PT-2022-12701 · Phpipam · Phpipam

Name of the Vulnerable Software and Affected Versions: phpIPAM version 1.4.4 Description: The issue allows for Reflected XSS and CSRF attacks via the "app/admin/subnets/find free section subnets.php" endpoint of the subnets functionality. Recommendations: For phpIPAM version 1.4.4, consider...

Exploit for SQL Injection in Phpipam

CVE-2022-23046 PhpIPAM v1.4.4 allows an authenticated admin u...

The vulnerability of the app/admin/routing/edit-bgp-mapping-search.php web application for managing IP addresses in phpipam allows a attacker to execute arbitrary SQL queries.

The vulnerability of the app/admin/routing/edit-bgp-mapping-search.php web application for managing IP addresses in phpipam lies in the lack of measures taken to protect the SQL query structure when processing the “subnet” parameter. Exploiting this vulnerability allows a malicious actor to execu...

Cross-site Scripting (XSS) - Reflected in phpipam/phpipam

Description Cross-Site Scripting vulnerability which allows attackers to execute arbitrary javascript code in the browser of a victim which affected import Data set feature via a spreadSheet file upload. Proof of Concept Endpoint 1 POST http://HOST/app/admin/import-export/import-vlan-preview.php ...

in phpipam/phpipam

Description The phpIPAM 1.4.5 incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor in the Import/Export feature. A normal user with the role of User could download XLS file of IP addresses, hostfile dump and export system database that...

Improper Authorization in phpipam/phpipam

Description In phpIPAM 1.4.5, a normal user with the role of Usercould view/read the log files via show-logs.php, errorlogs.php and accesslogs.php endpoints. It is supposedly accessible by the Administrator only. Proof of Concept Tested version: phpIPAM 1.4.5 Affected endpoints: 1 GET/POST...

Improper Access Control in phpipam/phpipam

Description In phpIPAM 1.4.5, a normal user with the role of User could download or export IP subnets that may contain sensitive information related data such as IP address, IP state, MAC, owner, hostname and device via export-subnet.php endpoint. The bug is the export-subnet.php should verify th...

Security fix for the ALT Linux 9 package phpipam version 1.45.031-alt1

1.45.031-alt1 built Feb. 1, 2022 Alexey Shabalin in task 294095 Jan. 25, 2022 Alexey Shabalin - 1.4.5 Release Fixes: CVE-2020-7988...

PHPIPAM 1.4.4 - SQL injection (Authenticated) Exploit

Exploit Title: PHPIPAM 1.4.4 - SQLi Authenticated Google Dork: if applicable Exploit Author: Rodolfo "Inc0gbyt3" Tavares Vendor Homepage: https://github.com/phpipam/phpipam Software Link: https://github.com/phpipam/phpipam Version: 1.4.4 Tested on: Linux/Windows CVE : CVE-2022-23046 import reques...

PHPIPAM 1.4.4 SQL Injection

Exploit Title: PHPIPAM 1.4.4 - SQLi Authenticated Google Dork: if applicable Date: 20/01/2022 Exploit Author: Rodolfo "Inc0gbyt3" Tavares Vendor Homepage: https://github.com/phpipam/phpipam Software Link: https://github.com/phpipam/phpipam Version: 1.4.4 Tested on: Linux/Windows CVE :...

PHPIPAM 1.4.4 - SQLi (Authenticated)

Exploit Title: PHPIPAM 1.4.4 - SQLi Authenticated Google Dork: if applicable Date: 20/01/2022 Exploit Author: Rodolfo "Inc0gbyt3" Tavares Vendor Homepage: https://github.com/phpipam/phpipam Software Link: https://github.com/phpipam/phpipam Version: 1.4.4 Tested on: Linux/Windows CVE :...

PhpIPAM Cross-Site Scripting Vulnerability (CNVD-2022-08175)

phpIPAM is an open source PHP and MySQL-based IP address management application IPAM. phpIPAM in v1.4.4 is vulnerable to a cross-site scripting vulnerability that stems from a lack of user-supplied data and output data validation filtering in the Site title parameter when updating site settings. ...

Exploit for SQL Injection in Phpipam

CVE-2022-23046 The original discovery and manual PoC is from...

phpIPAM < 1.4.5 Multiple Vulnerabilities

phpIPAM is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:phpipam:phpipam"; ifdescription...

phpIPAM < 1.4.4 Multiple XSS Vulnerabilities

phpIPAM is prone to multiple cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2022-23045

PhpIPAM v1.4.4 allows an authenticated admin user to inject persistent JavaScript code inside the "Site title" parameter while updating the site settings. The "Site title" setting is injected in several locations which triggers the XSS...

CVE-2022-23046

PhpIPAM v1.4.4 allows an authenticated admin user to inject SQL sentences in the "subnet" parameter while searching a subnet via app/admin/routing/edit-bgp-mapping-search.php...

CVE-2022-23046

PhpIPAM v1.4.4 allows an authenticated admin user to inject SQL sentences in the "subnet" parameter while searching a subnet via app/admin/routing/edit-bgp-mapping-search.php...

CVE-2022-23046

PhpIPAM v1.4.4 allows an authenticated admin user to inject SQL sentences in the "subnet" parameter while searching a subnet via app/admin/routing/edit-bgp-mapping-search.php...

CVE-2022-23045

PhpIPAM v1.4.4 allows an authenticated admin user to inject persistent JavaScript code inside the "Site title" parameter while updating the site settings. The "Site title" setting is injected in several locations which triggers the XSS...