This script is Copyright (C) 2006-2014 Tenable Network Security, Inc.
The remote FreeBSD host is missing a security-related update.
Secunia reports :
phpLDAPadmin have some vulnerabilities, which can be exploited by
malicious users to conduct script insertion attacks and by malicious
people to conduct cross-site scripting attacks.
1) Some input isn't properly sanitised before being returned to the
user. This can be exploited to execute arbitrary HTML and script code
in a user's browser session in context of an affected site.
2) Input passed to the 'Container DN', 'Machine Name', and 'UID
Number' parameters in 'template_engine.php' isn't properly sanitised
before being used. This can be exploited to inject arbitrary HTML and
script code, which will be executed in a user's browser session in
context of an affected site when the malicious user data is viewed.
See also :
Update the affected package.
Risk factor :
Low / CVSS Base Score : 2.6