CVE-2026-32812 PHP — Exploit & Vulnerability Details MEDIUM

Parameter	Value
CVSS	6.8 (MEDIUM)
Affected Versions	5.0.0 — 5.0.7
Fixed In	5.0.7
Type	CWE-918 (Server-Side Request Forgery (SSRF))
Vendor	PHP
Public PoC	No

Admidio is an open-source user management solution. In versions 5.0.0 through 5.0.6, unrestricted URL fetch in the SSO Metadata API can result in SSRF and local file reads. The SSO Metadata fetch endpoint at modules/sso/fetch_metadata.php accepts an arbitrary URL via $_GET['url'], validates it only with PHP's FILTER_VALIDATE_URL, and passes it directly to file_get_contents(). FILTER_VALIDATE_URL accepts file://, http://, ftp://, data://, and php:// scheme URIs.

An authenticated administrator can use this endpoint to read arbitrary local files via the file:// wrapper (Local File Read), reach internal services via http:// (SSRF), or fetch cloud instance metadata. The full response body is returned verbatim to the caller. This issue has been fixed in version 5.0.7.

Attack Parameters

Attack Vector

Network

Can be exploited remotely

Attack Complexity

Low

Easy to exploit

Privileges Required

High

Admin privileges needed

User Interaction

None

No user interaction needed

Impact Assessment

Confidentiality

High

Complete data leak

Integrity

None

No data modification

Availability

None

No disruption

CVSS Vector v3.1

Weakness Type (CWE)

CWE-918 Server-Side Request Forgery (SSRF)

Vulnerable Products 1

Configuration	From (including)	Up to (excluding)
Admidio Admidio cpe:2.3:a:admidio:admidio::::::::	`5.0.0`	`5.0.7`

References 3

https://github.com/Admidio/admidio/commit/f6b7a966abe4d75e9f707d665d7b4b5570e31…

security-advisories@github.com

https://github.com/Admidio/admidio/releases/tag/v5.0.7

security-advisories@github.com

https://github.com/Admidio/admidio/security/advisories/GHSA-6j68-gcc3-mq73

security-advisories@github.com

Share Post Share Share Share

Related Vulnerabilities

CVE-2026-6409

PHP

7.1

CVE-2026-37347

PHP

9.1

CVE-2026-37346

PHP

4.7

CVE-2026-37345

PHP

9.8

CVE-2026-37344

PHP

7.2

Menu

CVE-2026-32812

Attack Parameters

Impact Assessment

CVSS Vector v3.1

Weakness Type (CWE)

Vulnerable Products 1

References 3

Related Vulnerabilities

CVE-2026-6409

CVE-2026-37347

CVE-2026-37346

CVE-2026-37345

CVE-2026-37344

CVE Details

Editor's Choice

Menu

CVE-2026-32812

Attack Parameters

Impact Assessment

CVSS Vector v3.1

Weakness Type (CWE)

Vulnerable Products 1

References 3

Related Vulnerabilities

CVE-2026-6409

CVE-2026-37347

CVE-2026-37346

CVE-2026-37345

CVE-2026-37344

CVE Details

Editor's Choice

Stay informed on cybersecurity