Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2006-0146
HistoryJan 09, 2006 - 11:03 p.m.

CVE-2006-0146

2006-01-0923:03:00
CWE-89
[email protected]
web.nvd.nist.gov

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8 High

AI Score

Confidence

Low

0.075 Low

EPSS

Percentile

94.1%

JSON

The server.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PHPOpenChat, (7) MAXdev MD-Pro, and (8) MediaBeez, when the MySQL root password is empty, allows remote attackers to execute arbitrary SQL commands via the sql parameter.

Affected configurations

NVD
Node
john_limadodbMatch4.66
OR
john_limadodbMatch4.68
OR
mantismantisMatch0.19.4
OR
mantismantisMatch1.0.0_rc4
OR
mediabeezmediabeez
OR
moodlemoodleMatch1.5.3
OR
postnuke_software_foundationpostnukeMatch0.761
OR
the_cacti_groupcactiMatch0.8.6g

References

Related

nessus 6
openvas 12
prion 1
cve 1
freebsd 1
checkpoint_advisories 1
ubuntucve 1
debiancve 1
cvelist 1
osv 3
debian 6
gentoo 1
securityvulns 1
nessus
nessus
FreeBSD : lifetype -- ADOdb 'server.php' Insecure Test Script Security Issue (116b0820-d59c-11da-8098-00123ffe8333)
2006-05-13 00:00:00
ADOdb server.php sql Parameter SQL Injection
2006-01-10 00:00:00
Debian DSA-1031-1 : cacti - several vulnerabilities
2006-10-14 00:00:00
openvas
openvas
FreeBSD Ports: lifetype
2008-09-04 00:00:00
FreeBSD Ports: lifetype
2008-09-04 00:00:00
FreeBSD Ports: cacti
2008-09-04 00:00:00
prion
prion
Sql injection
2006-01-09 23:03:00
cve
cve
CVE-2006-0146
2006-01-09 23:03:00
freebsd
freebsd
lifetype -- ADOdb "server.php" Insecure Test Script Security Issue
2006-04-19 00:00:00
checkpoint_advisories
checkpoint_advisories
Update Protection against Multiple PHP-based Vulnerabilities
2006-02-12 00:00:00
ubuntucve
ubuntucve
CVE-2006-0146
2006-01-09 00:00:00
debiancve
debiancve
CVE-2006-0146
2006-01-09 23:03:00
cvelist
cvelist
CVE-2006-0146
2006-01-09 23:00:00
osv
osv
moodle - several
2006-04-08 00:00:00
cacti - several
2006-04-08 00:00:00
libphp-adodb - several
2006-04-08 00:00:00
debian
debian
[SECURITY] [DSA 1029-1] New libphp-adodb packages fix several vulnerabilities
2006-04-08 11:48:10
[SECURITY] [DSA 1030-1] New moodle packages fix several vulnerabilities
2006-04-08 13:33:21
[SECURITY] [DSA 1029-1] New libphp-adodb packages fix several vulnerabilities
2006-04-08 11:48:10
gentoo
gentoo
Cacti: Multiple vulnerabilities in included ADOdb
2006-04-14 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 1029-1] New libphp-adodb packages fix several vulnerabilities
2006-04-10 00:00:00

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8 High

AI Score

Confidence

Low

0.075 Low

EPSS

Percentile

94.1%

JSON
Related for NVD:CVE-2006-0146
nessus6openvas12prion1cve1freebsd1checkpoint_advisories1ubuntucve1debiancve1cvelist1osv3debian6gentoo1securityvulns1