📦 Admidio

This vulnerability allows authenticated users with upload permissions in Admidio to execute arbitrary PHP code on the server by uploading malicious .phar files. The attacker can achieve remote code ex...

An authenticated SQL injection vulnerability in Admidio allows users with role assignment permissions to execute arbitrary SQL commands. This can lead to full database compromise including data theft,...

CVE-2023-3692 is an unrestricted file upload vulnerability in Admidio that allows attackers to upload malicious files to the server. This affects Admidio installations prior to version 4.2.10, potenti...

This vulnerability allows CSV formula injection in Admidio, enabling attackers to execute arbitrary commands or exfiltrate data when users open malicious CSV files. It affects Admidio installations pr...

CVE-2022-0991 is an insufficient session expiration vulnerability in Admidio that allows attackers to maintain access to user sessions beyond intended logout times. This affects all Admidio installati...