CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

263 matches found

Positive Technologies•added 2024/10/15 12:0 a.m.•3 views

PT-2024-10746 · WordPress · Ari Adminer

Name of the Vulnerable Software and Affected Versions: ARI-Adminer plugin for WordPress versions up to, and including, 1.1.14 Description: The ARI-Adminer plugin for WordPress is vulnerable to authorization bypass due to a lack of file access controls in nearly every file of the plugin. This make...

7.3CVSS6.9AI score0.00396EPSS

Exploits0References13

VulnCheck KEV•added 2024/10/15 12:0 a.m.•1 views

VulnCheck KEV: CVE-2019-25215

The ARI-Adminer plugin for WordPress is vulnerable to authorization bypass due to a lack of file access controls in nearly every file of the plugin in versions up to, and including, 1.1.14. This makes it possible for unauthenticated attackers to call the files directly and perform a wide...

7.3CVSS5.8AI score0.00396EPSS

Exploits0References1

ICS•added 2024/07/19 4:0 p.m.•8 views

Adminer and AdminerEvo Multiple Vulnerabilities

RISK EVALUATION Adminer and AdminerEvo contain multiple vulnerabilities. Successful exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to deny service, enumerate and access systems indirectly, upload arbitrary files, and execute arbitrary code. Adminer is no...

8.1AI score

Exploits0References1

Veracode•added 2024/06/27 7:43 a.m.•11 views

Denial Of Service (DoS)

vrana/adminer is vulnerable to Denial of Service DoS. The vulnerability is caused due to improper handling of HTTP redirects, which allows an attacker to trigger a Denial of Service DoS condition by connecting adminer to an attacker controlled service...

6.9CVSS6.7AI score0.00587EPSS

Exploits0References3Affected Software2

OSV•added 2024/06/24 10:15 p.m.•2 views

DEBIAN-CVE-2023-45195

Adminer and AdminerEvo are vulnerable to SSRF via database connection fields. This could allow an unauthenticated remote attacker to enumerate or access systems the attacker would not otherwise have access to. Adminer is no longer supported, but this issue was fixed in AdminerEvo version 4.8.4...

5.3CVSS5.5AI score0.00415EPSS

Exploits0References1

OSV•added 2024/06/24 10:15 p.m.•12 views

CVE-2023-45195

5.3CVSS6.9AI score

Exploits0References1

OSV•added 2024/06/24 10:15 p.m.•0 views

UBUNTU-CVE-2023-45195

6.9CVSS5.8AI score0.00415EPSS

Exploits0References3

OSV•added 2024/06/24 9:15 p.m.•1 views

DEBIAN-CVE-2023-45196

Adminer and AdminerEvo allow an unauthenticated remote attacker to cause a denial of service by connecting to an attacker-controlled service that responds with HTTP redirects. The denial of service is subject to PHP configuration limits. Adminer is no longer supported, but this issue was fixed in...

7.5CVSS5.5AI score0.00587EPSS

Exploits0References1

CVE•added 2024/06/24 9:6 p.m.•148 views

CVE-2023-45195

CVE-2023-45195 concerns SSRF in Adminer and AdminerEvo via database connection fields. An unauthenticated remote attacker could enumerate or access systems the attacker would not otherwise have access to. The advisory notes Adminer is no longer supported, and the issue was fixed in AdminerEvo ver...

6.9CVSS6.8AI score0.00415EPSS

Exploits0References1Affected Software1

CVE•added 2024/06/24 8:48 p.m.•61 views

CVE-2023-45196

CVE-2023-45196 affects Adminer and AdminerEvo. An unauthenticated remote attacker can cause a denial of service by connecting to an attacker‑controlled service that answers with HTTP redirects; the impact is constrained by PHP configuration limits. Adminer is no longer supported; the issue was fi...

7.5CVSS6.9AI score0.00587EPSS

Exploits0References1Affected Software1

CVE•added 2024/06/21 2:28 p.m.•94 views

CVE-2023-45197

The CVE-2023-45197 entry concerns Adminer and AdminerEvo where the file-upload plugin allows uploading a file with a table name of “..” to the Adminer directory root, enabling an attacker to guess the filename and execute it. Affected software: Adminer and AdminerEvo (Adminer is no longer support...

9.8CVSS9.5AI score0.00663EPSS

Exploits0References2Affected Software1

Veracode•added 2024/06/12 9:11 a.m.•11 views

File Disclosure

vrana/adminer is vulnerable to File Disclosure. This vulnerability is due to insufficient input validation, allowing unauthorized access to sensitive files within the application's directory...

6.9AI score

Exploits0

Github Security Blog•added 2024/06/07 10:19 p.m.•15 views

Adminer file disclosure vulnerability

Adminer script versions up to 4.6.2 contains file disclosure vulnerability...

6.9AI score

Exploits0References4Affected Software1

OSV•added 2024/06/07 10:19 p.m.•17 views

GHSA-97H7-MF38-G9MF Adminer file disclosure vulnerability

Adminer script versions up to 4.6.2 contains file disclosure vulnerability...

7.5CVSS6.9AI score

Exploits0References4

ATTACKERKB•added 2024/02/27 4:15 p.m.•5 views

CVE-2024-25399

Subrion CMS 4.2.1 is vulnerable to Cross Site Scripting XSS via adminer.php...

6.1CVSS6.4AI score0.00345EPSS

Exploits0References2

CNNVD•added 2024/02/27 12:0 a.m.•3 views

Subrion CMS Security Vulnerability

Subrion CMS is a PHP-based content management system CMS from the Subrion team. The system can be integrated into websites and supports a variety of extensions plug-ins and more. A security vulnerability exists in Subrion CMS version 4.2.1, which stems from a cross-site scripting XSS vulnerabilit...

6.1CVSS5.8AI score0.00345EPSS

Exploits0References2

Tenable Nessus•added 2023/10/16 12:0 a.m.•23 views

Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM : Adminer vulnerabilities (USN-5271-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5271-1 advisory. It was discovered that Adminer did not escape data in the history parameter of the default URI. A remote attacker could possibly...

7.5CVSS6.9AI score0.90461EPSS

Exploits5References4