CVE-2006-0147

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2006-0147
Dynamic code evaluation vulnerability in tests/tmssql.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PhpOpenChat, possibly (7) MAXdev MD-Pro, and (8) Simplog, allows remote attackers to execute arbitrary PHP functions via the do parameter, which is saved in a variable that is then executed as a function, as demonstrated using phpinfo.

7.5 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.html Exploit
http://retrogod.altervista.org/simplog_092_incl_xpl.html Exploit
http://secunia.com/advisories/17418 Exploit Patch Vendor Advisory
http://secunia.com/advisories/18233 Patch Vendor Advisory
http://secunia.com/advisories/18254 Patch Vendor Advisory
http://secunia.com/advisories/18260 Patch Vendor Advisory
http://secunia.com/advisories/18267 Vendor Advisory
http://secunia.com/advisories/18276 Patch Vendor Advisory
http://secunia.com/advisories/19555 Patch Vendor Advisory
http://secunia.com/advisories/19590 Patch Vendor Advisory
http://secunia.com/advisories/19591 Patch Vendor Advisory
http://secunia.com/advisories/19600 Vendor Advisory
http://secunia.com/advisories/19628 Patch Vendor Advisory
http://secunia.com/advisories/19691
http://secunia.com/secunia_research/2005-64/advisory/ Exploit Patch Vendor Advisory
http://www.debian.org/security/2006/dsa-1029 Patch Vendor Advisory
http://www.debian.org/security/2006/dsa-1030 Patch Vendor Advisory
http://www.debian.org/security/2006/dsa-1031
http://www.gentoo.org/security/en/glsa/glsa-200604-07.xml Patch Vendor Advisory
http://www.osvdb.org/22291
http://www.securityfocus.com/archive/1/430448/100/0/threaded
http://www.securityfocus.com/archive/1/430743/100/0/threaded
http://www.vupen.com/english/advisories/2006/0101
http://www.vupen.com/english/advisories/2006/0102
http://www.vupen.com/english/advisories/2006/0103
http://www.vupen.com/english/advisories/2006/0104
http://www.vupen.com/english/advisories/2006/1305
http://www.vupen.com/english/advisories/2006/1332
https://exchange.xforce.ibmcloud.com/vulnerabilities/24052
https://www.exploit-db.com/exploits/1663
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:john_lim:adodb:4.66:*:*:*:*:*:*:*
cpe:2.3:a:john_lim:adodb:4.68:*:*:*:*:*:*:*
cpe:2.3:a:mantis:mantis:0.19.4:*:*:*:*:*:*:*
cpe:2.3:a:mantis:mantis:1.0.0_rc4:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:1.5.3:*:*:*:*:*:*:*
cpe:2.3:a:postnuke_software_foundation:postnuke:0.761:*:*:*:*:*:*:*
cpe:2.3:a:the_cacti_group:cacti:0.8.6g:*:*:*:*:*:*:*
History

No history.

Information

Published : 2006-01-09 23:03

Updated : 2023-12-10 10:28

NVD link : CVE-2006-0147

Mitre link : CVE-2006-0147

CVE.ORG link : CVE-2006-0147

JSON object : View

Products Affected

postnuke_software_foundation

  • postnuke

mantis

  • mantis

the_cacti_group

  • cacti

john_lim

  • adodb

moodle

  • moodle
CWE
NVD-CWE-Other