adodb/adodb-php

Packagist5 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting adodb/adodb-phppage 1 of 1

CVE-2016-4855MEDIUMCVSS 6.1EG 6.1✓ Fixed in 5.20.6
2017-05-12
vulnerable: v5.19 ... v5.20.5 (7 versions)
Cross-site scripting vulnerability in ADOdb versions prior to 5.20.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2016-7405CRITICALCVSS 9.8EG 9.8✓ Fixed in 5.20.7
2016-10-03
vulnerable: v5.19 ... v5.20.6 (8 versions)
The qstr method in the PDO driver in the ADOdb Library for PHP before 5.x before 5.20.7 might allow remote attackers to conduct SQL injection attacks via vectors related to incorrect quoting.
CVE-2021-3850CRITICALCVSS 9.1EG 9.1✓ Fixed in 5.21.4
2022-01-25
vulnerable: v5.21.0, v5.21.1, v5.21.2, v5.21.3
Authentication Bypass by Primary Weakness in GitHub repository adodb/adodb prior to 5.20.21.
CVE-2025-46337CRITICALCVSS 10.0EG 10.0✓ Fixed in 5.22.9
2025-05-01
vulnerable: v5.19 ... v5.22.8 (39 versions)
ADOdb is a PHP database class library that provides abstractions for performing queries and managing databases. Prior to version 5.22.9, improper escaping of a query parameter may allow an attacker to execute arbitrary SQL statements when …
CVE-2025-54119CRITICALCVSS 10.0EG 10.0✓ Fixed in 5.22.10
2025-08-05
vulnerable: v5.19 ... v5.22.9 (40 versions)
ADOdb is a PHP database class library that provides abstractions for performing queries and managing databases. In versions 5.22.9 and below, improper escaping of a query parameter may allow an attacker to execute arbitrary SQL statements …

Check whether adodb/adodb-php is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for adodb/adodb-php CVEs against the assets you own.

Start Free Scan →