Lucene search
K
John LimAdodb

7 matches found

cve
cve
added 2006/01/09 11:0 p.m.147 views

CVE-2006-0146

CVE-2006-0146 affects ADOdb for PHP (before 4.70) used by Moodle, Cacti, Mantis, PostNuke, Xaraya, PHPOpenChat, MAXdev MD-Pro, MediaBeez, etc. The vulnerability arises from the MySQL root password being empty, enabling remote SQL execution via the sql parameter. Connected OpenVAS advisories corro...

7.5CVSS8AI score0.13237EPSS
cve
cve
added 2006/01/09 11:0 p.m.82 views

CVE-2006-0147

The CVE-2006-0147 issue is a dynamic code evaluation vulnerability in ADOdb for PHP (tests/tmssql.php) prior to version 4.70, permitting remote attackers to execute arbitrary PHP functions via the do parameter (demonstrated with phpinfo). It affects multiple products that vendor-integrate ADOdb, ...

7.5CVSS7.3AI score0.13065EPSS
Web
cve
cve
added 2006/02/21 2:0 a.m.74 views

CVE-2006-0806

CVE-2006-0806 corresponds to multiple cross-site scripting flaws in ADOdb 4.71 (and possibly earlier) as used by projects like phpESP. The advisories describe XSS that can be triggered through input sanitisation weaknesses, notably via the next_page parameter in adodb-pager.inc.php and other vect...

4.3CVSS5.5AI score0.05871EPSS
Web
cve
cve
added 2006/01/25 2:0 a.m.65 views

CVE-2006-0410

CVE-2006-0410 describes an SQL injection vulnerability in ADOdb prior to 4.71 when used with PostgreSQL. The root cause is insufficient input sanitisation, allowing remote attackers to craft inputs (notably involving binary strings) that lead to arbitrary SQL commands being executed. Reported imp...

5CVSS8AI score0.02842EPSS
cve
cve
added 2006/09/07 12:0 a.m.51 views

CVE-2006-4618

CVE-2006-4618 : PHP remote file inclusion in the ADODB PostgreSQL integration (adodb-postgres7.inc.php) within John Lim ADOdb, potentially affected versions ≤ 4.01, used by Intechnic In-link 2.3.4. An attacker can supply a URL via the ADODB_DIR parameter to execute arbitrary PHP code on the serve...

5.1CVSS7.7AI score0.01653EPSS
cve
cve
added 2011/09/23 11:0 p.m.49 views

CVE-2011-3699

The CVE-2011-3699 entry concerns John Lim’s ADOdb Library for PHP 5.11, where a direct request to a .php file can disclose the installation path via an error message. This is an information-disclosure vulnerability that does not specify exploit vectors beyond an HTTP request and relies on error o...

5CVSS6.4AI score0.01373EPSS
cve
cve
added 2006/09/07 12:0 a.m.42 views

CVE-2004-2664

The CVE-2004-2664 entry concerns the John Lim ADOdb Library for PHP prior to 4.23. The vulnerability arises when direct requests to certain scripts cause ADODB_DIR to be undefined, leading to an error message that reveals the installation path. This is an information-disclosure flaw that can aid ...

5CVSS6.3AI score0.01175EPSS