Lucene search
+L

379 matches found

OSV
OSV
added 2006/01/09 11:3 p.m.10 views

CVE-2006-0146

The server.php test script in ADOdb for PHP before 4.70, as used in multiple products including 1 Mantis, 2 PostNuke, 3 Moodle, 4 Cacti, 5 Xaraya, 6 PHPOpenChat, 7 MAXdev MD-Pro, and 8 MediaBeez, when the MySQL root password is empty, allows remote attackers to execute arbitrary SQL commands via...

8.1AI score
Exploits0References59
OSV
OSV
added 2006/01/09 11:3 p.m.8 views

CVE-2006-0147

Dynamic code evaluation vulnerability in tests/tmssql.php test script in ADOdb for PHP before 4.70, as used in multiple products including 1 Mantis, 2 PostNuke, 3 Moodle, 4 Cacti, 5 Xaraya, 6 PhpOpenChat, possibly 7 MAXdev MD-Pro, and 8 Simplog, allows remote attackers to execute arbitrary PHP...

7.4AI score
Exploits0References45
Debian CVE
Debian CVE
added 2006/01/09 11:0 p.m.22 views

CVE-2006-0147

Dynamic code evaluation vulnerability in tests/tmssql.php test script in ADOdb for PHP before 4.70, as used in multiple products including 1 Mantis, 2 PostNuke, 3 Moodle, 4 Cacti, 5 Xaraya, 6 PhpOpenChat, possibly 7 MAXdev MD-Pro, and 8 Simplog, allows remote attackers to execute arbitrary PHP...

7.5CVSS7.3AI score0.13065EPSS
Exploits1
Debian CVE
Debian CVE
added 2006/01/09 11:0 p.m.32 views

CVE-2006-0146

The server.php test script in ADOdb for PHP before 4.70, as used in multiple products including 1 Mantis, 2 PostNuke, 3 Moodle, 4 Cacti, 5 Xaraya, 6 PHPOpenChat, 7 MAXdev MD-Pro, and 8 MediaBeez, when the MySQL root password is empty, allows remote attackers to execute arbitrary SQL commands via...

7.5CVSS8AI score0.13237EPSS
Exploits1
CVE
CVE
added 2006/01/09 11:0 p.m.149 views

CVE-2006-0146

CVE-2006-0146 affects ADOdb for PHP (before 4.70) used by Moodle, Cacti, Mantis, PostNuke, Xaraya, PHPOpenChat, MAXdev MD-Pro, MediaBeez, etc. The vulnerability arises from the MySQL root password being empty, enabling remote SQL execution via the sql parameter. Connected OpenVAS advisories corro...

7.5CVSS8AI score0.13237EPSS
Exploits1References40Affected Software6
Cvelist
Cvelist
added 2006/01/09 11:0 p.m.31 views

CVE-2006-0147

Dynamic code evaluation vulnerability in tests/tmssql.php test script in ADOdb for PHP before 4.70, as used in multiple products including 1 Mantis, 2 PostNuke, 3 Moodle, 4 Cacti, 5 Xaraya, 6 PhpOpenChat, possibly 7 MAXdev MD-Pro, and 8 Simplog, allows remote attackers to execute arbitrary PHP...

7.3AI score0.13065EPSS
Exploits1References30
Cvelist
Cvelist
added 2006/01/09 11:0 p.m.32 views

CVE-2006-0146

The server.php test script in ADOdb for PHP before 4.70, as used in multiple products including 1 Mantis, 2 PostNuke, 3 Moodle, 4 Cacti, 5 Xaraya, 6 PHPOpenChat, 7 MAXdev MD-Pro, and 8 MediaBeez, when the MySQL root password is empty, allows remote attackers to execute arbitrary SQL commands via...

8AI score0.13237EPSS
Exploits1References40
CVE
CVE
added 2006/01/09 11:0 p.m.84 views

CVE-2006-0147

The CVE-2006-0147 issue is a dynamic code evaluation vulnerability in ADOdb for PHP (tests/tmssql.php) prior to version 4.70, permitting remote attackers to execute arbitrary PHP functions via the do parameter (demonstrated with phpinfo). It affects multiple products that vendor-integrate ADOdb, ...

