CVE-2021-29625
published 2021-05-19CVE-2021-29625: Adminer is open-source database management software. A cross-site scripting vulnerability in Adminer versions 4.6.1 to 4.8.0 affects users of MySQL, MariaDB…
PriorityP344medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
EXPLOIT
EPSS
9.57%
94.9th percentile
Adminer is open-source database management software. A cross-site scripting vulnerability in Adminer versions 4.6.1 to 4.8.0 affects users of MySQL, MariaDB, PgSQL and SQLite. XSS is in most cases prevented by strict CSP in all modern browsers. The only exception is when Adminer is using a `pdo_` extension to communicate with the database (it is used if the native extensions are not enabled). In browsers without CSP, Adminer versions 4.6.1 to 4.8.0 are affected. The vulnerability is patched in version 4.8.1. As workarounds, one can use a browser supporting strict CSP or enable the native PHP extensions (e.g. `mysqli`) or disable displaying PHP errors (`display_errors`).
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| adminer | adminer | >= 0 < 4.7.9-2 | 4.7.9-2 |
| adminer | adminer | >= 0 < 4.7.9-2 | 4.7.9-2 |
| adminer | adminer | >= 0 < 4.7.9-2 | 4.7.9-2 |
| adminer | adminer | >= 0 < 4.7.9-2 | 4.7.9-2 |
| adminer | adminer | >= 0 < 4.2.1-1ubuntu1+esm1 | 4.2.1-1ubuntu1+esm1 |
| adminer | adminer | >= 0 < 4.6.2-1ubuntu0.1~esm1 | 4.6.2-1ubuntu0.1~esm1 |
| adminer | adminer | >= 0 < 4.7.6-1ubuntu0.1~esm1 | 4.7.6-1ubuntu0.1~esm1 |
| adminer | adminer | >= 4.6.1 < 4.8.1 | 4.8.1 |
| debian | adminer | < adminer 4.7.9-2 (bookworm) | adminer 4.7.9-2 (bookworm) |
| vrana | adminer | — | — |
| vrana | adminer | >= 4.7.8 < 4.8.1 | 4.8.1 |
CVSS provenance
nvdv3.16.1MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
osv6.1MEDIUM
vendor_debian7.5HIGH
vendor_ubuntu6.1MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
adminer vulnerabilities
osv·2022-06-03·CVSS 6.1
CVE-2020-35572 [MEDIUM] adminer vulnerabilities
adminer vulnerabilities
It was discovered that Adminer did not escape data in the history parameter
of the default URI. A remote attacker could possibly use this issue to perform
cross-site scripting (XSS) attacks. This issue only affected Ubuntu 20.04 ESM.
(CVE-2020-35572)
Adam Crosser and Brian Sizemore discovered that Adminer incorrectly handled
redirection requests to internal servers. An unauthenticated remote attacker
could possibly use this to perform a server-side request forgery attack and
expose sensitive information. (CVE-2021-21311)
It was discovered that Adminer was incorrectly escaping data in the doc_link
function. A remote attacker could possibly use this issue to perform cross-site
scripting (XSS) attacks. This issue only affected Ubuntu 18.04 ESM and
Ubuntu 20.04 ESM.
OSV
XSS in doc_link
osv·2022-03-18
CVE-2021-29625 [HIGH] XSS in doc_link
XSS in doc_link
### Impact
Users of MySQL, MariaDB, PgSQL and SQLite are affected. XSS is in most cases prevented by strict CSP in all modern browsers. The only exception is when Adminer is using a `pdo_` extension to communicate with the database (it is used if the native extensions are not enabled). In browsers without CSP, Adminer versions 4.6.1 to 4.8.0 are affected.
### Patches
Patched by 4043092, included in version [4.8.1](https://github.com/vrana/adminer/releases/tag/v4.8.1).
### Workarounds
Do both:
* Use browser supporting strict CSP.
* Enable the native PHP extensions (e.g. `mysqli`) or disable displaying PHP errors (`display_errors`).
### References
https://sourceforge.net/p/adminer/bugs-and-features/797/
### For more information
If you have any questions or comments about
GHSA
XSS in doc_link
ghsa·2022-03-18
CVE-2021-29625 [HIGH] CWE-79 XSS in doc_link
XSS in doc_link
### Impact
Users of MySQL, MariaDB, PgSQL and SQLite are affected. XSS is in most cases prevented by strict CSP in all modern browsers. The only exception is when Adminer is using a `pdo_` extension to communicate with the database (it is used if the native extensions are not enabled). In browsers without CSP, Adminer versions 4.6.1 to 4.8.0 are affected.
