CVE-2021-21311

Name of the Vulnerable Software and Affected Versions: Adminer versions 4.0.0 through 4.7.9

Description: Adminer is an open-source database management in a single PHP file. There is a server-side request forgery vulnerability in Adminer versions bundling all drivers, such as adminer.php. This issue is fixed in version 4.7.9. Users of affected Adminer versions are at risk.

Recommendations: For versions 4.0.0 through 4.7.9, update to version 4.7.9 to resolve the issue. As a temporary workaround, consider using a single driver version, such as adminer-mysql.php, to minimize the risk of exploitation. Restrict access to Adminer by other means, such as HTTP password, IP address limiting, or by using the OTP plugin, until the issue is resolved.