CVE-2019-16692
28Vexday Risk Score
No sign of exploitation. It has a public proof of concept.
ssvc Attendepss 10%
from disclosure to weapon5 days
Published on NVDSep 22
1st PoC+5d
exploitation probability
10%top 5% of all CVEs
observed exploitation
nono source reports it
3 public exploit(s)
phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/filter-result.php table parameter when action=add is used.
Affected products
n/a · n/apublic PoCs found — 3
githubgithub.com/kkirsche/CVE-2019-16692★ 5cve_referencepacketstormsecurity.com/files/154651/phpIPAM-1.4-SQL-Injection.htmlunverifiedexploitdbwww.exploit-db.com/exploits/47438unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.