Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/libphp-adodb@5.21.4-1%2Bdeb12u2?distro=trixie

Type deb

Namespace debian

Name libphp-adodb

Version 5.21.4-1+deb12u2

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version 5.22.9-0.1

Latest_non_vulnerable_version 5.22.11-1

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-5ccj-b3a9-67g2

vulnerability_id VCID-5ccj-b3a9-67g2

summary

Multiple vulnerabilities have been discovered in the ADOdb layer included
    in Cacti, potentially resulting in the execution of arbitrary code.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2006-0806

reference_id

reference_type

scores

value	0.12629
scoring_system	epss
scoring_elements	0.93932
published_at	2026-04-01T12:55:00Z

value	0.12629
scoring_system	epss
scoring_elements	0.9394
published_at	2026-04-02T12:55:00Z

value	0.12629
scoring_system	epss
scoring_elements	0.9395
published_at	2026-04-04T12:55:00Z

value	0.12629
scoring_system	epss
scoring_elements	0.93953
published_at	2026-04-07T12:55:00Z

value	0.12629
scoring_system	epss
scoring_elements	0.93961
published_at	2026-04-08T12:55:00Z

value	0.12629
scoring_system	epss
scoring_elements	0.93965
published_at	2026-04-09T12:55:00Z

value	0.12629
scoring_system	epss
scoring_elements	0.93968
published_at	2026-04-13T12:55:00Z

value	0.12629
scoring_system	epss
scoring_elements	0.93983
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2006-0806

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0806
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0806

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=358872
reference_id	358872
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=358872

reference_url	https://security.gentoo.org/glsa/200604-07
reference_id	GLSA-200604-07
reference_type
scores
url	https://security.gentoo.org/glsa/200604-07

reference_url	http://gulftech.org/advisories/ADOdb%20Cross%20Site%20Scripting/93
reference_id	GTSA-00093;CVE-2006-0806
reference_type	exploit
scores
url	http://gulftech.org/advisories/ADOdb%20Cross%20Site%20Scripting/93

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/43832.txt
reference_id	GTSA-00093;CVE-2006-0806
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/43832.txt

fixed_packages

url	pkg:deb/debian/libphp-adodb@4.72-0.1?distro=trixie
purl	pkg:deb/debian/libphp-adodb@4.72-0.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libphp-adodb@4.72-0.1%3Fdistro=trixie

url	pkg:deb/debian/libphp-adodb@5.20.19-1%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/libphp-adodb@5.20.19-1%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libphp-adodb@5.20.19-1%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/libphp-adodb@5.21.4-1%2Bdeb12u2?distro=trixie
purl	pkg:deb/debian/libphp-adodb@5.21.4-1%2Bdeb12u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libphp-adodb@5.21.4-1%252Bdeb12u2%3Fdistro=trixie

url	pkg:deb/debian/libphp-adodb@5.22.9-0.1%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/libphp-adodb@5.22.9-0.1%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libphp-adodb@5.22.9-0.1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/libphp-adodb@5.22.11-1?distro=trixie
purl	pkg:deb/debian/libphp-adodb@5.22.11-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libphp-adodb@5.22.11-1%3Fdistro=trixie

aliases CVE-2006-0806

risk_score 0.2

exploitability 2.0

weighted_severity 0.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5ccj-b3a9-67g2

url VCID-73nz-mq75-pbhu

vulnerability_id VCID-73nz-mq75-pbhu

summary

The ADOdb sqlite3 driver allows SQL injection
Improper escaping of a query parameter may allow an attacker to execute arbitrary SQL statements when the code using ADOdb connects to a sqlite3 database and calls the metaColumns(), metaForeignKeys() or metaIndexes() methods with a crafted table name.

Note that the indicated Severity corresponds to a worst-case usage scenario, e.g. allowing user-supplied data to be sent as-is to the above-mentioned methods.

### Impact
SQLite3 driver.

### Patches
Vulnerability is fixed in ADOdb 5.22.10 (https://github.com/ADOdb/ADOdb/commit/5b8bd52cdcffefb4ecded1b399c98cfa516afe03).

### Workarounds
Only pass controlled data to metaColumns(), metaForeignKeys() and metaIndexes() method's $table parameter.

### Credits

Thanks to Marco Nappi (@mrcnpp) for reporting this vulnerability.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-54119

reference_id

reference_type

scores

value	0.00063
scoring_system	epss
scoring_elements	0.19682
published_at	2026-04-07T12:55:00Z

value	0.00063
scoring_system	epss
scoring_elements	0.19812
published_at	2026-04-09T12:55:00Z

value	0.00063
scoring_system	epss
scoring_elements	0.19899
published_at	2026-04-02T12:55:00Z

value	0.00063
scoring_system	epss
scoring_elements	0.19761
published_at	2026-04-08T12:55:00Z

value	0.00063
scoring_system	epss
scoring_elements	0.19954
published_at	2026-04-04T12:55:00Z

value	0.00069
scoring_system	epss
scoring_elements	0.21158
published_at	2026-04-16T12:55:00Z

value	0.00069
scoring_system	epss
scoring_elements	0.21261
published_at	2026-04-11T12:55:00Z

value	0.00069
scoring_system	epss
scoring_elements	0.2122
published_at	2026-04-12T12:55:00Z

value	0.00069
scoring_system	epss
scoring_elements	0.21167
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-54119

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-54119
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-54119

reference_url

https://github.com/ADOdb/ADOdb

reference_id

reference_type

scores

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/ADOdb/ADOdb

reference_url

https://github.com/ADOdb/ADOdb/commit/5b8bd52cdcffefb4ecded1b399c98cfa516afe03

reference_id

reference_type

scores

value	10
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-08-05T13:57:17Z/

url

https://github.com/ADOdb/ADOdb/commit/5b8bd52cdcffefb4ecded1b399c98cfa516afe03

reference_url

https://github.com/ADOdb/ADOdb/issues/1083

reference_id

reference_type

scores

value	10
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-08-05T13:57:17Z/

url

https://github.com/ADOdb/ADOdb/issues/1083

reference_url

https://github.com/ADOdb/ADOdb/security/advisories/GHSA-vf2r-cxg9-p7rf

reference_id

reference_type

scores

value	10
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-08-05T13:57:17Z/

url

https://github.com/ADOdb/ADOdb/security/advisories/GHSA-vf2r-cxg9-p7rf

reference_url

https://lists.debian.org/debian-lts-announce/2025/10/msg00020.html

reference_id

reference_type

scores

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2025/10/msg00020.html

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2025-54119

reference_id

reference_type

scores

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2025-54119

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1110464
reference_id	1110464
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1110464

