2019-09-22 14:58:45
mitre
PUBLISHED
phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/order.php table parameter when action=add is used.