Vulnerabilities > Phpipam > Phpipam > 1.6

DATE CVE VULNERABILITY TITLE RISK
2025-03-20 CVE-2024-10727 Unspecified vulnerability in PHPipam
A reflected cross-site scripting (XSS) vulnerability exists in phpipam/phpipam versions 1.5.0 through 1.6.0.
network
low complexity
phpipam
6.1
2024-11-15 CVE-2024-0787 Unspecified vulnerability in PHPipam
phpIPAM version 1.5.1 contains a vulnerability where an attacker can bypass the IP block mechanism to brute force passwords for users by using the 'X-Forwarded-For' header.
network
high complexity
phpipam
5.9
2024-08-29 CVE-2024-41358 Cross-site Scripting vulnerability in PHPipam 1.6
phpipam 1.6 is vulnerable to Cross Site Scripting (XSS) via app\admin\import-export\import-load-data.php.
network
low complexity
phpipam CWE-79
6.1
2023-03-08 CVE-2023-24657 Cross-site Scripting vulnerability in PHPipam 1.6
phpipam v1.6 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the closeClass parameter at /subnet-masks/popup.php.
network
low complexity
phpipam CWE-79
6.1