SOURCEFORGE Adminer 跨站脚本漏洞

🗓️ 19 May 2021 00:00:00Reported by China National Vulnerability Database of Information SecurityType

cnnvd

cnnvd🔗 www.cnnvd.org.cn👁 3 Views

XSS in SOURCEFORGE Adminer versions 4.6.1 to 4.8.0 via PHP data objects; affects browsers without content security policy.

Reporter	Title	Published	Views	Family All 25
BDU FSTEC	The vulnerability of the Adminer database management software lies in the lack of measures to sanitize input data, allowing attackers to execute cross-site scripting (XSS) attacks.	9 Jun 202100:00	–	bdu_fstec
Circl	CVE-2021-29625	27 Apr 202309:58	–	circl
CNVD	Unspecified Vulnerability in SOURCEFORGE Adminer	21 May 202100:00	–	cnvd
CVE	CVE-2021-29625	19 May 202121:35	–	cve
Cvelist	CVE-2021-29625 XSS in doc_link	19 May 202121:35	–	cvelist
Debian CVE	CVE-2021-29625	19 May 202121:35	–	debiancve
Github Security Blog	XSS in doc_link	18 Mar 202217:49	–	github
Nuclei	Adminer <=4.8.0 - Cross-Site Scripting	15 Jun 202607:03	–	nuclei
NVD	CVE-2021-29625	19 May 202122:15	–	nvd
OpenVAS	Adminer 4.6.1 < 4.8.1 XSS Vulnerability - Linux	21 May 202100:00	–	openvas

Source	Link
github	www.github.com/vrana/adminer/security/advisories/GHSA-2v82-5746-vwqc
sourceforge	www.sourceforge.net/p/adminer/bugs-and-features/797/
github	www.github.com/vrana/adminer/commit/4043092ec2c0de2258d60a99d0c5958637d051a7
cybersecurity-help	www.cybersecurity-help.cz/vdb/SB2021052710
cybersecurity-help	www.cybersecurity-help.cz/vdb/SB2022042611

24 May 2026 00:00Current

5.6Medium risk

Vulners AI Score5.6

CVSS 24.3

CVSS 3.16.1 - 7.5

EPSS0.09572

Cross site scripting Adminer vulnerability PHP data objects Content security policy SourceForge