📦 Ldap Account Manager

CVE-2024-23333 is a path injection vulnerability in LDAP Account Manager (LAM) that allows authenticated attackers to write arbitrary PHP code to web-accessible directories, leading to remote code exe...

CVE-2022-31084 is an arbitrary object instantiation vulnerability in LDAP Account Manager (LAM) that allows attackers to inject constructor arguments and potentially execute arbitrary code. This affec...

LDAP Account Manager versions before 8.0 contain a vulnerability where incorrect regular expressions allow uploading PHP scripts to the config/templates/pdf directory. This could lead to remote code e...

CVE-2022-24851 is a stored cross-site scripting (XSS) vulnerability in LDAP Account Manager (LAM) that allows authenticated attackers to inject malicious scripts into profile configurations. These scr...