VYPR
Critical severity9.8NVD Advisory· Published Jun 21, 2024· Updated Jun 17, 2026

CVE-2023-45197

CVE-2023-45197

Description

The file upload plugin in Adminer and AdminerEvo allows an attacker to upload a file with a table name of “..” to the root of the Adminer directory. The attacker can effectively guess the name of the uploaded file and execute it. Adminer is no longer supported, but this issue was fixed in AdminerEvo version 4.8.3.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • Adminer/Adminercpe-rescue2 versions
    cpe:2.3:a:adminer:adminer:0:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:adminer:adminer:0:*:*:*:*:*:*:*range: 0
    • (no CPE)range: <4.8.3
  • AdminerEvo/AdminerEvov5
    cpe:2.3:a:adminerevo:adminerevo:4.8.2:*:*:*:*:*:*:*
    Range: 4.8.2

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.