CVE-2006-0806
Published: 21 February 2006
Multiple cross-site scripting (XSS) vulnerabilities in ADOdb 4.71, as used in multiple packages such as phpESP, allow remote attackers to inject arbitrary web script or HTML via (1) the next_page parameter in adodb-pager.inc.php and (2) other unspecified vectors related to PHP_SELF.
Priority
Status
Package | Release | Status |
---|---|---|
libphp-adodb Launchpad, Ubuntu, Debian |
dapper |
Released
(4.72-0.1ubuntu1)
|
edgy |
Released
(4.72-0.1ubuntu1)
|
|
feisty |
Released
(4.72-0.1ubuntu1)
|
|
gutsy |
Released
(4.72-0.1ubuntu1)
|
|
upstream |
Needs triage
|
|
moodle Launchpad, Ubuntu, Debian |
dapper |
Released
(1.5.3+20060108-1ubuntu1.1)
|
edgy |
Released
(1.6.1+20060825-1)
|
|
feisty |
Released
(1.6.1+20060825-1)
|
|
gutsy |
Released
(1.8.2-1)
|
|
upstream |
Needs triage
|