Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2006-0147

Published: 09/01/2006 Updated: 19/10/2018
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 755
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Moodle

Vulnerability Summary

Dynamic code evaluation vulnerability in tests/tmssql.php test script in ADOdb for PHP prior to 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PhpOpenChat, possibly (7) MAXdev MD-Pro, and (8) Simplog, allows remote malicious users to execute arbitrary PHP functions via the do parameter, which is saved in a variable that is then executed as a function, as demonstrated using phpinfo.

Vulnerable Product Search on Vulmon Subscribe to Product

moodle moodle 1.5.3

postnuke software foundation postnuke 0.761

the cacti group cacti 0.8.6g

mantis mantis 0.19.4

mantis mantis 1.0.0_rc4

john lim adodb 4.66

john lim adodb 4.68

Vendor Advisories

Debian CVElist Bug Report Logs: various unfixed security bugs
Debian Bug report logs - #349985 various unfixed security bugs Package: libphp-adodb; Maintainer for libphp-adodb is Cameron Dale <camrdale@gmailcom>; Source for libphp-adodb is src:libphp-adodb (PTS, buildd, popcon) Reported by: Florian Weimer <fw@denebenyode> Date: Thu, 26 Jan 2006 13:03:05 UTC Severity: grave ...
Debian Security Advisories: DSA-1029-1 libphp-adodb -- several vulnerabilities
Several vulnerabilities have been discovered in libphp-adodb, the 'adodb' database abstraction layer for PHP The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2006-0146 Andreas Sandblad discovered that improper user input sanitisation results in a potential remote SQL injection vulnerability enabling ...
Debian Security Advisories: DSA-1031-1 cacti -- several vulnerabilities
Several vulnerabilities have been discovered in libphp-adodb, the 'adodb' database abstraction layer for PHP, which is embedded in cacti, a frontend to rrdtool for monitoring systems and services The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2006-0146 Andreas Sandblad discovered that improper user inp ...
Debian Security Advisories: DSA-1030-1 moodle -- several vulnerabilities
Several vulnerabilities have been discovered in libphp-adodb, the 'adodb' database abstraction layer for PHP, which is embedded in moodle, a course management system for online learning The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2006-0146 Andreas Sandblad discovered that improper user input sanitis ...

Exploits

Exploit DB: Simplog 0.9.2 - 's' Remote Command Execution
#!/usr/bin/php -q -d short_open_tag=on <? echo "Simplog <= 092 \"s\" remote cmmnds xctn\r\n"; echo "by rgod rgod@autisticiorg\r\n"; echo "site: retrogodaltervistaorg\r\n\r\n"; echo "dork: intext:\"Powered by simplog\"\r\n\r\n"; if ($argc<5) { echo "Usage: php "$argv[0]" host path location cmd OPTIONS\r\n"; echo "host: t ...

References

NVD-CWE-Otherhttp://secunia.com/secunia_research/2005-64/advisory/http://secunia.com/advisories/17418http://secunia.com/advisories/18254http://secunia.com/advisories/18267http://secunia.com/advisories/18260http://secunia.com/advisories/18276http://secunia.com/advisories/18233http://www.debian.org/security/2006/dsa-1029http://www.debian.org/security/2006/dsa-1030http://www.debian.org/security/2006/dsa-1031http://secunia.com/advisories/19555http://secunia.com/advisories/19590http://secunia.com/advisories/19591http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.htmlhttp://retrogod.altervista.org/simplog_092_incl_xpl.htmlhttp://secunia.com/advisories/19600http://secunia.com/advisories/19628http://www.gentoo.org/security/en/glsa/glsa-200604-07.xmlhttp://secunia.com/advisories/19691http://www.vupen.com/english/advisories/2006/1305http://www.vupen.com/english/advisories/2006/0104http://www.vupen.com/english/advisories/2006/0102http://www.vupen.com/english/advisories/2006/1332http://www.vupen.com/english/advisories/2006/0101http://www.vupen.com/english/advisories/2006/0103http://www.osvdb.org/22291https://exchange.xforce.ibmcloud.com/vulnerabilities/24052https://www.exploit-db.com/exploits/1663http://www.securityfocus.com/archive/1/430743/100/0/threadedhttp://www.securityfocus.com/archive/1/430448/100/0/threadedhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=349985https://nvd.nist.govhttps://www.exploit-db.com/exploits/1663/https://www.debian.org/security/./dsa-1029
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322administrator privilegesCVE-2024-1579hardcodedCVE-2023-20198CVE-2024-33587CVE-2024-33449CVE-2024-4308HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook