Описание
Improper Access Control in Adminer versions 1.12.0 to 4.6.2 (fixed in version 4.6.3) allows an attacker to achieve Arbitrary File Read on the remote server by requesting the Adminer to connect to a remote MySQL database.
Ссылки
- Release NotesThird Party Advisory
- Mailing ListThird Party Advisory
- ExploitThird Party Advisory
- ExploitThird Party Advisory
- Product
- Release NotesThird Party Advisory
- Mailing ListThird Party Advisory
- ExploitThird Party Advisory
- ExploitThird Party Advisory
- Product
Уязвимые конфигурации
EPSS
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
Связанные уязвимости
Improper Access Control in Adminer versions 1.12.0 to 4.6.2 (fixed in version 4.6.3) allows an attacker to achieve Arbitrary File Read on the remote server by requesting the Adminer to connect to a remote MySQL database.
Improper Access Control in Adminer versions 1.12.0 to 4.6.2 (fixed in ...
Files or Directories Accessible to External Parties in Adminer
Уязвимость программное обеспечение для управления базами данных Adminer, связанная с ошибками разграничения доступа, позволяющая нарушителю получить несанкционированный доступ на изменение защищаемой информации
EPSS
7.5 High
CVSS3
5 Medium
CVSS2