RSS   Vulnerabilities for 'Adminer'   RSS

2021-02-11
 
CVE-2021-21311

CWE-918
 

 
Adminer is an open-source database management in a single PHP file. In adminer from version 4.0.0 and before 4.7.9 there is a server-side request forgery vulnerability. Users of Adminer versions bundling all drivers (e.g. `adminer.php`) are affected. This is fixed in version 4.7.9.

 
2021-02-09
 
CVE-2020-35572

CWE-79
 

 
Adminer through 4.7.8 allows XSS via the history parameter to the default URI.

 
2018-03-05
 
CVE-2018-7667

CWE-918
 

 
Adminer through 4.3.1 has SSRF via the server parameter.

 


Copyright 2021, cxsecurity.com

 

Back to Top