Vulnerabilities > Phpipam > Phpipam > 1.4.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-03-31 | CVE-2024-55093 | Cross-site Scripting vulnerability in PHPipam phpIPAM through 1.7.3 has a reflected Cross-Site Scripting (XSS) vulnerability in the install scripts. | 4.7 |
| 2024-11-15 | CVE-2022-1226 | Unspecified vulnerability in PHPipam A Cross-Site Scripting (XSS) vulnerability in phpipam/phpipam versions prior to 1.4.7 allows attackers to execute arbitrary JavaScript code in the browser of a victim. | 4.8 |
| 2024-11-15 | CVE-2024-0787 | Unspecified vulnerability in PHPipam phpIPAM version 1.5.1 contains a vulnerability where an attacker can bypass the IP block mechanism to brute force passwords for users by using the 'X-Forwarded-For' header. | 5.9 |
| 2023-10-02 | CVE-2023-41580 | Injection vulnerability in PHPipam Phpipam before v1.5.2 was discovered to contain a LDAP injection vulnerability via the dname parameter at /users/ad-search-result.php. | 7.5 |
| 2023-03-07 | CVE-2023-1211 | Unspecified vulnerability in PHPipam SQL Injection in GitHub repository phpipam/phpipam prior to v1.5.2. | 7.2 |
| 2023-03-07 | CVE-2023-1212 | Unspecified vulnerability in PHPipam Cross-site Scripting (XSS) - Stored in GitHub repository phpipam/phpipam prior to v1.5.2. | 4.8 |
| 2023-02-04 | CVE-2023-0676 | Unspecified vulnerability in PHPipam Cross-site Scripting (XSS) - Reflected in GitHub repository phpipam/phpipam prior to 1.5.1. | 6.1 |
| 2023-02-04 | CVE-2023-0677 | Unspecified vulnerability in PHPipam Cross-site Scripting (XSS) - Reflected in GitHub repository phpipam/phpipam prior to v1.5.1. | 6.1 |
| 2023-02-04 | CVE-2023-0678 | Unspecified vulnerability in PHPipam Missing Authorization in GitHub repository phpipam/phpipam prior to v1.5.1. | 5.3 |
| 2022-11-02 | CVE-2022-3845 | Cross-site Scripting vulnerability in PHPipam A vulnerability has been found in phpipam and classified as problematic. | 6.1 |