vrana/adminer is vulnerable to Server-Side Request Forgery (SSRF). The vulnerability exists due to error response return argument not sanitized in the function rootQuery
.
CPE | Name | Operator | Version |
---|---|---|---|
vrana/adminer | le | v4.7.8 |
github.com/advisories/GHSA-x5r2-hj5c-8jx6
github.com/vrana/adminer/commit/ccd2374b0b12bd547417bf0dacdf153826c83351
github.com/vrana/adminer/files/5957311/Adminer.SSRF.pdf
github.com/vrana/adminer/security/advisories/GHSA-x5r2-hj5c-8jx6
lists.debian.org/debian-lts-announce/2021/03/msg00002.html
packagist.org/packages/vrana/adminer