 2026-06-04T12:55:00Z
1
value 0.0084
scoring_system epss
scoring_elements 0.75096
published_at 2026-06-05T12:55:00Z
2
value 0.0084
scoring_system epss
scoring_elements 0.751
published_at 2026-06-06T12:55:00Z
3
value 0.0084
scoring_system epss
scoring_elements 0.75092
published_at 2026-06-07T12:55:00Z
4
value 0.0084
scoring_system epss
scoring_elements 0.75078
published_at 2026-06-08T12:55:00Z
5
value 0.0084
scoring_system epss
scoring_elements 0.75105
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-1114
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1114
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1114
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=661904
reference_id 661904
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=661904
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=662050
reference_id 662050
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=662050
fixed_packages
0
url pkg:deb/debian/phpldapadmin@1.2.2-3?distro=trixie
purl pkg:deb/debian/phpldapadmin@1.2.2-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpldapadmin@1.2.2-3%3Fdistro=trixie
1
url pkg:deb/debian/phpldapadmin@1.2.6.3-0.3%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpldapadmin@1.2.6.3-0.3%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-pfys-5bk6-kkgd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpldapadmin@1.2.6.3-0.3%252Bdeb12u1%3Fdistro=trixie
2
url pkg:deb/debian/phpldapadmin@1.2.6.7-4?distro=trixie
purl pkg:deb/debian/phpldapadmin@1.2.6.7-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpldapadmin@1.2.6.7-4%3Fdistro=trixie
aliases CVE-2012-1114
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-esgk-7sdb-vuay
6
url VCID-h1sj-yd7c-j7gc
vulnerability_id VCID-h1sj-yd7c-j7gc
summary The masort function in lib/functions.php in phpLDAPadmin 1.2.x before 1.2.2 allows remote attackers to execute arbitrary PHP code via the orderby parameter (aka sortby variable) in a query_engine action to cmd.php, as exploited in the wild in October 2011.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-4075
reference_id
reference_type
scores
0
value 0.84398
scoring_system epss
scoring_elements 0.99336
published_at 2026-06-04T12:55:00Z
1
value 0.84398
scoring_system epss
scoring_elements 0.99337
published_at 2026-06-05T12:55:00Z
2
value 0.84398
scoring_system epss
scoring_elements 0.99339
published_at 2026-06-09T12:55:00Z
3
value 0.84398
scoring_system epss
scoring_elements 0.99338
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-4075
1
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=646754
reference_id 646754
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=646754
2
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/18031.rb
reference_id CVE-2011-4075;OSVDB-76594
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/18031.rb
fixed_packages
0
url pkg:deb/debian/phpldapadmin@1.2.0.5-2.1?distro=trixie
purl pkg:deb/debian/phpldapadmin@1.2.0.5-2.1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpldapadmin@1.2.0.5-2.1%3Fdistro=trixie
1
url pkg:deb/debian/phpldapadmin@1.2.6.3-0.3%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpldapadmin@1.2.6.3-0.3%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-pfys-5bk6-kkgd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpldapadmin@1.2.6.3-0.3%252Bdeb12u1%3Fdistro=trixie
2
url pkg:deb/debian/phpldapadmin@1.2.6.7-4?distro=trixie
purl pkg:deb/debian/phpldapadmin@1.2.6.7-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpldapadmin@1.2.6.7-4%3Fdistro=trixie
aliases CVE-2011-4075
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h1sj-yd7c-j7gc
7
url VCID-jz1u-pwhw-qke4
vulnerability_id VCID-jz1u-pwhw-qke4
summary A vulnerability classified as critical was found in mhuertos phpLDAPadmin up to 665dbc2690ebeb5392d38f1fece0a654225a0b38. Affected by this vulnerability is the function makeHttpRequest of the file htdocs/js/ajax_functions.js. The manipulation leads to http request smuggling. The attack can be launched remotely. This product does not use versioning. This is why information about affected and unaffected releases are unavailable. The patch is named dd6e9583a2eb2ca085583765e8a63df5904cb036. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-270523.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-15039
reference_id
reference_type
scores
0
value 0.00104
scoring_system epss
scoring_elements 0.27929
published_at 2026-06-04T12:55:00Z
1
value 0.00104
scoring_system epss
scoring_elements 0.27998
published_at 2026-06-05T12:55:00Z
2
value 0.00104
scoring_system epss
scoring_elements 0.27948
published_at 2026-06-06T12:55:00Z
3
value 0.00104
scoring_system epss
scoring_elements 0.27911
published_at 2026-06-07T12:55:00Z
4
value 0.00104
scoring_system epss
scoring_elements 0.27867
published_at 2026-06-08T12:55:00Z
5
value 0.00104
scoring_system epss
scoring_elements 0.27875
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-15039
1
