Description
PHP remote file inclusion vulnerability in ldap.php in Brian Drawert Yet Another PHP LDAP Admin Project (yaplap) 0.6 and 0.6.1 allows remote attackers to execute arbitrary PHP code via a URL in the LOGIN_style parameter.
Affected products
- brian_drawert / yaplap0.6 – 0.6
- brian_drawert / yaplap0.6.1 – 0.6.1