Shodan
Vulnerabilities
Vulnerable Software
Phpipam:  >> Phpipam  >> 1.4.4  Security Vulnerabilities
CVE-2022-1225
Incorrect Privilege Assignment in GitHub repository phpipam/phpipam prior to 1.4.6.
CVSS Score
6.5
EPSS Score
0.002
Published
2022-04-04
CVE-2021-46426
phpIPAM 1.4.4 allows Reflected XSS and CSRF via app/admin/subnets/find_free_section_subnets.php of the subnets functionality.
CVSS Score
6.1
EPSS Score
0.006
Published
2022-03-25
CVE-2022-23045
PhpIPAM v1.4.4 allows an authenticated admin user to inject persistent JavaScript code inside the "Site title" parameter while updating the site settings. The "Site title" setting is injected in several locations which triggers the XSS.
CVSS Score
4.8
EPSS Score
0.003
Published
2022-01-19
CVE-2022-23046
PhpIPAM v1.4.4 allows an authenticated admin user to inject SQL sentences in the "subnet" parameter while searching a subnet via app/admin/routing/edit-bgp-mapping-search.php
CVSS Score
7.2
EPSS Score
0.49
Published
2022-01-19


Products
Pricing
Contact Us

Shodan ® - All rights reserved