Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

CVE-2019-1000010

Good to know:

icon

Date: February 4, 2019

phpIPAM version 1.3.2 and earlier contains a Cross Site Scripting (XSS) vulnerability in subnet-scan-telnet.php that can result in executing code in victims browser. This attack appears to be exploitable via victim visits link crafted by an attacker. This vulnerability appears to have been fixed in 1.4.

Language: PHP

Severity Score

Related Resources (5)

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1000010
https://github.com/phpipam/phpipam/issues/2327
https://nvd.nist.gov/vuln/detail/CVE-2019-1000010
https://github.com/phpipam/phpipam/commit/fd37bd8fb2b9c306079db505e0e3fe79a096c31c
https://www.mend.io/vulnerability-database/CVE-2019-1000010

Severity Score

Weakness Type (CWE)

Cross-Site Scripting (XSS)

CWE-79

Top Fix

icon

Upgrade Version

Upgrade to version 1.4

Learn More

CVSS v3

Base Score:
Attack Vector (AV):
Attack Complexity (AC):
Privileges Required (PR):
User Interaction (UI):
Scope (S):
Confidentiality (C): NONE
Integrity (I): NONE
Availability (A): COMPLETE

CVSS v2

Base Score:
Access Vector (AV):
Access Complexity (AC):
Authentication (AU):
Confidentiality (C): LOW
Integrity (I): LOW
Availability (A): NONE
Additional information:

Do you need more information?

Contact Us