Lucene search
Ubuntu.comUB:CVE-2006-0146HistoryJan 09, 2006 - 12:00 a.m.
CVE-2006-0146
2006-01-0900:00:00
ubuntu.com
ubuntu.com
13
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.075 Low
EPSS
Percentile
94.1%
The server.php test script in ADOdb for PHP before 4.70, as used in
multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4)
Cacti, (5) Xaraya, (6) PHPOpenChat, (7) MAXdev MD-Pro, and (8) MediaBeez,
when the MySQL root password is empty, allows remote attackers to execute
arbitrary SQL commands via the sql parameter.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 6.06 | noarch | libphp-adodb | < 4.72-0.1ubuntu1 | UNKNOWN |
| ubuntu | 6.10 | noarch | libphp-adodb | < 4.72-0.1ubuntu1 | UNKNOWN |
| ubuntu | 7.04 | noarch | libphp-adodb | < 4.72-0.1ubuntu1 | UNKNOWN |
| ubuntu | 7.10 | noarch | libphp-adodb | < 4.72-0.1ubuntu1 | UNKNOWN |
Related
cve
cve
CVE-2006-0146
2006-01-09 23:03:00
freebsd
freebsd
lifetype -- ADOdb "server.php" Insecure Test Script Security Issue
2006-04-19 00:00:00
checkpoint_advisories
checkpoint_advisories
Update Protection against Multiple PHP-based Vulnerabilities
2006-02-12 00:00:00
openvas
openvas
FreeBSD Ports: lifetype
2008-09-04 00:00:00
FreeBSD Ports: lifetype
2008-09-04 00:00:00
FreeBSD Ports: cacti
2008-09-04 00:00:00
cvelist
cvelist
CVE-2006-0146
2006-01-09 23:00:00
nvd
nvd
CVE-2006-0146
2006-01-09 23:03:00
debiancve
debiancve
CVE-2006-0146
2006-01-09 23:03:00
nessus
nessus
FreeBSD : lifetype -- ADOdb 'server.php' Insecure Test Script Security Issue (116b0820-d59c-11da-8098-00123ffe8333)
2006-05-13 00:00:00
ADOdb server.php sql Parameter SQL Injection
2006-01-10 00:00:00
Debian DSA-1029-1 : libphp-adodb - several vulnerabilities
2006-10-14 00:00:00
prion
prion
Sql injection
2006-01-09 23:03:00
debian
debian
[SECURITY] [DSA 1031-1] New cacti packages fix several vulnerabilities
2006-04-08 15:37:57
[SECURITY] [DSA 1030-1] New moodle packages fix several vulnerabilities
2006-04-08 13:33:21
osv
osv
moodle - several
2006-04-08 00:00:00
cacti - several
2006-04-08 00:00:00
libphp-adodb - several
2006-04-08 00:00:00
securityvulns
securityvulns
gentoo
gentoo
Cacti: Multiple vulnerabilities in included ADOdb
2006-04-14 00:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.075 Low
EPSS
Percentile
94.1%
Related for UB:CVE-2006-0146