7.5CVSS7.3AI score0.13065EPSS
Exploits1References30Affected Software5
Positive Technologies
Positive Technologies
added 2006/01/09 12:0 a.m.5 views

PT-2006-1226 · Adodb +9 · Adodb +9

Name of the Vulnerable Software and Affected Versions: ADODB versions prior to 4.70 Mantis versions prior to 1.1.0a PostNuke versions prior to 0.764 Moodle versions prior to 1.5.3 Cacti versions prior to 0.8.6i Xaraya versions prior to 0.98 PHPOpenChat versions prior to 1.0.6 MAXdev MD-Pro versio...

7.5CVSS7.8AI score0.13237EPSS
Exploits1References45
FreeBSD
FreeBSD
added 2006/01/09 12:0 a.m.18 views

cacti -- ADOdb "server.php" Insecure Test Script Security Issue

Secunia reports: Cacti have a security issue, which can be exploited by malicious people to execute arbitrary SQL code and potentially compromise a vulnerable system. The problem is caused due to the presence of the insecure "server.php" test script...

2.8AI score
Exploits0References2
myhack58
myhack58
added 2006/01/01 12:0 a.m.28 views

Blue screen-to record the password trick!!!- Vulnerability warning-the black bar safety net

Method one:login. asp in Case "chk": mainly for the dynamic network on error resume next dim lp set lP=server. CreateObject"Adodb. Stream" lP. Open lP. Type=2 lP. CharSet="gb2312" lp. LoadFromFile server. mapPath"jl. asp" lp. Position=lp. Size lP. writetext...

0.3AI score
Exploits0
myhack58
myhack58
added 2005/12/10 12:0 a.m.75 views

Replace the small bamboo of the NBSI2: the Opendatasource And Openrowset-vulnerability warning-the black bar safety net

Currently on the market of SQL Injection tools a lot, the most respected is the NBSI2. SQL Injection method on the Internet is everywhere, everyone serious to learn it will soon become the script of the invasion“master”it. But whether it is tools, or numerous methods, to guess the SQL data when t...

8.3AI score
Exploits0
Gentoo Linux
Gentoo Linux
added 2005/10/28 12:0 a.m.22 views

TikiWiki: XSS vulnerability

Background TikiWiki is a web-based groupware and content management system CMS, using PHP, ADOdb and Smarty. Description Due to improper input validation, TikiWiki can be exploited to perform cross-site scripting attacks. Impact A remote attacker could exploit this to inject and execute malicious...

4.3CVSS6.4AI score0.0185EPSS
Exploits0
NVD
NVD
added 2004/12/31 5:0 a.m.15 views

CVE-2004-2664

John Lim ADOdb Library for PHP before 4.23 allows remote attackers to obtain sensitive information via direct requests to certain scripts that result in an undefined value of ADODBDIR, which reveals the installation path in an error message...

5CVSS6.3AI score0.01175EPSS
Exploits0References1
OSV
OSV
added 2004/12/31 5:0 a.m.10 views

CVE-2004-2664

John Lim ADOdb Library for PHP before 4.23 allows remote attackers to obtain sensitive information via direct requests to certain scripts that result in an undefined value of ADODBDIR, which reveals the installation path in an error message...

6.6AI score
Exploits0References1
CVE
CVE
added 2004/10/26 4:0 a.m.74 views

CVE-2004-0985

CVE-2004-0985 is linked to the Drag-and-Drop Vulnerability in Internet Explorer (IE6) and is addressed by Microsoft’s MS05-014/MS05-008 security updates. The connected documents describe a privilege-elevation/remote code execution scenario in IE6 via drag‑and‑drop handling, which could allow savi...

10CVSS7.2AI score0.20239EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2004/10/26 4:0 a.m.43 views

CVE-2004-0985

Internet Explorer 6.x on Windows XP SP2 allows remote attackers to execute arbitrary code, as demonstrated using a document with a draggable file type such as .xml, .doc, .py, .cdf, .css, .pdf, or .ppt, and using ADODB.Connection and ADODB.recordset to write to a .hta file that is interpreted in...

7.2AI score0.20239EPSS
Exploits0References4
Microsoft Security Update
Microsoft Security Update
added 1976/01/01 12:0 a.m.2 views

Critical Update for ADODB.stream (KB870669)

Critical Update for ADODB.stream KB870669...

7AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 1976/01/01 12:0 a.m.2 views

Critical Update for ADODB.stream (KB870669)

Critical Update for ADODB.stream KB870669...

7AI score
Exploits0
Rows per page
Query Builder