What is the severity of CVE-2016-7405?

CVE-2016-7405 has a medium severity rating due to its potential to allow SQL injection attacks.

How do I fix CVE-2016-7405?

To fix CVE-2016-7405, update the ADOdb Library to version 5.20.7 or later.

What versions are affected by CVE-2016-7405?

CVE-2016-7405 affects ADOdb versions prior to 5.20.7.

Can CVE-2016-7405 be exploited remotely?

Yes, CVE-2016-7405 can be exploited by remote attackers to perform SQL injection.

What is the impact of exploiting CVE-2016-7405?

Exploiting CVE-2016-7405 can lead to unauthorized access and manipulation of the database.

Vulnerability/
CVE-2016-7405

critical

9.8

CWE

3/10/2016

17/5/2022

6/8/2024

CVE-2016-7405: SQL Injection

First published: Mon Oct 03 2016(Updated: )

The `qstr` method in the PDO driver in the ADOdb Library for PHP before 5.x before 5.20.7 might allow remote attackers to conduct SQL injection attacks via vectors related to incorrect quoting.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
composer/adodb/adodb-php	>=5.0<5.20.7	5.20.7
ubuntu/libphp-adodb	<5.20.6-1	5.20.6-1
ubuntu/libphp-adodb	<5.20.3-1ubuntu1+	5.20.3-1ubuntu1+
debian/libphp-adodb		5.20.14-1+deb10u1 5.20.19-1+deb11u1 5.21.4-1
All of
Any of
ADOdb Lite	=5.00-beta
ADOdb Lite	=5.01-beta
ADOdb Lite	=5.02
ADOdb Lite	=5.02-a
ADOdb Lite	=5.03
ADOdb Lite	=5.04
ADOdb Lite	=5.04-a
ADOdb Lite	=5.05
ADOdb Lite	=5.06
ADOdb Lite	=5.06-a
ADOdb Lite	=5.07
ADOdb Lite	=5.08
ADOdb Lite	=5.08-a
ADOdb Lite	=5.09
ADOdb Lite	=5.09-a
ADOdb Lite	=5.10
ADOdb Lite	=5.11
ADOdb Lite	=5.12
ADOdb Lite	=5.13
ADOdb Lite	=5.14
ADOdb Lite	=5.15
ADOdb Lite	=5.16
ADOdb Lite	=5.16-a
ADOdb Lite	=5.17
ADOdb Lite	=5.18
ADOdb Lite	=5.18-a
ADOdb Lite	=5.19
ADOdb Lite	=5.20.0
ADOdb Lite	=5.20.1
ADOdb Lite	=5.20.2
ADOdb Lite	=5.20.3
ADOdb Lite	=5.20.4
ADOdb Lite	=5.20.5
ADOdb Lite	=5.20.6
PHP
Fedora	=25
ADOdb Lite	=5.00-beta
ADOdb Lite	=5.01-beta
ADOdb Lite	=5.02
ADOdb Lite	=5.02-a
ADOdb Lite	=5.03
ADOdb Lite	=5.04
ADOdb Lite	=5.04-a
ADOdb Lite	=5.05
ADOdb Lite	=5.06
ADOdb Lite	=5.06-a
ADOdb Lite	=5.07
ADOdb Lite	=5.08
ADOdb Lite	=5.08-a
ADOdb Lite	=5.09
ADOdb Lite	=5.09-a
ADOdb Lite	=5.10
ADOdb Lite	=5.11
ADOdb Lite	=5.12
ADOdb Lite	=5.13
ADOdb Lite	=5.14
ADOdb Lite	=5.15
ADOdb Lite	=5.16
ADOdb Lite	=5.16-a
ADOdb Lite	=5.17
ADOdb Lite	=5.18
ADOdb Lite	=5.18-a
ADOdb Lite	=5.19
ADOdb Lite	=5.20.0
ADOdb Lite	=5.20.1
ADOdb Lite	=5.20.2
ADOdb Lite	=5.20.3
ADOdb Lite	=5.20.4
ADOdb Lite	=5.20.5
ADOdb Lite	=5.20.6
PHP

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

USN-6825-1

Frequently Asked Questions

What is the severity of CVE-2016-7405?
CVE-2016-7405 has a medium severity rating due to its potential to allow SQL injection attacks.
How do I fix CVE-2016-7405?
To fix CVE-2016-7405, update the ADOdb Library to version 5.20.7 or later.
What versions are affected by CVE-2016-7405?
CVE-2016-7405 affects ADOdb versions prior to 5.20.7.
Can CVE-2016-7405 be exploited remotely?
Yes, CVE-2016-7405 can be exploited by remote attackers to perform SQL injection.
What is the impact of exploiting CVE-2016-7405?
Exploiting CVE-2016-7405 can lead to unauthorized access and manipulation of the database.

collector/github-advisory-latest
alias/GHSA-3fj4-q72x-x2g9
alias/CVE-2016-7405
collector/github-advisory
agent/author
agent/type
agent/severity
agent/weakness
agent/remedy
collector/usn-cve
source/Ubuntu
agent/software-canonical-lookup
agent/description
agent/first-publish-date
collector/launchpad-cve
source/Launchpad
agent/references
collector/security-tracker-debian
source/Debian
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/event
agent/trending
agent/source
agent/softwarecombine
agent/tags
collector/nvd-cve
source/NVD
agent/software-canonical-lookup-request
collector/nvd-index
package-manager/composer
package-manager/ubuntu
package-manager/debian
vendor/adodb project
canonical/adodb lite
version/adodb lite/5.00-beta
version/adodb lite/5.01-beta
version/adodb lite/5.02
version/adodb lite/5.02-a
version/adodb lite/5.03
version/adodb lite/5.04
version/adodb lite/5.04-a
version/adodb lite/5.05
version/adodb lite/5.06
version/adodb lite/5.06-a
version/adodb lite/5.07
version/adodb lite/5.08
version/adodb lite/5.08-a
version/adodb lite/5.09
version/adodb lite/5.09-a
version/adodb lite/5.10
version/adodb lite/5.11
version/adodb lite/5.12
version/adodb lite/5.13
version/adodb lite/5.14
version/adodb lite/5.15
version/adodb lite/5.16
version/adodb lite/5.16-a
version/adodb lite/5.17
version/adodb lite/5.18
version/adodb lite/5.18-a
version/adodb lite/5.19
version/adodb lite/5.20.0
version/adodb lite/5.20.1
version/adodb lite/5.20.2
version/adodb lite/5.20.3
version/adodb lite/5.20.4
version/adodb lite/5.20.5
version/adodb lite/5.20.6
vendor/php
canonical/php
vendor/fedoraproject
canonical/fedora
version/fedora/25

CVE-2016-7405: SQL Injection

Remedy

Remedy

Remedy

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

Frequently Asked Questions

What is the severity of CVE-2016-7405?

How do I fix CVE-2016-7405?

What versions are affected by CVE-2016-7405?

Can CVE-2016-7405 be exploited remotely?

What is the impact of exploiting CVE-2016-7405?

Company

Resources

Contact