Vulnerabilities > Phpipam

DATE CVE VULNERABILITY TITLE RISK
2019-09-22 CVE-2019-16696 SQL Injection vulnerability in PHPipam
phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/edit.php table parameter when action=add is used.
network
low complexity
phpipam CWE-89
7.5
2019-09-22 CVE-2019-16695 SQL Injection vulnerability in PHPipam
phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/filter.php table parameter when action=add is used.
network
low complexity
phpipam CWE-89
7.5
2019-09-22 CVE-2019-16694 SQL Injection vulnerability in PHPipam
phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/edit-result.php table parameter when action=add is used.
network
low complexity
phpipam CWE-89
7.5
2019-09-22 CVE-2019-16693 SQL Injection vulnerability in PHPipam
phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/order.php table parameter when action=add is used.
network
low complexity
phpipam CWE-89
7.5
2019-09-22 CVE-2019-16692 SQL Injection vulnerability in PHPipam
phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/filter-result.php table parameter when action=add is used.
network
low complexity
phpipam CWE-89
7.5
2019-02-04 CVE-2019-1000010 Cross-site Scripting vulnerability in PHPipam
phpIPAM version 1.3.2 and earlier contains a Cross Site Scripting (XSS) vulnerability in subnet-scan-telnet.php that can result in executing code in victims browser.
network
phpipam CWE-79
4.3
2018-12-20 CVE-2018-1000870 Cross-site Scripting vulnerability in PHPipam
PHPipam version 1.3.2 and earlier contains a CWE-79 vulnerability in /app/admin/users/print-user.php that can result in Execute code in the victims browser.
network
phpipam CWE-79
3.5
2018-12-20 CVE-2018-1000869 SQL Injection vulnerability in PHPipam 1.3.2
phpIPAM version 1.3.2 contains a CWE-89 vulnerability in /app/admin/nat/item-add-submit.php that can result in SQL Injection..
network
low complexity
phpipam CWE-89
7.5
2018-12-20 CVE-2018-1000860 Cross-site Scripting vulnerability in PHPipam
phpipam version 1.3.2 and earlier contains a Cross Site Scripting (XSS) vulnerability in The value of the phpipamredirect cookie is copied into an HTML tag on the login page encapsulated in single quotes.
network
high complexity
phpipam CWE-79
2.6
2018-04-24 CVE-2018-10329 Cross-site Scripting vulnerability in PHPipam 1.3.1
app/tools/mac-lookup/index.php in phpIPAM 1.3.1 has Reflected XSS on /tools/mac-lookup/ via the mac parameter.
network
phpipam CWE-79
4.3