High severityCISA KEVNVD Advisory· Published Feb 11, 2021· Updated Oct 21, 2025
SSRF in adminer
CVE-2021-21311
Description
Adminer is an open-source database management in a single PHP file. In adminer from version 4.0.0 and before 4.7.9 there is a server-side request forgery vulnerability. Users of Adminer versions bundling all drivers (e.g. adminer.php) are affected. This is fixed in version 4.7.9.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
vrana/adminerPackagist | < 4.7.9 | 4.7.9 |
Affected products
2- vrana/adminerv5Range: >= 4.0.0, < 4.7.9
Patches
Vulnerability mechanics
References
8- github.com/advisories/GHSA-x5r2-hj5c-8jx6ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2021-21311ghsaADVISORY
- github.com/vrana/adminer/commit/ccd2374b0b12bd547417bf0dacdf153826c83351ghsax_refsource_MISCWEB
- github.com/vrana/adminer/security/advisories/GHSA-x5r2-hj5c-8jx6ghsax_refsource_CONFIRMWEB
- lists.debian.org/debian-lts-announce/2021/03/msg00002.htmlghsamailing-listx_refsource_MLISTWEB
- packagist.org/packages/vrana/adminerghsax_refsource_MISCWEB
- sourceforge.net/p/adminer/news/2021/02/adminer-479-releasedghsaWEB
- www.cisa.gov/known-exploited-vulnerabilities-catalogghsaWEB
News mentions
0No linked articles in our index yet.