CVE-2017-15640

CVE-2017-15640 affects phpIPAM

CVE-2017-15640

app/sections/user-menu.php in phpIPAM before 1.3.1 has XSS via the ip parameter...

phpIPAM < 1.2 Multiple XSS Vulnerabilities

phpIPAM is prone to multiple cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

phpIPAM <= 1.2.1 Multiple XSS Vulnerabilities

phpIPAM is prone to multiple cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2017-6481

Multiple Cross-Site Scripting XSS issues were discovered in phpipam 1.2. The vulnerabilities exist due to insufficient filtration of user-supplied data passed to several pages instructions in app/admin/instructions/preview.php; subnetId in app/admin/powerDNS/refresh-ptr-records.php. An attacker...

Cross site scripting

Multiple Cross-Site Scripting XSS issues were discovered in phpipam 1.2. The vulnerabilities exist due to insufficient filtration of user-supplied data passed to several pages instructions in app/admin/instructions/preview.php; subnetId in app/admin/powerDNS/refresh-ptr-records.php. An attacker...

CVE-2017-6481

Multiple Cross-Site Scripting XSS issues were discovered in phpipam 1.2. The vulnerabilities exist due to insufficient filtration of user-supplied data passed to several pages instructions in app/admin/instructions/preview.php; subnetId in app/admin/powerDNS/refresh-ptr-records.php. An attacker...

CVE-2017-6481

Multiple Cross-Site Scripting XSS issues were discovered in phpipam 1.2. The vulnerabilities exist due to insufficient filtration of user-supplied data passed to several pages instructions in app/admin/instructions/preview.php; subnetId in app/admin/powerDNS/refresh-ptr-records.php. An attacker...

CVE-2017-6481

PHPIPAM 1.2 (and

Security fix for the ALT Linux 9 package phpipam version 1.27.002-alt1

Jan. 10, 2017 Alexey Shabalin 1.27.002-alt1 - git snapshot of master branch d55883ff28a3cf347f18e0cc717cf64b7556706a - update PHPMailer to 5.2.22 fixed CVE-2017-5223...

PT-2022-13726 · Phpipam +1 · Phpipam +1

Name of the Vulnerable Software and Affected Versions: phpipam/phpipam versions prior to 1.4.6 Description: The issue is related to improper access control, which can lead to incorrect authorization. Recommendations: For versions prior to 1.4.6, update to version 1.4.6 or later to resolve the iss...

PT-2023-16447 · Phpipam +1 · Phpipam +1

Name of the Vulnerable Software and Affected Versions: phpipam/phpipam versions prior to 1.5.1 Description: The issue is related to Cross-site Scripting XSS - Reflected. This means an attacker can inject malicious scripts into a website, which are then executed by the user's browser. No informati...

PT-2022-24411 · Phpipam +1 · Phpipam +1

Name of the Vulnerable Software and Affected Versions: phpipam versions prior to 1.5.0 Description: A vulnerability has been found in phpipam, allowing for cross site scripting through the manipulation of an unknown functionality in the file app/admin/import-export/import-load-data.php of the...

PT-2023-16824 · Phpipam +1 · Phpipam +1

Name of the Vulnerable Software and Affected Versions: phpipam/phpipam versions prior to 1.5.2 Description: The issue is related to Cross-site Scripting XSS - Stored, which occurs when an application stores user input and later displays it without proper validation, allowing an attacker to inject...

PT-2023-16446 · Phpipam +1 · Phpipam +1

Name of the Vulnerable Software and Affected Versions: phpipam/phpipam versions prior to 1.5.1 Description: The issue is related to Cross-site Scripting XSS - Reflected, which occurs when an application includes user input in the output it sends to a user's browser without proper validation,...

PT-2023-16448 · Phpipam +1 · Phpipam +1

Name of the Vulnerable Software and Affected Versions: phpipam/phpipam versions prior to 1.5.1 Description: The issue concerns improper authorization in the phpipam/phpipam GitHub repository. Recommendations: For versions prior to 1.5.1, update to version 1.5.1 or later to resolve the issue...

PT-2023-2058

Name of the Vulnerable Software and Affected Versions phpipam versions prior to 1.5.2 Description The issue is related to a lack of protection against SQL query structure manipulation in the app/admin/custom-fields/edit-result.php script of the phpipam web application for IP address management...

Security fix for the ALT Linux 9 package phpipam version 1.26.050-alt1

Dec. 26, 2016 Alexey Shabalin 1.26.050-alt1 - git snapshot of master branch b99412648829471f3a336036f5cd138b8f131721 - install PHPMailer from upstream fixed CVE-2015-8476,CVE-2016-10033,CVE-2016-10045...

PHPIPAM 'edit-group.php' Cross-Site Scripting Vulnerability

phpipam is a set of open source PHP and MySQL based IP address management application IPAM. A cross-site scripting vulnerability exists in phpipam version 1.2.2, which can be exploited by remote attackers to inject arbitrary web script or HTML due to the failure of edit/php scripts to adequately...

PHPIPAM SQL Injection Vulnerability

phpipam is a set of open source PHP and MySQL based IP address management application IPAM. A cross-site scripting vulnerability exists in phpipam version 1.2.1, which can be exploited by an attacker to compromise the application, access or modify data, or exploit potential vulnerabilities in the...