reference_url

https://github.com/advisories/GHSA-vf2r-cxg9-p7rf

reference_id

GHSA-vf2r-cxg9-p7rf

reference_type

scores

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-vf2r-cxg9-p7rf

fixed_packages

url	pkg:deb/debian/libphp-adodb@5.20.19-1%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/libphp-adodb@5.20.19-1%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libphp-adodb@5.20.19-1%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/libphp-adodb@5.20.19-1%2Bdeb11u3?distro=trixie
purl	pkg:deb/debian/libphp-adodb@5.20.19-1%2Bdeb11u3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libphp-adodb@5.20.19-1%252Bdeb11u3%3Fdistro=trixie

url	pkg:deb/debian/libphp-adodb@5.21.4-1%2Bdeb12u2?distro=trixie
purl	pkg:deb/debian/libphp-adodb@5.21.4-1%2Bdeb12u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libphp-adodb@5.21.4-1%252Bdeb12u2%3Fdistro=trixie

url	pkg:deb/debian/libphp-adodb@5.22.9-0.1%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/libphp-adodb@5.22.9-0.1%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libphp-adodb@5.22.9-0.1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/libphp-adodb@5.22.10-0.1?distro=trixie
purl	pkg:deb/debian/libphp-adodb@5.22.10-0.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libphp-adodb@5.22.10-0.1%3Fdistro=trixie

url	pkg:deb/debian/libphp-adodb@5.22.11-1?distro=trixie
purl	pkg:deb/debian/libphp-adodb@5.22.11-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libphp-adodb@5.22.11-1%3Fdistro=trixie

aliases CVE-2025-54119, GHSA-vf2r-cxg9-p7rf

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-73nz-mq75-pbhu

url VCID-93va-4zq1-1qdw

vulnerability_id VCID-93va-4zq1-1qdw

summary John Lim ADOdb Library for PHP before 4.23 allows remote attackers to obtain sensitive information via direct requests to certain scripts that result in an undefined value of ADODB_DIR, which reveals the installation path in an error message.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2004-2664

reference_id

reference_type

scores

value	0.00346
scoring_system	epss
scoring_elements	0.57153
published_at	2026-04-01T12:55:00Z

value	0.00346
scoring_system	epss
scoring_elements	0.57242
published_at	2026-04-07T12:55:00Z

value	0.00346
scoring_system	epss
scoring_elements	0.57265
published_at	2026-04-04T12:55:00Z

value	0.00346
scoring_system	epss
scoring_elements	0.57294
published_at	2026-04-08T12:55:00Z

value	0.00346
scoring_system	epss
scoring_elements	0.57296
published_at	2026-04-09T12:55:00Z

value	0.00346
scoring_system	epss
scoring_elements	0.57309
published_at	2026-04-11T12:55:00Z

value	0.00346
scoring_system	epss
scoring_elements	0.5729
published_at	2026-04-12T12:55:00Z

value	0.00346
scoring_system	epss
scoring_elements	0.57269
published_at	2026-04-13T12:55:00Z

value	0.00346
scoring_system	epss
scoring_elements	0.57297
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2004-2664

fixed_packages

url	pkg:deb/debian/libphp-adodb@0?distro=trixie
purl	pkg:deb/debian/libphp-adodb@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libphp-adodb@0%3Fdistro=trixie

url	pkg:deb/debian/libphp-adodb@5.20.19-1%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/libphp-adodb@5.20.19-1%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libphp-adodb@5.20.19-1%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/libphp-adodb@5.21.4-1%2Bdeb12u2?distro=trixie
purl	pkg:deb/debian/libphp-adodb@5.21.4-1%2Bdeb12u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libphp-adodb@5.21.4-1%252Bdeb12u2%3Fdistro=trixie

url	pkg:deb/debian/libphp-adodb@5.22.9-0.1%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/libphp-adodb@5.22.9-0.1%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libphp-adodb@5.22.9-0.1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/libphp-adodb@5.22.11-1?distro=trixie
purl	pkg:deb/debian/libphp-adodb@5.22.11-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libphp-adodb@5.22.11-1%3Fdistro=trixie

aliases CVE-2004-2664

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-93va-4zq1-1qdw

url VCID-9x72-e9wx-mqf4

vulnerability_id VCID-9x72-e9wx-mqf4

summary

Multiple vulnerabilities have been discovered in the ADOdb layer included
    in Cacti, potentially resulting in the execution of arbitrary code.

references

reference_url	http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.html
reference_id
reference_type
scores
url	http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.html

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2006-0146

reference_id

reference_type

scores

value	0.09474
scoring_system	epss
scoring_elements	0.92833
published_at	2026-04-16T12:55:00Z

value	0.09474
scoring_system	epss
scoring_elements	0.92795
published_at	2026-04-01T12:55:00Z

value	0.09474
scoring_system	epss
scoring_elements	0.92802
published_at	2026-04-02T12:55:00Z

value	0.09474
scoring_system	epss
scoring_elements	0.92807
published_at	2026-04-04T12:55:00Z

value	0.09474
scoring_system	epss
scoring_elements	0.92805
published_at	2026-04-07T12:55:00Z

value	0.09474
scoring_system	epss
scoring_elements	0.92814
published_at	2026-04-08T12:55:00Z

value	0.09474
scoring_system	epss
scoring_elements	0.92818
published_at	2026-04-09T12:55:00Z

value	0.09474
scoring_system	epss
scoring_elements	0.92822
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2006-0146

