Vulnerability-Lookup

CVE-2006-0146 (GCVE-0-2006-0146)

Vulnerability from cvelistv5 – Published: 2006-01-09 23:00 – Updated: 2024-08-07 16:25

Summary

The server.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PHPOpenChat, (7) MAXdev MD-Pro, and (8) MediaBeez, when the MySQL root password is empty, allows remote attackers to execute arbitrary SQL commands via the sql parameter.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://secunia.com/advisories/19590	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/18267	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/18254	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/19555	third-party-advisoryx_refsource_SECUNIA
	http://www.debian.org/security/2006/dsa-1029	vendor-advisoryx_refsource_DEBIAN
	http://www.securityfocus.com/archive/1/430448/100…	mailing-listx_refsource_BUGTRAQ
	http://www.maxdev.com/Article550.phtml	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2006/0105	vdb-entryx_refsource_VUPEN
	http://secunia.com/advisories/19699	third-party-advisoryx_refsource_SECUNIA
	http://www.debian.org/security/2006/dsa-1030	vendor-advisoryx_refsource_DEBIAN
	http://www.vupen.com/english/advisories/2006/1305	vdb-entryx_refsource_VUPEN
	http://secunia.com/advisories/24954	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/18276	third-party-advisoryx_refsource_SECUNIA
	http://securityreason.com/securityalert/713	third-party-advisoryx_refsource_SREASON
	http://www.vupen.com/english/advisories/2006/1304	vdb-entryx_refsource_VUPEN
	http://secunia.com/advisories/19600	third-party-advisoryx_refsource_SECUNIA
	http://www.securityfocus.com/archive/1/466171/100…	mailing-listx_refsource_BUGTRAQ
	http://www.vupen.com/english/advisories/2006/0103	vdb-entryx_refsource_VUPEN
	http://secunia.com/secunia_research/2005-64/advisory/	x_refsource_MISC
	http://www.securityfocus.com/bid/16187	vdb-entryx_refsource_BID
	http://secunia.com/advisories/18720	third-party-advisoryx_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2006/1419	vdb-entryx_refsource_VUPEN
	http://secunia.com/advisories/19591	third-party-advisoryx_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2006/0447	vdb-entryx_refsource_VUPEN
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://secunia.com/advisories/17418	third-party-advisoryx_refsource_SECUNIA
	http://www.xaraya.com/index.php/news/569	x_refsource_CONFIRM
	http://secunia.com/advisories/19691	third-party-advisoryx_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2006/0102	vdb-entryx_refsource_VUPEN
	http://www.vupen.com/english/advisories/2006/0101	vdb-entryx_refsource_VUPEN
	http://secunia.com/advisories/18233	third-party-advisoryx_refsource_SECUNIA
	http://www.osvdb.org/22290	vdb-entryx_refsource_OSVDB
	http://www.vupen.com/english/advisories/2006/0370	vdb-entryx_refsource_VUPEN
	http://www.debian.org/security/2006/dsa-1031	vendor-advisoryx_refsource_DEBIAN
	http://retrogod.altervista.org/phpopenchat_30x_sq…	x_refsource_MISC
	http://www.securityfocus.com/archive/1/423784/100…	mailing-listx_refsource_BUGTRAQ
	http://www.vupen.com/english/advisories/2006/0104	vdb-entryx_refsource_VUPEN
	http://secunia.com/advisories/18260	third-party-advisoryx_refsource_SECUNIA
	http://www.gentoo.org/security/en/glsa/glsa-20060…	vendor-advisoryx_refsource_GENTOO
	http://secunia.com/advisories/19563	third-party-advisoryx_refsource_SECUNIA

