4 matches found
[SECURITY] [DLA 3002-1] adminer security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3002-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb May 13, 2022 https://wiki.debian.org/LTS - -------------------------------------------------------------------------...
Files or Directories Accessible to External Parties in Adminer
Improper Access Control in Adminer versions 1.12.0 to 4.6.2 fixed in version 4.6.3 allows an attacker to achieve Arbitrary File Read on the remote server by requesting the Adminer to connect to a remote MySQL database...
GHSA-RXFQ-3VPC-VV72 Files or Directories Accessible to External Parties in Adminer
Improper Access Control in Adminer versions 1.12.0 to 4.6.2 fixed in version 4.6.3 allows an attacker to achieve Arbitrary File Read on the remote server by requesting the Adminer to connect to a remote MySQL database...
CVE-2021-43008
The CVE-2021-43008 vulnerability affects Adminer ≤ 4.6.2, where improper access control allows an attacker-controlled remote MySQL server to trigger Adminer to read a local file via LOAD DATA LOCAL INFILE, exposing sensitive files (e.g., /etc/passwd). The issue can enable Arbitrary File Read on t...