CVE-2021-21311

7.2
HIGHCVSS v3.1 Base Score
94.21%
HIGH RiskEPSS (100th percentile)
CWE-918

Adminer is an open-source database management in a single PHP file. In adminer from version 4.0.0 and before 4.7.9 there is a server-side request forgery vulnerability. Users of Adminer versions bundling all drivers (e.g. `adminer.php`) are affected. This is fixed in version 4.7.9.

Published: 2/11/2021
Modified: 10/24/2025
Back to CVE Lookup

Vulnerability Summary

CVSS v3 Score

7.2HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N

CVSS v2 Score

6.4

AV:N/AC:L/Au:N/C:P/I:P/A:N

EPSS Score (Exploitation Probability)

94.21%HIGH Exploitation Risk
100th percentile

This vulnerability has a 94.21% probability of being exploited in the next 30 days, ranking higher than 100% of all scored CVEs.

CWE Classification

CWE-918

Learn More

CVSS Calculator

View this score breakdown or calculate a custom score

Understanding CVSS Scoring

Learn how severity scores are calculated and what they mean

CVE Prioritization Guide

Best practices for deciding which vulnerabilities to address first

What is a CVE?

Essential guide to Common Vulnerabilities and Exposures

CVE vs CWE Explained

Understand how CVEs relate to underlying weakness types