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T16:25:33.856Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "19590",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19590"
          },
          {
            "name": "18267",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18267"
          },
          {
            "name": "18254",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18254"
          },
          {
            "name": "19555",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19555"
          },
          {
            "name": "DSA-1029",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-1029"
          },
          {
            "name": "20060409 PhpOpenChat 3.0.x ADODB Server.php \"sql\" SQL injection",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/430448/100/0/threaded"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.maxdev.com/Article550.phtml"
          },
          {
            "name": "ADV-2006-0105",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/0105"
          },
          {
            "name": "19699",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19699"
          },
          {
            "name": "DSA-1030",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-1030"
          },
          {
            "name": "ADV-2006-1305",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/1305"
          },
          {
            "name": "24954",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24954"
          },
          {
            "name": "18276",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18276"
          },
          {
            "name": "713",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/713"
          },
          {
            "name": "ADV-2006-1304",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/1304"
          },
          {
            "name": "19600",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19600"
          },
          {
            "name": "20070418 MediaBeez Sql query Execution .. Wear isn\u0027t ?? :)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/466171/100/0/threaded"
          },
          {
            "name": "ADV-2006-0103",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/0103"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://secunia.com/secunia_research/2005-64/advisory/"
          },
          {
            "name": "16187",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/16187"
          },
          {
            "name": "18720",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18720"
          },
          {
            "name": "ADV-2006-1419",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/1419"
          },
          {
            "name": "19591",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19591"
          },
          {
            "name": "ADV-2006-0447",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/0447"
          },
          {
            "name": "adodb-server-command-execution(24051)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24051"
          },
          {
            "name": "17418",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17418"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.xaraya.com/index.php/news/569"
          },
          {
            "name": "19691",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19691"
          },
          {
            "name": "ADV-2006-0102",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/0102"
          },
          {
            "name": "ADV-2006-0101",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/0101"
          },
          {
            "name": "18233",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18233"
          },
          {
            "name": "22290",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/22290"
          },
          {
            "name": "ADV-2006-0370",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/0370"
          },
          {
            "name": "DSA-1031",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-1031"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.html"
          },
          {
            "name": "20060202 Bug for libs in php link directory 2.0",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/423784/100/0/threaded"
          },
          {
            "name": "ADV-2006-0104",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/0104"
          },
          {
            "name": "18260",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18260"
          },
          {
            "name": "GLSA-200604-07",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-07.xml"
          },
          {
            "name": "19563",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19563"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-01-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The server.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PHPOpenChat, (7) MAXdev MD-Pro, and (8) MediaBeez, when the MySQL root password is empty, allows remote attackers to execute arbitrary SQL commands via the sql parameter."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-19T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "19590",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19590"
        },
        {
          "name": "18267",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18267"
        },
        {
          "name": "18254",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18254"
        },
        {
          "name": "19555",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19555"
        },
        {
          "name": "DSA-1029",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-1029"
        },
        {
          "name": "20060409 PhpOpenChat 3.0.x ADODB Server.php \"sql\" SQL injection",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/430448/100/0/threaded"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.maxdev.com/Article550.phtml"
        },
        {
          "name": "ADV-2006-0105",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/0105"
        },
        {
          "name": "19699",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19699"
        },
        {
          "name": "DSA-1030",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-1030"
        },
        {
          "name": "ADV-2006-1305",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/1305"
        },
        {
          "name": "24954",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24954"
        },
        {
          "name": "18276",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18276"
        },
        {
          "name": "713",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/713"
        },
        {
          "name": "ADV-2006-1304",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/1304"
        },
        {
          "name": "19600",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19600"
        },
        {
          "name": "20070418 MediaBeez Sql query Execution .. Wear isn\u0027t ?? :)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/466171/100/0/threaded"
        },
        {
          "name": "ADV-2006-0103",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/0103"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://secunia.com/secunia_research/2005-64/advisory/"
        },
        {
          "name": "16187",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/16187"
        },
        {
          "name": "18720",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18720"
        },
        {
          "name": "ADV-2006-1419",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/1419"
        },
        {
