CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

16 matches found

RedhatCVE•added 2025/12/19 2:9 p.m.•1 views

CVE-2025-63947

A Reflected Cross-Site Scripting XSS vulnerability exists in phpMsAdmin version 2.2 in the databasemode.php file. An attacker can execute arbitrary web script or HTML via the dbname parameter after a user is authenticated...

5.4CVSS5.7AI score0.00024EPSS

Exploits0References1

RedhatCVE•added 2025/12/19 2:9 p.m.•1 views

CVE-2025-63948

A SQL Injection vulnerability exists in phpMsAdmin version 2.2 in the databasemode.php file. An attacker can execute arbitrary SQL commands via the dbname parameter, potentially leading to information disclosure or database manipulation...

5.4CVSS8AI score0.00034EPSS

Exploits1References1

OSV•added 2025/12/18 9:15 p.m.•0 views

CVE-2025-63947

5.4CVSS6AI score0.00024EPSS

Exploits0References2

OSV•added 2025/12/18 9:15 p.m.•1 views

CVE-2025-63948

5.4CVSS6AI score0.00034EPSS

Exploits1References2

NVD•added 2025/12/18 9:15 p.m.•3 views

CVE-2025-63948

5.4CVSS0.00034EPSS

Exploits1References2

NVD•added 2025/12/18 9:15 p.m.•0 views

CVE-2025-63947

5.4CVSS0.00024EPSS

Exploits0References2

Positive Technologies•added 2025/12/18 12:0 a.m.•3 views

PT-2025-52344

Name of the Vulnerable Software and Affected Versions phpMsAdmin version 2.2 Description A SQL Injection issue exists in the database mode.php file. An attacker can execute arbitrary SQL commands via the dbname parameter, potentially leading to information disclosure or database manipulation...

5.4CVSS8AI score0.00034EPSS

Exploits1References5

CNNVD•added 2025/12/18 12:0 a.m.•3 views

phpMsAdmin 安全漏洞

phpMsAdmin is a Microsoft SQL Server administration tool by Craig Taub Individual Developer. A security vulnerability exists in phpMsAdmin version 2.2, which stems from an unfiltered dbname parameter in the databasemode.php file, which could lead to a reflective cross-site scripting attack...

5.4CVSS6.5AI score0.00024EPSS

Exploits0References2

Vulnrichment•added 2025/12/18 12:0 a.m.•1 views

CVE-2025-63948

7.6AI score0.00034EPSS

Exploits1References2

Positive Technologies•added 2025/12/18 12:0 a.m.•2 views

PT-2025-52343

Name of the Vulnerable Software and Affected Versions phpMsAdmin version 2.2 Description A Reflected Cross-Site Scripting XSS issue exists in the database mode.php file. After a user is authenticated, an attacker can execute arbitrary web script or HTML via the dbname parameter. Recommendations...

5.4CVSS5.6AI score0.00024EPSS

Exploits0References5

CVE•added 2025/12/18 12:0 a.m.•3 views

CVE-2025-63948

CVE-2025-63948 describes a SQL Injection in phpMsAdmin 2.2, triggered by the unfiltered dbname parameter in the file database_mode.php . The vulnerability allows an attacker to execute arbitrary SQL commands, potentially leading to information disclosure or database manipulation. Affected softwar...

5.4CVSS7.6AI score0.00034EPSS

Exploits1References2Affected Software1

Vulnrichment•added 2025/12/18 12:0 a.m.•1 views

CVE-2025-63947

5.3AI score0.00024EPSS

Exploits0References2

CNNVD•added 2025/12/18 12:0 a.m.•2 views

phpMsAdmin 安全漏洞

5.4CVSS7.6AI score0.00034EPSS

Exploits1References2

CVE•added 2025/12/18 12:0 a.m.•3 views

CVE-2025-63947

PHPMsAdmin 2.2 contains a reflected XSS in database_mode.php via the dbname parameter after authentication. The flaw allows execution of arbitrary script/HTML in the user context. Root cause: unfiltered dbname input. Impact is XSS with low confidentiality/integrity impact per provided metrics; no...

5.4CVSS5.3AI score0.00024EPSS

Exploits0References2Affected Software1