517 matches found
phpIPAM <= 1.4 Multiple SQLi Vulnerabilities
phpIPAM is prone to multiple sql injection SQLi vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:phpipam:phpipam"...
CVE-2019-16696
phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/edit.php table parameter when action=add is used...
CVE-2019-16695
phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/filter.php table parameter when action=add is used...
CVE-2019-16695
phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/filter.php table parameter when action=add is used...
CVE-2019-16696
phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/edit.php table parameter when action=add is used...
CVE-2019-16693
phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/order.php table parameter when action=add is used...
CVE-2019-16694
phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/edit-result.php table parameter when action=add is used...
CVE-2019-16692
phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/filter-result.php table parameter when action=add is used...
CVE-2019-16693
phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/order.php table parameter when action=add is used...
CVE-2019-16692
phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/filter-result.php table parameter when action=add is used...
CVE-2019-16694
phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/edit-result.php table parameter when action=add is used...
Sql injection
phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/edit-result.php table parameter when action=add is used...
Sql injection
phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/filter-result.php table parameter when action=add is used...
Sql injection
phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/edit.php table parameter when action=add is used...
Sql injection
phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/filter.php table parameter when action=add is used...
Sql injection
phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/order.php table parameter when action=add is used...
CVE-2019-16692
phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/filter-result.php table parameter when action=add is used...
CVE-2019-16692
CVE-2019-16692 — phpIPAM 1.4 SQL Injection is triggered via the app/admin/custom-fields/filter-result.php table parameter when action=add is used. The vulnerability is a SQL injection in that component, as detailed by multiple sources, including the NVD/OSV records and public exploit references (...
CVE-2019-16693
phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/order.php table parameter when action=add is used...
CVE-2019-16693
CVE-2019-16693 affects phpIPAM 1.4 and is a SQL injection in app/admin/custom-fields/order.php when action=add is used. The vulnerability allows an attacker to manipulate the table parameter to extract or modify data via a crafted request (e.g., POST to /app/admin/custom-fields/order.php with tab...