          "name": "19591",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19591"
        },
        {
          "name": "ADV-2006-0447",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/0447"
        },
        {
          "name": "adodb-server-command-execution(24051)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24051"
        },
        {
          "name": "17418",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17418"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.xaraya.com/index.php/news/569"
        },
        {
          "name": "19691",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19691"
        },
        {
          "name": "ADV-2006-0102",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/0102"
        },
        {
          "name": "ADV-2006-0101",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/0101"
        },
        {
          "name": "18233",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18233"
        },
        {
          "name": "22290",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/22290"
        },
        {
          "name": "ADV-2006-0370",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/0370"
        },
        {
          "name": "DSA-1031",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-1031"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.html"
        },
        {
          "name": "20060202 Bug for libs in php link directory 2.0",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/423784/100/0/threaded"
        },
        {
          "name": "ADV-2006-0104",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/0104"
        },
        {
          "name": "18260",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18260"
        },
        {
          "name": "GLSA-200604-07",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-07.xml"
        },
        {
          "name": "19563",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19563"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-0146",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The server.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PHPOpenChat, (7) MAXdev MD-Pro, and (8) MediaBeez, when the MySQL root password is empty, allows remote attackers to execute arbitrary SQL commands via the sql parameter."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "19590",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/19590"
            },
            {
              "name": "18267",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18267"
            },
            {
              "name": "18254",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18254"
            },
            {
              "name": "19555",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/19555"
            },
            {
              "name": "DSA-1029",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2006/dsa-1029"
            },
            {
              "name": "20060409 PhpOpenChat 3.0.x ADODB Server.php \"sql\" SQL injection",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/430448/100/0/threaded"
            },
            {
              "name": "http://www.maxdev.com/Article550.phtml",
              "refsource": "CONFIRM",
              "url": "http://www.maxdev.com/Article550.phtml"
            },
            {
              "name": "ADV-2006-0105",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/0105"
            },
            {
              "name": "19699",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/19699"
            },
            {
              "name": "DSA-1030",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2006/dsa-1030"
            },
            {
              "name": "ADV-2006-1305",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/1305"
            },
            {
              "name": "24954",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24954"
            },
            {
              "name": "18276",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18276"
            },
            {
              "name": "713",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/713"
            },
            {
              "name": "ADV-2006-1304",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/1304"
            },
            {
              "name": "19600",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/19600"
            },
            {
              "name": "20070418 MediaBeez Sql query Execution .. Wear isn\u0027t ?? :)",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/466171/100/0/threaded"
            },
            {
              "name": "ADV-2006-0103",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/0103"
            },
            {
              "name": "http://secunia.com/secunia_research/2005-64/advisory/",
              "refsource": "MISC",
              "url": "http://secunia.com/secunia_research/2005-64/advisory/"
            },
            {
              "name": "16187",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/16187"
            },
            {
              "name": "18720",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18720"
            },
            {
              "name": "ADV-2006-1419",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/1419"
            },
            {
              "name": "19591",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/19591"
            },
            {
              "name": "ADV-2006-0447",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/0447"
            },
            {
              "name": "adodb-server-command-execution(24051)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24051"
            },
            {
              "name": "17418",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/17418"
            },
            {
              "name": "http://www.xaraya.com/index.php/news/569",
              "refsource": "CONFIRM",
              "url": "http://www.xaraya.com/index.php/news/569"
            },
            {
              "name": "19691",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/19691"
            },
            {
              "name": "ADV-2006-0102",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/0102"
            },
            {
              "name": "ADV-2006-0101",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/0101"
            },
            {
              "name": "18233",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18233"
            },
            {
              "name": "22290",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/22290"
            },
            {
              "name": "ADV-2006-0370",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/0370"
            },
            {
              "name": "DSA-1031",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2006/dsa-1031"
            },
            {
              "name": "http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.html",
              "refsource": "MISC",
              "url": "http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.html"
            },
            {
              "name": "20060202 Bug for libs in php link directory 2.0",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/423784/100/0/threaded"
            },
            {
              "name": "ADV-2006-0104",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/0104"
            },
            {
              "name": "18260",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18260"
            },
            {
              "name": "GLSA-200604-07",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-07.xml"
            },
            {
              "name": "19563",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/19563"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-0146",
    "datePublished": "2006-01-09T23:00:00",
    "dateReserved": "2006-01-09T00:00:00",
    "dateUpdated": "2024-08-07T16:25:33.856Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2006-0146\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2006-01-09T23:03:00.000\",\"lastModified\":\"2025-04-03T01:03:51.193\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The server.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PHPOpenChat, (7) MAXdev MD-Pro, and (8) MediaBeez, when the MySQL root password is empty, allows remote attackers to execute arbitrary SQL commands via the sql parameter.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":true,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-89\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:john_lim:adodb:4.66:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F76566C-7F49-4725-91E6-8E2416CB7F03\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:john_lim:adodb:4.68:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"02F0F5B5-86D2-48C4-872E-3F8C38AF563C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mantis:mantis:0.19.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AE92E018-C25C-468D-9EF5-5665F0B42EA2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mantis:mantis:1.0.0_rc4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B0C7EDA7-1BED-4152-BD3D-3A596482D9D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mediabeez:mediabeez:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE171CCD-6AEE-4FCB-9F45-C7CFDE84D6AA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:moodle:moodle:1.5.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"66BD9A00-DA61-4389-8731-B92585C2BE6C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postnuke_software_foundation:postnuke:0.761:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C55DA346-A7A0-466F-90D7-CC1E7C2E9EFD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:the_cacti_group:cacti:0.8.6g:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB14AEA6-00FC-4C8B-BA57-6CA7A5519493\"}]}]}],\"references\":[{\"url\":\"http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\"]},{\"url\":\"http://secunia.com/advisories/17418\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/18233\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/18254\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/18260\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/18267\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/18276\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/18720\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/19555\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/19563\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/19590\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/19591\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/19600\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/19691\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/19699\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/24954\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/secunia_research/2005-64/advisory/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://securityreason.com/securityalert/713\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.debian.org/security/2006/dsa-1029\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.debian.org/security/2006/dsa-1030\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.debian.org/security/2006/dsa-1031\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.gentoo.org/security/en/glsa/glsa-200604-07.xml\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.maxdev.com/Article550.phtml\",\"source\":\"cve@mitre.org\",\"tags\":[\"URL Repurposed\"]},{\"url\":\"http://www.osvdb.org/22290\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Patch\"]},{\"url\":\"http://www.securityfocus.com/archive/1/423784/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/430448/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/466171/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/16187\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Patch\"]},{\"url\":\"http://www.vupen.com/english/advisories/2006/0101\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2006/0102\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2006/0103\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2006/0104\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2006/0105\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2006/0370\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2006/0447\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2006/1304\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2006/1305\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2006/1419\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.xaraya.com/index.php/news/569\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/24051\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://secunia.com/advisories/17418\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/18233\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/18254\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/18260\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/18267\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/18276\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/18720\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/19555\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/19563\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/19590\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/19591\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/19600\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/19691\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/19699\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/24954\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/secunia_research/2005-64/advisory/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://securityreason.com/securityalert/713\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2006/dsa-1029\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.debian.org/security/2006/dsa-1030\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.debian.org/security/2006/dsa-1031\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.gentoo.org/security/en/glsa/glsa-200604-07.xml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.maxdev.com/Article550.phtml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"URL Repurposed\"]},{\"url\":\"http://www.osvdb.org/22290\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Patch\"]},{\"url\":\"http://www.securityfocus.com/archive/1/423784/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/430448/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/466171/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/16187\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Patch\"]},{\"url\":\"http://www.vupen.com/english/advisories/2006/0101\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2006/0102\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2006/0103\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2006/0104\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2006/0105\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2006/0370\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2006/0447\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2006/1304\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2006/1305\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2006/1419\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.xaraya.com/index.php/news/569\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/24051\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

