501 matches found
CVE-2024-41356
phpipam 1.6 is vulnerable to Cross Site Scripting XSS via app\admin\firewall-zones\zones-edit-network.php...
PT-2024-5305 · Phpipam · Phpipam
Name of the Vulnerable Software and Affected Versions: phpipam version 1.6 Description: The issue is related to Cross Site Scripting XSS in the phpipam application. Specifically, the "/app/admin/widgets/edit.php" endpoint is vulnerable. This vulnerability can be exploited by a remote attacker to...
phpIPAM 安全漏洞
phpIPAM is the phpIPAM open source suite of open source PHP and MySQL based IP address management applications IPAM. A security vulnerability exists in phpIPAM version 1.6, which stems from a cross-site scripting vulnerability contained in the /app/admin/widgets/edit.php file...
CVE-2024-41357
phpipam 1.6 is vulnerable to Cross Site Scripting XSS via /app/admin/powerDNS/record-edit.php...
CVE-2024-41356
phpipam 1.6 is vulnerable to Cross Site Scripting XSS via app\admin\firewall-zones\zones-edit-network.php...
CVE-2024-41354
phpipam 1.6 is vulnerable to Cross Site Scripting XSS via /app/admin/widgets/edit.php...
PT-2024-5308 · Phpipam · Phpipam
Name of the Vulnerable Software and Affected Versions: phpipam version 1.6 Description: The issue is related to a lack of protection for the web page structure in the phpipam web application for IP address management. This can be exploited by a remote attacker to conduct a cross-site scripting XS...
phpIPAM 安全漏洞
phpIPAM is the phpIPAM open source suite of open source PHP and MySQL based IP address management applications IPAM. A security vulnerability exists in phpIPAM version 1.6, which stems from a cross-site scripting vulnerability contained in the /app/tools/request-ip/index.php file...
CVE-2024-41353
phpipam 1.6 is vulnerable to Cross Site Scripting XSS via app\admin\groups\edit-group.php...
PT-2024-5306 · Phpipam · Phpipam
Name of the Vulnerable Software and Affected Versions: phpipam version 1.6 Description: The issue is related to a Cross Site Scripting XSS vulnerability. It affects the /app/tools/request-ip/index.php endpoint. The vulnerability exists due to insufficient protection of the web page structure,...
PT-2024-5307 · Phpipam · Phpipam
Name of the Vulnerable Software and Affected Versions: phpipam version 1.6 Description: The issue is related to a Cross Site Scripting XSS vulnerability. It affects the appadminfirewall-zoneszones-edit-network.php script in the phpipam web application for IP address management. The vulnerability...
CVE-2024-41356
CVE-2024-41356 affects phpipam 1.6 with a Cross-Site Scripting (XSS) vulnerability in the file path app/admin/firewall-zones/zones-edit-network.php. Publicly available details confirm the affected product and the vulnerable component, and describe the impact as XSS. CVSS 3.1 vector: CVSS:3.1/AV:N...
phpIPAM 安全漏洞
phpIPAM is the phpIPAM open source suite of open source PHP and MySQL based IP address management applications IPAM. A security vulnerability exists in phpIPAM version 1.6, which stems from a cross-site scripting vulnerability contained in the appadmingroupsedit-group.php file...
CVE-2024-41354
phpipam 1.6 is vulnerable to Cross Site Scripting XSS via /app/admin/widgets/edit.php...
CVE-2024-41357
phpipam 1.6 is vulnerable to Cross Site Scripting XSS via /app/admin/powerDNS/record-edit.php...
CVE-2024-41355
The CVE-2024-41355 entry concerns phpipam 1.6 and a Cross Site Scripting (XSS) vulnerability exploitable through /app/tools/request-ip/index.php. The connected sources confirm the affected product and endpoint but do not provide details on root cause, exploitability status, or a patch/remediation...
PT-2024-5278 · Phpipam · Phpipam
Name of the Vulnerable Software and Affected Versions: phpipam version 1.6 Description: The issue is related to a Cross Site Scripting XSS vulnerability. It exists due to insufficient protection of the web page structure in the appadmingroupsedit-group.php script of the phpipam web application fo...
CVE-2023-41580
Phpipam before v1.5.2 was discovered to contain a LDAP injection vulnerability via the dname parameter at /users/ad-search-result.php. This vulnerability allows attackers to enumerate arbitrary fields in the LDAP server and access sensitive data via a crafted POST request...
CVE-2023-41580
Phpipam before v1.5.2 was discovered to contain a LDAP injection vulnerability via the dname parameter at /users/ad-search-result.php. This vulnerability allows attackers to enumerate arbitrary fields in the LDAP server and access sensitive data via a crafted POST request...
CVE-2023-41580
Phpipam before v1.5.2 was discovered to contain a LDAP injection vulnerability via the dname parameter at /users/ad-search-result.php. This vulnerability allows attackers to enumerate arbitrary fields in the LDAP server and access sensitive data via a crafted POST request...