exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 5

CVE-2025-60799

3 месяца назад

phpPgAdmin 7.13.0 and earlier contains an incorrect access control vulnerability in sql.php at lines 68-76. The application allows unauthorized manipulation of session variables by accepting user-controlled parameters ('subject', 'server', 'database', 'queryid') without proper validation or access control checks. Attackers can exploit this to store arbitrary SQL queries in $_SESSION['sqlquery'] by manipulating these parameters, potentially leading to session poisoning, stored cross-site scripting, or unauthorized access to sensitive session data.

CVSS3: 6.1

EPSS: Низкий

CVE-2025-60799

3 месяца назад

phpPgAdmin 7.13.0 and earlier contains an incorrect access control vulnerability in sql.php at lines 68-76. The application allows unauthorized manipulation of session variables by accepting user-controlled parameters ('subject', 'server', 'database', 'queryid') without proper validation or access control checks. Attackers can exploit this to store arbitrary SQL queries in $_SESSION['sqlquery'] by manipulating these parameters, potentially leading to session poisoning, stored cross-site scripting, or unauthorized access to sensitive session data.

CVSS3: 6.1

EPSS: Низкий

CVE-2025-60799

3 месяца назад

phpPgAdmin 7.13.0 and earlier contains an incorrect access control vul ...

CVSS3: 6.1

EPSS: Низкий

GHSA-r63p-v37q-g74c

3 месяца назад

phppgadmin contains an incorrect access control vulnerability

CVSS3: 6.1

EPSS: Низкий

BDU:2025-14893

3 месяца назад

Уязвимость сценария sql.php веб-инструмента администрирования СУБД PostgreSQL phpPgAdmin, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации и проводить межсайтовые сценарные атаки

CVSS3: 6.1

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2025-60799 phpPgAdmin 7.13.0 and earlier contains an incorrect access control vulnerability in sql.php at lines 68-76. The application allows unauthorized manipulation of session variables by accepting user-controlled parameters ('subject', 'server', 'database', 'queryid') without proper validation or access control checks. Attackers can exploit this to store arbitrary SQL queries in $_SESSION['sqlquery'] by manipulating these parameters, potentially leading to session poisoning, stored cross-site scripting, or unauthorized access to sensitive session data.	CVSS3: 6.1	0% Низкий	3 месяца назад
CVE-2025-60799 phpPgAdmin 7.13.0 and earlier contains an incorrect access control vulnerability in sql.php at lines 68-76. The application allows unauthorized manipulation of session variables by accepting user-controlled parameters ('subject', 'server', 'database', 'queryid') without proper validation or access control checks. Attackers can exploit this to store arbitrary SQL queries in $_SESSION['sqlquery'] by manipulating these parameters, potentially leading to session poisoning, stored cross-site scripting, or unauthorized access to sensitive session data.	CVSS3: 6.1	0% Низкий	3 месяца назад
CVE-2025-60799 phpPgAdmin 7.13.0 and earlier contains an incorrect access control vul ...	CVSS3: 6.1	0% Низкий	3 месяца назад
GHSA-r63p-v37q-g74c phppgadmin contains an incorrect access control vulnerability	CVSS3: 6.1	0% Низкий	3 месяца назад
BDU:2025-14893 Уязвимость сценария sql.php веб-инструмента администрирования СУБД PostgreSQL phpPgAdmin, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации и проводить межсайтовые сценарные атаки	CVSS3: 6.1	0% Низкий	3 месяца назад

Уязвимостей на страницу