CERTA-2006-AVI-145

Vulnerability from certfr_avis - Published: 2006-04-10 - Updated: 2006-04-20

None

Description

CACTI est un outil de supervision réseau.

Plusieurs vulnérabilités présentes sur CACTI peuvent être utilisées par un utilisateur mal intrentionné pour réaliser une attaque de type « cross site scripting », réaliser une attaque par injection SQL ou exécuter du code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

CACTI versions antérieures à la version 0.8.6.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

GSD-2006-0146

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2006-0146

Aliases

CVE-2006-0146

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2006-0146",
    "description": "The server.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PHPOpenChat, (7) MAXdev MD-Pro, and (8) MediaBeez, when the MySQL root password is empty, allows remote attackers to execute arbitrary SQL commands via the sql parameter.",
    "id": "GSD-2006-0146",
    "references": [
      "https://www.suse.com/security/cve/CVE-2006-0146.html",
      "https://www.debian.org/security/2006/dsa-1029",
      "https://www.debian.org/security/2006/dsa-1030",
      "https://www.debian.org/security/2006/dsa-1031"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2006-0146"
      ],
      "details": "The server.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PHPOpenChat, (7) MAXdev MD-Pro, and (8) MediaBeez, when the MySQL root password is empty, allows remote attackers to execute arbitrary SQL commands via the sql parameter.",
      "id": "GSD-2006-0146",
      "modified": "2023-12-13T01:19:50.270351Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2006-0146",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The server.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PHPOpenChat, (7) MAXdev MD-Pro, and (8) MediaBeez, when the MySQL root password is empty, allows remote attackers to execute arbitrary SQL commands via the sql parameter."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "19590",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/19590"
          },
          {
            "name": "18267",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/18267"
          },
          {
            "name": "18254",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/18254"
          },
          {
            "name": "19555",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/19555"
          },
          {
            "name": "DSA-1029",
            "refsource": "DEBIAN",
            "url": "http://www.debian.org/security/2006/dsa-1029"
          },
          {
            "name": "20060409 PhpOpenChat 3.0.x ADODB Server.php \"sql\" SQL injection",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/430448/100/0/threaded"
          },
          {
            "name": "http://www.maxdev.com/Article550.phtml",
            "refsource": "CONFIRM",
            "url": "http://www.maxdev.com/Article550.phtml"
          },
          {
            "name": "ADV-2006-0105",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2006/0105"
          },
          {
            "name": "19699",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/19699"
          },
          {
            "name": "DSA-1030",
            "refsource": "DEBIAN",
            "url": "http://www.debian.org/security/2006/dsa-1030"
          },
          {
            "name": "ADV-2006-1305",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2006/1305"
          },
          {
            "name": "24954",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/24954"
          },
          {
            "name": "18276",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/18276"
          },
          {
            "name": "713",
            "refsource": "SREASON",
            "url": "http://securityreason.com/securityalert/713"
          },
          {
            "name": "ADV-2006-1304",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2006/1304"
          },
          {
            "name": "19600",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/19600"
          },
          {
            "name": "20070418 MediaBeez Sql query Execution .. Wear isn\u0027t ?? :)",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/466171/100/0/threaded"
          },
          {
            "name": "ADV-2006-0103",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2006/0103"
          },
          {
            "name": "http://secunia.com/secunia_research/2005-64/advisory/",
            "refsource": "MISC",
            "url": "http://secunia.com/secunia_research/2005-64/advisory/"
          },
          {
            "name": "16187",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/16187"
          },
          {
            "name": "18720",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/18720"
          },
          {
            "name": "ADV-2006-1419",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2006/1419"
          },
          {
            "name": "19591",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/19591"
          },
          {
            "name": "ADV-2006-0447",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2006/0447"
          },
          {
            "name": "adodb-server-command-execution(24051)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24051"
          },
          {
            "name": "17418",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/17418"
          },
          {
            "name": "http://www.xaraya.com/index.php/news/569",
            "refsource": "CONFIRM",
            "url": "http://www.xaraya.com/index.php/news/569"
          },
          {
            "name": "19691",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/19691"
          },
          {
            "name": "ADV-2006-0102",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2006/0102"
          },
          {
            "name": "ADV-2006-0101",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2006/0101"
          },
          {
            "name": "18233",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/18233"
          },
          {
            "name": "22290",
            "refsource": "OSVDB",
            "url": "http://www.osvdb.org/22290"
          },
          {
            "name": "ADV-2006-0370",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2006/0370"
          },
          {
            "name": "DSA-1031",
            "refsource": "DEBIAN",
            "url": "http://www.debian.org/security/2006/dsa-1031"
          },
          {
            "name": "http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.html",
            "refsource": "MISC",
            "url": "http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.html"
          },
          {
            "name": "20060202 Bug for libs in php link directory 2.0",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/423784/100/0/threaded"
          },
          {
            "name": "ADV-2006-0104",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2006/0104"
          },
          {
            "name": "18260",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/18260"
          },
          {
            "name": "GLSA-200604-07",
            "refsource": "GENTOO",
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-07.xml"
          },
          {
            "name": "19563",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/19563"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:john_lim:adodb:4.66:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:john_lim:adodb:4.68:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:postnuke_software_foundation:postnuke:0.761:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:the_cacti_group:cacti:0.8.6g:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mediabeez:mediabeez:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:moodle:moodle:1.5.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mantis:mantis:0.19.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mantis:mantis:1.0.0_rc4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-0146"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The server.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PHPOpenChat, (7) MAXdev MD-Pro, and (8) MediaBeez, when the MySQL root password is empty, allows remote attackers to execute arbitrary SQL commands via the sql parameter."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-89"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://secunia.com/secunia_research/2005-64/advisory/",
              "refsource": "MISC",
              "tags": [
                "Exploit",
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/secunia_research/2005-64/advisory/"
            },
            {
              "name": "16187",
              "refsource": "BID",
              "tags": [
                "Exploit",
                "Patch"
              ],
              "url": "http://www.securityfocus.com/bid/16187"
            },
            {
              "name": "17418",
              "refsource": "SECUNIA",
              "tags": [
                "Exploit",
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/17418"
            },
            {
              "name": "18254",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/18254"
            },
            {
              "name": "18267",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/18267"
            },
            {
              "name": "18260",
              "refsource": "SECUNIA",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/18260"
            },
            {
              "name": "18276",
              "refsource": "SECUNIA",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/18276"
            },
            {
              "name": "18233",
              "refsource": "SECUNIA",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/18233"
            },
            {
              "name": "22290",
              "refsource": "OSVDB",
              "tags": [
                "Exploit",
                "Patch"
              ],
              "url": "http://www.osvdb.org/22290"
            },
            {
              "name": "18720",
              "refsource": "SECUNIA",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/18720"
            },
            {
              "name": "http://www.xaraya.com/index.php/news/569",
              "refsource": "CONFIRM",
              "tags": [
                "Patch"
              ],
              "url": "http://www.xaraya.com/index.php/news/569"
            },
            {
              "name": "DSA-1029",
              "refsource": "DEBIAN",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://www.debian.org/security/2006/dsa-1029"
            },
            {
              "name": "DSA-1030",
              "refsource": "DEBIAN",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://www.debian.org/security/2006/dsa-1030"
            },
            {
              "name": "DSA-1031",
              "refsource": "DEBIAN",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://www.debian.org/security/2006/dsa-1031"
            },
            {
              "name": "19555",
              "refsource": "SECUNIA",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/19555"
            },
            {
              "name": "19590",
              "refsource": "SECUNIA",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/19590"
            },
            {
              "name": "19591",
              "refsource": "SECUNIA",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/19591"
            },
            {
              "name": "http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.html",
              "refsource": "MISC",
              "tags": [
                "Exploit"
              ],
              "url": "http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.html"
            },
            {
              "name": "http://www.maxdev.com/Article550.phtml",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www.maxdev.com/Article550.phtml"
            },
            {
              "name": "19563",
              "refsource": "SECUNIA",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/19563"
            },
            {
              "name": "19600",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/19600"
            },
            {
              "name": "GLSA-200604-07",
              "refsource": "GENTOO",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-07.xml"
            },
            {
              "name": "19699",
              "refsource": "SECUNIA",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/19699"
            },
            {
              "name": "19691",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/19691"
            },
            {
              "name": "24954",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/24954"
            },
            {
              "name": "713",
              "refsource": "SREASON",
              "tags": [],
              "url": "http://securityreason.com/securityalert/713"
            },
            {
              "name": "ADV-2006-1305",
              "refsource": "VUPEN",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/1305"
            },
            {
              "name": "ADV-2006-0447",
              "refsource": "VUPEN",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/0447"
            },
            {
              "name": "ADV-2006-1419",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2006/1419"
            },
            {
              "name": "ADV-2006-0104",
              "refsource": "VUPEN",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/0104"
            },
            {
              "name": "ADV-2006-0370",
              "refsource": "VUPEN",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/0370"
            },
            {
              "name": "ADV-2006-0102",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2006/0102"
            },
            {
              "name": "ADV-2006-1304",
              "refsource": "VUPEN",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/1304"
            },
            {
              "name": "ADV-2006-0105",
              "refsource": "VUPEN",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/0105"
            },
            {
              "name": "ADV-2006-0103",
              "refsource": "VUPEN",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/0103"
            },
            {
              "name": "ADV-2006-0101",
              "refsource": "VUPEN",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/0101"
            },
            {
              "name": "adodb-server-command-execution(24051)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24051"
            },
            {
              "name": "20070418 MediaBeez Sql query Execution .. Wear isn\u0027t ?? :)",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/466171/100/0/threaded"
            },
            {
              "name": "20060409 PhpOpenChat 3.0.x ADODB Server.php \"sql\" SQL injection",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/430448/100/0/threaded"
            },
            {
              "name": "20060202 Bug for libs in php link directory 2.0",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/423784/100/0/threaded"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": true,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2018-10-19T15:42Z",
      "publishedDate": "2006-01-09T23:03Z"
    }
  }
}

