GMS-2018-25: SQL Injection

March 6, 2018

The SelectLimit function has a potential SQL injection vulnerability through the use of the nrows and offset parameters which are not forced to integers.

References

github.com/ADOdb/ADOdb/commit/d29c23f2264ec95c6d3851e0f51ce240b2f36b74
github.com/ADOdb/ADOdb/issues/400
github.com/ADOdb/ADOdb/pull/401

Detect and mitigate GMS-2018-25 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →