ID CVE-2006-0147
Summary Dynamic code evaluation vulnerability in tests/tmssql.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PhpOpenChat, possibly (7) MAXdev MD-Pro, and (8) Simplog, allows remote attackers to execute arbitrary PHP functions via the do parameter, which is saved in a variable that is then executed as a function, as demonstrated using phpinfo.
References
Vulnerable Configurations
  • cpe:2.3:a:john_lim:adodb:4.66:*:*:*:*:*:*:*
    cpe:2.3:a:john_lim:adodb:4.66:*:*:*:*:*:*:*
  • cpe:2.3:a:john_lim:adodb:4.68:*:*:*:*:*:*:*
    cpe:2.3:a:john_lim:adodb:4.68:*:*:*:*:*:*:*
  • cpe:2.3:a:mantis:mantis:0.19.4:*:*:*:*:*:*:*
    cpe:2.3:a:mantis:mantis:0.19.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mantis:mantis:1.0.0_rc4:*:*:*:*:*:*:*
    cpe:2.3:a:mantis:mantis:1.0.0_rc4:*:*:*:*:*:*:*
  • cpe:2.3:a:moodle:moodle:1.5.3:*:*:*:*:*:*:*
    cpe:2.3:a:moodle:moodle:1.5.3:*:*:*:*:*:*:*
  • cpe:2.3:a:postnuke_software_foundation:postnuke:0.761:*:*:*:*:*:*:*
    cpe:2.3:a:postnuke_software_foundation:postnuke:0.761:*:*:*:*:*:*:*
  • cpe:2.3:a:the_cacti_group:cacti:0.8.6g:*:*:*:*:*:*:*
    cpe:2.3:a:the_cacti_group:cacti:0.8.6g:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 19-10-2018 - 15:42)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
refmap via4
bugtraq
  • 20060409 PhpOpenChat 3.0.x ADODB Server.php "sql" SQL injection
  • 20060412 Simplog <=0.9.2 multiple vulnerabilities
debian
  • DSA-1029
  • DSA-1030
  • DSA-1031
exploit-db 1663
gentoo GLSA-200604-07
misc
osvdb 22291
secunia
  • 17418
  • 18233
  • 18254
  • 18260
  • 18267
  • 18276
  • 19555
  • 19590
  • 19591
  • 19600
  • 19628
  • 19691
vupen
  • ADV-2006-0101
  • ADV-2006-0102
  • ADV-2006-0103
  • ADV-2006-0104
  • ADV-2006-1305
  • ADV-2006-1332
xf adodb-tmssql-command-execution(24052)
Last major update 19-10-2018 - 15:42
Published 09-01-2006 - 23:03
Last modified 19-10-2018 - 15:42
Back to Top