Vulnerabilities > Phpipam > Phpipam > 1.4.7

DATE CVE VULNERABILITY TITLE RISK
2023-10-02 CVE-2023-41580 Injection vulnerability in PHPipam
Phpipam before v1.5.2 was discovered to contain a LDAP injection vulnerability via the dname parameter at /users/ad-search-result.php.
network
low complexity
phpipam CWE-74
7.5
2023-03-07 CVE-2023-1211 SQL Injection vulnerability in PHPipam
SQL Injection in GitHub repository phpipam/phpipam prior to v1.5.2.
network
low complexity
phpipam CWE-89
7.2
2023-03-07 CVE-2023-1212 Cross-site Scripting vulnerability in PHPipam
Cross-site Scripting (XSS) - Stored in GitHub repository phpipam/phpipam prior to v1.5.2.
network
low complexity
phpipam CWE-79
4.8
2023-02-04 CVE-2023-0676 Cross-site Scripting vulnerability in PHPipam
Cross-site Scripting (XSS) - Reflected in GitHub repository phpipam/phpipam prior to 1.5.1.
network
low complexity
phpipam CWE-79
6.1
2023-02-04 CVE-2023-0677 Cross-site Scripting vulnerability in PHPipam
Cross-site Scripting (XSS) - Reflected in GitHub repository phpipam/phpipam prior to v1.5.1.
network
low complexity
phpipam CWE-79
6.1
2023-02-04 CVE-2023-0678 Missing Authorization vulnerability in PHPipam
Missing Authorization in GitHub repository phpipam/phpipam prior to v1.5.1.
network
low complexity
phpipam CWE-862
5.3
2022-11-02 CVE-2022-3845 Cross-site Scripting vulnerability in PHPipam
A vulnerability has been found in phpipam and classified as problematic.
network
low complexity
phpipam CWE-79
6.1