2 results (0.004 seconds)

CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 1

Authentication Bypass by Primary Weakness in GitHub repository adodb/adodb prior to 5.20.21. Una Omisión de Autenticación por Debilidad Primaria en el repositorio de GitHub adodb/adodb versiones anteriores a 5.20.21 • https://github.com/adodb/adodb/commit/952de6c4273d9b1e91c2b838044f8c2111150c29 https://huntr.dev/bounties/bdf5f216-4499-4225-a737-b28bc6f5801c https://lists.debian.org/debian-lts-announce/2022/02/msg00006.html https://www.debian.org/security/2022/dsa-5101 • CWE-287: Improper Authentication CWE-305: Authentication Bypass by Primary Weakness •

CVSS: 9.8EPSS: 0%CPEs: 36EXPL: 0

The qstr method in the PDO driver in the ADOdb Library for PHP before 5.x before 5.20.7 might allow remote attackers to conduct SQL injection attacks via vectors related to incorrect quoting. El método qstr en el controlador PDO en el ADOdb Library para PHP en versiones anteriores a 5.x en versiones anteriores a 5.20.7 podría permitir a atacantes llevar a cabo ataques de inyección SQL a través de vectores relacionados con una citación incorrecta. • http://www.openwall.com/lists/oss-security/2016/09/07/8 http://www.openwall.com/lists/oss-security/2016/09/15/1 http://www.securityfocus.com/bid/92969 https://github.com/ADOdb/ADOdb/blob/v5.20.7/docs/changelog.md https://github.com/ADOdb/ADOdb/commit/bd9eca9f40220f9918ec3cc7ae9ef422b3e448b8 https://github.com/ADOdb/ADOdb/issues/226 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LT3WU77BRUJREZUYQ3ZQBMUIVIVIND4Y https://security.gentoo.org/glsa/ • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •