CVE-2016-7405
03.10.2016, 18:59
The qstr method in the PDO driver in the ADOdb Library for PHP before 5.x before 5.20.7 might allow remote attackers to conduct SQL injection attacks via vectors related to incorrect quoting.
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| adodb_project | adodb | 5.00:beta |
| adodb_project | adodb | 5.01:beta |
| adodb_project | adodb | 5.02 |
| adodb_project | adodb | 5.02:a |
| adodb_project | adodb | 5.03 |
| adodb_project | adodb | 5.04 |
| adodb_project | adodb | 5.04:a |
| adodb_project | adodb | 5.05 |
| adodb_project | adodb | 5.06 |
| adodb_project | adodb | 5.06:a |
| adodb_project | adodb | 5.07 |
| adodb_project | adodb | 5.08 |
| adodb_project | adodb | 5.08:a |
| adodb_project | adodb | 5.09 |
| adodb_project | adodb | 5.09:a |
| adodb_project | adodb | 5.10 |
| adodb_project | adodb | 5.11 |
| adodb_project | adodb | 5.12 |
| adodb_project | adodb | 5.13 |
| adodb_project | adodb | 5.14 |
| adodb_project | adodb | 5.15 |
| adodb_project | adodb | 5.16 |
| adodb_project | adodb | 5.16:a |
| adodb_project | adodb | 5.17 |
| adodb_project | adodb | 5.18 |
| adodb_project | adodb | 5.18:a |
| adodb_project | adodb | 5.19 |
| adodb_project | adodb | 5.20.0 |
| adodb_project | adodb | 5.20.1 |
| adodb_project | adodb | 5.20.2 |
| adodb_project | adodb | 5.20.3 |
| adodb_project | adodb | 5.20.4 |
| adodb_project | adodb | 5.20.5 |
| adodb_project | adodb | 5.20.6 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Ubuntu Product | |||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| libphp-adodb |
|
References