Known Vulnerabilities for products from Admidio

Listed below are 19 of the newest known vulnerabilities associated with the vendor "Admidio".

These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.

Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.

Known Vulnerabilities

CVE	Shortened Description	Severity	Publish Date	Last Modified
CVE-2026-34384 json	Admidio is an open-source user management solution. Prior to version 5.0.8, the create_user, assign_member, and assign_user a...	Not Provided	2026-03-31	2026-04-01
CVE-2026-34383 json	Admidio is an open-source user management solution. Prior to version 5.0.8, the inventory module's item_save endpoint accepts...	Not Provided	2026-03-31	2026-04-01
CVE-2026-34382 json	Admidio is an open-source user management solution. From version 5.0.0 to before version 5.0.8, the delete mode handler in my...	Not Provided	2026-03-31	2026-04-01
CVE-2026-34381 json	Admidio is an open-source user management solution. From version 5.0.0 to before version 5.0.8, Admidio relies on adm_my_file...	Not Provided	2026-03-31	2026-04-01
CVE-2023-47380 json	RESERVED This candidate has been reserved by an organization or individual that will use it when announcing a new secur...	6.1 - MEDIUM	2023-11-22	2023-12-01
CVE-2023-4190 json	Insufficient Session Expiration in GitHub repository admidio/admidio prior to 4.2.11.	6.5 - MEDIUM	2023-08-06	2023-08-09
CVE-2023-3692 json	Unrestricted Upload of File with Dangerous Type in GitHub repository admidio/admidio prior to 4.2.10.	7.2 - HIGH	2023-07-16	2023-07-27
CVE-2023-3304 json	Improper Access Control in GitHub repository admidio/admidio prior to 4.2.9.	5.4 - MEDIUM	2023-06-23	2023-06-28
CVE-2023-3303 json	Improper Access Control in GitHub repository admidio/admidio prior to 4.2.9.	3.5 - LOW	2023-06-23	2023-06-28
CVE-2023-3302 json	Improper Neutralization of Formula Elements in a CSV File in GitHub repository admidio/admidio prior to 4.2.9.	7.8 - HIGH	2023-06-23	2023-06-29
CVE-2023-3109 json	Cross-site Scripting (XSS) - Stored in GitHub repository admidio/admidio prior to 4.2.8.	5.4 - MEDIUM	2023-06-05	2023-06-09
CVE-2022-23896 json	RESERVED This candidate has been reserved by an organization or individual that will use it when announcing a new secur...	5.4 - MEDIUM	2022-06-28	2022-07-07
CVE-2022-0991 json	Insufficient Session Expiration in GitHub repository admidio/admidio prior to 4.1.9.	7.1 - HIGH	2022-03-19	2022-03-28
CVE-2021-43810 json	RESERVED This candidate has been reserved by an organization or individual that will use it when announcing a new secur...	6.1 - MEDIUM	2021-12-07	2021-12-09
CVE-2021-32630 json	Admidio is a free, open source user management system for websites of organizations and groups. In Admidio before version 4.0...	8.8 - HIGH	2021-05-20	2021-05-27
CVE-2020-11004 json	SQL Injection was discovered in Admidio before version 3.3.13. The main cookie parameter is concatenated into a SQL query wit...	7.5 - HIGH	2020-04-24	2020-05-01
CVE-2017-8382 json	admidio 3.2.8 has CSRF in adm_program/modules/members/members_function.php with an impact of deleting arbitrary user accounts...	4.5 - MEDIUM	2017-05-16	2017-06-05
CVE-2017-6492 json	SQL Injection was discovered in adm_program/modules/dates/dates_function.php in Admidio 3.2.5. The POST parameter dat_cat_id ...	7.2 - HIGH	2017-03-05	2017-03-25
CVE-2008-5209 json	Directory traversal vulnerability in modules/download/get_file.php in Admidio 1.4.8 allows remote attackers to read arbitrary...	Not Provided	2008-11-24	2026-04-23

Known software with vulnerabilities from Admidio

Type	Vendor	Product	Version
Application	Admidio	Admidio	0.1