CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

292 matches found

CNNVD•added 2026/01/21 12:0 a.m.•3 views

Number withdrawal

phpPgAdmin is an open-source application developed by phppgadmin. It is the leading web-based management tool for Postgres databases...

5.8AI score0.00262EPSS

Exploits0References4

SUSE CVE•added 2025/11/22 12:23 a.m.•2 views

SUSE CVE-2025-60796

phpPgAdmin 7.13.0 and earlier contains multiple cross-site scripting XSS vulnerabilities across various components. User-supplied input from $REQUEST parameters is reflected in HTML output without proper encoding or sanitization in multiple locations including sequences.php, indexes.php, admin.ph...

6.1CVSS6.5AI score0.00198EPSS

Exploits0References3

SUSE CVE•added 2025/11/22 12:23 a.m.•4 views

SUSE CVE-2025-60797

phpPgAdmin 7.13.0 and earlier contains a SQL injection vulnerability in dataexport.php at line 118. The application directly executes user-supplied SQL queries from the $REQUEST'query' parameter without any sanitization or parameterization via $data-conn-Execute$REQUEST'query'. An authenticated...

6.5CVSS8.4AI score0.00233EPSS

Exploits0References3

SUSE CVE•added 2025/11/22 12:23 a.m.•3 views

SUSE CVE-2025-60798

phpPgAdmin 7.13.0 and earlier contains a SQL injection vulnerability in display.php at line 396. The application passes user-controlled input from $REQUEST'query' directly to the browseQuery function without proper sanitization. An authenticated attacker can exploit this vulnerability to execute...

6.5CVSS8.5AI score0.0025EPSS

Exploits0References3

SUSE CVE•added 2025/11/22 12:23 a.m.•3 views

SUSE CVE-2025-60799

phpPgAdmin 7.13.0 and earlier contains an incorrect access control vulnerability in sql.php at lines 68-76. The application allows unauthorized manipulation of session variables by accepting user-controlled parameters 'subject', 'server', 'database', 'queryid' without proper validation or access...

6.1CVSS7.2AI score0.00191EPSS

Exploits0References3

Tenable Nessus•added 2025/11/22 12:0 a.m.•5 views

Linux Distros Unpatched Vulnerability : CVE-2025-60798

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - phpPgAdmin 7.13.0 and earlier contains a SQL injection vulnerability in display.php at line 396. The application passes user-controlled input from $REQUEST'quer...

6.5CVSS6AI score0.0025EPSS

Exploits0References3

Tenable Nessus•added 2025/11/22 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2025-60797

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - phpPgAdmin 7.13.0 and earlier contains a SQL injection vulnerability in dataexport.php at line 118. The application directly executes user-supplied SQL queries...

6.5CVSS6.1AI score0.00233EPSS

Exploits0References3

RedhatCVE•added 2025/11/21 12:18 a.m.•13 views

CVE-2025-60798

6.5CVSS8.4AI score0.0025EPSS

Exploits0References1

RedhatCVE•added 2025/11/21 12:18 a.m.•6 views

CVE-2025-60799

6.1CVSS7.1AI score0.00191EPSS

Exploits0References1

RedhatCVE•added 2025/11/21 12:18 a.m.•6 views

CVE-2025-60796

6.1CVSS6.4AI score0.00198EPSS

Exploits0References1

RedhatCVE•added 2025/11/21 12:18 a.m.•8 views

CVE-2025-60797

6.5CVSS8.3AI score0.00233EPSS

Exploits0References1

Tenable Nessus•added 2025/11/21 12:0 a.m.•1 views

Linux Distros Unpatched Vulnerability : CVE-2025-60796

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - phpPgAdmin 7.13.0 and earlier contains multiple cross-site scripting XSS vulnerabilities across various components. User-supplied input from $REQUEST parameters...

6.1CVSS6AI score0.00198EPSS

Exploits0References3

Tenable Nessus•added 2025/11/21 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2025-60799

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - phpPgAdmin 7.13.0 and earlier contains an incorrect access control vulnerability in sql.php at lines 68-76. The application allows unauthorized manipulation of...

6.1CVSS5.8AI score0.00191EPSS

Exploits0References3

OpenVAS•added 2025/11/21 12:0 a.m.•2 views

phpPgAdmin <= 7.13.0 Multiple Vulnerabilities

phpPgAdmin is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:phppgadmin:phppgadmin"; if...

6.5CVSS7.8AI score0.0025EPSS

Exploits0References4

EUVD•added 2025/11/20 3:30 p.m.•4 views

EUVD-2025-198265

6.5CVSS7.9AI score0.0025EPSS

Exploits0References4

Snyk•added 2025/11/20 3:30 p.m.•3 views

SQL Injection

Overview phppgadmin/phppgadmin is a web-based administration tool for PostgreSQL. It is perfect for PostgreSQL DBAs, newbies, and hosting services. Affected versions of this package are vulnerable to SQL Injection via the browseQuery function. An attacker can execute arbitrary SQL commands by...

6.5CVSS8.4AI score0.0025EPSS

Exploits0References2

Snyk•added 2025/11/20 3:30 p.m.•4 views

Access Control Bypass

Overview phppgadmin/phppgadmin is a web-based administration tool for PostgreSQL. It is perfect for PostgreSQL DBAs, newbies, and hosting services. Affected versions of this package are vulnerable to Access Control Bypass via the handling of user-controlled parameters in sql.php. An attacker can...

6.1CVSS7.5AI score0.00191EPSS

Exploits0References2