GHSA-Q9Q3-J7RW-3J95

Vulnerability from github – Published: 2022-05-01 06:37 – Updated: 2025-04-03 04:24

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2006-0146"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-89"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2006-01-09T23:03:00Z",
    "severity": "HIGH"
  },
  "details": "The server.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PHPOpenChat, (7) MAXdev MD-Pro, and (8) MediaBeez, when the MySQL root password is empty, allows remote attackers to execute arbitrary SQL commands via the sql parameter.",
  "id": "GHSA-q9q3-j7rw-3j95",
  "modified": "2025-04-03T04:24:51Z",
  "published": "2022-05-01T06:37:35Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-0146"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24051"
    },
    {
      "type": "WEB",
      "url": "http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/17418"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/18233"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/18254"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/18260"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/18267"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/18276"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/18720"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/19555"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/19563"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/19590"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/19591"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/19600"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/19691"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/19699"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/24954"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/secunia_research/2005-64/advisory"
    },
    {
      "type": "WEB",
      "url": "http://securityreason.com/securityalert/713"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2006/dsa-1029"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2006/dsa-1030"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2006/dsa-1031"
    },
    {
      "type": "WEB",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-07.xml"
    },
    {
      "type": "WEB",
      "url": "http://www.maxdev.com/Article550.phtml"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/22290"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/423784/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/430448/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/466171/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/16187"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2006/0101"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2006/0102"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2006/0103"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2006/0104"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2006/0105"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2006/0370"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2006/0447"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2006/1304"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2006/1305"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2006/1419"
    },
    {
      "type": "WEB",
      "url": "http://www.xaraya.com/index.php/news/569"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

FKIE_CVE-2006-0146

Vulnerability from fkie_nvd - Published: 2006-01-09 23:03 - Updated: 2025-04-03 01:03

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.html	Exploit
cve@mitre.org	http://secunia.com/advisories/17418	Exploit, Patch, Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/18233	Patch, Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/18254	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/18260	Patch, Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/18267	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/18276	Patch, Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/18720	Patch, Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/19555	Patch, Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/19563	Patch, Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/19590	Patch, Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/19591	Patch, Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/19600	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/19691	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/19699	Patch, Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/24954	Vendor Advisory
cve@mitre.org	http://secunia.com/secunia_research/2005-64/advisory/	Exploit, Patch, Vendor Advisory
cve@mitre.org	http://securityreason.com/securityalert/713
cve@mitre.org	http://www.debian.org/security/2006/dsa-1029	Patch, Vendor Advisory
cve@mitre.org	http://www.debian.org/security/2006/dsa-1030	Patch, Vendor Advisory
cve@mitre.org	http://www.debian.org/security/2006/dsa-1031	Patch, Vendor Advisory
cve@mitre.org	http://www.gentoo.org/security/en/glsa/glsa-200604-07.xml	Patch, Vendor Advisory
cve@mitre.org	http://www.maxdev.com/Article550.phtml	URL Repurposed
cve@mitre.org	http://www.osvdb.org/22290	Exploit, Patch
cve@mitre.org	http://www.securityfocus.com/archive/1/423784/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/archive/1/430448/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/archive/1/466171/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/bid/16187	Exploit, Patch
cve@mitre.org	http://www.vupen.com/english/advisories/2006/0101	Vendor Advisory
cve@mitre.org	http://www.vupen.com/english/advisories/2006/0102
cve@mitre.org	http://www.vupen.com/english/advisories/2006/0103	Vendor Advisory
cve@mitre.org	http://www.vupen.com/english/advisories/2006/0104	Vendor Advisory
cve@mitre.org	http://www.vupen.com/english/advisories/2006/0105	Vendor Advisory
cve@mitre.org	http://www.vupen.com/english/advisories/2006/0370	Vendor Advisory
cve@mitre.org	http://www.vupen.com/english/advisories/2006/0447	Vendor Advisory
cve@mitre.org	http://www.vupen.com/english/advisories/2006/1304	Vendor Advisory
cve@mitre.org	http://www.vupen.com/english/advisories/2006/1305	Vendor Advisory
cve@mitre.org	http://www.vupen.com/english/advisories/2006/1419
cve@mitre.org	http://www.xaraya.com/index.php/news/569	Patch
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/24051
af854a3a-2127-422b-91ae-364da2661108	http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.html	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/17418	Exploit, Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18233	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18254	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18260	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18267	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18276	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18720	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/19555	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/19563	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/19590	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/19591	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/19600	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/19691	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/19699	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24954	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/secunia_research/2005-64/advisory/	Exploit, Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securityreason.com/securityalert/713
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2006/dsa-1029	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2006/dsa-1030	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2006/dsa-1031	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.gentoo.org/security/en/glsa/glsa-200604-07.xml	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.maxdev.com/Article550.phtml	URL Repurposed
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/22290	Exploit, Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/423784/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/430448/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/466171/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/16187	Exploit, Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/0101	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/0102
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/0103	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/0104	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/0105	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/0370	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/0447	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/1304	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/1305	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/1419
af854a3a-2127-422b-91ae-364da2661108	http://www.xaraya.com/index.php/news/569	Patch
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/24051

