The qstr
method in the PDO driver in the ADOdb Library for PHP before 5.x before 5.20.7 might allow remote attackers to conduct SQL injection attacks via vectors related to incorrect quoting.
www.openwall.com/lists/oss-security/2016/09/07/8
www.openwall.com/lists/oss-security/2016/09/15/1
github.com/ADOdb/ADOdb/blob/v5.20.7/docs/changelog.md
github.com/ADOdb/ADOdb/commit/bd9eca9f40220f9918ec3cc7ae9ef422b3e448b8
github.com/ADOdb/ADOdb/issues/226
lists.fedoraproject.org/archives/list/[email protected]/message/LT3WU77BRUJREZUYQ3ZQBMUIVIVIND4Y
nvd.nist.gov/vuln/detail/CVE-2016-7405
security.gentoo.org/glsa/201701-59
web.archive.org/web/20210123170727/www.securityfocus.com/bid/92969