CVE-2006-0146

Exploit

EPSS 7.66%
Published 09.01.2006 23:03:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

The server.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PHPOpenChat, (7) MAXdev MD-Pro, and (8) MediaBeez, when the MySQL root password is empty, allows remote attackers to execute arbitrary SQL commands via the sql parameter.

Affected products Warnungen 0 Metrics 2 CWE 1 References 43

Data is provided by the National Vulnerability Database (NVD)

John Lim ≫ Adodb Version4.66

John Lim ≫ Adodb Version4.68

Mantis ≫ Mantis Version0.19.4

Mantis ≫ Mantis Version1.0.0_rc4

Mediabeez ≫ Mediabeez

Moodle ≫ Moodle Version1.5.3

Postnuke Software Foundation ≫ Postnuke Version0.761

The Cacti Group ≫ Cacti Version0.8.6g

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	7.66%	0.915

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.

http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.html

Exploit

http://secunia.com/advisories/17418

Patch

Vendor Advisory

Exploit

http://secunia.com/advisories/18233

Patch

Vendor Advisory

http://secunia.com/advisories/18254

Vendor Advisory

http://secunia.com/advisories/18260