Vulnerabilities > Adminer > Adminer > 4.2.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-05 | CVE-2021-43008 | Improper Access Control in Adminer versions 1.12.0 to 4.6.2 (fixed in version 4.6.3) allows an attacker to achieve Arbitrary File Read on the remote server by requesting the Adminer to connect to a remote MySQL database. | 7.5 |
| 2021-02-11 | CVE-2021-21311 | Server-Side Request Forgery (SSRF) vulnerability in multiple products Adminer is an open-source database management in a single PHP file. | 6.4 |
| 2021-02-09 | CVE-2020-35572 | Cross-site Scripting vulnerability in Adminer Adminer through 4.7.8 allows XSS via the history parameter to the default URI. | 4.3 |
| 2018-03-05 | CVE-2018-7667 | Server-Side Request Forgery (SSRF) vulnerability in Adminer Adminer through 4.3.1 has SSRF via the server parameter. | 7.5 |