{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-10T16:03:31.525","vulnerabilities":[{"cve":{"id":"CVE-2021-29625","sourceIdentifier":"security-advisories@github.com","published":"2021-05-19T22:15:07.903","lastModified":"2024-11-21T06:01:31.290","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Adminer is open-source database management software. A cross-site scripting vulnerability in Adminer versions 4.6.1 to 4.8.0 affects users of MySQL, MariaDB, PgSQL and SQLite. XSS is in most cases prevented by strict CSP in all modern browsers. The only exception is when Adminer is using a `pdo_` extension to communicate with the database (it is used if the native extensions are not enabled). In browsers without CSP, Adminer versions 4.6.1 to 4.8.0 are affected. The vulnerability is patched in version 4.8.1. As workarounds, one can use a browser supporting strict CSP or enable the native PHP extensions (e.g. `mysqli`) or disable displaying PHP errors (`display_errors`)."},{"lang":"es","value":"Adminer es un software de administración de bases de datos de código abierto. Una vulnerabilidad de tipo cross-site scripting en Adminer versiones 4.6.1 hasta 4.8.0, afecta a los usuarios de MySQL, MariaDB, PgSQL y SQLite. Un ataque de tipo XSS en la mayoría de los casos es impedido por un CSP estricto en todos los navegadores modernos. La única excepción es cuando Adminer está usando una extensión \"pdo_\" para comunicarse con la base de datos (se usa si las extensiones nativas no están habilitadas). En los navegadores sin CSP, las versiones de Adminer 4.6.1 hasta 4.8.0 están afectadas. La vulnerabilidad está parcheada en la versión 4.8.1. Como soluciones alternativas, se puede usar un navegador que admita CSP estricto o habilitar las extensiones nativas de PHP (por ejemplo, \"mysqli\") o deshabilitar la visualización de errores de PHP (\"display_errors\")"}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:adminer:adminer:*:*:*:*:*:*:*:*","versionStartIncluding":"4.6.1","versionEndExcluding":"4.8.1","matchCriteriaId":"141DCC97-784C-4851-B1DC-01F41E749177"}]}]}],"references":[{"url":"https://github.com/vrana/adminer/commit/4043092ec2c0de2258d60a99d0c5958637d051a7","source":"security-advisories@github.com","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/vrana/adminer/security/advisories/GHSA-2v82-5746-vwqc","source":"security-advisories@github.com","tags":["Patch","Third Party Advisory"]},{"url":"https://sourceforge.net/p/adminer/bugs-and-features/797/","source":"security-advisories@github.com","tags":["Exploit","Product","Third Party Advisory"]},{"url":"https://github.com/vrana/adminer/commit/4043092ec2c0de2258d60a99d0c5958637d051a7","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/vrana/adminer/security/advisories/GHSA-2v82-5746-vwqc","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]},{"url":"https://sourceforge.net/p/adminer/bugs-and-features/797/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Product","Third Party Advisory"]}]}}]}