Lucene search
K

263 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 3:46 a.m.3 views

SUSE CVE-2021-21311

Adminer is an open-source database management in a single PHP file. In adminer from version 4.0.0 and before 4.7.9 there is a server-side request forgery vulnerability. Users of Adminer versions bundling all drivers e.g. adminer.php are affected. This is fixed in version 4.7.9...

7.2CVSS6.9AI score0.90461EPSS
Exploits3References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:42 a.m.3 views

SUSE CVE-2021-29625

Adminer is open-source database management software. A cross-site scripting vulnerability in Adminer versions 4.6.1 to 4.8.0 affects users of MySQL, MariaDB, PgSQL and SQLite. XSS is in most cases prevented by strict CSP in all modern browsers. The only exception is when Adminer is using a pdo...

7.5CVSS6.2AI score0.09572EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:37 a.m.2 views

SUSE CVE-2021-43008

Improper Access Control in Adminer versions 1.12.0 to 4.6.2 fixed in version 4.6.3 allows an attacker to achieve Arbitrary File Read on the remote server by requesting the Adminer to connect to a remote MySQL database...

7.5CVSS7.4AI score0.13641EPSS
Exploits4References3
OpenVAS
OpenVAS
added 2023/01/27 12:0 a.m.17 views

Ubuntu: Security Advisory (USN-5271-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.4AI score0.90461EPSS
Exploits5References4
CNVD
CNVD
added 2022/08/10 12:0 a.m.39 views

WordPress plugin Adminer Login has an unspecified vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress plugin Adminer Login version 1.4.4 contains a security vulnerability that can be exploited by...

7.8CVSS2.6AI score0.004EPSS
Exploits1References1
OSV
OSV
added 2022/06/20 8:15 p.m.3 views

CVE-2017-20066

A vulnerability has been found in Adminer Login 1.4.4 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to improper access controls. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used...

7.8CVSS4.7AI score0.004EPSS
Exploits1References3
NVD
NVD
added 2022/06/20 8:15 p.m.11 views

CVE-2017-20066

A vulnerability has been found in Adminer Login 1.4.4 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to improper access controls. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used...

7.8CVSS0.004EPSS
Exploits1References3
Prion
Prion
added 2022/06/20 8:15 p.m.16 views

Improper access control

A vulnerability has been found in Adminer Login 1.4.4 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to improper access controls. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used...

4.6CVSS7.5AI score0.004EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2022/06/20 8:10 p.m.63 views

CVE-2017-20066

The CVE-2017-20066 entry concerns the Adminer Login WordPress plugin version 1.4.4, where a local improper access control vulnerability is reported. Connected sources describe that the vulnerability could permit an attacker to authenticate/connect to local/internal WordPress databases from the pu...

7.8CVSS6.3AI score0.004EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2022/06/20 8:10 p.m.6 views

CVE-2017-20066 Adminer Login access control

A vulnerability has been found in Adminer Login 1.4.4 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to improper access controls. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used...

5.3CVSS7AI score0.004EPSS
Exploits1References3
Cvelist
Cvelist
added 2022/06/20 8:10 p.m.16 views

CVE-2017-20066 Adminer Login access control

A vulnerability has been found in Adminer Login 1.4.4 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to improper access controls. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used...

5.3CVSS7.6AI score0.004EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/06/20 12:0 a.m.3 views

WordPress plugin Adminer Login 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress plugin Adminer Login version 1.4.4 contains a security vulnerability that can be exploited by...

7.8CVSS5.6AI score0.004EPSS
Exploits1References4
Ubuntu
Ubuntu
added 2022/06/03 1:18 p.m.98 views

USN-5271-1: Adminer vulnerabilities

It was discovered that Adminer did not escape data in the history parameter of the default URI. A remote attacker could possibly use this issue to perform cross-site scripting XSS attacks. This issue only affected Ubuntu 20.04 ESM. CVE-2020-35572 Adam Crosser and Brian Sizemore discovered that...

7.5CVSS7.1AI score0.90461EPSS
Exploits5
Tenable Nessus
Tenable Nessus
added 2022/06/01 12:0 a.m.24 views

Adminer 4.x < 4.7.9 Server-Side Request Forgery

The version of Adminer installed on the remote host suffers from a Server-Side Request Forgery SSRF flaw via the error page of Elasticsearch and ClickHouse in versions bundling all drivers, this may permit clients to make onward connections to arbitrary systems/ports & can be used to potentially...

7.2CVSS7.4AI score0.90461EPSS
Exploits3References2
OpenVAS
OpenVAS
added 2022/05/14 12:0 a.m.18 views

Debian: Security Advisory (DLA-3002-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.6AI score0.13641EPSS
Exploits4References3
Tenable Nessus
Tenable Nessus
added 2022/05/14 12:0 a.m.31 views

Debian DLA-3002-1 : adminer - LTS security update

The remote Debian 9 host has a package installed that is affected by a vulnerability as referenced in the dla-3002 advisory. - Improper Access Control in Adminer versions 1.12.0 to 4.6.2 fixed in version 4.6.3 allows an attacker to achieve Arbitrary File Read on the remote server by requesting th...

7.5CVSS7.3AI score0.13641EPSS
Exploits4References4
Debian
Debian
added 2022/05/13 5:7 p.m.21 views

[SECURITY] [DLA 3002-1] adminer security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3002-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb May 13, 2022 https://wiki.debian.org/LTS - -------------------------------------------------------------------------...

7.5CVSS7.3AI score0.13641EPSS
Exploits4
OSV
OSV
added 2022/05/13 12:0 a.m.25 views

DLA-3002-1 adminer - security update

Bulletin has no description...

7.5CVSS7.5AI score0.13641EPSS
Exploits4
ICS
ICS
added 2022/05/10 12:0 a.m.28 views

Adminer in Industrial Products

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: Adminer Equipment: Adminer Vulnerability: Files or Directories Accessible to External Parties 2. RISK EVALUATION Successful exploitation of this vulnerability could allow...

7.5CVSS7.8AI score0.13641EPSS
Exploits4References5
VulnCheck KEV
VulnCheck KEV
added 2022/05/04 12:0 a.m.6 views

VulnCheck KEV: CVE-2021-21311

Adminer contains a server-side request forgery vulnerability that, when exploited, allows a remote attacker to obtain potentially sensitive information...

7.2CVSS7.2AI score0.90461EPSS
Exploits3References1
Rows per page
Query Builder