Directory traversal vulnerability in welcome.php in phpLDAPadmin 0.9.6 and 0.9.7 allows remote attackers to read arbitrary files via a .. (dot dot) in the custom_welcome_page parameter.
Software | From | Fixed in |
---|---|---|
phpldapadmin_project / phpldapadmin | 0.9.6 | 0.9.6.x |
phpldapadmin_project / phpldapadmin | 0.9.7 | 0.9.7.x |