Vulnerabilities > Phpipam
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-04 | CVE-2023-0676 | Unspecified vulnerability in PHPipam Cross-site Scripting (XSS) - Reflected in GitHub repository phpipam/phpipam prior to 1.5.1. | 6.1 |
| 2023-02-04 | CVE-2023-0677 | Unspecified vulnerability in PHPipam Cross-site Scripting (XSS) - Reflected in GitHub repository phpipam/phpipam prior to v1.5.1. | 6.1 |
| 2023-02-04 | CVE-2023-0678 | Unspecified vulnerability in PHPipam Missing Authorization in GitHub repository phpipam/phpipam prior to v1.5.1. | 5.3 |
| 2022-11-02 | CVE-2022-3845 | Cross-site Scripting vulnerability in PHPipam A vulnerability has been found in phpipam and classified as problematic. | 6.1 |
| 2022-10-03 | CVE-2022-41443 | Improper Encoding or Escaping of Output vulnerability in PHPipam 1.5.0 phpipam v1.5.0 was discovered to contain a header injection vulnerability via the component /admin/subnets/ripe-query.php. | 9.8 |
| 2022-04-04 | CVE-2022-1223 | Unspecified vulnerability in PHPipam Incorrect Authorization in GitHub repository phpipam/phpipam prior to 1.4.6. | 6.5 |
| 2022-04-04 | CVE-2022-1224 | Incorrect Authorization vulnerability in PHPipam Improper Authorization in GitHub repository phpipam/phpipam prior to 1.4.6. | 6.5 |
| 2022-04-04 | CVE-2022-1225 | Unspecified vulnerability in PHPipam Incorrect Privilege Assignment in GitHub repository phpipam/phpipam prior to 1.4.6. | 6.5 |
| 2022-03-25 | CVE-2021-46426 | Cross-site Scripting vulnerability in PHPipam 1.4.4 phpIPAM 1.4.4 allows Reflected XSS and CSRF via app/admin/subnets/find_free_section_subnets.php of the subnets functionality. | 6.1 |
| 2022-01-19 | CVE-2022-23045 | Cross-site Scripting vulnerability in PHPipam 1.4.4 PhpIPAM v1.4.4 allows an authenticated admin user to inject persistent JavaScript code inside the "Site title" parameter while updating the site settings. | 4.8 |