Unrated severityNVD Advisory· Published Jun 12, 2007· Updated Jun 16, 2026
CVE-2007-3193
CVE-2007-3193
Description
lib/WikiUser/LDAP.php in PhpWiki before 1.3.13p1, when the configuration lacks a nonzero PASSWORD_LENGTH_MINIMUM, might allow remote attackers to bypass authentication via an empty password, which causes ldap_bind to return true when used with certain LDAP implementations.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
10- secunia.com/advisories/25595nvdPatchVendor Advisory
- osvdb.org/37219nvd
- secunia.com/advisories/26784nvd
- secunia.com/advisories/26880nvd
- security.gentoo.org/glsa/glsa-200709-10.xmlnvd
- sourceforge.net/project/shownotes.phpnvd
- sourceforge.net/tracker/index.phpnvd
- www.debian.org/security/2007/dsa-1371nvd
- www.vupen.com/english/advisories/2007/2144nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/34819nvd
News mentions
0No linked articles in our index yet.