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0146
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0146

reference_url	http://secunia.com/advisories/17418
reference_id
reference_type
scores
url	http://secunia.com/advisories/17418

reference_url	http://secunia.com/advisories/18233
reference_id
reference_type
scores
url	http://secunia.com/advisories/18233

reference_url	http://secunia.com/advisories/18254
reference_id
reference_type
scores
url	http://secunia.com/advisories/18254

reference_url	http://secunia.com/advisories/18260
reference_id
reference_type
scores
url	http://secunia.com/advisories/18260

reference_url	http://secunia.com/advisories/18267
reference_id
reference_type
scores
url	http://secunia.com/advisories/18267

reference_url	http://secunia.com/advisories/18276
reference_id
reference_type
scores
url	http://secunia.com/advisories/18276

reference_url	http://secunia.com/advisories/18720
reference_id
reference_type
scores
url	http://secunia.com/advisories/18720

reference_url	http://secunia.com/advisories/19555
reference_id
reference_type
scores
url	http://secunia.com/advisories/19555

reference_url	http://secunia.com/advisories/19563
reference_id
reference_type
scores
url	http://secunia.com/advisories/19563

reference_url	http://secunia.com/advisories/19590
reference_id
reference_type
scores
url	http://secunia.com/advisories/19590

reference_url	http://secunia.com/advisories/19591
reference_id
reference_type
scores
url	http://secunia.com/advisories/19591

reference_url	http://secunia.com/advisories/19600
reference_id
reference_type
scores
url	http://secunia.com/advisories/19600

reference_url	http://secunia.com/advisories/19691
reference_id
reference_type
scores
url	http://secunia.com/advisories/19691

reference_url	http://secunia.com/advisories/19699
reference_id
reference_type
scores
url	http://secunia.com/advisories/19699

reference_url	http://secunia.com/advisories/24954
reference_id
reference_type
scores
url	http://secunia.com/advisories/24954

reference_url	http://secunia.com/secunia_research/2005-64/advisory/
reference_id
reference_type
scores
url	http://secunia.com/secunia_research/2005-64/advisory/

reference_url	http://securityreason.com/securityalert/713
reference_id
reference_type
scores
url	http://securityreason.com/securityalert/713

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/24051
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/24051

reference_url	http://www.debian.org/security/2006/dsa-1029
reference_id
reference_type
scores
url	http://www.debian.org/security/2006/dsa-1029

reference_url	http://www.debian.org/security/2006/dsa-1030
reference_id
reference_type
scores
url	http://www.debian.org/security/2006/dsa-1030

reference_url	http://www.debian.org/security/2006/dsa-1031
reference_id
reference_type
scores
url	http://www.debian.org/security/2006/dsa-1031

reference_url	http://www.gentoo.org/security/en/glsa/glsa-200604-07.xml
reference_id
reference_type
scores
url	http://www.gentoo.org/security/en/glsa/glsa-200604-07.xml

reference_url	http://www.maxdev.com/Article550.phtml
reference_id
reference_type
scores
url	http://www.maxdev.com/Article550.phtml

reference_url	http://www.osvdb.org/22290
reference_id
reference_type
scores
url	http://www.osvdb.org/22290

reference_url	http://www.securityfocus.com/archive/1/423784/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/423784/100/0/threaded

reference_url	http://www.securityfocus.com/archive/1/430448/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/430448/100/0/threaded

reference_url	http://www.securityfocus.com/archive/1/466171/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/466171/100/0/threaded

reference_url	http://www.securityfocus.com/bid/16187
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/16187

reference_url	http://www.vupen.com/english/advisories/2006/0101
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2006/0101

reference_url	http://www.vupen.com/english/advisories/2006/0102
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2006/0102

reference_url	http://www.vupen.com/english/advisories/2006/0103
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2006/0103

reference_url	http://www.vupen.com/english/advisories/2006/0104
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2006/0104

reference_url	http://www.vupen.com/english/advisories/2006/0105
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2006/0105

reference_url	http://www.vupen.com/english/advisories/2006/0370
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2006/0370

reference_url	http://www.vupen.com/english/advisories/2006/0447
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2006/0447

reference_url	http://www.vupen.com/english/advisories/2006/1304
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2006/1304

reference_url	http://www.vupen.com/english/advisories/2006/1305
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2006/1305

reference_url	http://www.vupen.com/english/advisories/2006/1419
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2006/1419

reference_url	http://www.xaraya.com/index.php/news/569
reference_id
reference_type
scores
url	http://www.xaraya.com/index.php/news/569

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=349985
reference_id	349985
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=349985

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:john_lim:adodb:4.66:::::::*
reference_id	cpe:2.3:a:john_lim:adodb:4.66:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:john_lim:adodb:4.66:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:john_lim:adodb:4.68:::::::*
reference_id	cpe:2.3:a:john_lim:adodb:4.68:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:john_lim:adodb:4.68:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mantis:mantis:0.19.4:::::::*
reference_id	cpe:2.3:a:mantis:mantis:0.19.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mantis:mantis:0.19.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mantis:mantis:1.0.0_rc4:::::::*
reference_id	cpe:2.3:a:mantis:mantis:1.0.0_rc4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mantis:mantis:1.0.0_rc4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediabeez:mediabeez::::::::
reference_id	cpe:2.3:a:mediabeez:mediabeez::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediabeez:mediabeez::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:moodle:moodle:1.5.3:::::::*
reference_id	cpe:2.3:a:moodle:moodle:1.5.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:moodle:moodle:1.5.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:postnuke_software_foundation:postnuke:0.761:::::::*
reference_id	cpe:2.3:a:postnuke_software_foundation:postnuke:0.761:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:postnuke_software_foundation:postnuke:0.761:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:the_cacti_group:cacti:0.8.6g:::::::*
reference_id	cpe:2.3:a:the_cacti_group:cacti:0.8.6g:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:the_cacti_group:cacti:0.8.6g:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2006-0146

reference_id

CVE-2006-0146

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2006-0146

reference_url	https://security.gentoo.org/glsa/200604-07
reference_id	GLSA-200604-07
reference_type
scores
url	https://security.gentoo.org/glsa/200604-07

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/1663.php
reference_id	OSVDB-24878;CVE-2006-2029;OSVDB-24562;CVE-2006-1779;OSVDB-24561;CVE-2006-1778;OSVDB-24560;CVE-2006-1777;CVE-2006-1776;OSVDB-24559;CVE-2006-0147;OSVDB-22291;OSVDB-22290;CVE-2006-0146
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/1663.php

fixed_packages

url	pkg:deb/debian/libphp-adodb@4.72-0.1?distro=trixie
purl	pkg:deb/debian/libphp-adodb@4.72-0.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libphp-adodb@4.72-0.1%3Fdistro=trixie

url	pkg:deb/debian/libphp-adodb@5.20.19-1%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/libphp-adodb@5.20.19-1%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libphp-adodb@5.20.19-1%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/libphp-adodb@5.21.4-1%2Bdeb12u2?distro=trixie
purl	pkg:deb/debian/libphp-adodb@5.21.4-1%2Bdeb12u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libphp-adodb@5.21.4-1%252Bdeb12u2%3Fdistro=trixie

url	pkg:deb/debian/libphp-adodb@5.22.9-0.1%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/libphp-adodb@5.22.9-0.1%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libphp-adodb@5.22.9-0.1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/libphp-adodb@5.22.11-1?distro=trixie
purl	pkg:deb/debian/libphp-adodb@5.22.11-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libphp-adodb@5.22.11-1%3Fdistro=trixie

aliases CVE-2006-0146

risk_score 10.0

exploitability 2.0

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9x72-e9wx-mqf4

url VCID-kjcg-xe2b-akap

vulnerability_id VCID-kjcg-xe2b-akap

summary

Multiple vulnerabilities have been discovered in the ADOdb layer included
    in Cacti, potentially resulting in the execution of arbitrary code.

references

reference_url	http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.html
reference_id
reference_type
scores
url	http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.html

reference_url	http://retrogod.altervista.org/simplog_092_incl_xpl.html
reference_id
reference_type
scores
url	http://retrogod.altervista.org/simplog_092_incl_xpl.html

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2006-0147

reference_id

reference_type

scores

value	0.29662
scoring_system	epss
scoring_elements	0.96628
published_at	2026-04-16T12:55:00Z

value	0.29662
scoring_system	epss
scoring_elements	0.96589
published_at	2026-04-01T12:55:00Z

value	0.29662
scoring_system	epss
scoring_elements	0.96599
published_at	2026-04-02T12:55:00Z

value	0.29662
scoring_system	epss
scoring_elements	0.96603
published_at	2026-04-04T12:55:00Z

value	0.29662
scoring_system	epss
scoring_elements	0.96606
published_at	2026-04-07T12:55:00Z

value	0.29662
scoring_system	epss
scoring_elements	0.96614
published_at	2026-04-08T12:55:00Z

value	0.29662
scoring_system	epss
scoring_elements	0.96616
published_at	2026-04-09T12:55:00Z

value	0.29662
scoring_system	epss
scoring_elements	0.96618
published_at	2026-04-11T12:55:00Z

value	0.29662
scoring_system	epss
scoring_elements	0.96619
published_at	2026-04-12T12:55:00Z

value	0.29662
scoring_system	epss
scoring_elements	0.96621
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2006-0147

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0147
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0147

reference_url	http://secunia.com/advisories/17418
reference_id
reference_type
scores
url	http://secunia.com/advisories/17418

reference_url	http://secunia.com/advisories/18233
reference_id
reference_type
scores
url	http://secunia.com/advisories/18233

reference_url	http://secunia.com/advisories/18254
reference_id
reference_type
scores
url	http://secunia.com/advisories/18254

reference_url	http://secunia.com/advisories/18260
reference_id
reference_type
scores
url	http://secunia.com/advisories/18260

reference_url	http://secunia.com/advisories/18267
reference_id
reference_type
scores
url	http://secunia.com/advisories/18267

reference_url	http://secunia.com/advisories/18276
reference_id
reference_type
scores
url	http://secunia.com/advisories/18276

reference_url	http://secunia.com/advisories/19555
reference_id
reference_type
scores
url	http://secunia.com/advisories/19555

reference_url	http://secunia.com/advisories/19590
reference_id
reference_type
scores
url	http://secunia.com/advisories/19590

reference_url	http://secunia.com/advisories/19591
reference_id
reference_type
scores
url	http://secunia.com/advisories/19591

reference_url	http://secunia.com/advisories/19600
reference_id
reference_type
scores
url	http://secunia.com/advisories/19600

reference_url	http://secunia.com/advisories/19628
reference_id
reference_type
scores
url	http://secunia.com/advisories/19628

reference_url	http://secunia.com/advisories/19691
reference_id
reference_type
scores
url	http://secunia.com/advisories/19691

reference_url	http://secunia.com/secunia_research/2005-64/advisory/
reference_id
reference_type
scores
url	http://secunia.com/secunia_research/2005-64/advisory/

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/24052
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/24052

reference_url	https://www.exploit-db.com/exploits/1663
reference_id
reference_type
scores
url	https://www.exploit-db.com/exploits/1663

reference_url	http://www.debian.org/security/2006/dsa-1029
reference_id
reference_type
scores
url	http://www.debian.org/security/2006/dsa-1029

reference_url	http://www.debian.org/security/2006/dsa-1030
reference_id
reference_type
scores
url	http://www.debian.org/security/2006/dsa-1030

reference_url	http://www.debian.org/security/2006/dsa-1031
reference_id
reference_type
scores
url	http://www.debian.org/security/2006/dsa-1031

reference_url	http://www.gentoo.org/security/en/glsa/glsa-200604-07.xml
reference_id
reference_type
scores
url	http://www.gentoo.org/security/en/glsa/glsa-200604-07.xml

reference_url	http://www.osvdb.org/22291
reference_id
reference_type
scores
url	http://www.osvdb.org/22291

reference_url	http://www.securityfocus.com/archive/1/430448/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/430448/100/0/threaded

reference_url	http://www.securityfocus.com/archive/1/430743/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/430743/100/0/threaded

reference_url	http://www.vupen.com/english/advisories/2006/0101
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2006/0101

reference_url	http://www.vupen.com/english/advisories/2006/0102
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2006/0102

reference_url	http://www.vupen.com/english/advisories/2006/0103
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2006/0103

reference_url	http://www.vupen.com/english/advisories/2006/0104
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2006/0104

reference_url	http://www.vupen.com/english/advisories/2006/1305
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2006/1305

reference_url	http://www.vupen.com/english/advisories/2006/1332
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2006/1332

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=349985
reference_id	349985
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=349985

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:john_lim:adodb:4.66:::::::*
reference_id	cpe:2.3:a:john_lim:adodb:4.66:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:john_lim:adodb:4.66:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:john_lim:adodb:4.68:::::::*
reference_id	cpe:2.3:a:john_lim:adodb:4.68:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:john_lim:adodb:4.68:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mantis:mantis:0.19.4:::::::*
reference_id	cpe:2.3:a:mantis:mantis:0.19.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mantis:mantis:0.19.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mantis:mantis:1.0.0_rc4:::::::*
reference_id	cpe:2.3:a:mantis:mantis:1.0.0_rc4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mantis:mantis:1.0.0_rc4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:moodle:moodle:1.5.3:::::::*
reference_id	cpe:2.3:a:moodle:moodle:1.5.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:moodle:moodle:1.5.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:postnuke_software_foundation:postnuke:0.761:::::::*
reference_id	cpe:2.3:a:postnuke_software_foundation:postnuke:0.761:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:postnuke_software_foundation:postnuke:0.761:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:the_cacti_group:cacti:0.8.6g:::::::*
reference_id	cpe:2.3:a:the_cacti_group:cacti:0.8.6g:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:the_cacti_group:cacti:0.8.6g:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2006-0147

reference_id

CVE-2006-0147

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2006-0147

reference_url	https://security.gentoo.org/glsa/200604-07
reference_id	GLSA-200604-07
reference_type
scores
url	https://security.gentoo.org/glsa/200604-07

fixed_packages

url	pkg:deb/debian/libphp-adodb@4.72-0.1?distro=trixie
purl	pkg:deb/debian/libphp-adodb@4.72-0.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libphp-adodb@4.72-0.1%3Fdistro=trixie

url	pkg:deb/debian/libphp-adodb@5.20.19-1%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/libphp-adodb@5.20.19-1%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libphp-adodb@5.20.19-1%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/libphp-adodb@5.21.4-1%2Bdeb12u2?distro=trixie
purl	pkg:deb/debian/libphp-adodb@5.21.4-1%2Bdeb12u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libphp-adodb@5.21.4-1%252Bdeb12u2%3Fdistro=trixie

url	pkg:deb/debian/libphp-adodb@5.22.9-0.1%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/libphp-adodb@5.22.9-0.1%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libphp-adodb@5.22.9-0.1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/libphp-adodb@5.22.11-1?distro=trixie
purl	pkg:deb/debian/libphp-adodb@5.22.11-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libphp-adodb@5.22.11-1%3Fdistro=trixie

aliases CVE-2006-0147

risk_score 10.0

exploitability 2.0

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kjcg-xe2b-akap

url VCID-phnq-kx6f-xbfh

vulnerability_id VCID-phnq-kx6f-xbfh

summary PHP remote file inclusion vulnerability in adodb-postgres7.inc.php in John Lim ADOdb, possibly 4.01 and earlier, as used in Intechnic In-link 2.3.4, allows remote attackers to execute arbitrary PHP code via a URL in the ADODB_DIR parameter.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2006-4618

reference_id

reference_type

scores

value	0.00911
scoring_system	epss
scoring_elements	0.75787
published_at	2026-04-01T12:55:00Z

value	0.00911
scoring_system	epss
scoring_elements	0.7579
published_at	2026-04-02T12:55:00Z

value	0.00911
scoring_system	epss
scoring_elements	0.75823
published_at	2026-04-04T12:55:00Z

value	0.00911
scoring_system	epss
scoring_elements	0.75802
published_at	2026-04-07T12:55:00Z

value	0.00911
scoring_system	epss
scoring_elements	0.75835
published_at	2026-04-08T12:55:00Z

value	0.00911
scoring_system	epss
scoring_elements	0.75846
published_at	2026-04-09T12:55:00Z

value	0.00911
scoring_system	epss
scoring_elements	0.7587
published_at	2026-04-11T12:55:00Z

value	0.00911
scoring_system	epss
scoring_elements	0.75851
published_at	2026-04-12T12:55:00Z

value	0.00911
scoring_system	epss
scoring_elements	0.75845
published_at	2026-04-13T12:55:00Z

value	0.00911
scoring_system	epss
scoring_elements	0.75882
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2006-4618

fixed_packages

url	pkg:deb/debian/libphp-adodb@0?distro=trixie
purl	pkg:deb/debian/libphp-adodb@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libphp-adodb@0%3Fdistro=trixie

url	pkg:deb/debian/libphp-adodb@5.20.19-1%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/libphp-adodb@5.20.19-1%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libphp-adodb@5.20.19-1%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/libphp-adodb@5.21.4-1%2Bdeb12u2?distro=trixie
purl	pkg:deb/debian/libphp-adodb@5.21.4-1%2Bdeb12u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libphp-adodb@5.21.4-1%252Bdeb12u2%3Fdistro=trixie

url	pkg:deb/debian/libphp-adodb@5.22.9-0.1%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/libphp-adodb@5.22.9-0.1%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libphp-adodb@5.22.9-0.1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/libphp-adodb@5.22.11-1?distro=trixie
purl	pkg:deb/debian/libphp-adodb@5.22.11-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libphp-adodb@5.22.11-1%3Fdistro=trixie

aliases CVE-2006-4618

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-phnq-kx6f-xbfh

url VCID-r9hg-ac9m-vbed

vulnerability_id VCID-r9hg-ac9m-vbed

summary

XSS vulnerability in old test script
Cross-site scripting vulnerability in ADOdb allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

references

reference_url

http://jvn.jp/en/jp/JVN48237713/index.html

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://jvn.jp/en/jp/JVN48237713/index.html

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-4855

reference_id

reference_type

scores

value	0.00361
scoring_system	epss
scoring_elements	0.58298
published_at	2026-04-16T12:55:00Z

value	0.00361
scoring_system	epss
scoring_elements	0.58152
published_at	2026-04-01T12:55:00Z

value	0.00361
scoring_system	epss
scoring_elements	0.58237
published_at	2026-04-02T12:55:00Z

value	0.00361
scoring_system	epss
scoring_elements	0.58257
published_at	2026-04-04T12:55:00Z

value	0.00361
scoring_system	epss
scoring_elements	0.58231
published_at	2026-04-07T12:55:00Z

value	0.00361
scoring_system	epss
scoring_elements	0.58285
published_at	2026-04-08T12:55:00Z

value	0.00361
scoring_system	epss
scoring_elements	0.58291
published_at	2026-04-09T12:55:00Z

value	0.00361
scoring_system	epss
scoring_elements	0.58309
published_at	2026-04-11T12:55:00Z

value	0.00361
scoring_system	epss
scoring_elements	0.58286
published_at	2026-04-12T12:55:00Z

value	0.00361
scoring_system	epss
scoring_elements	0.58266
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-4855

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4855
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4855

reference_url

https://github.com/ADOdb/ADOdb

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/ADOdb/ADOdb

reference_url

https://github.com/ADOdb/ADOdb/commit/ecb93d8c1fd3bbde62aca9c3a13c32f077da2da8

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/ADOdb/ADOdb/commit/ecb93d8c1fd3bbde62aca9c3a13c32f077da2da8

reference_url

https://github.com/ADOdb/ADOdb/issues/274

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/ADOdb/ADOdb/issues/274

reference_url

https://github.com/FriendsOfPHP/security-advisories/blob/master/adodb/adodb-php/CVE-2016-4855.yaml

