VYPR
Unrated severityNVD Advisory· Published Jun 12, 2007· Updated Jun 16, 2026

CVE-2007-3193

CVE-2007-3193

Description

lib/WikiUser/LDAP.php in PhpWiki before 1.3.13p1, when the configuration lacks a nonzero PASSWORD_LENGTH_MINIMUM, might allow remote attackers to bypass authentication via an empty password, which causes ldap_bind to return true when used with certain LDAP implementations.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Phpwiki/Phpwiki2 versions
    cpe:2.3:a:phpwiki:phpwiki:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:phpwiki:phpwiki:*:*:*:*:*:*:*:*range: <=1.3.13
    • (no CPE)range: <1.3.13p1

Patches

Vulnerability mechanics

References

10

News mentions

0

No linked articles in our index yet.