Browse all 3 CVE security advisories affecting Adminer. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Adminer serves as a lightweight database management tool, providing a web interface for administering MySQL, PostgreSQL, and other database systems. Historically, it has been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from improper input validation and insecure session handling. The tool's minimal design reduces attack surfaces compared to alternatives like phpMyAdmin, but its widespread use in shared hosting environments makes it a target. While no major public incidents have been widely documented, the three CVEs on record highlight ongoing security concerns, particularly around authentication bypass and data exposure risks that administrators must mitigate through proper configuration and timely updates.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-45195 | Adminer and AdminerEvo SSRF — AdminerCWE-918 | 5.3AI | MediumAI | 2024-06-24 |
| CVE-2023-45196 | Adminer and AdminerEvo denial of service via HTTP redirect — AdminerCWE-400 | 7.5AI | HighAI | 2024-06-24 |
| CVE-2023-45197 | Adminer and AdminerEvo vulnerable to directory traversal and file upload — AdminerCWE-434 | 9.8 | - | 2024-06-21 |
This page lists every published CVE security advisory associated with Adminer. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.