VULHUB ™

An information disclosure weakness has been reported for eL DAPo. The issue exists in the login.php script used by eL DAPo. Specifically, when sending authentication information to query LDAP servers, any information submitted may be visible in URI parameters. It is possible to exploit this weakness to obtain authentication credentials of unsuspecting users.

An information disclosure weakness has been reported for eL DAPo. The issue exists in the login.php script used by eL DAPo. Specifically, when sending authentication information to query LDAP servers, any information submitted may be visible in URI parameters. It is possible to exploit this weakness to obtain authentication credentials of unsuspecting users.