CNNVD-202511-2347 Information
CNNVD ID
CNNVD-202511-2347
Related CVE
- CNNVD Published: 2025-11-20
Description (Chinese)
phpPgAdmin是phppgadmin开源的一个应用软件。用于 postgresql 的首要基于 Web 的管理工具。 phpPgAdmin 7.13.0及之前版本存在安全漏洞,该漏洞源于display.php中未对用户输入进行适当清理,可能导致SQL注入攻击。
Description (English)
phpPgAdmin is a phpgadmin open source application. The primary Web-based management tool for postgresql. phpPgAdmin 7.1.3.0 and previous versions have a security loophole, which stems from the failure to properly clean up user input in display.php, which could lead to an SQL injection attack.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
phppgadmin
Published
2025-11-20
Last Modified
2026-02-24
References
https://github.com/phppgadmin/phppgadmin/blob/master/display.php#L396 https://github.com/pr0wl1ng/security-advisories/blob/main/CVE-2025-60797.md https://github.com/pr0wl1ng/security-advisories/blob/main/CVE-2025-60798.md https://access.redhat.com/security/cve/cve-2025-60798
Share on: