vrana/adminer Security Advisories for v4.4.0 (6)
-
[HIGH] Adminer PHP Object Injection issue leads to Denial of Service
PKSA-16w6-mwbq-xf2b CVE-2025-43960 GHSA-mqh4-2mm8-g7w9
Affected version: <=4.8.1
Reported by:
GitHub -
[HIGH] Files or Directories Accessible to External Parties in Adminer
PKSA-sqhq-8pzb-j6d7 CVE-2021-43008 GHSA-rxfq-3vpc-vv72
Affected version: >=1.12.0,<4.6.3
Reported by:
GitHub -
[MEDIUM] vrana/adminer vulnerable to SSRF by connecting to privileged ports
PKSA-skhx-v6fz-wrt9 CVE-2018-7667 GHSA-43f8-p5w3-5m25
Affected version: <4.7.8
Reported by:
GitHub -
[HIGH] SSRF in adminer
PKSA-3s27-sj6v-h4s9 CVE-2021-21311 GHSA-x5r2-hj5c-8jx6
Affected version: <4.7.9
Reported by:
GitHub -
[MEDIUM] vrana/adminer via XSS in the history parameter in SQL command
PKSA-d61d-915d-qn8d CVE-2020-35572 GHSA-9pgx-gcph-mpqr
Affected version: <4.7.9
Reported by:
GitHub -
[HIGH] Adminer script versions up to 4.6.2 contains file disclosure vulnerability
PKSA-n17c-w4wv-w15r GHSA-97h7-mf38-g9mf
Affected version: <4.6.3
Reported by:
GitHub, FriendsOfPHP/security-advisories