Executive Summary

Informations
Name CVE-2025-46337 First vendor Publication 2025-05-01
Vendor Cve Last vendor Modification 2025-05-26

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector :
Cvss Base Score N/A Attack Range N/A
Cvss Impact Score N/A Attack Complexity N/A
Cvss Expoit Score N/A Authentication N/A
Calculate full CVSS 2.0 Vectors scores

Detail

ADOdb is a PHP database class library that provides abstractions for performing queries and managing databases. Prior to version 5.22.9, improper escaping of a query parameter may allow an attacker to execute arbitrary SQL statements when the code using ADOdb connects to a PostgreSQL database and calls pg_insert_id() with user-supplied data. This issue has been patched in version 5.22.9.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46337

Sources (Detail)

https://github.com/ADOdb/ADOdb/commit/11107d6d6e5160b62e05dff8a3a2678cf0e3a426
https://github.com/ADOdb/ADOdb/issues/1070
https://github.com/ADOdb/ADOdb/security/advisories/GHSA-8x27-jwjr-8545
https://lists.debian.org/debian-lts-announce/2025/05/msg00029.html
https://xaliom.blogspot.com/2025/05/from-sast-to-cve-2025-46337.html
Source Url

Alert History

If you want to see full details history, please login or register.
0
Date Informations
2025-05-27 00:20:36
  • First insertion