Vulnerabilities > Phpipam > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-10-03 CVE-2022-41443 Improper Encoding or Escaping of Output vulnerability in PHPipam 1.5.0
phpipam v1.5.0 was discovered to contain a header injection vulnerability via the component /admin/subnets/ripe-query.php.
network
low complexity
phpipam CWE-116
critical
 9.8
9.8
2019-09-22 CVE-2019-16696 SQL Injection vulnerability in PHPipam
phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/edit.php table parameter when action=add is used.
network
low complexity
phpipam CWE-89
critical
 9.8
9.8
2019-09-22 CVE-2019-16695 SQL Injection vulnerability in PHPipam
phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/filter.php table parameter when action=add is used.
network
low complexity
phpipam CWE-89
critical
 9.8
9.8
2019-09-22 CVE-2019-16694 SQL Injection vulnerability in PHPipam
phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/edit-result.php table parameter when action=add is used.
network
low complexity
phpipam CWE-89
critical
 9.8
9.8
2019-09-22 CVE-2019-16693 SQL Injection vulnerability in PHPipam
phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/order.php table parameter when action=add is used.
network
low complexity
phpipam CWE-89
critical
 9.8
9.8
2019-09-22 CVE-2019-16692 SQL Injection vulnerability in PHPipam
phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/filter-result.php table parameter when action=add is used.
network
low complexity
phpipam CWE-89
critical
 9.8
9.8
2018-12-20 CVE-2018-1000869 SQL Injection vulnerability in PHPipam 1.3.2
phpIPAM version 1.3.2 contains a CWE-89 vulnerability in /app/admin/nat/item-add-submit.php that can result in SQL Injection..
network
low complexity
phpipam CWE-89
critical
 9.8
9.8