phpIPAM cross-site scripting vulnerability (CNVD-2018-08575)

phpIPAM is a set of open source PHP and MySQL based IP address management application IPAM. A cross-site scripting vulnerability exists in the app/tools/mac-lookup/index.php file in phpIPAM version 1.3.1. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML with...

CVE-2017-15640

app/sections/user-menu.php in phpIPAM before 1.3.1 has XSS via the ip parameter...

CVE-2017-15640

app/sections/user-menu.php in phpIPAM before 1.3.1 has XSS via the ip parameter...

Code injection

app/sections/user-menu.php in phpIPAM before 1.3.1 has XSS via the ip parameter...

CVE-2017-15640

app/sections/user-menu.php in phpIPAM before 1.3.1 has XSS via the ip parameter...

CVE-2017-15640

CVE-2017-15640 affects phpIPAM

phpIPAM < 1.2 Multiple XSS Vulnerabilities

phpIPAM is prone to multiple cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

phpIPAM <= 1.2.1 Multiple XSS Vulnerabilities

phpIPAM is prone to multiple cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2017-6481

Multiple Cross-Site Scripting XSS issues were discovered in phpipam 1.2. The vulnerabilities exist due to insufficient filtration of user-supplied data passed to several pages instructions in app/admin/instructions/preview.php; subnetId in app/admin/powerDNS/refresh-ptr-records.php. An attacker...

Cross site scripting

Multiple Cross-Site Scripting XSS issues were discovered in phpipam 1.2. The vulnerabilities exist due to insufficient filtration of user-supplied data passed to several pages instructions in app/admin/instructions/preview.php; subnetId in app/admin/powerDNS/refresh-ptr-records.php. An attacker...

CVE-2017-6481

Multiple Cross-Site Scripting XSS issues were discovered in phpipam 1.2. The vulnerabilities exist due to insufficient filtration of user-supplied data passed to several pages instructions in app/admin/instructions/preview.php; subnetId in app/admin/powerDNS/refresh-ptr-records.php. An attacker...

CVE-2017-6481

PHPIPAM 1.2 (and

CVE-2017-6481

Multiple Cross-Site Scripting XSS issues were discovered in phpipam 1.2. The vulnerabilities exist due to insufficient filtration of user-supplied data passed to several pages instructions in app/admin/instructions/preview.php; subnetId in app/admin/powerDNS/refresh-ptr-records.php. An attacker...

Security fix for the ALT Linux 9 package phpipam version 1.27.002-alt1

Jan. 10, 2017 Alexey Shabalin 1.27.002-alt1 - git snapshot of master branch d55883ff28a3cf347f18e0cc717cf64b7556706a - update PHPMailer to 5.2.22 fixed CVE-2017-5223...

PT-2023-16824 · Phpipam +1 · Phpipam +1

Name of the Vulnerable Software and Affected Versions: phpipam/phpipam versions prior to 1.5.2 Description: The issue is related to Cross-site Scripting XSS - Stored, which occurs when an application stores user input and later displays it without proper validation, allowing an attacker to inject...

PT-2023-16448 · Phpipam +1 · Phpipam +1

Name of the Vulnerable Software and Affected Versions: phpipam/phpipam versions prior to 1.5.1 Description: The issue concerns improper authorization in the phpipam/phpipam GitHub repository. Recommendations: For versions prior to 1.5.1, update to version 1.5.1 or later to resolve the issue...

PT-2022-24411 · Phpipam +1 · Phpipam +1

Name of the Vulnerable Software and Affected Versions: phpipam versions prior to 1.5.0 Description: A vulnerability has been found in phpipam, allowing for cross site scripting through the manipulation of an unknown functionality in the file app/admin/import-export/import-load-data.php of the...

PT-2023-2058

Name of the Vulnerable Software and Affected Versions phpipam versions prior to 1.5.2 Description The issue is related to a lack of protection against SQL query structure manipulation in the app/admin/custom-fields/edit-result.php script of the phpipam web application for IP address management...

PT-2022-13726 · Phpipam +1 · Phpipam +1

Name of the Vulnerable Software and Affected Versions: phpipam/phpipam versions prior to 1.4.6 Description: The issue is related to improper access control, which can lead to incorrect authorization. Recommendations: For versions prior to 1.4.6, update to version 1.4.6 or later to resolve the iss...

PT-2023-16447 · Phpipam +1 · Phpipam +1

Name of the Vulnerable Software and Affected Versions: phpipam/phpipam versions prior to 1.5.1 Description: The issue is related to Cross-site Scripting XSS - Reflected. This means an attacker can inject malicious scripts into a website, which are then executed by the user's browser. No informati...