CNNVD-202511-2349 Information

CNNVD ID

CNNVD-202511-2349

Related CVE

CVE-2025-60799

• CNNVD Published: 2025-11-20

Description (Chinese)

phpPgAdmin是phppgadmin开源的一个应用软件。用于 postgresql 的首要基于 Web 的管理工具。 phpPgAdmin 7.13.0及之前版本存在安全漏洞，该漏洞源于sql.php中未进行适当的验证或访问控制检查，可能导致会话投毒或存储型跨站脚本。

Description (English)

phpPgAdmin is a phpgadmin open source application. The primary Web-based management tool for postgresql. phpPgAdmin 7.1.3.0 and previous versions have a security loophole, which arises from the lack of proper validation or access control checks in sql.php, which may lead to the poisoning of conversational or storage-type cross-site scripts.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

phppgadmin

Published

2025-11-20

Last Modified

2026-02-24

References

https://github.com/phppgadmin/phppgadmin/blob/master/sql.php#L68-L76 https://github.com/pr0wl1ng/security-advisories/blob/main/CVE-2025-60799.md https://access.redhat.com/security/cve/cve-2025-60799