Summary

Acunetix 360 identified that Adminer is publicly accessible on the target server. Adminer is an application written in the PHP language that provides a web-based interface for the administration of RDBMSs.

Impact

An attacker can access, modify or delete all databases.

Remediation

Configure your web server to prevent public access to the Adminer directory / page by implementing access control mechanisms.

Severity

Information

Classification

CWE-200 ISO27001-A.18.1.3 WASC-13