CVE-2022-23808

MEDIUM NUCLEI

phpMyAdmin 5.1.0-5.1.1 - Cross-Site Scripting in Setup Script

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2022-23808. PoCs published by dipakpanchal05. A Nuclei detection template is also available.

AI-analyzed exploit summary This repository provides a detailed writeup and proof-of-concept for CVE-2022-23808, an XSS vulnerability in phpMyAdmin 5.1.1. It includes the vulnerable parameters, payload, and steps to reproduce the issue.

Description

An issue was discovered in phpMyAdmin 5.1 before 5.1.2. An attacker can inject malicious code into aspects of the setup script, which can allow XSS or HTML injection.

Exploits (2)

nomisec WRITEUP 115 stars

by dipakpanchal05 · poc

https://github.com/dipakpanchal05/CVE-2022-23808

View Code ZIP pw:eip

This repository provides a detailed writeup and proof-of-concept for CVE-2022-23808, an XSS vulnerability in phpMyAdmin 5.1.1. It includes the vulnerable parameters, payload, and steps to reproduce the issue.

Classification

Writeup 90%

Attack Type

Xss

Complexity

Trivial

Reliability

Reliable

Target: phpMyAdmin 5.1.1

Auth required

Prerequisites: Access to phpMyAdmin setup script · Valid session cookies

MITRE ATT&CK

T1059.007 - JavaScript

devstral-2 · analyzed Feb 16, 2026 Full analysis →

inthewild WRITEUP

poc

https://github.com/dipakpanchal456/cve-2022-23808

View Code ZIP pw:eip

This repository provides a detailed technical analysis of CVE-2022-23808, an XSS vulnerability in phpMyAdmin 5.1.1. It includes the vulnerable parameters, payload, and steps to reproduce the issue, along with mitigation and fix recommendations.

Classification

Writeup 90%

Attack Type

Xss

Complexity

Trivial

Reliability

Reliable

Target: phpMyAdmin versions of the 5.1 branch prior to 5.1.2

Auth required

Prerequisites: Access to the phpMyAdmin setup script · Valid session cookies

MITRE ATT&CK

T1059.007 - JavaScript T1189 - Drive-by Compromise

devstral-2 · analyzed Feb 23, 2026 Full analysis →

Nuclei Templates (1)

phpMyAdmin < 5.1.2 - Cross-Site Scripting

MEDIUMVERIFIEDby cckuailong,daffainfo

Shodan: http.component:"phpmyadmin" || http.title:"phpmyadmin" || cpe:"cpe:2.3:a:phpmyadmin:phpmyadmin"

FOFA: title="phpmyadmin" || body="pma_servername" && body="4.8.4"

References (3)

Core 3

Core References

Third Party Advisory vendor-advisory

https://security.gentoo.org/glsa/202311-17

Various Sources

https://infosecwriteups.com/exploit-cve-2022-23808-85041c6e5b97

Patch, Vendor Advisory

https://www.phpmyadmin.net/security/PMASA-2022-2/

Scores

CVSS v3 6.1

EPSS 0.4936

EPSS Percentile 97.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-79

Status published

Products (2)

phpmyadmin/phpmyadmin 5.1.0 - 5.1.2

phpmyadmin/phpmyadmin 5.1.0 - 5.1.2Packagist

Published Jan 22, 2022

Tracked Since Feb 18, 2026