### Patches
Patched by 4043092, included in version [4.8.1](https://github.com/vrana/adminer/releases/tag/v4.8.1).
### Workarounds
Do both:
* Use browser supporting strict CSP.
* Enable the native PHP extensions (e.g. `mysqli`) or disable displaying PHP errors (`display_errors`).
### References
https://sourceforge.net/p/adminer/bugs-and-features/797/
### For more information
If you have any questions or comments about
OSV
CVE-2021-29625: Adminer is open-source database management software
osv·2021-05-19·CVSS 6.1
CVE-2021-29625 [MEDIUM] CVE-2021-29625: Adminer is open-source database management software
Adminer is open-source database management software. A cross-site scripting vulnerability in Adminer versions 4.6.1 to 4.8.0 affects users of MySQL, MariaDB, PgSQL and SQLite. XSS is in most cases prevented by strict CSP in all modern browsers. The only exception is when Adminer is using a `pdo_` extension to communicate with the database (it is used if the native extensions are not enabled). In browsers without CSP, Adminer versions 4.6.1 to 4.8.0 are affected. The vulnerability is patched in version 4.8.1. As workarounds, one can use a browser supporting strict CSP or enable the native PHP extensions (e.g. `mysqli`) or disable displaying PHP errors (`display_errors`).
Ubuntu
Adminer vulnerabilities
vendor_ubuntu·2022-06-03·CVSS 6.1
CVE-2021-21311 [MEDIUM] Adminer vulnerabilities
Title: Adminer vulnerabilities
Summary: Several security issues were fixed in Adminer.
It was discovered that Adminer did not escape data in the history parameter
of the default URI. A remote attacker could possibly use this issue to perform
cross-site scripting (XSS) attacks. This issue only affected Ubuntu 20.04 ESM.
(CVE-2020-35572)
Adam Crosser and Brian Sizemore discovered that Adminer incorrectly handled
redirection requests to internal servers. An unauthenticated remote attacker
could possibly use this to perform a server-side request forgery attack and
expose sensitive information. (CVE-2021-21311)
It was discovered that Adminer was incorrectly escaping data in the doc_link
function. A remote attacker could possibly use this issue to perform cross-site
scripting (XSS) attacks.
Debian
CVE-2021-29625: adminer - Adminer is open-source database management software. A cross-site scripting vuln...
vendor_debian·2021·CVSS 7.5
CVE-2021-29625 [HIGH] CVE-2021-29625: adminer - Adminer is open-source database management software. A cross-site scripting vuln...
Adminer is open-source database management software. A cross-site scripting vulnerability in Adminer versions 4.6.1 to 4.8.0 affects users of MySQL, MariaDB, PgSQL and SQLite. XSS is in most cases prevented by strict CSP in all modern browsers. The only exception is when Adminer is using a `pdo_` extension to communicate with the database (it is used if the native extensions are not enabled). In browsers without CSP, Adminer versions 4.6.1 to 4.8.0 are affected. The vulnerability is patched in version 4.8.1. As workarounds, one can use a browser supporting strict CSP or enable the native PHP extensions (e.g. `mysqli`) or disable displaying PHP errors (`display_errors`).
Scope: local
bookworm: resolved (fixed in 4.7.9-2)
bullseye: resolved (fixed in 4.7.9-2)
forky: resolved (fixed in 4.7.9-
No detection rules found.
Nuclei
Adminer <=4.8.0 - Cross-Site Scripting
nuclei·CVSS 6.1
CVE-2021-29625 [MEDIUM] Adminer <=4.8.0 - Cross-Site Scripting
Adminer alert(document.domain)"
- type: word
part: header
words:
- "text/html"
- type: status
status:
- 200
# digest: 4a0a00473045022100fd613f940b77a694c88db1e4fd3b8ce3403eaec8b2bbf83499842b6bbfbc16bd02201aa23c53247e7980ce07637883bc334911e6960a3c891ffaf9f69834c7422da9:922c64590222798bb761d5b6d8e72950
https://github.com/vrana/adminer/commit/4043092ec2c0de2258d60a99d0c5958637d051a7https://github.com/vrana/adminer/security/advisories/GHSA-2v82-5746-vwqchttps://sourceforge.net/p/adminer/bugs-and-features/797/https://github.com/vrana/adminer/commit/4043092ec2c0de2258d60a99d0c5958637d051a7https://github.com/vrana/adminer/security/advisories/GHSA-2v82-5746-vwqchttps://sourceforge.net/p/adminer/bugs-and-features/797/
2021-05-19
Published