Browse all 3 CVE security advisories affecting phpldapadmin. AI-powered Chinese analysis, POCs, and references for each vulnerability.
phpLDAPadmin serves as a web-based LDAP management tool for administering directory services, primarily used in enterprise environments. Historically, it has been susceptible to multiple remote code execution vulnerabilities, cross-site scripting attacks, and privilege escalation flaws, often stemming from insufficient input validation and insecure session handling. The application's three recorded CVEs highlight persistent security concerns, particularly around authentication bypass and command injection. While no major public incidents have been widely documented, the recurring nature of these vulnerabilities underscores the importance of regular updates and hardening for organizations relying on this tool for critical directory service management.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-9102 | phpLDAPadmin: Improper Neutralization of Formula Elements — phpLDAPadminCWE-1236 | 8.8 | - | 2024-12-19 |
| CVE-2024-9101 | phpLDAPadmin: Reflected Cross-Site Scripting in entry_chooser.php — phpLDAPadminCWE-79 | 6.1 | - | 2024-12-19 |
| CVE-2011-4082 | phpLDAPadmin 资源管理错误漏洞 — phpldapadmin | 7.5 | - | 2019-11-26 |
This page lists every published CVE security advisory associated with phpldapadmin. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.