Summary

Acunetix 360 identified that Adminer is publicly accessible on the target server. Adminer is an application written in the PHP language that provides a web-based interface for the administration of RDBMSs.

Impact

An attacker can access, modify or delete all databases.

Remediation

Configure your web server to prevent public access to the Adminer directory / page by implementing access control mechanisms.

Severity

Information

Classification

CWE-205 ISO27001-A.14.2.5 WASC-13 OWASP 2017-A6