SQL Injection Vulnerability in ADOdb Library's qstr Method in PDO Driver

SQL Injection Vulnerability in ADOdb Library's qstr Method in PDO Driver

CVE-2016-7405 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

The qstr method in the PDO driver in the ADOdb Library for PHP before 5.x before 5.20.7 might allow remote attackers to conduct SQL injection attacks via vectors related to incorrect quoting.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.