Skip to main content
CVE-2019-16696 CRITICAL POC Act Now

phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/edit.php table parameter when action=add is used. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Phpipam
NVD GitHub
CVSS 3.1
9.8
EPSS
1.9%
CVE-2019-16695 CRITICAL POC Act Now

phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/filter.php table parameter when action=add is used. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Phpipam
NVD GitHub
CVSS 3.1
9.8
EPSS
1.9%
CVE-2019-16694 CRITICAL POC Act Now

phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/edit-result.php table parameter when action=add is used. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Phpipam
NVD GitHub
CVSS 3.1
9.8
EPSS
1.9%
CVE-2019-16693 CRITICAL POC Act Now

phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/order.php table parameter when action=add is used. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Phpipam
NVD GitHub Exploit-DB
CVSS 3.1
9.8
EPSS
4.3%
CVE-2019-16692 CRITICAL POC THREAT Act Now

phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/filter-result.php table parameter when action=add is used. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Phpipam
NVD GitHub Exploit-DB
CVSS 3.1
9.8
EPSS
10.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy