MidnightBSD

Advisories for adodb_project

CVE-2016-4855 MEDIUM

Cross-site scripting vulnerability in ADOdb versions prior to 5.20.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
adodb_project adodb *
CVE-2016-7405 HIGH

The qstr method in the PDO driver in the ADOdb Library for PHP before 5.x before 5.20.7 might allow remote attackers to conduct SQL injection attacks via vectors related to incorrect quoting.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
adodb_project adodb 5.20.5
adodb_project adodb 5.12
adodb_project adodb 5.17
adodb_project adodb 5.20.6
adodb_project adodb 5.05
adodb_project adodb 5.20.0
adodb_project adodb 5.16
adodb_project adodb 5.20.1
fedoraproject fedora 25
adodb_project adodb 5.11
adodb_project adodb 5.20.3
adodb_project adodb 5.20.4
adodb_project adodb 5.20.2
adodb_project adodb 5.19
adodb_project adodb 5.08
adodb_project adodb 5.15
adodb_project adodb 5.18
adodb_project adodb 5.00
adodb_project adodb 5.06
adodb_project adodb 5.14
adodb_project adodb 5.13
adodb_project adodb 5.02
adodb_project adodb 5.03
adodb_project adodb 5.07
adodb_project adodb 5.01
adodb_project adodb 5.09
adodb_project adodb 5.04
adodb_project adodb 5.10
CVE-2021-3850 MEDIUM

Authentication Bypass by Primary Weakness in GitHub repository adodb/adodb prior to 5.20.21.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.1 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N 3.9 5.2

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-305,CWE-287,

Products Affected

Vendor Product Version
adodb_project adodb *
debian debian_linux 9.0