Impacted products

Vendor	Product	Version
john_lim	adodb	4.66
john_lim	adodb	4.68
mantis	mantis	0.19.4
mantis	mantis	1.0.0_rc4
mediabeez	mediabeez	*
moodle	moodle	1.5.3
postnuke_software_foundation	postnuke	0.761
the_cacti_group	cacti	0.8.6g

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:john_lim:adodb:4.66:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F76566C-7F49-4725-91E6-8E2416CB7F03",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:john_lim:adodb:4.68:*:*:*:*:*:*:*",
              "matchCriteriaId": "02F0F5B5-86D2-48C4-872E-3F8C38AF563C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mantis:mantis:0.19.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE92E018-C25C-468D-9EF5-5665F0B42EA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mantis:mantis:1.0.0_rc4:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0C7EDA7-1BED-4152-BD3D-3A596482D9D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mediabeez:mediabeez:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE171CCD-6AEE-4FCB-9F45-C7CFDE84D6AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:moodle:moodle:1.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "66BD9A00-DA61-4389-8731-B92585C2BE6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postnuke_software_foundation:postnuke:0.761:*:*:*:*:*:*:*",
              "matchCriteriaId": "C55DA346-A7A0-466F-90D7-CC1E7C2E9EFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:the_cacti_group:cacti:0.8.6g:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB14AEA6-00FC-4C8B-BA57-6CA7A5519493",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The server.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PHPOpenChat, (7) MAXdev MD-Pro, and (8) MediaBeez, when the MySQL root password is empty, allows remote attackers to execute arbitrary SQL commands via the sql parameter."
    }
  ],
  "id": "CVE-2006-0146",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2006-01-09T23:03:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17418"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18233"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18254"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18260"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18267"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18276"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18720"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19555"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19563"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19590"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19591"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19600"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19691"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19699"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24954"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/secunia_research/2005-64/advisory/"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securityreason.com/securityalert/713"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-1029"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-1030"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-1031"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-07.xml"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "URL Repurposed"
      ],
      "url": "http://www.maxdev.com/Article550.phtml"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Patch"
      ],
      "url": "http://www.osvdb.org/22290"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/423784/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/430448/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/466171/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/16187"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/0101"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2006/0102"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/0103"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/0104"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/0105"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/0370"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/0447"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/1304"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/1305"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2006/1419"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.xaraya.com/index.php/news/569"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24051"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17418"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18233"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18254"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18260"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18267"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18276"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18720"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19555"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19563"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19590"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19591"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19600"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19691"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19699"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24954"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/secunia_research/2005-64/advisory/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/713"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-1029"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-1030"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-1031"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-07.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "URL Repurposed"
      ],
      "url": "http://www.maxdev.com/Article550.phtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch"
      ],
      "url": "http://www.osvdb.org/22290"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/423784/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/430448/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/466171/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/16187"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/0101"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/0102"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/0103"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/0104"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/0105"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/0370"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/0447"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/1304"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/1305"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/1419"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.xaraya.com/index.php/news/569"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24051"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-89"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2006-0146 (GCVE-0-2006-0146)

CERTA-2006-AVI-145

Description

Solution

GSD-2006-0146

GHSA-Q9Q3-J7RW-3J95

FKIE_CVE-2006-0146

Tags

Sightings

Nomenclature