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/FriendsOfPHP/security-advisories/blob/master/adodb/adodb-php/CVE-2016-4855.yaml

reference_url

https://security.gentoo.org/glsa/201701-59

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security.gentoo.org/glsa/201701-59

reference_url

http://www.securityfocus.com/bid/92753

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.securityfocus.com/bid/92753

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=837418
reference_id	837418
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=837418

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-4855

reference_id

CVE-2016-4855

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2016-4855

reference_url

https://github.com/advisories/GHSA-hhfw-xxhm-pf32

reference_id

GHSA-hhfw-xxhm-pf32

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-hhfw-xxhm-pf32

reference_url	https://usn.ubuntu.com/6825-1/
reference_id	USN-6825-1
reference_type
scores
url	https://usn.ubuntu.com/6825-1/

fixed_packages

url	pkg:deb/debian/libphp-adodb@5.20.6-1?distro=trixie
purl	pkg:deb/debian/libphp-adodb@5.20.6-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libphp-adodb@5.20.6-1%3Fdistro=trixie

url	pkg:deb/debian/libphp-adodb@5.20.19-1%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/libphp-adodb@5.20.19-1%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libphp-adodb@5.20.19-1%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/libphp-adodb@5.21.4-1%2Bdeb12u2?distro=trixie
purl	pkg:deb/debian/libphp-adodb@5.21.4-1%2Bdeb12u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libphp-adodb@5.21.4-1%252Bdeb12u2%3Fdistro=trixie

url	pkg:deb/debian/libphp-adodb@5.22.9-0.1%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/libphp-adodb@5.22.9-0.1%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libphp-adodb@5.22.9-0.1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/libphp-adodb@5.22.11-1?distro=trixie
purl	pkg:deb/debian/libphp-adodb@5.22.11-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libphp-adodb@5.22.11-1%3Fdistro=trixie

aliases CVE-2016-4855, GHSA-hhfw-xxhm-pf32

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r9hg-ac9m-vbed

url VCID-uz7x-nkta-xkez

vulnerability_id VCID-uz7x-nkta-xkez

summary Authentication Bypass by Primary Weakness exists in adodb/adodb.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-3850

reference_id

reference_type

scores

value	0.00274
scoring_system	epss
scoring_elements	0.50879
published_at	2026-04-08T12:55:00Z

value	0.00274
scoring_system	epss
scoring_elements	0.5088
published_at	2026-04-13T12:55:00Z

value	0.00274
scoring_system	epss
scoring_elements	0.50897
published_at	2026-04-12T12:55:00Z

value	0.00274
scoring_system	epss
scoring_elements	0.50918
published_at	2026-04-16T12:55:00Z

value	0.00274
scoring_system	epss
scoring_elements	0.50876
published_at	2026-04-09T12:55:00Z

value	0.00373
scoring_system	epss
scoring_elements	0.58891
published_at	2026-04-01T12:55:00Z

value	0.00373
scoring_system	epss
scoring_elements	0.58955
published_at	2026-04-07T12:55:00Z

value	0.00373
scoring_system	epss
scoring_elements	0.58989
published_at	2026-04-04T12:55:00Z

value	0.00373
scoring_system	epss
scoring_elements	0.58966
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-3850

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3850
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3850

reference_url

https://github.com/ADOdb/ADOdb

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/ADOdb/ADOdb

reference_url	https://github.com/adodb/adodb/commit/952de6c4273d9b1e91c2b838044f8c2111150c29
reference_id
reference_type
scores
url	https://github.com/adodb/adodb/commit/952de6c4273d9b1e91c2b838044f8c2111150c29

reference_url

https://github.com/ADOdb/ADOdb/commit/952de6c4273d9b1e91c2b838044f8c2111150c29

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/ADOdb/ADOdb/commit/952de6c4273d9b1e91c2b838044f8c2111150c29

reference_url

https://github.com/ADOdb/ADOdb/commit/b4d5ce70034c5aac3a1d51d317d93c037a0938d2

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/ADOdb/ADOdb/commit/b4d5ce70034c5aac3a1d51d317d93c037a0938d2

reference_url

https://github.com/ADOdb/ADOdb/issues/793

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/ADOdb/ADOdb/issues/793

reference_url

https://github.com/ADOdb/ADOdb/security/advisories/GHSA-65mj-7c86-79jf

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/ADOdb/ADOdb/security/advisories/GHSA-65mj-7c86-79jf

reference_url

https://huntr.dev/bounties/bdf5f216-4499-4225-a737-b28bc6f5801c

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://huntr.dev/bounties/bdf5f216-4499-4225-a737-b28bc6f5801c

reference_url

https://lists.debian.org/debian-lts-announce/2022/02/msg00006.html

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2022/02/msg00006.html

reference_url

https://www.debian.org/security/2022/dsa-5101

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.debian.org/security/2022/dsa-5101

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004376
reference_id	1004376
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004376

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2021-3850

reference_id

CVE-2021-3850

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2021-3850

reference_url

https://github.com/advisories/GHSA-65mj-7c86-79jf

reference_id

GHSA-65mj-7c86-79jf

reference_type

scores

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-65mj-7c86-79jf

reference_url	https://usn.ubuntu.com/6825-1/
reference_id	USN-6825-1
reference_type
scores
url	https://usn.ubuntu.com/6825-1/

fixed_packages

url	pkg:deb/debian/libphp-adodb@5.20.19-1%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/libphp-adodb@5.20.19-1%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libphp-adodb@5.20.19-1%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/libphp-adodb@5.21.4-1?distro=trixie
purl	pkg:deb/debian/libphp-adodb@5.21.4-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libphp-adodb@5.21.4-1%3Fdistro=trixie

url	pkg:deb/debian/libphp-adodb@5.21.4-1%2Bdeb12u2?distro=trixie
purl	pkg:deb/debian/libphp-adodb@5.21.4-1%2Bdeb12u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libphp-adodb@5.21.4-1%252Bdeb12u2%3Fdistro=trixie

url	pkg:deb/debian/libphp-adodb@5.22.9-0.1%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/libphp-adodb@5.22.9-0.1%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libphp-adodb@5.22.9-0.1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/libphp-adodb@5.22.11-1?distro=trixie
purl	pkg:deb/debian/libphp-adodb@5.22.11-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libphp-adodb@5.22.11-1%3Fdistro=trixie

aliases CVE-2021-3850, GHSA-65mj-7c86-79jf

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uz7x-nkta-xkez

url VCID-wyd8-1reg-23h2

vulnerability_id VCID-wyd8-1reg-23h2

summary

SQL injection in ADOdb PostgreSQL driver pg_insert_id() method
Improper escaping of a query parameter may allow an attacker to execute arbitrary SQL statements when the code using ADOdb connects to a PostgreSQL database and calls pg_insert_id() with user-supplied data.

Note that the indicated Severity corresponds to a worst-case usage scenario.

### Impact
PostgreSQL drivers (postgres64, postgres7, postgres8, postgres9).

### Patches
Vulnerability is fixed in ADOdb 5.22.9 (11107d6d6e5160b62e05dff8a3a2678cf0e3a426).

### Workarounds
Only pass controlled data to pg_insert_id() method's $fieldname parameter, or escape it with pg_escape_identifier() first.

### References
- Issue https://github.com/ADOdb/ADOdb/issues/1070
- [Blog post](https://xaliom.blogspot.com/2025/05/from-sast-to-cve-2025-46337.html) by Marco Nappi

### Credits
Thanks to Marco Nappi (@mrcnpp) for reporting this vulnerability.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-46337

reference_id

reference_type

scores

value	0.00522
scoring_system	epss
scoring_elements	0.66834
published_at	2026-04-02T12:55:00Z

value	0.00522
scoring_system	epss
scoring_elements	0.66902
published_at	2026-04-16T12:55:00Z

value	0.00522
scoring_system	epss
scoring_elements	0.66868
published_at	2026-04-13T12:55:00Z

value	0.00522
scoring_system	epss
scoring_elements	0.669
published_at	2026-04-12T12:55:00Z

value	0.00522
scoring_system	epss
scoring_elements	0.66914
published_at	2026-04-11T12:55:00Z

value	0.00522
scoring_system	epss
scoring_elements	0.66895
published_at	2026-04-09T12:55:00Z

value	0.00522
scoring_system	epss
scoring_elements	0.66881
published_at	2026-04-08T12:55:00Z

value	0.00522
scoring_system	epss
scoring_elements	0.66832
published_at	2026-04-07T12:55:00Z

value	0.00522
scoring_system	epss
scoring_elements	0.6686
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-46337

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46337
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46337

reference_url

https://github.com/ADOdb/ADOdb

reference_id

reference_type

scores

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/ADOdb/ADOdb

reference_url

https://github.com/ADOdb/ADOdb/commit/11107d6d6e5160b62e05dff8a3a2678cf0e3a426

reference_id

reference_type

scores

value	10
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-05-02T17:57:27Z/

url

https://github.com/ADOdb/ADOdb/commit/11107d6d6e5160b62e05dff8a3a2678cf0e3a426

reference_url

https://github.com/ADOdb/ADOdb/issues/1070

reference_id

reference_type

scores

value	10
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-05-02T17:57:27Z/

url

https://github.com/ADOdb/ADOdb/issues/1070

reference_url

https://github.com/ADOdb/ADOdb/security/advisories/GHSA-8x27-jwjr-8545

reference_id

reference_type

scores

value	10
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-05-02T17:57:27Z/

url

https://github.com/ADOdb/ADOdb/security/advisories/GHSA-8x27-jwjr-8545

reference_url

https://lists.debian.org/debian-lts-announce/2025/05/msg00029.html

reference_id

reference_type

scores

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2025/05/msg00029.html

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2025-46337

reference_id

reference_type

scores

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2025-46337

reference_url

https://xaliom.blogspot.com/2025/05/from-sast-to-cve-2025-46337.html

reference_id

reference_type

scores

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://xaliom.blogspot.com/2025/05/from-sast-to-cve-2025-46337.html

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1104548
reference_id	1104548
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1104548

reference_url

https://github.com/advisories/GHSA-8x27-jwjr-8545

reference_id

GHSA-8x27-jwjr-8545

reference_type

scores

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-8x27-jwjr-8545

reference_url	https://usn.ubuntu.com/7530-1/
reference_id	USN-7530-1
reference_type
scores
url	https://usn.ubuntu.com/7530-1/

fixed_packages

url	pkg:deb/debian/libphp-adodb@5.20.19-1%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/libphp-adodb@5.20.19-1%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libphp-adodb@5.20.19-1%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/libphp-adodb@5.20.19-1%2Bdeb11u2?distro=trixie
purl	pkg:deb/debian/libphp-adodb@5.20.19-1%2Bdeb11u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libphp-adodb@5.20.19-1%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/libphp-adodb@5.21.4-1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/libphp-adodb@5.21.4-1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libphp-adodb@5.21.4-1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/libphp-adodb@5.21.4-1%2Bdeb12u2?distro=trixie
purl	pkg:deb/debian/libphp-adodb@5.21.4-1%2Bdeb12u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libphp-adodb@5.21.4-1%252Bdeb12u2%3Fdistro=trixie

url	pkg:deb/debian/libphp-adodb@5.22.9-0.1?distro=trixie
purl	pkg:deb/debian/libphp-adodb@5.22.9-0.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libphp-adodb@5.22.9-0.1%3Fdistro=trixie

url	pkg:deb/debian/libphp-adodb@5.22.9-0.1%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/libphp-adodb@5.22.9-0.1%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libphp-adodb@5.22.9-0.1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/libphp-adodb@5.22.11-1?distro=trixie
purl	pkg:deb/debian/libphp-adodb@5.22.11-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libphp-adodb@5.22.11-1%3Fdistro=trixie

aliases CVE-2025-46337, GHSA-8x27-jwjr-8545

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wyd8-1reg-23h2

url VCID-xvtj-eay9-m3er

vulnerability_id VCID-xvtj-eay9-m3er

summary

SQL Injection
The `qstr` method in the PDO driver in the ADOdb Library for PHP might allow remote attackers to conduct SQL injection attacks via vectors related to incorrect quoting.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-7405

reference_id

reference_type

scores

value	0.03101
scoring_system	epss
scoring_elements	0.86755
published_at	2026-04-02T12:55:00Z

value	0.03101
scoring_system	epss
scoring_elements	0.86821
published_at	2026-04-16T12:55:00Z

value	0.03101
scoring_system	epss
scoring_elements	0.86805
published_at	2026-04-13T12:55:00Z

value	0.03101
scoring_system	epss
scoring_elements	0.8681
published_at	2026-04-12T12:55:00Z

value	0.03101
scoring_system	epss
scoring_elements	0.86814
published_at	2026-04-11T12:55:00Z

value	0.03101
scoring_system	epss
scoring_elements	0.868
published_at	2026-04-09T12:55:00Z

value	0.03101
scoring_system	epss
scoring_elements	0.86792
published_at	2026-04-08T12:55:00Z

value	0.03101
scoring_system	epss
scoring_elements	0.86772
published_at	2026-04-07T12:55:00Z

value	0.03101
scoring_system	epss
scoring_elements	0.86774
published_at	2026-04-04T12:55:00Z

value	0.03101
scoring_system	epss
scoring_elements	0.86744
published_at	2026-04-01T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-7405

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7405
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7405

reference_url

https://github.com/ADOdb/ADOdb/blob/v5.20.7/docs/changelog.md

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/ADOdb/ADOdb/blob/v5.20.7/docs/changelog.md

reference_url

https://github.com/ADOdb/ADOdb/commit/bd9eca9f40220f9918ec3cc7ae9ef422b3e448b8

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/ADOdb/ADOdb/commit/bd9eca9f40220f9918ec3cc7ae9ef422b3e448b8

reference_url

https://github.com/ADOdb/ADOdb/issues/226

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/ADOdb/ADOdb/issues/226

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LT3WU77BRUJREZUYQ3ZQBMUIVIVIND4Y

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LT3WU77BRUJREZUYQ3ZQBMUIVIVIND4Y

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LT3WU77BRUJREZUYQ3ZQBMUIVIVIND4Y/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LT3WU77BRUJREZUYQ3ZQBMUIVIVIND4Y/

reference_url

https://security.gentoo.org/glsa/201701-59

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://security.gentoo.org/glsa/201701-59

reference_url

https://web.archive.org/web/20210123170727/http://www.securityfocus.com/bid/92969

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20210123170727/http://www.securityfocus.com/bid/92969

reference_url

http://www.openwall.com/lists/oss-security/2016/09/07/8

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2016/09/07/8

reference_url

http://www.openwall.com/lists/oss-security/2016/09/15/1

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2016/09/15/1

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=837211
reference_id	837211
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=837211

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-7405

reference_id

CVE-2016-7405

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2016-7405

reference_url

https://github.com/advisories/GHSA-3fj4-q72x-x2g9

reference_id

GHSA-3fj4-q72x-x2g9

reference_type

scores

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-3fj4-q72x-x2g9

reference_url	https://usn.ubuntu.com/6825-1/
reference_id	USN-6825-1
reference_type
scores
url	https://usn.ubuntu.com/6825-1/

fixed_packages

url	pkg:deb/debian/libphp-adodb@5.20.6-1?distro=trixie
purl	pkg:deb/debian/libphp-adodb@5.20.6-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libphp-adodb@5.20.6-1%3Fdistro=trixie

url	pkg:deb/debian/libphp-adodb@5.20.19-1%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/libphp-adodb@5.20.19-1%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libphp-adodb@5.20.19-1%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/libphp-adodb@5.21.4-1%2Bdeb12u2?distro=trixie
purl	pkg:deb/debian/libphp-adodb@5.21.4-1%2Bdeb12u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libphp-adodb@5.21.4-1%252Bdeb12u2%3Fdistro=trixie

url	pkg:deb/debian/libphp-adodb@5.22.9-0.1%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/libphp-adodb@5.22.9-0.1%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libphp-adodb@5.22.9-0.1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/libphp-adodb@5.22.11-1?distro=trixie
purl	pkg:deb/debian/libphp-adodb@5.22.11-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libphp-adodb@5.22.11-1%3Fdistro=trixie

aliases CVE-2016-7405, GHSA-3fj4-q72x-x2g9

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xvtj-eay9-m3er

url VCID-yqvt-gasb-t3bq

vulnerability_id VCID-yqvt-gasb-t3bq

summary

Multiple vulnerabilities have been discovered in the ADOdb layer included
    in Cacti, potentially resulting in the execution of arbitrary code.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2006-0410

reference_id

reference_type

scores

value	0.01319
scoring_system	epss
scoring_elements	0.7982
published_at	2026-04-01T12:55:00Z

value	0.01319
scoring_system	epss
scoring_elements	0.79827
published_at	2026-04-02T12:55:00Z

value	0.01319
scoring_system	epss
scoring_elements	0.79848
published_at	2026-04-04T12:55:00Z

value	0.01319
scoring_system	epss
scoring_elements	0.79836
published_at	2026-04-07T12:55:00Z

value	0.01319
scoring_system	epss
scoring_elements	0.79865
published_at	2026-04-08T12:55:00Z

value	0.01319
scoring_system	epss
scoring_elements	0.79873
published_at	2026-04-09T12:55:00Z

value	0.01319
scoring_system	epss
scoring_elements	0.79893
published_at	2026-04-11T12:55:00Z

value	0.01319
scoring_system	epss
scoring_elements	0.79876
published_at	2026-04-12T12:55:00Z

value	0.01319
scoring_system	epss
scoring_elements	0.79869
published_at	2026-04-13T12:55:00Z

value	0.01319
scoring_system	epss
scoring_elements	0.79898
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2006-0410

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0410
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0410

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=349985
reference_id	349985
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=349985

reference_url	https://security.gentoo.org/glsa/200602-02
reference_id	GLSA-200602-02
reference_type
scores
url	https://security.gentoo.org/glsa/200602-02

reference_url	https://security.gentoo.org/glsa/200604-07
reference_id	GLSA-200604-07
reference_type
scores
url	https://security.gentoo.org/glsa/200604-07

fixed_packages

url	pkg:deb/debian/libphp-adodb@4.72-0.1?distro=trixie
purl	pkg:deb/debian/libphp-adodb@4.72-0.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libphp-adodb@4.72-0.1%3Fdistro=trixie

url	pkg:deb/debian/libphp-adodb@5.20.19-1%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/libphp-adodb@5.20.19-1%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libphp-adodb@5.20.19-1%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/libphp-adodb@5.21.4-1%2Bdeb12u2?distro=trixie
purl	pkg:deb/debian/libphp-adodb@5.21.4-1%2Bdeb12u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libphp-adodb@5.21.4-1%252Bdeb12u2%3Fdistro=trixie

url	pkg:deb/debian/libphp-adodb@5.22.9-0.1%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/libphp-adodb@5.22.9-0.1%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libphp-adodb@5.22.9-0.1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/libphp-adodb@5.22.11-1?distro=trixie
purl	pkg:deb/debian/libphp-adodb@5.22.11-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libphp-adodb@5.22.11-1%3Fdistro=trixie

aliases CVE-2006-0410

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yqvt-gasb-t3bq

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libphp-adodb@5.21.4-1%252Bdeb12u2%3Fdistro=trixie

Package Instance