Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-90

CWE-90

Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection')

Parent: CWE-943 - Improper Neutralization of Special Elements in Data Query Logic

The product constructs all or part of an LDAP query using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended LDAP query when it is sent to a downstream component.

56 vulnerabilities with CWE-90

CVE-2024-54852 CRITICAL

Sismics Teedy < 1.12 - LDAP Injection

CVE-2024-56841 HIGH

Mendix LDAP <V1.1.2 - LDAP Injection

CVE-2024-27310 MEDIUM

Zoho ManageEngine ASDSelfService Plus <6401 - DoS

CVE-2024-33868 CRITICAL

Linqi < 1.4.0.1 - LDAP Injection

CVE-2023-51446 MEDIUM

GLPI <10.0.12 - LDAP Injection

CVE-2023-31025 MEDIUM

NVIDIA DGX A100 BMC - Info Disclosure

CVE-2023-29050 HIGH

LDAP contacts provider - Info Disclosure

CVE-2023-6905 MEDIUM

Nxfilter - LDAP Injection

CVE-2023-3447 HIGH

WordPress <4.1.5 - LDAP Injection

CVE-2023-28853 HIGH

Mastodon <3.5.8, <4.0.4, <4.1.2 - SQL Injection

CVE-2022-4254 HIGH

Fedoraproject Sssd < 2.3.1 - LDAP Injection

CVE-2022-45910 MEDIUM

Apache Manifoldcf < 2.23 - Injection

CVE-2021-43782 MEDIUM

Tuleap - Privilege Escalation

CVE-2021-41276 MEDIUM

Tuleap - Privilege Escalation

CVE-2021-43350 CRITICAL

Apache Traffic Control - Info Disclosure

CVE-2021-41232 HIGH

Thunderdome <1.16.3 - Command Injection

CVE-2021-32651 LOW

OneDev <4.4.1 - Blind LDAP Injection

CVE-2020-5246 HIGH

Traccar < 4.9 - Injection

CVE-2020-5281 MEDIUM

Cesnet Perun < 3.9.1 - Incorrect Permission Assignment

CVE-2019-11277 HIGH

Cloudfoundry Cf-deployment < 11.1.0 - Injection

CVE-2019-4297 MEDIUM

IBM Robotic Process Automation with Automation Anywhere 11 - Comman...

CVE-2018-5730 LOW

MIT krb5 1.6+ - Privilege Escalation

CVE-2017-4927 HIGH

VMware vCenter Server <6.5 U1, <6.0 U3c - DoS

CVE-2017-14596 CRITICAL

Joomla! <3.8.0 - Info Disclosure

CVE-2017-8790 CRITICAL

Accellion File Transfer Appliance < 9_12_40 - LDAP Injection

Previous Page 2 of 3 Next

Details

Vulnerabilities 56

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy