CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 2025/03/20 10:10 a.m.•40 views

CVE-2024-10719

CVE-2024-10719 affects phpipam 1.5.2, with a stored XSS in the circuits options feature. The vulnerability allows injecting malicious scripts via the option parameter in POST requests to /phpipam/app/admin/circuits/edit-options-submit.php, which can execute in the user’s browser and potentially l...

5.4CVSS3.1AI score0.00097EPSS

Cvelist•added 2025/03/20 10:10 a.m.•5 views

CVE-2024-10718 Cookie without Secure attribute in phpipam/phpipam

5.3CVSS0.00075EPSS

Vulnrichment•added 2025/03/20 10:10 a.m.•8 views

CVE-2024-10719 Stored Cross-site Scripting (XSS) in phpipam/phpipam

A stored cross-site scripting XSS vulnerability exists in phpipam version 1.5.2, specifically in the circuits options functionality. This vulnerability allows an attacker to inject malicious scripts via the 'option' parameter in the POST request to...

2.4CVSS3.1AI score0.00097EPSS

CVE•added 2025/03/20 10:9 a.m.•41 views

CVE-2024-10724

CVE-2024-10724 affects phpIPAM 1.5.2 (phpipam/phpipam). A stored XSS flaw exists in the Subnet NAT translations section when editing the Destination address, enabling injection of malicious code. The vulnerability is mitigated by upgrading to version 1.7.0 (fixed in 1.7.0). Connected sources conf...

5.4CVSS3.6AI score0.00144EPSS

Cvelist•added 2025/03/20 10:9 a.m.•9 views

CVE-2024-10724 Stored XSS in IPV6 Section in phpipam/phpipam

A stored cross-site scripting XSS vulnerability exists in phpipam/phpipam version 1.5.2, specifically in the Subnet NAT translations section when editing the Destination address. This vulnerability allows an attacker to execute malicious code. The issue is fixed in version 1.7.0...

3.5CVSS0.00144EPSS

Vulnrichment•added 2025/03/20 10:9 a.m.•21 views

CVE-2024-10724 Stored XSS in IPV6 Section in phpipam/phpipam

3.5CVSS3.6AI score0.00144EPSS

Vulnrichment•added 2025/03/20 10:9 a.m.•5 views

CVE-2024-10723 Stored XSS in phpipam/phpipam

A stored cross-site scripting XSS vulnerability was discovered in phpipam/phpipam version 1.5.2. This vulnerability allows an attacker to inject malicious scripts into the destination address field of the NAT tool, which can be executed when a user interacts with the field. The impact of this...

3.5CVSS3.8AI score0.00144EPSS

Cvelist•added 2025/03/20 10:9 a.m.•7 views

CVE-2024-10723 Stored XSS in phpipam/phpipam

3.5CVSS0.00144EPSS

CVE•added 2025/03/20 10:9 a.m.•42 views

CVE-2024-10723

CVE-2024-10723 describes a stored XSS in phpIPAM 1.5.2 where malicious scripts can be injected into the NAT tool’s destination address field and executed when interacted with. Reported impact includes cookie theft, unauthorized account access, and redirection to malicious sites. The vulnerability...

5.4CVSS5.5AI score0.00144EPSS

Vulnrichment•added 2025/03/20 10:9 a.m.•5 views

CVE-2024-10725 Stored Cross-site Scripting (XSS) in phpipam/phpipam

A stored cross-site scripting XSS vulnerability exists in phpipam/phpipam version 1.5.2. This vulnerability allows an attacker to inject malicious scripts into the application, which are then executed in the context of other users who view the affected pages. The issue occurs when editing the NAT...

3.5CVSS3.6AI score0.00144EPSS

Cvelist•added 2025/03/20 10:9 a.m.•8 views

CVE-2024-10725 Stored Cross-site Scripting (XSS) in phpipam/phpipam

3.5CVSS0.00144EPSS

CVE•added 2025/03/20 10:9 a.m.•42 views

CVE-2024-10725

CVE-2024-10725 describes a stored XSS in phpIPAM 1.5.2 when editing the NAT destination address, due to unsanitized user input. The impact per sources is that malicious scripts could be executed in other users’ browsers, potentially enabling data theft or account compromise. The vulnerability is ...

5.4CVSS3.6AI score0.00144EPSS

5.4CVSS3.8AI score0.00097EPSS

phpIPAM 跨站脚本漏洞

phpIPAM is the phpIPAM open source set of open source PHP and MySQL based IP address management applications IPAM. A cross-site scripting vulnerability exists in phpIPAM version 1.5.2, which stems from a stored cross-site scripting vulnerability in the circuits options feature, which allows an...

7.5CVSS5.4AI score0.00075EPSS

phpIPAM 安全漏洞

phpIPAM is the phpIPAM open source suite of open source PHP and MySQL based IP address management applications IPAM. A security vulnerability exists in phpIPAM version 1.5.1, which stems from an unset Secure attribute for sensitive cookies in an HTTPS session, which could result in a user agent...

CNNVD•added 2025/03/20 12:0 a.m.•2 views

phpIPAM 跨站脚本漏洞

phpIPAM is phpIPAM open source a set of open source PHP and MySQL based IP address management applications IPAM. A cross-site scripting vulnerability exists in phpIPAM version 1.5.2, which stems from a stored cross-site scripting vulnerability in the Subnet NAT translations section when editing a...

5.4CVSS4.5AI score0.00144EPSS

5.4CVSS4.3AI score0.00144EPSS

phpIPAM 跨站脚本漏洞

phpIPAM is phpIPAM open source a set of open source PHP and MySQL based IP address management application IPAM. A cross-site scripting vulnerability exists in phpIPAM version 1.5.2, which stems from a stored cross-site scripting vulnerability in the target address field of the NAT tool, which...

CNNVD•added 2025/03/20 12:0 a.m.•2 views

phpIPAM 跨站脚本漏洞

phpIPAM is phpIPAM open source a set of open source PHP and MySQL based IP address management application IPAM. A cross-site scripting vulnerability exists in phpIPAM version 1.5.2, which stems from a stored cross-site scripting vulnerability when editing a NAT destination address, which allows a...

5.4CVSS4.4AI score0.00144EPSS

8.2CVSS6.1AI score0.00159EPSS

phpIPAM 跨站脚本漏洞

phpIPAM is phpIPAM open source set of open source PHP and MySQL based IP address management application IPAM. A cross-site scripting vulnerability exists in phpIPAM version 1.5.2, which stems from the lack of effective filtering and escaping of user-supplied data in the Device Management section,...

CNNVD•added 2025/03/20 12:0 a.m.•2 views

phpIPAM 跨站脚本漏洞

5.4CVSS4.3AI score0.00144EPSS