CVE-2025-60797 – phpPgAdmin 7.13.0 and earlier contains a SQL in... (How to Fix)

Q: What is the severity of CVE-2025-60797?

CVE-2025-60797 has a CVSS score of 6.5 (MEDIUM). phpPgAdmin 7.13.0 and earlier contains a SQL injection vulnerability in the data export functionality. Authenticated attackers can execute arbitrary SQL commands through unsanitized user input, potentially compromising the PostgreSQL database. This affects all deployments using vulnerable phpPgAdmin versions.

📋 TL;DR

phpPgAdmin 7.13.0 and earlier contains a SQL injection vulnerability in the data export functionality. Authenticated attackers can execute arbitrary SQL commands through unsanitized user input, potentially compromising the PostgreSQL database. This affects all deployments using vulnerable phpPgAdmin versions.

💻 Affected Systems

Products:

phpPgAdmin

Versions: 7.13.0 and earlier

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Requires authenticated access to phpPgAdmin interface. Affects all installations with data export functionality enabled.

📦 What is this software?

Phppgadmin by Phppgadmin Project

View all CVEs affecting Phppgadmin →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise including data theft, privilege escalation to database superuser, and potential server compromise via PostgreSQL extensions.

🟠

Likely Case

Data exfiltration, privilege escalation within the database, and potential denial of service.

🟢

If Mitigated

Limited impact if proper network segmentation, database user privilege restrictions, and input validation are in place.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires authenticated access but is straightforward once credentials are obtained. Public proof-of-concept demonstrates SQL injection.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 7.14.0 or later

Vendor Advisory: https://github.com/phppgadmin/phppgadmin/security/advisories

Restart Required: No

Instructions:

1. Backup current phpPgAdmin installation. 2. Download latest version from official repository. 3. Replace vulnerable files with patched version. 4. Verify dataexport.php line 118 uses parameterized queries.

🔧 Temporary Workarounds

Disable data export functionality

linux

Remove or restrict access to dataexport.php file

mv /path/to/phppgadmin/dataexport.php /path/to/phppgadmin/dataexport.php.disabled

Input validation filter

all

Add input validation before SQL execution in dataexport.php

Add: if (!preg_match('/^SELECT\s+/i', $_REQUEST['query'])) { die('Invalid query'); } before line 118

🧯 If You Can't Patch

Implement strict network access controls to limit phpPgAdmin access to trusted IPs only
Use database user accounts with minimal privileges (no superuser access) for phpPgAdmin connections

🔍 How to Verify

Check if Vulnerable:

Check if dataexport.php line 118 contains: $data->conn->Execute($_REQUEST['query']) without parameterization

Check Version:

grep 'Version' /path/to/phppgadmin/CHANGELOG or check phpPgAdmin interface footer

Verify Fix Applied:

Verify dataexport.php line 118 uses prepared statements or parameterized queries instead of direct $_REQUEST execution

📡 Detection & Monitoring

Log Indicators:

Unusual SQL queries in PostgreSQL logs from phpPgAdmin user
Multiple failed login attempts followed by dataexport.php access

Network Indicators:

HTTP POST requests to dataexport.php with SQL payloads in query parameter

SIEM Query:

source="web_access.log" AND uri="/dataexport.php" AND (method="POST" OR params CONTAINS "SELECT" OR params CONTAINS "UNION")

📊 Metadata

CVE ID: CVE-2025-60797

CVSS v3 Score: 6.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-89

EPSS Score: 0.04% exploit probability (11.3th percentile)

Published: November 20, 2025

Last Updated: November 25, 2025

🔗 References

https://github.com/phppgadmin/phppgadmin/blob/master/dataexport.php#L118 Product
https://github.com/pr0wl1ng/security-advisories/blob/main/CVE-2025-60797.md Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-60797, you might also want to check these: