DEBIAN-CVE-2016-7405

See a problem?
Please try reporting it to the source first.
Source
https://security-tracker.debian.org/tracker/CVE-2016-7405
Import Source
https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2016-7405.json
JSON Data
https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2016-7405
Upstream
Published
2016-10-03T18:59:14Z
Modified
2025-09-25T22:40:29Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

The qstr method in the PDO driver in the ADOdb Library for PHP before 5.x before 5.20.7 might allow remote attackers to conduct SQL injection attacks via vectors related to incorrect quoting.

References

Affected packages

Debian:11 / libphp-adodb

Package

Name
libphp-adodb
Purl
pkg:deb/debian/libphp-adodb?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.20.6-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:12 / libphp-adodb

Package

Name
libphp-adodb
Purl
pkg:deb/debian/libphp-adodb?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.20.6-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:13 / libphp-adodb

Package

Name
libphp-adodb
Purl
pkg:deb/debian/libphp-adodb?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.20.6-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:14 / libphp-adodb

Package

Name
libphp-adodb
Purl
pkg:deb/debian/libphp-adodb?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.20.6-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}