VulnerableCode Package Details - pkg:composer/vrana/adminer@4.6.0

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:composer/vrana/adminer@4.6.0

Essentials
History (5)

purl	pkg:composer/vrana/adminer@4.6.0

Next non-vulnerable version	5.4.2
Latest non-vulnerable version	5.4.2
Risk

Vulnerabilities affecting this package (5)

Vulnerability	Summary	Fixed by
VCID-5p1u-z3kt-5beu Aliases: CVE-2021-43008 GHSA-rxfq-3vpc-vv72	Files or Directories Accessible to External Parties in Adminer	4.6.3 Affected by 5 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-5tnq-1pgt-r7h5 Aliases: CVE-2025-43960 GHSA-mqh4-2mm8-g7w9	Adminer 4.8.1, when using Monolog for logging, allows a Denial of Service (memory consumption) via a crafted serialized payload (e.g., using s:1000000000), leading to a PHP Object Injection issue. Remote, unauthenticated attackers can trigger this by sending a malicious serialized object, which forces excessive memory usage, rendering Adminer’s interface unresponsive and causing a server-level DoS. While the server may recover after several minutes, multiple simultaneous requests can cause a complete crash requiring manual intervention.	4.8.2 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-78j5-x2za-jycs Aliases: CVE-2021-21311 GHSA-x5r2-hj5c-8jx6	Adminer is an open-source database management in a single PHP file. In adminer from version 4.0.0 and before 4.7.9 there is a server-side request forgery vulnerability. Users of Adminer versions bundling all drivers (e.g. `adminer.php`) are affected. This is fixed in version 4.7.9.	4.7.9 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-epwb-rcyf-gbfd Aliases: GHSA-97h7-mf38-g9mf	Adminer file disclosure vulnerability	4.6.3 Affected by 5 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-p2d1-95dg-hyh9 Aliases: CVE-2020-35572 GHSA-9pgx-gcph-mpqr	Adminer through 4.7.8 allows XSS via the history parameter to the default URI.	4.7.9 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-12T20:11:37.876689+00:00	GitLab Importer	Affected by	VCID-5tnq-1pgt-r7h5	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/vrana/adminer/CVE-2025-43960.yml	38.6.0
2026-06-12T19:31:57.420963+00:00	GitLab Importer	Affected by	VCID-epwb-rcyf-gbfd	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/vrana/adminer/GHSA-97h7-mf38-g9mf.yml	38.6.0
2026-06-12T18:04:08.889919+00:00	GitLab Importer	Affected by	VCID-5p1u-z3kt-5beu	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/vrana/adminer/CVE-2021-43008.yml	38.6.0
2026-06-12T17:33:24.908273+00:00	GitLab Importer	Affected by	VCID-78j5-x2za-jycs	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/vrana/adminer/CVE-2021-21311.yml	38.6.0
2026-06-12T17:33:20.421128+00:00	GitLab Importer	Affected by	VCID-p2d1-95dg-hyh9	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/vrana/adminer/CVE-2020-35572.yml	38.6.0