-
CVSS Score
-Basic Information
CVE ID
-
GHSA ID
-
EPSS Score
-
CWE
-
Published
-
Updated
-
KEV Status
-
Technology
-
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AI
PHPPHPMiggo AIRoot Cause AnalysisThe vulnerability is a SQL injection in phppgadmin. The analysis of the display.php file, as indicated by the vulnerability description, revealed that the doBrowse function is the entry point for the vulnerability. This function retrieves the query parameter from the HTTP request and passes it to the browseQuery function without any sanitization. An attacker can provide a malicious SQL query in the query parameter, which will then be executed by the database. This is a classic SQL injection vulnerability. The provided security advisory for CVE-2025-60798 confirms this analysis and points to the exact lines of code in the doBrowse function where the unsanitized user input is handled and passed to the query execution function.
doBrowsedisplay.php
Ongoing coverage of React2Shell
| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| phppgadmin/phppgadmin | composer | <= 7.13.0 |