Skip to main content

Phppgadmin

6 CVEs product

Monthly

CVE-2025-60799 PHP MEDIUM This Month

phpPgAdmin 7.13.0 and earlier contains an incorrect access control vulnerability in sql.php at lines 68-76. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP XSS Authentication Bypass Phppgadmin Suse
NVD GitHub
CVSS 3.1
6.1
EPSS
0.0%
CVE-2025-60798 PHP MEDIUM This Month

phpPgAdmin 7.13.0 and earlier contains a SQL injection vulnerability in display.php at line 396. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi PHP Phppgadmin Suse
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-60797 PHP MEDIUM This Month

phpPgAdmin 7.13.0 and earlier contains a SQL injection vulnerability in dataexport.php at line 118. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi PHP Privilege Escalation Phppgadmin Suse
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-60796 PHP MEDIUM This Month

phpPgAdmin 7.13.0 and earlier contains multiple cross-site scripting (XSS) vulnerabilities across various components. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP XSS Phppgadmin Suse
NVD GitHub
CVSS 3.1
6.1
EPSS
0.1%
CVE-2023-40619 CRITICAL Act Now

phpPgAdmin 7.14.4 and earlier is vulnerable to deserialization of untrusted data which may lead to remote code execution because user-controlled data is directly passed to the PHP 'unserialize()'. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE PHP Deserialization Phppgadmin
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2012-1600 MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in functions.php in phpPgAdmin before 5.0.4 allow remote attackers to inject arbitrary web script or HTML via the (1) name or (2) type of a. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS PHP Phppgadmin Opensuse
NVD GitHub
CVSS 2.0
4.3
EPSS
0.6%
EPSS 0% CVSS 6.1
MEDIUM This Month

phpPgAdmin 7.13.0 and earlier contains an incorrect access control vulnerability in sql.php at lines 68-76. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP XSS Authentication Bypass +2
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM This Month

phpPgAdmin 7.13.0 and earlier contains a SQL injection vulnerability in display.php at line 396. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi PHP Phppgadmin +1
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM This Month

phpPgAdmin 7.13.0 and earlier contains a SQL injection vulnerability in dataexport.php at line 118. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi PHP Privilege Escalation +2
NVD GitHub
EPSS 0% CVSS 6.1
MEDIUM This Month

phpPgAdmin 7.13.0 and earlier contains multiple cross-site scripting (XSS) vulnerabilities across various components. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP XSS Phppgadmin +1
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL Act Now

phpPgAdmin 7.14.4 and earlier is vulnerable to deserialization of untrusted data which may lead to remote code execution because user-controlled data is directly passed to the PHP 'unserialize()'. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE PHP Deserialization +1
NVD GitHub
EPSS 1% CVSS 4.3
MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in functions.php in phpPgAdmin before 5.0.4 allow remote attackers to inject arbitrary web script or HTML via the (1) name or (2) type of a. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS PHP Phppgadmin +1
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy