CVE-2006-0147

Dynamic code evaluation vulnerability in tests/tmssql.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PhpOpenChat, possibly (7) MAXdev MD-Pro, and (8) Simplog, allows remote attackers to execute arbitrary PHP functions via the do parameter, which is saved in a variable that is then executed as a function, as demonstrated using phpinfo.
References
Link Resource
http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.html Exploit
http://retrogod.altervista.org/simplog_092_incl_xpl.html Exploit
http://secunia.com/advisories/17418 Exploit Patch Vendor Advisory
http://secunia.com/advisories/18233 Patch Vendor Advisory
http://secunia.com/advisories/18254 Patch Vendor Advisory
http://secunia.com/advisories/18260 Patch Vendor Advisory
http://secunia.com/advisories/18267 Vendor Advisory
http://secunia.com/advisories/18276 Patch Vendor Advisory
http://secunia.com/advisories/19555 Patch Vendor Advisory
http://secunia.com/advisories/19590 Patch Vendor Advisory
http://secunia.com/advisories/19591 Patch Vendor Advisory
http://secunia.com/advisories/19600 Vendor Advisory
http://secunia.com/advisories/19628 Patch Vendor Advisory
http://secunia.com/advisories/19691
http://secunia.com/secunia_research/2005-64/advisory/ Exploit Patch Vendor Advisory
http://www.debian.org/security/2006/dsa-1029 Patch Vendor Advisory
http://www.debian.org/security/2006/dsa-1030 Patch Vendor Advisory
http://www.debian.org/security/2006/dsa-1031
http://www.gentoo.org/security/en/glsa/glsa-200604-07.xml Patch Vendor Advisory
http://www.osvdb.org/22291
http://www.securityfocus.com/archive/1/430448/100/0/threaded
http://www.securityfocus.com/archive/1/430743/100/0/threaded
http://www.vupen.com/english/advisories/2006/0101
http://www.vupen.com/english/advisories/2006/0102
http://www.vupen.com/english/advisories/2006/0103
http://www.vupen.com/english/advisories/2006/0104
http://www.vupen.com/english/advisories/2006/1305
http://www.vupen.com/english/advisories/2006/1332
https://exchange.xforce.ibmcloud.com/vulnerabilities/24052
https://www.exploit-db.com/exploits/1663
http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.html Exploit
http://retrogod.altervista.org/simplog_092_incl_xpl.html Exploit
http://secunia.com/advisories/17418 Exploit Patch Vendor Advisory
http://secunia.com/advisories/18233 Patch Vendor Advisory
http://secunia.com/advisories/18254 Patch Vendor Advisory
http://secunia.com/advisories/18260 Patch Vendor Advisory
http://secunia.com/advisories/18267 Vendor Advisory
http://secunia.com/advisories/18276 Patch Vendor Advisory
http://secunia.com/advisories/19555 Patch Vendor Advisory
http://secunia.com/advisories/19590 Patch Vendor Advisory
http://secunia.com/advisories/19591 Patch Vendor Advisory
http://secunia.com/advisories/19600 Vendor Advisory
http://secunia.com/advisories/19628 Patch Vendor Advisory
http://secunia.com/advisories/19691
http://secunia.com/secunia_research/2005-64/advisory/ Exploit Patch Vendor Advisory
http://www.debian.org/security/2006/dsa-1029 Patch Vendor Advisory
http://www.debian.org/security/2006/dsa-1030 Patch Vendor Advisory
http://www.debian.org/security/2006/dsa-1031
http://www.gentoo.org/security/en/glsa/glsa-200604-07.xml Patch Vendor Advisory
http://www.osvdb.org/22291
http://www.securityfocus.com/archive/1/430448/100/0/threaded
http://www.securityfocus.com/archive/1/430743/100/0/threaded
http://www.vupen.com/english/advisories/2006/0101
http://www.vupen.com/english/advisories/2006/0102
http://www.vupen.com/english/advisories/2006/0103
http://www.vupen.com/english/advisories/2006/0104
http://www.vupen.com/english/advisories/2006/1305
http://www.vupen.com/english/advisories/2006/1332
https://exchange.xforce.ibmcloud.com/vulnerabilities/24052
https://www.exploit-db.com/exploits/1663
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:john_lim:adodb:4.66:*:*:*:*:*:*:*
cpe:2.3:a:john_lim:adodb:4.68:*:*:*:*:*:*:*
cpe:2.3:a:mantis:mantis:0.19.4:*:*:*:*:*:*:*
cpe:2.3:a:mantis:mantis:1.0.0_rc4:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:1.5.3:*:*:*:*:*:*:*
cpe:2.3:a:postnuke_software_foundation:postnuke:0.761:*:*:*:*:*:*:*
cpe:2.3:a:the_cacti_group:cacti:0.8.6g:*:*:*:*:*:*:*

