Vulnerability Details : CVE-2006-0147
Dynamic code evaluation vulnerability in tests/tmssql.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PhpOpenChat, possibly (7) MAXdev MD-Pro, and (8) Simplog, allows remote attackers to execute arbitrary PHP functions via the do parameter, which is saved in a variable that is then executed as a function, as demonstrated using phpinfo.
Products affected by CVE-2006-0147
- cpe:2.3:a:postnuke_software_foundation:postnuke:0.761:*:*:*:*:*:*:*
- cpe:2.3:a:mantis:mantis:0.19.4:*:*:*:*:*:*:*
- cpe:2.3:a:mantis:mantis:1.0.0_rc4:*:*:*:*:*:*:*
- cpe:2.3:a:the_cacti_group:cacti:0.8.6g:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:john_lim:adodb:4.66:*:*:*:*:*:*:*
- cpe:2.3:a:john_lim:adodb:4.68:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2006-0147
3.95%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 92 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2006-0147
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
References for CVE-2006-0147
-
http://www.vupen.com/english/advisories/2006/0104
Site en construction
-
http://www.securityfocus.com/archive/1/430448/100/0/threaded
-
http://www.vupen.com/english/advisories/2006/1332
Site en construction
-
http://www.gentoo.org/security/en/glsa/glsa-200604-07.xml
Cacti: Multiple vulnerabilities in included ADOdb (GLSA 200604-07) — Gentoo securityPatch;Vendor Advisory
-
http://www.debian.org/security/2006/dsa-1031
[SECURITY] [DSA 1031-1] New cacti packages fix several vulnerabilities
-
http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.html
Error 404 :(Exploit
-
http://www.vupen.com/english/advisories/2006/0103
Site en construction
-
http://www.debian.org/security/2006/dsa-1029
[SECURITY] [DSA 1029-1] New libphp-adodb packages fix several vulnerabilitiesPatch;Vendor Advisory
-
http://www.vupen.com/english/advisories/2006/0101
Site en construction
-
http://www.vupen.com/english/advisories/2006/0102
Site en construction
-
http://www.debian.org/security/2006/dsa-1030
[SECURITY] [DSA 1030-1] New moodle packages fix several vulnerabilitiesPatch;Vendor Advisory
-
http://retrogod.altervista.org/simplog_092_incl_xpl.html
Error 404 :(Exploit
-
https://www.exploit-db.com/exploits/1663
Simplog 0.9.2 - 's' Remote Command Execution - PHP webapps Exploit
-
http://www.vupen.com/english/advisories/2006/1305
Site en construction
-
http://www.securityfocus.com/archive/1/430743/100/0/threaded
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/24052
ADOdb tmssql.php PHP command execution CVE-2006-0147 Vulnerability Report
Jump to