CVE-2022-28102

Name of the Vulnerable Software and Affected Versions PHP MySQL Admin Panel Generator version 1

Description A cross-site scripting (XSS) issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected at the "/edit-db.php" API endpoint. This enables attackers to potentially manipulate the web application's behavior.

Recommendations For PHP MySQL Admin Panel Generator version 1, consider disabling access to the "/edit-db.php" endpoint until a patch is available to prevent exploitation of this issue. Restricting user input to prevent malicious payloads from being injected is also recommended. At the moment, there is no information about a newer version that contains a fix for this vulnerability.