CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2017-15640
https://notcve.org/view.php?id=CVE-2017-15640
21 Apr 2018 — app/sections/user-menu.php in phpIPAM before 1.3.1 has XSS via the ip parameter. app/sections/user-menu.php en phpIPAM, en versiones anteriores a la 1.3.1 tiene Cross-Site Scripting (XSS) mediante el parámetro ip. • https://github.com/phpipam/phpipam/issues/1521 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2017-6481
https://notcve.org/view.php?id=CVE-2017-6481
05 Mar 2017 — Multiple Cross-Site Scripting (XSS) issues were discovered in phpipam 1.2. The vulnerabilities exist due to insufficient filtration of user-supplied data passed to several pages (instructions in app/admin/instructions/preview.php; subnetId in app/admin/powerDNS/refresh-ptr-records.php). An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website. Múltiples problemas de XSS han sido descubiertos en phpipam 1.2. Las vulnerabilidades existen debido a filtració... • http://www.securityfocus.com/bid/96573 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 2CVE-2015-6529 – phpipam 1.1.010 Cross Site Scripting
https://notcve.org/view.php?id=CVE-2015-6529
12 Aug 2015 — Multiple cross-site scripting (XSS) vulnerabilities in phpipam 1.1.010 allow remote attackers to inject arbitrary web script or HTML via the (1) section parameter to site/error.php or (2) ip parameter to site/tools/searchResults.php. Múltiples vulnerabilidades de XSS en phpipam 1.1.010, permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de (1) el parámetro section de site/error.php o (2) el parámetro ip de site/tools/searchResults.php. phpipam version 1.1.010 suffers... • https://packetstorm.news/files/id/133055 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •