Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2006-0146HistoryJan 09, 2006 - 11:03 p.m.
CVE-2006-0146
2006-01-0923:03:00
Debian Security Bug Tracker
security-tracker.debian.org
24
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
0.075
Percentile
94.1%
The server.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PHPOpenChat, (7) MAXdev MD-Pro, and (8) MediaBeez, when the MySQL root password is empty, allows remote attackers to execute arbitrary SQL commands via the sql parameter.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | cacti | < 0.8.6d-1 | cacti_0.8.6d-1_all.deb |
| Debian | 11 | all | cacti | < 0.8.6d-1 | cacti_0.8.6d-1_all.deb |
| Debian | 999 | all | cacti | < 0.8.6d-1 | cacti_0.8.6d-1_all.deb |
| Debian | 13 | all | cacti | < 0.8.6d-1 | cacti_0.8.6d-1_all.deb |
| Debian | 12 | all | libphp-adodb | < 4.72-0.1 | libphp-adodb_4.72-0.1_all.deb |
| Debian | 11 | all | libphp-adodb | < 4.72-0.1 | libphp-adodb_4.72-0.1_all.deb |
| Debian | 999 | all | libphp-adodb | < 4.72-0.1 | libphp-adodb_4.72-0.1_all.deb |
| Debian | 13 | all | libphp-adodb | < 4.72-0.1 | libphp-adodb_4.72-0.1_all.deb |
Related
checkpoint_advisories
checkpoint_advisories
Update Protection against Multiple PHP-based Vulnerabilities
2006-02-12 00:00:00
freebsd
freebsd
lifetype -- ADOdb "server.php" Insecure Test Script Security Issue
2006-04-19 00:00:00
cve
cve
CVE-2006-0146
2006-01-09 23:03:00
ubuntucve
ubuntucve
CVE-2006-0146
2006-01-09 00:00:00
cvelist
cvelist
CVE-2006-0146
2006-01-09 23:00:00
nvd
nvd
CVE-2006-0146
2006-01-09 23:03:00
openvas
openvas
FreeBSD Ports: lifetype
2008-09-04 00:00:00
FreeBSD Ports: lifetype
2008-09-04 00:00:00
FreeBSD Ports: cacti
2008-09-04 00:00:00
prion
prion
Sql injection
2006-01-09 23:03:00
nessus
nessus
ADOdb server.php sql Parameter SQL Injection
2006-01-10 00:00:00
FreeBSD : lifetype -- ADOdb 'server.php' Insecure Test Script Security Issue (116b0820-d59c-11da-8098-00123ffe8333)
2006-05-13 00:00:00
Debian DSA-1030-1 : moodle - several vulnerabilities
2006-10-14 00:00:00
debian
debian
[SECURITY] [DSA 1031-1] New cacti packages fix several vulnerabilities
2006-04-08 15:37:57
[SECURITY] [DSA 1030-1] New moodle packages fix several vulnerabilities
2006-04-08 13:33:21
osv
osv
libphp-adodb - several
2006-04-08 00:00:00
cacti - several
2006-04-08 00:00:00
moodle - several
2006-04-08 00:00:00
gentoo
gentoo
Cacti: Multiple vulnerabilities in included ADOdb
2006-04-14 00:00:00
securityvulns
securityvulns
exploitdb
exploitdb
Simplog 0.9.2 - 's' Remote Command Execution
2006-04-11 00:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
0.075
Percentile
94.1%
Related for DEBIANCVE:CVE-2006-0146