admidio/admidio

License

GPL-2.0>=v4.3.17;

(GPL-2.0 OR GPL-3.0)>=4.1.0, <v4.3.17;

Known vulnerabilities in the admidio/admidio package. This does not include vulnerabilities belonging to this package’s dependencies.

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Vulnerability	Vulnerable Version
M Cross-site Request Forgery (CSRF)	<5.0.8
M Cross-site Request Forgery (CSRF)	>=5.0-Beta.1, <5.0.8
M Cross-site Request Forgery (CSRF)	<5.0.8
H Access Control Bypass	>=5.0-Beta.1, <5.0.8
M Cross-site Scripting (XSS)	<5.0.7
M Cross-site Request Forgery (CSRF)	<5.0.7
H Missing Authorization	>=5.0-Beta.1, <5.0.7
H Missing Authorization	>=5.0-Beta.1, <5.0.7
M Server-side Request Forgery (SSRF)	>=5.0-Beta.1, <5.0.7
H Arbitrary File Upload	<5.0.7
H SQL Injection	<5.0.7
M Cross-site Request Forgery (CSRF)	>=5.0-Beta.1, <5.0.7
M Authorization Bypass Through User-Controlled Key	<5.0.6
H SQL Injection	<4.3.17
M Cross-site Scripting (XSS)	<4.3.12
M SQL Injection	<4.3.9
H Unrestricted Upload of File with Dangerous Type	<4.3.10
M Cross-site Scripting (XSS)	<4.2.13
M Insufficient Session Expiration	<4.2.11
M Cross-site Request Forgery (CSRF)	<4.1.0
M Arbitrary File Upload	<4.2.10
M Access Control Bypass	<4.2.9
M Access Control Bypass	<4.2.9
M CSV Injection	<4.2.9
M Cross-site Scripting (XSS)	<4.2.8
M Cross-site Scripting (XSS)	<4.1.3
M Cross-site Scripting (XSS)	>=4.0.11, <4.0.12
M Insufficient Session Expiration	<4.1.9