CNNVD-202512-3358 Information

CNNVD ID

CNNVD-202512-3358

Related CVE

CVE-2025-63947

• CNNVD Published: 2025-12-18

Description (Chinese)

phpMsAdmin是Craig Taub个人开发者的一个Microsoft SQL Server管理工具。 phpMsAdmin 2.2版本存在安全漏洞，该漏洞源于database_mode.php文件中dbname参数未过滤，可能导致反射型跨站脚本攻击。

Description (English)

phpMsAdmin is a Microsoft SQL Server management tool for Craig Taub personal developers. phpMsAdmin version 2.2 contains a security loophole, which stems from the fact that dbname parameters in the database mode.php file are not filtered and may lead to a reflective cross-site script attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-12-18

Last Modified

2026-02-24

References

https://github.com/solonbarroso/vulnerability-research/blob/main/advisories/phpMsAdmin/CVE-2025-63947.md https://github.com/solonbarroso/vulnerability-research/blob/main/advisories/phpMsAdmin/CVE-pending-phpMsAdmin.md