CVE-2007-5056

Name of the Vulnerable Software and Affected Versions ADODB Lite versions 1.42 and earlier

Description A code execution issue exists due to an eval injection vulnerability in the adodb-perf-module.inc.php file. This allows remote attackers to execute arbitrary code via PHP sequences in the last module parameter. The issue affects products that use ADOdb Lite, including CMS Made Simple, SAPID CMF, Journalness, PacerCMS, and Open-Realty.

Recommendations For ADOdb Lite versions 1.42 and earlier, consider disabling the last module parameter in the adodb-perf-module.inc.php file as a temporary workaround until a patch is available. Restrict access to the adodb-perf-module.inc.php file to minimize the risk of exploitation.