1. CVE-Search
  2. CVE-2006-0410
ID CVE-2006-0410
Summary SQL injection vulnerability in ADOdb before 4.71, when using PostgreSQL, allows remote attackers to execute arbitrary SQL commands via unspecified attack vectors involving binary strings.
References
Vulnerable Configurations
  • cpe:2.3:a:john_lim:adodb:4.66:*:*:*:*:*:*:*
    cpe:2.3:a:john_lim:adodb:4.66:*:*:*:*:*:*:*
  • cpe:2.3:a:john_lim:adodb:4.68:*:*:*:*:*:*:*
    cpe:2.3:a:john_lim:adodb:4.68:*:*:*:*:*:*:*
  • cpe:2.3:a:john_lim:adodb:4.70:*:*:*:*:*:*:*
    cpe:2.3:a:john_lim:adodb:4.70:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 20-07-2017 - 01:29)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:P/A:N
refmap via4
bid 16364
confirm http://sourceforge.net/project/shownotes.php?release_id=387862&group_id=42718
debian
  • DSA-1029
  • DSA-1030
  • DSA-1031
gentoo
  • GLSA-200602-02
  • GLSA-200604-07
osvdb 22705
secunia
  • 18575
  • 18732
  • 18745
  • 19555
  • 19590
  • 19591
  • 19691
vupen
  • ADV-2006-0315
  • ADV-2006-0448
xf adodb-postgresql-sql-injection(24314)
Last major update 20-07-2017 - 01:29
Published 25-01-2006 - 02:03
Last modified 20-07-2017 - 01:29
Back to Top