CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-6481

Multiple Cross-Site Scripting (XSS) issues were discovered in phpipam 1.2. The vulnerabilities exist due to insufficient filtration of user-supplied data passed to several pages (instructions in app/admin/instructions/preview.php; subnetId in app/admin/powerDNS/refresh-ptr-records.php). An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 53.0%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

Products affected by CVE-2017-6481

Phpipam » Phpipam » Version: N/A

cpe:2.3:a:phpipam:phpipam:-
Phpipam » Phpipam » Version: 0.1

cpe:2.3:a:phpipam:phpipam:0.1
Phpipam » Phpipam » Version: 0.2

cpe:2.3:a:phpipam:phpipam:0.2
Phpipam » Phpipam » Version: 0.3

cpe:2.3:a:phpipam:phpipam:0.3
Phpipam » Phpipam » Version: 0.4

cpe:2.3:a:phpipam:phpipam:0.4
Phpipam » Phpipam » Version: 0.5

cpe:2.3:a:phpipam:phpipam:0.5
Phpipam » Phpipam » Version: 0.6

cpe:2.3:a:phpipam:phpipam:0.6
Phpipam » Phpipam » Version: 0.7

cpe:2.3:a:phpipam:phpipam:0.7
Phpipam » Phpipam » Version: 0.8

cpe:2.3:a:phpipam:phpipam:0.8
Phpipam » Phpipam » Version: 0.9

cpe:2.3:a:phpipam:phpipam:0.9
Phpipam » Phpipam » Version: 1.0

cpe:2.3:a:phpipam:phpipam:1.0
Phpipam » Phpipam » Version: 1.1

cpe:2.3:a:phpipam:phpipam:1.1
Phpipam » Phpipam » Version: 1.1.010

cpe:2.3:a:phpipam:phpipam:1.1.010
Phpipam » Phpipam » Version: 1.2

cpe:2.3:a:phpipam:phpipam:1.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-6481

Products

Pricing

Contact Us