Vulnerabilities > Phpipam > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-02 | CVE-2023-41580 | Injection vulnerability in PHPipam Phpipam before v1.5.2 was discovered to contain a LDAP injection vulnerability via the dname parameter at /users/ad-search-result.php. | 7.5 |
| 2023-03-07 | CVE-2023-1211 | SQL Injection vulnerability in PHPipam SQL Injection in GitHub repository phpipam/phpipam prior to v1.5.2. | 7.2 |
| 2019-09-22 | CVE-2019-16696 | SQL Injection vulnerability in PHPipam phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/edit.php table parameter when action=add is used. | 7.5 |
| 2019-09-22 | CVE-2019-16695 | SQL Injection vulnerability in PHPipam phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/filter.php table parameter when action=add is used. | 7.5 |
| 2019-09-22 | CVE-2019-16694 | SQL Injection vulnerability in PHPipam phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/edit-result.php table parameter when action=add is used. | 7.5 |
| 2019-09-22 | CVE-2019-16693 | SQL Injection vulnerability in PHPipam phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/order.php table parameter when action=add is used. | 7.5 |
| 2019-09-22 | CVE-2019-16692 | SQL Injection vulnerability in PHPipam phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/filter-result.php table parameter when action=add is used. | 7.5 |
| 2018-12-20 | CVE-2018-1000869 | SQL Injection vulnerability in PHPipam 1.3.2 phpIPAM version 1.3.2 contains a CWE-89 vulnerability in /app/admin/nat/item-add-submit.php that can result in SQL Injection.. | 7.5 |