vrana/adminer
Packagist6 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting vrana/adminerpage 1 of 1
- CVE-2018-7667CRITICALCVSS 9.8EG 9.8✓ Fixed in 4.7.82018-03-05
vulnerable: v4.2.0 ... v4.7.7 (22 versions)
Adminer through 4.3.1 has SSRF via the server parameter.
- CVE-2020-35572MEDIUMCVSS 6.1EG 6.1✓ Fixed in 4.7.92021-02-09
vulnerable: v4.2.0 ... v4.7.8 (23 versions)
Adminer through 4.7.8 allows XSS via the history parameter to the default URI.
- CVE-2021-21311HIGHCVSS 7.2EG 9.0⚠ KEV✓ Fixed in 4.7.92021-02-11
vulnerable: v4.2.0 ... v4.7.8 (23 versions)
Adminer is an open-source database management in a single PHP file. In adminer from version 4.0.0 and before 4.7.9 there is a server-side request forgery vulnerability. Users of Adminer versions bundling all drivers (e.g. `adminer.php`) ar…
- CVE-2021-29625HIGHCVSS 7.5EG 7.5✓ Fixed in 4.8.12021-05-19
vulnerable: v4.7.8, v4.7.9, v4.8.0
Adminer is open-source database management software. A cross-site scripting vulnerability in Adminer versions 4.6.1 to 4.8.0 affects users of MySQL, MariaDB, PgSQL and SQLite. XSS is in most cases prevented by strict CSP in all modern brow…
- CVE-2021-43008HIGHCVSS 7.5EG 7.5✓ Fixed in 4.6.32022-04-05
vulnerable: v4.2.0 ... v4.6.2 (13 versions)
Improper Access Control in Adminer versions 1.12.0 to 4.6.2 (fixed in version 4.6.3) allows an attacker to achieve Arbitrary File Read on the remote server by requesting the Adminer to connect to a remote MySQL database.
- CVE-2026-25892HIGHCVSS 7.5EG 7.5✓ Fixed in 5.4.22026-02-09
vulnerable: v4.10 ... v5.4.1 (42 versions)
Adminer is open-source database management software. Adminer v5.4.1 and earlier has a version check mechanism where adminer.org sends signed version info via JavaScript postMessage, which the browser then POSTs to ?script=version. This end…
Check whether vrana/adminer is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for vrana/adminer CVEs against the assets you own.
Start Free Scan →