VulnerableCode Package Details - pkg:composer/phpmyadmin/phpmyadmin@5.2.1

Search for packages

Vulnerability	Summary	Fixed by
VCID-araw-4wdy-hqcz Aliases: CVE-2025-24530 GHSA-222v-cx2c-q2f5	phpMyAdmin XSS when checking tables An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.	5.2.2 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-araw-4wdy-hqcz
Aliases:
CVE-2025-24530
GHSA-222v-cx2c-q2f5

phpMyAdmin XSS when checking tables An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.

5.2.2
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-ym9b-4su6-6fbr	Cross-site Scripting vulnerability in drag-and-drop upload of phpMyAdmin In phpMyAdmin before 4.9.11 and 5.x before 5.2.1, an authenticated user can trigger Cross-site Scripting (XSS) by uploading a crafted .sql file through the drag-and-drop interface. By disabling the configuration directive `$cfg['enable_drag_drop_import']`, users will be unable to use the drag and drop upload which would protect against the vulnerability.	CVE-2023-25727 GHSA-6hr3-44gx-g6wh

Vulnerability

Summary

Aliases

VCID-ym9b-4su6-6fbr

Cross-site Scripting vulnerability in drag-and-drop upload of phpMyAdmin In phpMyAdmin before 4.9.11 and 5.x before 5.2.1, an authenticated user can trigger Cross-site Scripting (XSS) by uploading a crafted .sql file through the drag-and-drop interface. By disabling the configuration directive `$cfg['enable_drag_drop_import']`, users will be unable to use the drag and drop upload which would protect against the vulnerability.

CVE-2023-25727
GHSA-6hr3-44gx-g6wh

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T23:19:21.222739+00:00	GitLab Importer	Affected by	VCID-araw-4wdy-hqcz	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/phpmyadmin/phpmyadmin/CVE-2025-24530.yml	38.4.0
2026-04-16T22:21:41.605267+00:00	GitLab Importer	Fixing	VCID-ym9b-4su6-6fbr	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/phpmyadmin/phpmyadmin/CVE-2023-25727.yml	38.4.0
2026-04-12T00:38:11.096230+00:00	GitLab Importer	Affected by	VCID-araw-4wdy-hqcz	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/phpmyadmin/phpmyadmin/CVE-2025-24530.yml	38.3.0
2026-04-11T23:39:45.729856+00:00	GitLab Importer	Fixing	VCID-ym9b-4su6-6fbr	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/phpmyadmin/phpmyadmin/CVE-2023-25727.yml	38.3.0
2026-04-03T00:46:08.338868+00:00	GitLab Importer	Affected by	VCID-araw-4wdy-hqcz	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/phpmyadmin/phpmyadmin/CVE-2025-24530.yml	38.1.0
2026-04-02T23:43:54.361017+00:00	GitLab Importer	Fixing	VCID-ym9b-4su6-6fbr	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/phpmyadmin/phpmyadmin/CVE-2023-25727.yml	38.1.0
2026-04-02T16:58:56.471833+00:00	GHSA Importer	Fixing	VCID-ym9b-4su6-6fbr	https://github.com/advisories/GHSA-6hr3-44gx-g6wh	38.1.0
2026-04-01T12:58:14.170554+00:00	GithubOSV Importer	Fixing	VCID-ym9b-4su6-6fbr	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/02/GHSA-6hr3-44gx-g6wh/GHSA-6hr3-44gx-g6wh.json	38.0.0
2026-04-01T12:50:53.577563+00:00	GitLab Importer	Fixing	VCID-ym9b-4su6-6fbr	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/phpmyadmin/phpmyadmin/CVE-2023-25727.yml	38.0.0