PHPipam version 1.3.2 and previous versions contains a CWE-79 vulnerability in /app/admin/users/print-user.php that can result in Execute code in the victims browser. This attack appear to be exploitable via Attacker change theme parameter in user settings. Admin(Victim) views user in admin-panel and gets exploited.. This vulnerability appears to have been fixed in 1.4.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
phpipam phpipam |