Netwin Surgeldap vulnerabilities
2 known vulnerabilities affecting netwin/surgeldap.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2004-2254P3HIGHCVSS 7.5PoCv1.0av1.0b+4 more2004-12-31
CVE-2004-2254 [HIGH] CVE-2004-2254: SurgeLDAP 1.0g (Build 12), and possibly other versions before 1.0h, allows remote attackers to bypas
SurgeLDAP 1.0g (Build 12), and possibly other versions before 1.0h, allows remote attackers to bypass authentication for the administration interface via a direct request to admin.cgi with a modified utoken parameter.
nvd
CVE-2004-2253P4MEDIUMCVSS 5.0PoCv1.0dv1.0e+1 more2004-12-31
CVE-2004-2253 [MEDIUM] CVE-2004-2253: Directory traversal vulnerability in user.cgi in SurgeLDAP 1.0g and earlier allows remote attackers
Directory traversal vulnerability in user.cgi in SurgeLDAP 1.0g and earlier allows remote attackers to read arbitrary files via a .. in the page parameter of the show command.
nvd