phpIPAM < 1.5.2 Multiple Vulnerabilities

phpIPAM is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:phpipam:phpipam"; ifdescription...

phpIPAM 跨站脚本漏洞

phpIPAM is an open source PHP and MySQL based IP address management application IPAM. A security vulnerability exists in phpIPAM version 1.6, which was discovered to contain a Reflected Cross-Site Scripting XSS vulnerability via the closeClass parameter of /subnet-masks/popup.php...

CVE-2023-24657

phpipam v1.6 was discovered to contain a reflected cross-site scripting XSS vulnerability via the closeClass parameter at /subnet-masks/popup.php...

CVE-2023-1212

Cross-site Scripting XSS - Stored in GitHub repository phpipam/phpipam prior to v1.5.2...

CVE-2023-1211

SQL Injection in GitHub repository phpipam/phpipam prior to v1.5.2...

CVE-2023-1211

SQL Injection in GitHub repository phpipam/phpipam prior to v1.5.2...

Sql injection

SQL Injection in GitHub repository phpipam/phpipam prior to v1.5.2...

phpIPAM SQL注入漏洞

phpIPAM is an open source PHP and MySQL based IP address management application IPAM. A SQL injection vulnerability exists in phpIPAM versions prior to 1.5.2. An attacker exploits this vulnerability to perform SQL injection attacks...

CVE-2023-1211

CVE-2023-1211 describes a SQL injection in phpIPAM (phpipam/phpipam) prior to version 1.5.2. Public references indicate the vulnerability resides in the admin area (for example, /app/admin/custom-fields/edit-result.php) and can be exploited via crafted POST data to perform arbitrary SQL commands ...

CVE-2023-1212

CVE-2023-1212 corresponds to a stored Cross-site Scripting (XSS) vulnerability in phpIPAM prior to version 1.5.2. The issue affects user-facing inputs that are stored and later rendered, enabling script injection via vectors described in the sources (e.g., instructions widget and user widgets). A...

CVE-2023-1211 SQL Injection in phpipam/phpipam

SQL Injection in GitHub repository phpipam/phpipam prior to v1.5.2...

CVE-2023-1212 Cross-site Scripting (XSS) - Stored in phpipam/phpipam

Cross-site Scripting XSS - Stored in GitHub repository phpipam/phpipam prior to v1.5.2...

CVE-2023-1211 SQL Injection in phpipam/phpipam

SQL Injection in GitHub repository phpipam/phpipam prior to v1.5.2...

CVE-2023-1212 Cross-site Scripting (XSS) - Stored in phpipam/phpipam

Cross-site Scripting XSS - Stored in GitHub repository phpipam/phpipam prior to v1.5.2...

CVE-2023-1211 SQL Injection in phpipam/phpipam

SQL Injection in GitHub repository phpipam/phpipam prior to v1.5.2...

phpIPAM 跨站脚本漏洞

phpIPAM is an open source PHP and MySQL based IP address management application IPAM. A cross-site scripting vulnerability exists in versions prior to phpIPAM 1.5.2. An attacker can exploit this vulnerability to perform cross-site scripting attacks...

CVE-2023-1212 Cross-site Scripting (XSS) - Stored in phpipam/phpipam

Cross-site Scripting XSS - Stored in GitHub repository phpipam/phpipam prior to v1.5.2...

phpIPAM authorization issue issue vulnerability

phpIPAM is an open source PHP and MySQL-based IP address management application IPAM. phpIPAM versions prior to 1.5.1 are vulnerable to authorization issues, which can be exploited by attackers to download the findfullsubnets.php endpoint containing sensitive information...

phpIPAM Cross-Site Scripting Vulnerability (CNVD-2023-09716)

phpIPAM is an open source PHP and MySQL-based IP address management application IPAM. phpIPAM versions prior to 1.5.1 are vulnerable to a cross-site scripting vulnerability, which stems from cross-site scripting when the application responds in an insecure manner to data after receiving an HTTP...

phpIPAM Cross-Site Scripting Vulnerability (CNVD-2023-09715)

phpIPAM is an open source PHP and MySQL-based IP address management application IPAM. phpIPAM versions prior to 1.5.1 contain a cross-site scripting vulnerability that stems from cross-site scripting when an application receives an HTTP request and then the data responds in an insecure manner. No...