CVE-2009-4427
EPSS 18.9%phpldapadmin - remote file inclusion
Published: 12/28/2009Modified: 4/28/2026
Description
Directory traversal vulnerability in cmd.php in phpLDAPadmin 1.1.0.5 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the cmd parameter.
Affected packages (2)
- Debian/phpldapadminfrom 0, < 1.1.0.7-1.1
- Debian/phpldapadminfrom 0, < 1.1.0.5-6+lenny1