MGASA-2016-0363

Source
https://advisories.mageia.org/MGASA-2016-0363.html
Import Source
https://advisories.mageia.org/MGASA-2016-0363.json
JSON Data
https://api.test.osv.dev/v1/vulns/MGASA-2016-0363
Related
Published
2016-11-03T22:53:34Z
Modified
2016-11-04T11:06:41Z
Summary
Updated php-adodb packages fix security vulnerabilities
Details

The qstr method in the PDO driver in the ADOdb Library for PHP before 5.x before 5.20.7 might allow remote attackers to conduct SQL injection attacks via vectors related to incorrect quoting. (CVE-2016-7405)

Cross Site Scripting vulnerability in test script (CVE-2016-4855)

References
Credits

Affected packages

Mageia:5 / php-adodb

Package

Name
php-adodb
Purl
pkg:rpm/mageia/php-adodb?distro=mageia-5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.18-5.1.mga5

Ecosystem specific

{
    "section": "core"
}