Ltb-projectCVEs & Vulnerabilities
2 CVEs affecting Ltb-project products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.
2 CVEs→ All vendors
Most Affected Products
ldap tool box self service password 1self service password 1
CVE-2023-49032CRITICAL
An issue in LTB Self Service Password before v.1.5.4 allows a remote attacker to execute arbitrary code and obtain sensitive information via hijack of the SMS verification code function to arbitrary phone.
21 Dec 2023
9.8
CVSS
CVE-2018-12421CRITICAL
LTB (aka LDAP Tool Box) Self Service Password before 1.3 allows a change to a user password (without knowing the old password) via a crafted POST request, because the ldap_bind return value is mishandled and the PHP data type is not constrained to be a string.
14 Jun 2018
9.8
CVSS
← PrevPage 1 / 1Next →