Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2006-0147
HistoryJan 09, 2006 - 11:03 p.m.

CVE-2006-0147

2006-01-0923:03:00
NVD-CWE-Other
[email protected]
web.nvd.nist.gov
39
cve
code evaluation
vulnerability
adodb
php
remote execution
arbitrary functions
security

7.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.027 Low

EPSS

Percentile

90.4%

JSON

Dynamic code evaluation vulnerability in tests/tmssql.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PhpOpenChat, possibly (7) MAXdev MD-Pro, and (8) Simplog, allows remote attackers to execute arbitrary PHP functions via the do parameter, which is saved in a variable that is then executed as a function, as demonstrated using phpinfo.

References

Related

ubuntucve 1
nessus 5
prion 1
cvelist 1
debiancve 1
openvas 10
osv 3
debian 6
securityvulns 1
gentoo 1
ubuntucve
ubuntucve
CVE-2006-0147
2006-01-09 00:00:00
nessus
nessus
ADOdb tmssql.php do Parameter Arbitrary PHP Function Execution
2006-01-10 00:00:00
Debian DSA-1031-1 : cacti - several vulnerabilities
2006-10-14 00:00:00
Debian DSA-1030-1 : moodle - several vulnerabilities
2006-10-14 00:00:00
prion
prion
Design/Logic Flaw
2006-01-09 23:03:00
cvelist
cvelist
CVE-2006-0147
2006-01-09 23:00:00
debiancve
debiancve
CVE-2006-0147
2006-01-09 23:03:00
openvas
openvas
FreeBSD Ports: cacti
2008-09-04 00:00:00
FreeBSD Ports: cacti
2008-09-04 00:00:00
Debian Security Advisory DSA 1029-1 (libphp-adodb)
2008-01-17 00:00:00
osv
osv
moodle - several
2006-04-08 00:00:00
libphp-adodb - several
2006-04-08 00:00:00
cacti - several
2006-04-08 00:00:00
debian
debian
[SECURITY] [DSA 1031-1] New cacti packages fix several vulnerabilities
2006-04-08 15:37:57
[SECURITY] [DSA 1029-1] New libphp-adodb packages fix several vulnerabilities
2006-04-08 00:00:00
[SECURITY] [DSA 1030-1] New moodle packages fix several vulnerabilities
2006-04-08 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 1029-1] New libphp-adodb packages fix several vulnerabilities
2006-04-10 00:00:00
gentoo
gentoo
Cacti: Multiple vulnerabilities in included ADOdb
2006-04-14 00:00:00

7.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.027 Low

EPSS

Percentile

90.4%

JSON
Related for CVE-2006-0147
ubuntucve1nessus5prion1cvelist1debiancve1openvas10osv3debian6securityvulns1gentoo1