Vulnerabilities (CVE)

Filtered by vendor Adminer Subscribe

Filtered by product Adminer

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2021-43008	1 Adminer	1 Adminer	2022-07-12	5.0 MEDIUM	7.5 HIGH
Improper Access Control in Adminer versions 1.12.0 to 4.6.2 (fixed in version 4.6.3) allows an attacker to achieve Arbitrary File Read on the remote server by requesting the Adminer to connect to a remote MySQL database.
CVE-2021-21311	2 Adminer, Debian	2 Adminer, Debian Linux	2021-06-24	6.4 MEDIUM	7.2 HIGH
Adminer is an open-source database management in a single PHP file. In adminer from version 4.0.0 and before 4.7.9 there is a server-side request forgery vulnerability. Users of Adminer versions bundling all drivers (e.g. `adminer.php`) are affected. This is fixed in version 4.7.9.