263 matches found
Arbitrary File Disclosure Via Password Leakage
vrana/adminer is vulnerable to arbitrary file disclosure. The vulnerability exists because the user credential requests when connecting to the database are not properly validated which allows an attacker to send requests to establish a database connection and arbitrarily read files on the server...
Files or Directories Accessible to External Parties in Adminer
Improper Access Control in Adminer versions 1.12.0 to 4.6.2 fixed in version 4.6.3 allows an attacker to achieve Arbitrary File Read on the remote server by requesting the Adminer to connect to a remote MySQL database...
GHSA-RXFQ-3VPC-VV72 Files or Directories Accessible to External Parties in Adminer
Improper Access Control in Adminer versions 1.12.0 to 4.6.2 fixed in version 4.6.3 allows an attacker to achieve Arbitrary File Read on the remote server by requesting the Adminer to connect to a remote MySQL database...
Adminer 1.12.0 - 4.6.2 Information Disclosure Vulnerability
Adminer is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adminer:adminer";...
CVE-2021-43008
Improper Access Control in Adminer versions 1.12.0 to 4.6.2 fixed in version 4.6.3 allows an attacker to achieve Arbitrary File Read on the remote server by requesting the Adminer to connect to a remote MySQL database...
CVE-2021-43008
Improper Access Control in Adminer versions 1.12.0 to 4.6.2 fixed in version 4.6.3 allows an attacker to achieve Arbitrary File Read on the remote server by requesting the Adminer to connect to a remote MySQL database...
DEBIAN-CVE-2021-43008
Improper Access Control in Adminer versions 1.12.0 to 4.6.2 fixed in version 4.6.3 allows an attacker to achieve Arbitrary File Read on the remote server by requesting the Adminer to connect to a remote MySQL database...
CVE-2021-43008
Improper Access Control in Adminer versions 1.12.0 to 4.6.2 fixed in version 4.6.3 allows an attacker to achieve Arbitrary File Read on the remote server by requesting the Adminer to connect to a remote MySQL database...
Improper access control
Improper Access Control in Adminer versions 1.12.0 to 4.6.2 fixed in version 4.6.3 allows an attacker to achieve Arbitrary File Read on the remote server by requesting the Adminer to connect to a remote MySQL database...
UBUNTU-CVE-2021-43008
Improper Access Control in Adminer versions 1.12.0 to 4.6.2 fixed in version 4.6.3 allows an attacker to achieve Arbitrary File Read on the remote server by requesting the Adminer to connect to a remote MySQL database...
CVE-2021-43008
Improper Access Control in Adminer versions 1.12.0 to 4.6.2 fixed in version 4.6.3 allows an attacker to achieve Arbitrary File Read on the remote server by requesting the Adminer to connect to a remote MySQL database...
CVE-2021-43008
The CVE-2021-43008 vulnerability affects Adminer ≤ 4.6.2, where improper access control allows an attacker-controlled remote MySQL server to trigger Adminer to read a local file via LOAD DATA LOCAL INFILE, exposing sensitive files (e.g., /etc/passwd). The issue can enable Arbitrary File Read on t...
CVE-2021-43008
Improper Access Control in Adminer versions 1.12.0 to 4.6.2 fixed in version 4.6.3 allows an attacker to achieve Arbitrary File Read on the remote server by requesting the Adminer to connect to a remote MySQL database...
SOURCEFORGE Adminer安全漏洞
SOURCEFORGE Adminer is an application from the American SOURCEFORGE community. It provides database management in a single PHP file. A security vulnerability exists in Adminer version 4.6.2 and prior versions that stems from the presence of improper access control. An attacker can exploit the...
PT-2022-11760 · Adminer · Adminer
Name of the Vulnerable Software and Affected Versions: Adminer versions 1.12.0 through 4.6.2 Description: The issue allows an attacker to achieve arbitrary file read on a remote server by requesting Adminer to connect to a remote MySQL database, due to improper access control. Recommendations: Fo...
XSS in doc_link
Impact Users of MySQL, MariaDB, PgSQL and SQLite are affected. XSS is in most cases prevented by strict CSP in all modern browsers. The only exception is when Adminer is using a pdo extension to communicate with the database it is used if the native extensions are not enabled. In browsers without...
GHSA-2V82-5746-VWQC XSS in doc_link
Impact Users of MySQL, MariaDB, PgSQL and SQLite are affected. XSS is in most cases prevented by strict CSP in all modern browsers. The only exception is when Adminer is using a pdo extension to communicate with the database it is used if the native extensions are not enabled. In browsers without...
Exploit for Server-Side Request Forgery in Adminer
CVE-2021-21311 Adminer is an open-source database managem...
Exploit for CVE-2021-43008
CVE-2021-43008 - AdminerRead Exploit tool for Adminer 1...
CVE-2020-19156
Cross Site Scripting XSS in Ari Adminer v1 allows remote attackers to execute arbitrary code via the 'Title' parameter of the 'Add New Connections' component when the 'save' function is called...