Exploit for #VU63986 SQL injection in phpIPAM

Cybersecurity Help s.r.o.

Published: 2022-06-06 | Updated: 2023-01-08

Vulnerability identifier: #VU63986

Vulnerability risk: Low

CVSSv4.0: 2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/U:Clear]

CVE-ID: CVE-2022-23046

CWE-ID: CWE-89

Exploitation vector: Network

Exploits in database: 2

January 8, 2023
- CVE-2022-23046 (SQL Injection Vulnerability on PhpIPAM v1.4.4) [Github]
June 6, 2022
- PHPIPAM 1.4.4 - SQLi (Authenticated) [Exploit-DB]

Vulnerable software:
phpIPAM
Web applications / Modules and components for CMS

Vendor: Miha Petkovsek