Vulnerabilities > Adminer > Adminer > 3.6.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-05 | CVE-2021-43008 | Improper Access Control in Adminer versions 1.12.0 to 4.6.2 (fixed in version 4.6.3) allows an attacker to achieve Arbitrary File Read on the remote server by requesting the Adminer to connect to a remote MySQL database. | 7.5 |
| 2021-02-09 | CVE-2020-35572 | Cross-site Scripting vulnerability in Adminer Adminer through 4.7.8 allows XSS via the history parameter to the default URI. | 6.1 |
| 2018-03-05 | CVE-2018-7667 | Server-Side Request Forgery (SSRF) vulnerability in Adminer Adminer through 4.3.1 has SSRF via the server parameter. | 9.8 |