CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

89 matches found

CVE•added 2024/07/26 12:0 a.m.•54 views

CVE-2024-41357

CVE-2024-41357 affects phpIPAM version 1.6, with a Cross Site Scripting (XSS) vulnerability in the /app/admin/powerDNS/record-edit.php endpoint. The issue is confirmed across multiple feeds (NVD, Red Hat advisories, OSV, Exploit-DB) and relates to untrusted input handling in that file. The availa...

7.1CVSS6.1AI score0.02151EPSS

Exploits3References2Affected Software1

Cvelist•added 2024/07/26 12:0 a.m.•14 views

CVE-2024-41354

phpipam 1.6 is vulnerable to Cross Site Scripting XSS via /app/admin/widgets/edit.php...

0.00283EPSS

Exploits1References1

CVE•added 2024/07/26 12:0 a.m.•39 views

CVE-2024-41356

CVE-2024-41356 affects phpipam 1.6 with a Cross-Site Scripting (XSS) vulnerability in the file path app/admin/firewall-zones/zones-edit-network.php. Publicly available details confirm the affected product and the vulnerable component, and describe the impact as XSS. CVSS 3.1 vector: CVSS:3.1/AV:N...

4.7CVSS6.1AI score0.00415EPSS

Exploits1References1Affected Software1

BDU FSTEC•added 2023/11/22 12:0 a.m.•1 views

The vulnerability of the /users/ad-search-result.php web application for phpipam allows a violator to disclose protected information.

The vulnerability of the /users/ad-search-result.php web application for managing IP addresses in phpipam exists due to the failure to take measures to neutralize specific elements. Exploiting this vulnerability can allow a malicious actor to disclose protected information...

7.8CVSS7.1AI score0.0056EPSS

Exploits1References3Affected Software1

Vulnrichment•added 2022/11/02 12:0 a.m.•5 views

CVE-2022-3845 phpipam Import Preview import-load-data.php cross site scripting

A vulnerability has been found in phpipam and classified as problematic. Affected by this vulnerability is an unknown functionality of the file app/admin/import-export/import-load-data.php of the component Import Preview Handler. The manipulation leads to cross site scripting. The attack can be...

2.4CVSS6.3AI score0.00328EPSS

Exploits0References3

CNNVD•added 2022/04/04 12:0 a.m.•1 views

phpIPAM 安全漏洞

phpIPAM is an open source PHP and MySQL based IP address management application IPAM. A security vulnerability exists in versions prior to phpipam 1.4.6 that stems from incorrect authorization in the application...

6.5CVSS6.8AI score0.00226EPSS

Exploits1References3

CNNVD•added 2022/04/04 12:0 a.m.•2 views

phpIPAM 访问控制错误漏洞

phpIPAM is an open source PHP and MySQL based IP address management application IPAM. An access control error vulnerability exists in versions prior to phpipam 1.4.6. No information about this vulnerability is available at this time, please stay tuned to CNNVD or vendor announcements...

6.5CVSS6.8AI score0.0029EPSS

Exploits1References3

Positive Technologies•added 2022/03/25 12:0 a.m.•2 views

PT-2022-12701 · Phpipam · Phpipam

Name of the Vulnerable Software and Affected Versions: phpIPAM version 1.4.4 Description: The issue allows for Reflected XSS and CSRF attacks via the "app/admin/subnets/find free section subnets.php" endpoint of the subnets functionality. Recommendations: For phpIPAM version 1.4.4, consider...

6.1CVSS6.1AI score0.00572EPSS

Exploits3References10

CNNVD•added 2022/01/19 12:0 a.m.•2 views

phpIPAM 跨站脚本漏洞

phpIPAM is an open source PHP and MySQL-based IP address management application IPAM. phpIPAM in v1.4.4 is vulnerable to a cross-site scripting vulnerability that stems from a lack of user-supplied data and output data validation filtering in the Site title parameter when updating site settings. ...

4.8CVSS5.6AI score0.00328EPSS

Exploits1References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by