CVE-2017-20066

Description

A vulnerability has been found in Adminer Login 1.4.4 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to improper access controls. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used.

CVSS breakdown

CVSS 3.1

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

Low

Availability

Low

Affected products

unspecified / Adminer Login1.4.4 – 1.4.4

References

MAILING_LISThttp://seclists.org/fulldisclosure/2017/Feb/96
MISChttps://sumofpwn.nl/advisory/2016/wordpress_adminer_plugin_allows_public__local__database_login.html
MISChttps://vuldb.com/?id.97384