CVE-2023-45195

Name of the Vulnerable Software and Affected Versions AdminerEvo versions prior to 4.8.4 Adminer (affected versions not specified)

Description The issue allows an unauthenticated remote attacker to enumerate or access systems via database connection fields due to a Server-Side Request Forgery (SSRF) vulnerability. This could enable the attacker to access systems they would not otherwise have access to.

Recommendations For AdminerEvo versions prior to 4.8.4, update to version 4.8.4 to resolve the issue. For Adminer, since it is no longer supported and no fix is available, consider replacing it with a supported alternative to mitigate the risk. As a temporary workaround, consider restricting access to the database connection fields to minimize the risk of exploitation.