The qstr method in the PDO driver in the ADOdb Library for PHP before 5.x before 5.20.7 might allow remote attackers to conduct SQL injection attacks via vectors related to incorrect quoting.
https://tuxcare.com/blog/critical-adodb-vulnerabilities-fixed-in-ubuntu/?web_view=true
https://security.gentoo.org/glsa/201701-59
https://github.com/ADOdb/ADOdb/issues/226
https://github.com/ADOdb/ADOdb/commit/bd9eca9f40220f9918ec3cc7ae9ef422b3e448b8
https://github.com/ADOdb/ADOdb/blob/v5.20.7/docs/changelog.md
http://www.securityfocus.com/bid/92969