CVE-2016-7405
Ubuntu Security Notice USN-6825-1
Severity Score
9.8
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The qstr method in the PDO driver in the ADOdb Library for PHP before 5.x before 5.20.7 might allow remote attackers to conduct SQL injection attacks via vectors related to incorrect quoting.
El método qstr en el controlador PDO en el ADOdb Library para PHP en versiones anteriores a 5.x en versiones anteriores a 5.20.7 podría permitir a atacantes llevar a cabo ataques de inyección SQL a través de vectores relacionados con una citación incorrecta.
It was discovered that the PDO driver in ADOdb was incorrectly handling string quotes. A remote attacker could possibly use this issue to perform SQL injection attacks. This issue only affected Ubuntu 16.04 LTS. It was discovered that ADOdb was incorrectly handling GET parameters in test.php. A remote attacker could possibly use this issue to execute cross-site scripting attacks. This issue only affected Ubuntu 16.04 LTS.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2016-09-09 CVE Reserved
- 2016-10-03 CVE Published
- 2024-08-06 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CAPEC
References (8)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/92969 | Third Party Advisory |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Adodb Project Search vendor "Adodb Project" | Adodb Search vendor "Adodb Project" for product "Adodb" | 5.00 Search vendor "Adodb Project" for product "Adodb" and version "5.00" | beta |
Affected
| in | Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | - | - |
Safe
|
| Adodb Project Search vendor "Adodb Project" | Adodb Search vendor "Adodb Project" for product "Adodb" | 5.01 Search vendor "Adodb Project" for product "Adodb" and version "5.01" | beta |
Affected
| in | Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | - | - |
Safe
|
| Adodb Project Search vendor "Adodb Project" | Adodb Search vendor "Adodb Project" for product "Adodb" | 5.02 Search vendor "Adodb Project" for product "Adodb" and version "5.02" | - |
Affected
| in | Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | - | - |
Safe
|
| Adodb Project Search vendor "Adodb Project" | Adodb Search vendor "Adodb Project" for product "Adodb" | 5.02 Search vendor "Adodb Project" for product "Adodb" and version "5.02" | a |
Affected
| in | Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | - | - |
Safe
|
| Adodb Project Search vendor "Adodb Project" | Adodb Search vendor "Adodb Project" for product "Adodb" | 5.03 Search vendor "Adodb Project" for product "Adodb" and version "5.03" | - |
Affected
| in | Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | - | - |
Safe
|
| Adodb Project Search vendor "Adodb Project" | Adodb Search vendor "Adodb Project" for product "Adodb" | 5.04 Search vendor "Adodb Project" for product "Adodb" and version "5.04" | - |
Affected
| in | Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | - | - |
Safe
|
| Adodb Project Search vendor "Adodb Project" | Adodb Search vendor "Adodb Project" for product "Adodb" | 5.04 Search vendor "Adodb Project" for product "Adodb" and version "5.04" | a |
Affected
| in | Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | - | - |
Safe
|
| Adodb Project Search vendor "Adodb Project" | Adodb Search vendor "Adodb Project" for product "Adodb" | 5.05 Search vendor "Adodb Project" for product "Adodb" and version "5.05" | - |
Affected
| in | Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | - | - |
Safe
|
| Adodb Project Search vendor "Adodb Project" | Adodb Search vendor "Adodb Project" for product "Adodb" | 5.06 Search vendor "Adodb Project" for product "Adodb" and version "5.06" | - |
Affected
| in | Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | - | - |
Safe
|
| Adodb Project Search vendor "Adodb Project" | Adodb Search vendor "Adodb Project" for product "Adodb" | 5.06 Search vendor "Adodb Project" for product "Adodb" and version "5.06" | a |
Affected
| in | Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | - | - |
Safe
|
| Adodb Project Search vendor "Adodb Project" | Adodb Search vendor "Adodb Project" for product "Adodb" | 5.07 Search vendor "Adodb Project" for product "Adodb" and version "5.07" | - |
Affected
| in | Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | - | - |
Safe
|
| Adodb Project Search vendor "Adodb Project" | Adodb Search vendor "Adodb Project" for product "Adodb" | 5.08 Search vendor "Adodb Project" for product "Adodb" and version "5.08" | - |
Affected
| in | Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | - | - |
Safe
|
| Adodb Project Search vendor "Adodb Project" | Adodb Search vendor "Adodb Project" for product "Adodb" | 5.08 Search vendor "Adodb Project" for product "Adodb" and version "5.08" | a |
Affected
| in | Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | - | - |
Safe
|
| Adodb Project Search vendor "Adodb Project" | Adodb Search vendor "Adodb Project" for product "Adodb" | 5.09 Search vendor "Adodb Project" for product "Adodb" and version "5.09" | - |
Affected
| in | Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | - | - |
Safe
|
| Adodb Project Search vendor "Adodb Project" | Adodb Search vendor "Adodb Project" for product "Adodb" | 5.09 Search vendor "Adodb Project" for product "Adodb" and version "5.09" | a |
Affected
| in | Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | - | - |
Safe
|
| Adodb Project Search vendor "Adodb Project" | Adodb Search vendor "Adodb Project" for product "Adodb" | 5.10 Search vendor "Adodb Project" for product "Adodb" and version "5.10" | - |
Affected
| in | Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | - | - |
Safe
|
| Adodb Project Search vendor "Adodb Project" | Adodb Search vendor "Adodb Project" for product "Adodb" | 5.11 Search vendor "Adodb Project" for product "Adodb" and version "5.11" | - |
Affected
| in | Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | - | - |
Safe
|
| Adodb Project Search vendor "Adodb Project" | Adodb Search vendor "Adodb Project" for product "Adodb" | 5.12 Search vendor "Adodb Project" for product "Adodb" and version "5.12" | - |
Affected
| in | Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | - | - |
Safe
|
| Adodb Project Search vendor "Adodb Project" | Adodb Search vendor "Adodb Project" for product "Adodb" | 5.13 Search vendor "Adodb Project" for product "Adodb" and version "5.13" | - |
Affected
| in | Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | - | - |
Safe
|
| Adodb Project Search vendor "Adodb Project" | Adodb Search vendor "Adodb Project" for product "Adodb" | 5.14 Search vendor "Adodb Project" for product "Adodb" and version "5.14" | - |
Affected
| in | Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | - | - |
Safe
|
| Adodb Project Search vendor "Adodb Project" | Adodb Search vendor "Adodb Project" for product "Adodb" | 5.15 Search vendor "Adodb Project" for product "Adodb" and version "5.15" | - |
Affected
| in | Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | - | - |
Safe
|
| Adodb Project Search vendor "Adodb Project" | Adodb Search vendor "Adodb Project" for product "Adodb" | 5.16 Search vendor "Adodb Project" for product "Adodb" and version "5.16" | - |
Affected
| in | Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | - | - |
Safe
|
| Adodb Project Search vendor "Adodb Project" | Adodb Search vendor "Adodb Project" for product "Adodb" | 5.16 Search vendor "Adodb Project" for product "Adodb" and version "5.16" | a |
Affected
| in | Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | - | - |
Safe
|
| Adodb Project Search vendor "Adodb Project" | Adodb Search vendor "Adodb Project" for product "Adodb" | 5.17 Search vendor "Adodb Project" for product "Adodb" and version "5.17" | - |
Affected
| in | Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | - | - |
Safe
|
| Adodb Project Search vendor "Adodb Project" | Adodb Search vendor "Adodb Project" for product "Adodb" | 5.18 Search vendor "Adodb Project" for product "Adodb" and version "5.18" | - |
Affected
| in | Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | - | - |
Safe
|
| Adodb Project Search vendor "Adodb Project" | Adodb Search vendor "Adodb Project" for product "Adodb" | 5.18 Search vendor "Adodb Project" for product "Adodb" and version "5.18" | a |
Affected
| in | Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | - | - |
Safe
|
| Adodb Project Search vendor "Adodb Project" | Adodb Search vendor "Adodb Project" for product "Adodb" | 5.19 Search vendor "Adodb Project" for product "Adodb" and version "5.19" | - |
Affected
| in | Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | - | - |
Safe
|
| Adodb Project Search vendor "Adodb Project" | Adodb Search vendor "Adodb Project" for product "Adodb" | 5.20.0 Search vendor "Adodb Project" for product "Adodb" and version "5.20.0" | - |
Affected
| in | Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | - | - |
Safe
|
| Adodb Project Search vendor "Adodb Project" | Adodb Search vendor "Adodb Project" for product "Adodb" | 5.20.1 Search vendor "Adodb Project" for product "Adodb" and version "5.20.1" | - |
Affected
| in | Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | - | - |
Safe
|
| Adodb Project Search vendor "Adodb Project" | Adodb Search vendor "Adodb Project" for product "Adodb" | 5.20.2 Search vendor "Adodb Project" for product "Adodb" and version "5.20.2" | - |
Affected
| in | Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | - | - |
Safe
|
| Adodb Project Search vendor "Adodb Project" | Adodb Search vendor "Adodb Project" for product "Adodb" | 5.20.3 Search vendor "Adodb Project" for product "Adodb" and version "5.20.3" | - |
Affected
| in | Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | - | - |
Safe
|
| Adodb Project Search vendor "Adodb Project" | Adodb Search vendor "Adodb Project" for product "Adodb" | 5.20.4 Search vendor "Adodb Project" for product "Adodb" and version "5.20.4" | - |
Affected
| in | Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | - | - |
Safe
|
| Adodb Project Search vendor "Adodb Project" | Adodb Search vendor "Adodb Project" for product "Adodb" | 5.20.5 Search vendor "Adodb Project" for product "Adodb" and version "5.20.5" | - |
Affected
| in | Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | - | - |
Safe
|
| Adodb Project Search vendor "Adodb Project" | Adodb Search vendor "Adodb Project" for product "Adodb" | 5.20.6 Search vendor "Adodb Project" for product "Adodb" and version "5.20.6" | - |
Affected
| in | Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | - | - |
Safe
|
| Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 25 Search vendor "Fedoraproject" for product "Fedora" and version "25" | - |
Affected
| ||||||