reference_url https://vuldb.com/?ctiid.270523
reference_id ?ctiid.270523
reference_type
scores
0
value 6.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:P/I:P/A:P
1
value 6.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
2
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
3
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-11T15:04:41Z/
url https://vuldb.com/?ctiid.270523
2
reference_url https://github.com/mhuertos/phpLDAPadmin/commit/dd6e9583a2eb2ca085583765e8a63df5904cb036
reference_id dd6e9583a2eb2ca085583765e8a63df5904cb036
reference_type
scores
0
value 6.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:P/I:P/A:P
1
value 6.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
2
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
3
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-11T15:04:41Z/
url https://github.com/mhuertos/phpLDAPadmin/commit/dd6e9583a2eb2ca085583765e8a63df5904cb036
3
reference_url https://vuldb.com/?id.270523
reference_id ?id.270523
reference_type
scores
0
value 6.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:P/I:P/A:P
1
value 6.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
2
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
3
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-11T15:04:41Z/
url https://vuldb.com/?id.270523
fixed_packages
0
url pkg:deb/debian/phpldapadmin@1.2.6.3-0.1?distro=trixie
purl pkg:deb/debian/phpldapadmin@1.2.6.3-0.1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpldapadmin@1.2.6.3-0.1%3Fdistro=trixie
1
url pkg:deb/debian/phpldapadmin@1.2.6.3-0.3%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpldapadmin@1.2.6.3-0.3%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-pfys-5bk6-kkgd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpldapadmin@1.2.6.3-0.3%252Bdeb12u1%3Fdistro=trixie
2
url pkg:deb/debian/phpldapadmin@1.2.6.7-4?distro=trixie
purl pkg:deb/debian/phpldapadmin@1.2.6.7-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpldapadmin@1.2.6.7-4%3Fdistro=trixie
aliases CVE-2016-15039
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jz1u-pwhw-qke4
8
url VCID-kpjm-ugas-g7er
vulnerability_id VCID-kpjm-ugas-g7er
summary Multiple cross-site scripting (XSS) vulnerabilities in phpLDAPadmin 0.9.8 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) dn parameter in (a) compare_form.php, (b) copy_form.php, (c) rename_form.php, (d) template_engine.php, and (e) delete_form.php; (2) scope parameter in (f) search.php; and (3) Container DN, (4) Machine Name, and (5) UID Number fields in (g) template_engine.php.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2006-2016
reference_id
reference_type
scores
0
value 0.21986
scoring_system epss
scoring_elements 0.9588
published_at 2026-06-04T12:55:00Z
1
value 0.21986
scoring_system epss
scoring_elements 0.95884
published_at 2026-06-05T12:55:00Z
2
value 0.21986
scoring_system epss
scoring_elements 0.95887
published_at 2026-06-08T12:55:00Z
3
value 0.21986
scoring_system epss
scoring_elements 0.95893
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2006-2016
1
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=365313
reference_id 365313
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=365313
2
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/27717.txt
reference_id CVE-2006-2016;OSVDB-24788
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/27717.txt
3
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/27718.txt
reference_id CVE-2006-2016;OSVDB-24789
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/27718.txt
4
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/27719.txt
reference_id CVE-2006-2016;OSVDB-24790
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/27719.txt
5
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/27721.txt
reference_id CVE-2006-2016;OSVDB-24793
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/27721.txt
6
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/27722.txt
reference_id CVE-2006-2016;OSVDB-24794
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/27722.txt
7
reference_url https://www.securityfocus.com/bid/17643/info
reference_id CVE-2006-2016;OSVDB-24794
reference_type exploit
scores
url https://www.securityfocus.com/bid/17643/info
fixed_packages
0
url pkg:deb/debian/phpldapadmin@0.9.8.3-1?distro=trixie
purl pkg:deb/debian/phpldapadmin@0.9.8.3-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpldapadmin@0.9.8.3-1%3Fdistro=trixie
1
url pkg:deb/debian/phpldapadmin@1.2.6.3-0.3%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpldapadmin@1.2.6.3-0.3%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-pfys-5bk6-kkgd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpldapadmin@1.2.6.3-0.3%252Bdeb12u1%3Fdistro=trixie
2
url pkg:deb/debian/phpldapadmin@1.2.6.7-4?distro=trixie
purl pkg:deb/debian/phpldapadmin@1.2.6.7-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpldapadmin@1.2.6.7-4%3Fdistro=trixie
aliases CVE-2006-2016
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kpjm-ugas-g7er
9
url VCID-kqpp-gs8v-jugj
vulnerability_id VCID-kqpp-gs8v-jugj
summary cross-site scripting
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-35132
reference_id
reference_type
scores
0
value 0.00538
scoring_system epss
scoring_elements 0.67931
published_at 2026-06-06T12:55:00Z
1
value 0.00538
scoring_system epss
scoring_elements 0.67884
published_at 2026-06-04T12:55:00Z
2
value 0.00538
scoring_system epss
scoring_elements 0.67924
published_at 2026-06-05T12:55:00Z
3
value 0.00538
scoring_system epss
scoring_elements 0.67923
published_at 2026-06-09T12:55:00Z
4
value 0.00538
scoring_system epss
scoring_elements 0.67921
published_at 2026-06-07T12:55:00Z
5
value 0.00538
scoring_system epss
scoring_elements 0.67908
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-35132
1
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987355
reference_id 987355
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987355
2
reference_url https://security.archlinux.org/AVG-1346
reference_id AVG-1346
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1346
fixed_packages
0
url pkg:deb/debian/phpldapadmin@1.2.6.3-0.3?distro=trixie
purl pkg:deb/debian/phpldapadmin@1.2.6.3-0.3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpldapadmin@1.2.6.3-0.3%3Fdistro=trixie
1
url pkg:deb/debian/phpldapadmin@1.2.6.3-0.3%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpldapadmin@1.2.6.3-0.3%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-pfys-5bk6-kkgd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpldapadmin@1.2.6.3-0.3%252Bdeb12u1%3Fdistro=trixie
2
url pkg:deb/debian/phpldapadmin@1.2.6.7-4?distro=trixie
purl pkg:deb/debian/phpldapadmin@1.2.6.7-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpldapadmin@1.2.6.7-4%3Fdistro=trixie
aliases CVE-2020-35132
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kqpp-gs8v-jugj
10
url VCID-nff1-s61e-g7he
vulnerability_id VCID-nff1-s61e-g7he
summary Directory traversal vulnerability in welcome.php in phpLDAPadmin 0.9.6 and 0.9.7 allows remote attackers to read arbitrary files via a .. (dot dot) in the custom_welcome_page parameter.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2005-2792
reference_id
reference_type
scores
0
value 0.13987
scoring_system epss
scoring_elements 0.94467
published_at 2026-06-04T12:55:00Z
1
value 0.13987
scoring_system epss
scoring_elements 0.94475
published_at 2026-06-05T12:55:00Z
2
value 0.13987
scoring_system epss
scoring_elements 0.94477
published_at 2026-06-06T12:55:00Z
3
value 0.13987
scoring_system epss
scoring_elements 0.94478
published_at 2026-06-07T12:55:00Z
4
value 0.13987
scoring_system epss
scoring_elements 0.94479
published_at 2026-06-08T12:55:00Z
5
value 0.13987
scoring_system epss
scoring_elements 0.94484
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2005-2792
1
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=325785
reference_id 325785
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=325785
2
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/26211.txt
reference_id CVE-2005-2792;OSVDB-19068
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/26211.txt
3
reference_url https://www.securityfocus.com/bid/14695/info
reference_id CVE-2005-2792;OSVDB-19068
reference_type exploit
scores
url https://www.securityfocus.com/bid/14695/info
fixed_packages
0
url pkg:deb/debian/phpldapadmin@0.9.6c-7?distro=trixie
purl pkg:deb/debian/phpldapadmin@0.9.6c-7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpldapadmin@0.9.6c-7%3Fdistro=trixie
1
url pkg:deb/debian/phpldapadmin@1.2.6.3-0.3%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpldapadmin@1.2.6.3-0.3%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-pfys-5bk6-kkgd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpldapadmin@1.2.6.3-0.3%252Bdeb12u1%3Fdistro=trixie
2
url pkg:deb/debian/phpldapadmin@1.2.6.7-4?distro=trixie
purl pkg:deb/debian/phpldapadmin@1.2.6.7-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpldapadmin@1.2.6.7-4%3Fdistro=trixie
aliases CVE-2005-2792
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nff1-s61e-g7he
11
url VCID-rmch-n5v1-rfdj
vulnerability_id VCID-rmch-n5v1-rfdj
summary A local file inclusion flaw was found in the way the phpLDAPadmin before 0.9.8 processed certain values of the "Accept-Language" HTTP header. A remote attacker could use this flaw to cause a denial of service via specially-crafted request.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-4082
reference_id
reference_type
scores
0
value 0.00922
scoring_system epss
scoring_elements 0.76363
published_at 2026-06-04T12:55:00Z
1
value 0.00922
scoring_system epss
scoring_elements 0.76391
published_at 2026-06-05T12:55:00Z
2
value 0.00922
scoring_system epss
scoring_elements 0.76392
published_at 2026-06-06T12:55:00Z
3
value 0.00922
scoring_system epss
scoring_elements 0.76383
published_at 2026-06-07T12:55:00Z
4
