CVE-2007-3193
CVE-2007-3193 · HIGH Severity
AV:N/AC:L/AU:N/C:C/I:C/A:C
lib/WikiUser/LDAP.php in PhpWiki before 1.3.13p1, when the configuration lacks a nonzero PASSWORD_LENGTH_MINIMUM, might allow remote attackers to bypass authentication via an empty password, which causes ldap_bind to return true when used with certain LDAP implementations.
Learn more about our Cis Benchmark Audit For Bind.