Name of the Vulnerable Software and Affected Versions PHP versions prior to 5.3.6

Description The issue affects developers who use non-ASCII-compatible encodings with the MySQL PDO driver in PHP, making them susceptible to SQL injection attacks. This does not impact developers using ASCII-compatible encodings such as UTF8 or latin1.

Recommendations For versions prior to 5.3.6, consider updating to PHP 5.3.6 or later, which includes a feature allowing character set information to be passed as part of the DSN in PDO, enhancing the security of database interactions.