CNNVD-202512-3352 Information

CNNVD ID

CNNVD-202512-3352

Related CVE

CVE-2025-63948

• CNNVD Published: 2025-12-18

Description (Chinese)

phpMsAdmin是Craig Taub个人开发者的一个Microsoft SQL Server管理工具。 phpMsAdmin 2.2版本存在安全漏洞，该漏洞源于database_mode.php文件中dbname参数未过滤，可能导致SQL注入攻击。

Description (English)

phpMsAdmin is a Microsoft SQL Server management tool for Craig Taub personal developers. phpMsAdmin version 2.2 contains a security loophole, which stems from the fact that dbname parameters in the database mode.php file are not filtered and may lead to an SQL injection attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-12-18

Last Modified

2026-02-24

References

https://github.com/solonbarroso/vulnerability-research/blob/main/advisories/phpMsAdmin/CVE-2025-63948.md https://github.com/solonbarroso/vulnerability-research/blob/main/advisories/phpMsAdmin/CVE-pending-phpMsAdmin.md