CNNVD-202511-2350 Information

CNNVD ID

CNNVD-202511-2350

Related CVE

CVE-2025-60797

• CNNVD Published: 2025-11-20

Description (Chinese)

phpPgAdmin是phppgadmin开源的一个应用软件。用于 postgresql 的首要基于 Web 的管理工具。 phpPgAdmin 7.13.0及之前版本存在安全漏洞，该漏洞源于dataexport.php中未对用户输入进行清理或参数化，可能导致SQL注入攻击。

Description (English)

phpPgAdmin is a phpgadmin open source application. The primary Web-based management tool for postgresql. phpPgAdmin 7.1.3.0 and previous versions have a security loophole, which stems from the lack of clean-up or parameterization of user input in the dataexport.php, which could lead to an SQL injection attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

phppgadmin

Published

2025-11-20

Last Modified

2026-02-24

References

https://github.com/phppgadmin/phppgadmin/blob/master/dataexport.php#L118 https://github.com/pr0wl1ng/security-advisories/blob/main/CVE-2025-60797.md https://access.redhat.com/security/cve/cve-2025-60797