This script is possibly vulnerable to LDAP Injection attacks.

Lightweight Directory Access Protocol (LDAP) is an open-standard protocol for both querying and manipulating X.500 directory services. When a web application fails to properly sanitize user-supplied input, it is possible for an attacker to alter the construction of an LDAP statement.


Your script should filter metacharacters from user input.


Related Vulnerabilities