History

21 Nov 2024, 00:05

Type Values Removed Values Added
References () http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.html - Exploit () http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.html - Exploit
References () http://retrogod.altervista.org/simplog_092_incl_xpl.html - Exploit () http://retrogod.altervista.org/simplog_092_incl_xpl.html - Exploit
References () http://secunia.com/advisories/17418 - Exploit, Patch, Vendor Advisory () http://secunia.com/advisories/17418 - Exploit, Patch, Vendor Advisory
References () http://secunia.com/advisories/18233 - Patch, Vendor Advisory () http://secunia.com/advisories/18233 - Patch, Vendor Advisory
References () http://secunia.com/advisories/18254 - Patch, Vendor Advisory () http://secunia.com/advisories/18254 - Patch, Vendor Advisory
References () http://secunia.com/advisories/18260 - Patch, Vendor Advisory () http://secunia.com/advisories/18260 - Patch, Vendor Advisory
References () http://secunia.com/advisories/18267 - Vendor Advisory () http://secunia.com/advisories/18267 - Vendor Advisory
References () http://secunia.com/advisories/18276 - Patch, Vendor Advisory () http://secunia.com/advisories/18276 - Patch, Vendor Advisory
References () http://secunia.com/advisories/19555 - Patch, Vendor Advisory () http://secunia.com/advisories/19555 - Patch, Vendor Advisory
References () http://secunia.com/advisories/19590 - Patch, Vendor Advisory () http://secunia.com/advisories/19590 - Patch, Vendor Advisory
References () http://secunia.com/advisories/19591 - Patch, Vendor Advisory () http://secunia.com/advisories/19591 - Patch, Vendor Advisory
References () http://secunia.com/advisories/19600 - Vendor Advisory () http://secunia.com/advisories/19600 - Vendor Advisory
References () http://secunia.com/advisories/19628 - Patch, Vendor Advisory () http://secunia.com/advisories/19628 - Patch, Vendor Advisory
References () http://secunia.com/advisories/19691 - () http://secunia.com/advisories/19691 -
References () http://secunia.com/secunia_research/2005-64/advisory/ - Exploit, Patch, Vendor Advisory () http://secunia.com/secunia_research/2005-64/advisory/ - Exploit, Patch, Vendor Advisory
References () http://www.debian.org/security/2006/dsa-1029 - Patch, Vendor Advisory () http://www.debian.org/security/2006/dsa-1029 - Patch, Vendor Advisory
References () http://www.debian.org/security/2006/dsa-1030 - Patch, Vendor Advisory () http://www.debian.org/security/2006/dsa-1030 - Patch, Vendor Advisory
References () http://www.debian.org/security/2006/dsa-1031 - () http://www.debian.org/security/2006/dsa-1031 -
References () http://www.gentoo.org/security/en/glsa/glsa-200604-07.xml - Patch, Vendor Advisory () http://www.gentoo.org/security/en/glsa/glsa-200604-07.xml - Patch, Vendor Advisory
References () http://www.osvdb.org/22291 - () http://www.osvdb.org/22291 -
References () http://www.securityfocus.com/archive/1/430448/100/0/threaded - () http://www.securityfocus.com/archive/1/430448/100/0/threaded -
References () http://www.securityfocus.com/archive/1/430743/100/0/threaded - () http://www.securityfocus.com/archive/1/430743/100/0/threaded -
References () http://www.vupen.com/english/advisories/2006/0101 - () http://www.vupen.com/english/advisories/2006/0101 -
References () http://www.vupen.com/english/advisories/2006/0102 - () http://www.vupen.com/english/advisories/2006/0102 -
References () http://www.vupen.com/english/advisories/2006/0103 - () http://www.vupen.com/english/advisories/2006/0103 -
References () http://www.vupen.com/english/advisories/2006/0104 - () http://www.vupen.com/english/advisories/2006/0104 -
References () http://www.vupen.com/english/advisories/2006/1305 - () http://www.vupen.com/english/advisories/2006/1305 -
References () http://www.vupen.com/english/advisories/2006/1332 - () http://www.vupen.com/english/advisories/2006/1332 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/24052 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/24052 -
References () https://www.exploit-db.com/exploits/1663 - () https://www.exploit-db.com/exploits/1663 -

Information

Published : 2006-01-09 23:03

Updated : 2024-11-21 00:05


NVD link : CVE-2006-0147

Mitre link : CVE-2006-0147

CVE.ORG link : CVE-2006-0147


JSON object : View

Products Affected

mantis

  • mantis

the_cacti_group

  • cacti

postnuke_software_foundation

  • postnuke

moodle

  • moodle

john_lim

  • adodb