Vulnerabilities > Phpipam

DATE CVE VULNERABILITY TITLE RISK
2024-11-15 CVE-2022-1226 Cross-site Scripting vulnerability in PHPipam
A Cross-Site Scripting (XSS) vulnerability in phpipam/phpipam versions prior to 1.4.7 allows attackers to execute arbitrary JavaScript code in the browser of a victim.
network
low complexity
phpipam CWE-79
4.8
2024-11-15 CVE-2024-0787 Improper Restriction of Excessive Authentication Attempts vulnerability in PHPipam
phpIPAM version 1.5.1 contains a vulnerability where an attacker can bypass the IP block mechanism to brute force passwords for users by using the 'X-Forwarded-For' header.
network
high complexity
phpipam CWE-307
5.9
2024-08-29 CVE-2024-41358 Cross-site Scripting vulnerability in PHPipam 1.6
phpipam 1.6 is vulnerable to Cross Site Scripting (XSS) via app\admin\import-export\import-load-data.php.
network
low complexity
phpipam CWE-79
6.1
2023-10-02 CVE-2023-41580 Injection vulnerability in PHPipam
Phpipam before v1.5.2 was discovered to contain a LDAP injection vulnerability via the dname parameter at /users/ad-search-result.php.
network
low complexity
phpipam CWE-74
7.5
2023-09-14 CVE-2023-4965 Open Redirect vulnerability in PHPipam 1.5.1
A vulnerability was found in phpipam 1.5.1.
network
low complexity
phpipam CWE-601
4.8
2023-03-08 CVE-2023-24657 Cross-site Scripting vulnerability in PHPipam 1.6
phpipam v1.6 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the closeClass parameter at /subnet-masks/popup.php.
network
low complexity
phpipam CWE-79
6.1
2023-03-07 CVE-2023-1211 SQL Injection vulnerability in PHPipam
SQL Injection in GitHub repository phpipam/phpipam prior to v1.5.2.
network
low complexity
phpipam CWE-89
7.2
2023-03-07 CVE-2023-1212 Cross-site Scripting vulnerability in PHPipam
Cross-site Scripting (XSS) - Stored in GitHub repository phpipam/phpipam prior to v1.5.2.
network
low complexity
phpipam CWE-79
4.8
2023-02-04 CVE-2023-0676 Cross-site Scripting vulnerability in PHPipam
Cross-site Scripting (XSS) - Reflected in GitHub repository phpipam/phpipam prior to 1.5.1.
network
low complexity
phpipam CWE-79
6.1
2023-02-04 CVE-2023-0677 Cross-site Scripting vulnerability in PHPipam
Cross-site Scripting (XSS) - Reflected in GitHub repository phpipam/phpipam prior to v1.5.1.
network
low complexity
phpipam CWE-79
6.1