Multiple cross-site scripting (XSS) vulnerabilities in ADOdb 4.71, as used in multiple packages such as phpESP, allow remote attackers to inject arbitrary web script or HTML via (1) the next_page parameter in adodb-pager.inc.php and (2) other unspecified vectors related to PHP_SELF.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | cacti | < 0.8.6d-1 | cacti_0.8.6d-1_all.deb |
Debian | 11 | all | cacti | < 0.8.6d-1 | cacti_0.8.6d-1_all.deb |
Debian | 10 | all | cacti | < 0.8.6d-1 | cacti_0.8.6d-1_all.deb |
Debian | 999 | all | cacti | < 0.8.6d-1 | cacti_0.8.6d-1_all.deb |
Debian | 13 | all | cacti | < 0.8.6d-1 | cacti_0.8.6d-1_all.deb |
Debian | 12 | all | libphp-adodb | < 4.72-0.1 | libphp-adodb_4.72-0.1_all.deb |
Debian | 11 | all | libphp-adodb | < 4.72-0.1 | libphp-adodb_4.72-0.1_all.deb |
Debian | 10 | all | libphp-adodb | < 4.72-0.1 | libphp-adodb_4.72-0.1_all.deb |
Debian | 999 | all | libphp-adodb | < 4.72-0.1 | libphp-adodb_4.72-0.1_all.deb |
Debian | 13 | all | libphp-adodb | < 4.72-0.1 | libphp-adodb_4.72-0.1_all.deb |