16 matches found
CVE-2024-41357
phpipam 1.6 is vulnerable to Cross Site Scripting XSS via /app/admin/powerDNS/record-edit.php...
CVE-2024-41353
phpipam 1.6 is vulnerable to Cross Site Scripting XSS via app\admin\groups\edit-group.php...
CVE-2024-41358
phpipam 1.6 is vulnerable to Cross Site Scripting XSS via app\admin\import-export\import-load-data.php...
CVE-2024-41358
phpipam 1.6 is vulnerable to Cross Site Scripting XSS via app\admin\import-export\import-load-data.php...
CVE-2024-41358
phpipam 1.6 is vulnerable to Cross Site Scripting XSS via app\admin\import-export\import-load-data.php...
CVE-2024-41358
phpipam 1.6 is vulnerable to Cross Site Scripting XSS via app\admin\import-export\import-load-data.php...
CVE-2024-41353
phpipam 1.6 is vulnerable to Cross Site Scripting XSS via app\admin\groups\edit-group.php...
CVE-2024-41357
phpipam 1.6 is vulnerable to Cross Site Scripting XSS via /app/admin/powerDNS/record-edit.php...
CVE-2024-41357
phpipam 1.6 is vulnerable to Cross Site Scripting XSS via /app/admin/powerDNS/record-edit.php...
CVE-2024-41356
phpipam 1.6 is vulnerable to Cross Site Scripting XSS via app\admin\firewall-zones\zones-edit-network.php...
CVE-2024-41353
CVE-2024-41353 affects phpIPAM 1.6, with a Cross Site Scripting (XSS) vulnerability in app/admin/groups/edit-group.php. The issue is documented across multiple feeds (NVD, Red Hat, OSV, CNNVD, CVE list, CVE.org) noting XSS via the affected script. The exposed component is the edit-group.php handl...
CVE-2024-41354
phpipam 1.6 is vulnerable to Cross Site Scripting (XSS) via the /app/admin/widgets/edit.php endpoint. The issue is described across multiple sources (CVE-2024-41354 in various feeds); no official patch/version fix is disclosed in the provided documents. The vulnerability enables XSS in the widget...
CVE-2024-41356
phpipam 1.6 is vulnerable to Cross Site Scripting XSS via app\admin\firewall-zones\zones-edit-network.php...
PT-2024-5305 · Phpipam · Phpipam
Name of the Vulnerable Software and Affected Versions: phpipam version 1.6 Description: The issue is related to Cross Site Scripting XSS in the phpipam application. Specifically, the "/app/admin/widgets/edit.php" endpoint is vulnerable. This vulnerability can be exploited by a remote attacker to...
CVE-2024-41357
phpipam 1.6 is vulnerable to Cross Site Scripting XSS via /app/admin/powerDNS/record-edit.php...
CVE-2024-41355
The CVE-2024-41355 entry concerns phpipam 1.6 and a Cross Site Scripting (XSS) vulnerability exploitable through /app/tools/request-ip/index.php. The connected sources confirm the affected product and endpoint but do not provide details on root cause, exploitability status, or a patch/remediation...