CVE-2009-4427

EPSS 18.9%

phpldapadmin - remote file inclusion

發布日:2009/12/28修改日:2026/4/28

描述

Directory traversal vulnerability in cmd.php in phpLDAPadmin 1.1.0.5 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the cmd parameter.

受影響套件(2)

Debian/phpldapadminfrom 0, < 1.1.0.7-1.1
Debian/phpldapadminfrom 0, < 1.1.0.5-6+lenny1

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2009-4427