Vulnerabilities > Phpipam > Phpipam > 0.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-09-22 | CVE-2019-16696 | SQL Injection vulnerability in PHPipam phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/edit.php table parameter when action=add is used. | 7.5 |
| 2019-09-22 | CVE-2019-16695 | SQL Injection vulnerability in PHPipam phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/filter.php table parameter when action=add is used. | 7.5 |
| 2019-09-22 | CVE-2019-16694 | SQL Injection vulnerability in PHPipam phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/edit-result.php table parameter when action=add is used. | 7.5 |
| 2019-09-22 | CVE-2019-16693 | SQL Injection vulnerability in PHPipam phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/order.php table parameter when action=add is used. | 7.5 |
| 2019-09-22 | CVE-2019-16692 | SQL Injection vulnerability in PHPipam phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/filter-result.php table parameter when action=add is used. | 7.5 |
| 2019-02-04 | CVE-2019-1000010 | Cross-site Scripting vulnerability in PHPipam phpIPAM version 1.3.2 and earlier contains a Cross Site Scripting (XSS) vulnerability in subnet-scan-telnet.php that can result in executing code in victims browser. | 4.3 |
| 2018-12-20 | CVE-2018-1000870 | Cross-site Scripting vulnerability in PHPipam PHPipam version 1.3.2 and earlier contains a CWE-79 vulnerability in /app/admin/users/print-user.php that can result in Execute code in the victims browser. | 3.5 |
| 2018-12-20 | CVE-2018-1000860 | Cross-site Scripting vulnerability in PHPipam phpipam version 1.3.2 and earlier contains a Cross Site Scripting (XSS) vulnerability in The value of the phpipamredirect cookie is copied into an HTML tag on the login page encapsulated in single quotes. | 2.6 |
| 2018-04-21 | CVE-2017-15640 | Cross-site Scripting vulnerability in PHPipam app/sections/user-menu.php in phpIPAM before 1.3.1 has XSS via the ip parameter. | 3.5 |
| 2017-03-05 | CVE-2017-6481 | Cross-site Scripting vulnerability in PHPipam Multiple Cross-Site Scripting (XSS) issues were discovered in phpipam 1.2. | 4.3 |