Количество 3
Количество 3
CVE-2025-60912
phpIPAM v1.7.3 contains a Cross-Site Request Forgery (CSRF) vulnerability in the database export functionality. The generate-mysql.php function, located in the /app/admin/import-export/ endpoint, allows remote attackers to trigger large database dump downloads via crafted HTTP GET requests if an administrator has an active session.
CVE-2025-60912
phpIPAM v1.7.3 contains a Cross-Site Request Forgery (CSRF) vulnerabil ...
GHSA-2j22-hr4w-47gj
phpIPAM v1.7.3 contains a Cross-Site Request Forgery (CSRF) vulnerability in the database export functionality. The generate-mysql.php function, located in the /app/admin/import-export/ endpoint, allows remote attackers to trigger large database dump downloads via crafted HTTP GET requests if an administrator has an active session.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-60912 phpIPAM v1.7.3 contains a Cross-Site Request Forgery (CSRF) vulnerability in the database export functionality. The generate-mysql.php function, located in the /app/admin/import-export/ endpoint, allows remote attackers to trigger large database dump downloads via crafted HTTP GET requests if an administrator has an active session. | CVSS3: 3.3 | 0% Низкий | 2 месяца назад |
| CVE-2025-60912 phpIPAM v1.7.3 contains a Cross-Site Request Forgery (CSRF) vulnerabil ... | CVSS3: 3.3 | 0% Низкий | 2 месяца назад |
| GHSA-2j22-hr4w-47gj phpIPAM v1.7.3 contains a Cross-Site Request Forgery (CSRF) vulnerability in the database export functionality. The generate-mysql.php function, located in the /app/admin/import-export/ endpoint, allows remote attackers to trigger large database dump downloads via crafted HTTP GET requests if an administrator has an active session. | CVSS3: 3.3 | 0% Низкий | 2 месяца назад |
Уязвимостей на страницу