PT-2026-55685 · Phpipam · Phpipam

Published

2026-07-04

·

Updated

2026-07-04

·

CVE-2026-12194

CVSS v4.0

2.3

Low

VectorAV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
PHPIPAM is affected by an authenticated local file inclusion vulnerability that allows users with access to the API to execute/include arbitrary PHP files on the web server's file system. The API is not enabled by default on installations.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-12194

Affected Products

Phpipam