php is vulnerable to SQL Injection attacks. The vulnerability exists due to an integer overflow when processing untrusted input within the PDO::quote()
in PDO_SQLite
, which allows a remote attacker to pass a specially crafted input to the application that after being processed by the affected PDO::quote()
method will return a quoted string, which can result in a SQL injection.