ADOdb is vulnerable to SQL injection attacks. A malicious user can inject arbitrary SQL query since the library incorrectly quotes the strings to be sent to the database using ADOConnection::qstr()
.
CPE | Name | Operator | Version |
---|---|---|---|
adodb/adodb-php | le | 5.20.6 |