Vulnerabilities > Adminer > Adminer > 3.7.0

DATE CVE VULNERABILITY TITLE RISK
2022-04-05 CVE-2021-43008 Improper Access Control in Adminer versions 1.12.0 to 4.6.2 (fixed in version 4.6.3) allows an attacker to achieve Arbitrary File Read on the remote server by requesting the Adminer to connect to a remote MySQL database.
network
low complexity
adminer debian
7.5
7.5
2021-02-09 CVE-2020-35572 Cross-site Scripting vulnerability in Adminer
Adminer through 4.7.8 allows XSS via the history parameter to the default URI.
network
adminer CWE-79
4.3
4.3
2018-03-05 CVE-2018-7667 Server-Side Request Forgery (SSRF) vulnerability in Adminer
Adminer through 4.3.1 has SSRF via the server parameter.
network
low complexity
adminer CWE-918
7.5
7.5