value 0.00922
scoring_system epss
scoring_elements 0.76372
published_at 2026-06-08T12:55:00Z
5
value 0.00922
scoring_system epss
scoring_elements 0.76395
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-4082
fixed_packages
0
url pkg:deb/debian/phpldapadmin@0.9.8-1?distro=trixie
purl pkg:deb/debian/phpldapadmin@0.9.8-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpldapadmin@0.9.8-1%3Fdistro=trixie
1
url pkg:deb/debian/phpldapadmin@1.2.6.3-0.3%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpldapadmin@1.2.6.3-0.3%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-pfys-5bk6-kkgd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpldapadmin@1.2.6.3-0.3%252Bdeb12u1%3Fdistro=trixie
2
url pkg:deb/debian/phpldapadmin@1.2.6.7-4?distro=trixie
purl pkg:deb/debian/phpldapadmin@1.2.6.7-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpldapadmin@1.2.6.7-4%3Fdistro=trixie
aliases CVE-2011-4082
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rmch-n5v1-rfdj
12
url VCID-spb8-655j-nkaq
vulnerability_id VCID-spb8-655j-nkaq
summary PHP remote file inclusion vulnerability in welcome.php in phpLDAPadmin 0.9.6 and 0.9.7 allows remote attackers to execute arbitrary PHP code via the custom_welcome_page parameter.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2005-2793
reference_id
reference_type
scores
0
value 0.02938
scoring_system epss
scoring_elements 0.86694
published_at 2026-06-04T12:55:00Z
1
value 0.02938
scoring_system epss
scoring_elements 0.86716
published_at 2026-06-05T12:55:00Z
2
value 0.02938
scoring_system epss
scoring_elements 0.86715
published_at 2026-06-06T12:55:00Z
3
value 0.02938
scoring_system epss
scoring_elements 0.86711
published_at 2026-06-07T12:55:00Z
4
value 0.02938
scoring_system epss
scoring_elements 0.86701
published_at 2026-06-08T12:55:00Z
5
value 0.02938
scoring_system epss
scoring_elements 0.86713
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2005-2793
1
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=325785
reference_id 325785
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=325785
fixed_packages
0
url pkg:deb/debian/phpldapadmin@0.9.6c-7?distro=trixie
purl pkg:deb/debian/phpldapadmin@0.9.6c-7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpldapadmin@0.9.6c-7%3Fdistro=trixie
1
url pkg:deb/debian/phpldapadmin@1.2.6.3-0.3%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpldapadmin@1.2.6.3-0.3%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-pfys-5bk6-kkgd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpldapadmin@1.2.6.3-0.3%252Bdeb12u1%3Fdistro=trixie
2
url pkg:deb/debian/phpldapadmin@1.2.6.7-4?distro=trixie
purl pkg:deb/debian/phpldapadmin@1.2.6.7-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpldapadmin@1.2.6.7-4%3Fdistro=trixie
aliases CVE-2005-2793
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-spb8-655j-nkaq
13
url VCID-v1zp-psgp-vfh5
vulnerability_id VCID-v1zp-psgp-vfh5
summary Cross-site scripting (XSS) vulnerability in cmd.php in phpLDAPadmin 1.2.x before 1.2.2 allows remote attackers to inject arbitrary web script or HTML via an _debug command.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-4074
reference_id
reference_type
scores
0
value 0.11833
scoring_system epss
scoring_elements 0.93852
published_at 2026-06-04T12:55:00Z
1
value 0.11833
scoring_system epss
scoring_elements 0.93862
published_at 2026-06-05T12:55:00Z
2
value 0.11833
scoring_system epss
scoring_elements 0.93861
published_at 2026-06-07T12:55:00Z
3
value 0.11833
scoring_system epss
scoring_elements 0.9386
published_at 2026-06-08T12:55:00Z
4
value 0.11833
scoring_system epss
scoring_elements 0.93865
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-4074
1
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=646769
reference_id 646769
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=646769
2
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/18021.php
reference_id CVE-2011-4075;OSVDB-76594;CVE-2011-4074;OSVDB-76593
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/18021.php
fixed_packages
0
url pkg:deb/debian/phpldapadmin@1.2.0.5-2.1?distro=trixie
purl pkg:deb/debian/phpldapadmin@1.2.0.5-2.1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpldapadmin@1.2.0.5-2.1%3Fdistro=trixie
1
url pkg:deb/debian/phpldapadmin@1.2.6.3-0.3%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpldapadmin@1.2.6.3-0.3%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-pfys-5bk6-kkgd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpldapadmin@1.2.6.3-0.3%252Bdeb12u1%3Fdistro=trixie
2
url pkg:deb/debian/phpldapadmin@1.2.6.7-4?distro=trixie
purl pkg:deb/debian/phpldapadmin@1.2.6.7-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpldapadmin@1.2.6.7-4%3Fdistro=trixie
aliases CVE-2011-4074
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v1zp-psgp-vfh5
Risk_score0.9
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/phpldapadmin@1.2.6.3-0.3%252Bdeb12u1%3Fdistro=trixie