CVE-2006-0806

Publication date 21 February 2006

Last updated 24 July 2024

Ubuntu priority

Multiple cross-site scripting (XSS) vulnerabilities in ADOdb 4.71, as used in multiple packages such as phpESP, allow remote attackers to inject arbitrary web script or HTML via (1) the next_page parameter in adodb-pager.inc.php and (2) other unspecified vectors related to PHP_SELF.

Status

Show unmaintained releases

No maintained releases are affected by this CVE.

Package	Ubuntu Release	Status
libphp-adodb	7.10 gutsy	Fixed 4.72-0.1ubuntu1
	7.04 feisty	Fixed 4.72-0.1ubuntu1
	6.10 edgy	Fixed 4.72-0.1ubuntu1
	6.06 LTS dapper	Fixed 4.72-0.1ubuntu1
moodle	7.10 gutsy	Fixed 1.8.2-1
	7.04 feisty	Fixed 1.6.1+20060825-1
	6.10 edgy	Fixed 1.6.1+20060825-1
	6.06 LTS dapper	Fixed 1.5.3+20060108-1ubuntu1.1

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Other references

https://www.cve.org/CVERecord?id=CVE-2006-0806