Updated php-adodb packages fix security vulnerabilities
Publication date: 03 Nov 2016Modification date: 04 Nov 2016
Type: security
Affected Mageia releases : 5
CVE: CVE-2016-7405 , CVE-2016-4855
Description
The qstr method in the PDO driver in the ADOdb Library for PHP before 5.x
before 5.20.7 might allow remote attackers to conduct SQL injection attacks
via vectors related to incorrect quoting. (CVE-2016-7405)
Cross Site Scripting vulnerability in test script (CVE-2016-4855)
References
SRPMS
5/core
- php-adodb-5.18-5.1.mga5