Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
mageiaGentoo FoundationMGASA-2016-0363
HistoryNov 04, 2016 - 1:53 a.m.

Updated php-adodb packages fix security vulnerabilities

2016-11-0401:53:34
Gentoo Foundation
advisories.mageia.org
7

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.006 Low

EPSS

Percentile

78.2%

JSON

The qstr method in the PDO driver in the ADOdb Library for PHP before 5.x before 5.20.7 might allow remote attackers to conduct SQL injection attacks via vectors related to incorrect quoting. (CVE-2016-7405) Cross Site Scripting vulnerability in test script (CVE-2016-4855)

OSVersionArchitecturePackageVersionFilename
Mageia5noarchphp-adodb< 5.18-5.1php-adodb-5.18-5.1.mga5

Related

openvas 9
gentoo 1
osv 5
nessus 8
ubuntu 1
cve 2
ubuntucve 2
debiancve 2
gitlab 2
fedora 6
veracode 2
nvd 2
cvelist 2
prion 2
github 2
friendsofphp 1
jvn 1
openvas
openvas
Debian: Security Advisory (DLA-620-1)
2023-03-08 00:00:00
Mageia: Security Advisory (MGASA-2016-0363)
2022-01-28 00:00:00
Ubuntu: Security Advisory (USN-6825-1)
2024-06-11 00:00:00
gentoo
gentoo
ADOdb: Multiple vulnerabilities
2017-01-24 00:00:00
osv
osv
libphp-adodb - security update
2016-09-13 00:00:00
libphp-adodb vulnerabilities
2024-06-10 20:41:56
ADOdb Library SQL Injection
2022-05-17 02:37:05
nessus
nessus
GLSA-201701-59 : ADOdb: Multiple vulnerabilities
2017-01-25 00:00:00
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS : ADOdb vulnerabilities (USN-6825-1)
2024-06-10 00:00:00
Fedora 23 : php-adodb (2016-14bc73b990)
2016-10-06 00:00:00
ubuntu
ubuntu
ADOdb vulnerabilities
2024-06-10 00:00:00
cve
cve
CVE-2016-7405
2016-10-03 18:59:14
CVE-2016-4855
2017-05-12 18:29:00
ubuntucve
ubuntucve
CVE-2016-7405
2016-10-03 00:00:00
CVE-2016-4855
2017-05-12 00:00:00
debiancve
debiancve
CVE-2016-7405
2016-10-03 18:59:14
CVE-2016-4855
2017-05-12 18:29:00
gitlab
gitlab
SQL Injection
2016-10-03 00:00:00
XSS vulnerability in old test script
2017-05-12 00:00:00
fedora
fedora
[SECURITY] Fedora 23 Update: php-adodb-5.20.6-2.fc23
2016-09-29 23:05:38
[SECURITY] Fedora 24 Update: php-adodb-5.20.6-2.fc24
2016-09-30 15:54:46
[SECURITY] Fedora 25 Update: php-adodb-5.20.6-2.fc25
2016-09-27 00:53:45
veracode
veracode
SQL Injection
2017-09-05 03:21:48
Cross-site Scripting (XSS)
2017-05-30 09:31:41
nvd
nvd
CVE-2016-7405
2016-10-03 18:59:14
CVE-2016-4855
2017-05-12 18:29:00
cvelist
cvelist
CVE-2016-7405
2016-10-03 18:00:00
CVE-2016-4855
2017-05-12 18:00:00
prion
prion
Sql injection
2016-10-03 18:59:00
Cross site scripting
2017-05-12 18:29:00
github
github
ADOdb Library SQL Injection
2022-05-17 02:37:05
ADOdb Cross-site scripting vulnerability in old test script
2022-05-17 02:37:30
friendsofphp
friendsofphp
XSS vulnerability in old test script
2016-08-28 23:50:00
jvn
jvn
JVN#48237713: ADOdb vulnerable to cross-site scripting
2016-09-06 00:00:00

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.006 Low

EPSS

Percentile

78.2%

JSON
Related for MGASA-2016-0363
openvas9gentoo1osv5nessus8ubuntu1cve2ubuntucve2debiancve2gitlab2fedora6veracode2nvd2cvelist2prion2github2friendsofphp1jvn1