CVE-2006-0147

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2006-0147
Dynamic code evaluation vulnerability in tests/tmssql.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PhpOpenChat, possibly (7) MAXdev MD-Pro, and (8) Simplog, allows remote attackers to execute arbitrary PHP functions via the do parameter, which is saved in a variable that is then executed as a function, as demonstrated using phpinfo.

7.5 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
http://secunia.com/secunia_research/2005-64/advisory/ Exploit Patch Vendor Advisory
http://secunia.com/advisories/17418 Exploit Patch Vendor Advisory
http://secunia.com/advisories/18254 Patch Vendor Advisory
http://secunia.com/advisories/18267 Vendor Advisory
http://secunia.com/advisories/18260 Patch Vendor Advisory
http://secunia.com/advisories/18276 Patch Vendor Advisory
http://secunia.com/advisories/18233 Patch Vendor Advisory
http://www.debian.org/security/2006/dsa-1029 Patch Vendor Advisory
http://www.debian.org/security/2006/dsa-1030 Patch Vendor Advisory
http://www.debian.org/security/2006/dsa-1031
http://secunia.com/advisories/19555 Patch Vendor Advisory
http://secunia.com/advisories/19590 Patch Vendor Advisory
http://secunia.com/advisories/19591 Patch Vendor Advisory
http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.html Exploit
http://retrogod.altervista.org/simplog_092_incl_xpl.html Exploit
http://secunia.com/advisories/19600 Vendor Advisory
http://secunia.com/advisories/19628 Patch Vendor Advisory
http://www.gentoo.org/security/en/glsa/glsa-200604-07.xml Patch Vendor Advisory
http://secunia.com/advisories/19691
http://www.vupen.com/english/advisories/2006/1305
http://www.vupen.com/english/advisories/2006/0104
http://www.vupen.com/english/advisories/2006/0102
http://www.vupen.com/english/advisories/2006/1332
http://www.vupen.com/english/advisories/2006/0101
http://www.vupen.com/english/advisories/2006/0103
http://www.osvdb.org/22291
https://exchange.xforce.ibmcloud.com/vulnerabilities/24052
https://www.exploit-db.com/exploits/1663
http://www.securityfocus.com/archive/1/430743/100/0/threaded
http://www.securityfocus.com/archive/1/430448/100/0/threaded
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:moodle:moodle:1.5.3:*:*:*:*:*:*:*
cpe:2.3:a:postnuke_software_foundation:postnuke:0.761:*:*:*:*:*:*:*
cpe:2.3:a:the_cacti_group:cacti:0.8.6g:*:*:*:*:*:*:*
cpe:2.3:a:mantis:mantis:0.19.4:*:*:*:*:*:*:*
cpe:2.3:a:mantis:mantis:1.0.0_rc4:*:*:*:*:*:*:*
cpe:2.3:a:john_lim:adodb:4.66:*:*:*:*:*:*:*
cpe:2.3:a:john_lim:adodb:4.68:*:*:*:*:*:*:*
Information

Published : 2006-01-09 15:03

Updated : 2018-10-19 08:42

NVD link : CVE-2006-0147

Mitre link : CVE-2006-0147

JSON object : View

CWE
NVD-CWE-Other
Advertisement

dedicated server usa
Products Affected

moodle

  • moodle

the_cacti_group

  • cacti

john_lim

  • adodb

postnuke_software_foundation

  • postnuke

mantis

  • mantis