Back to search
CVE-2006-0146
Published: Jan 9, 2006
Modified: Aug 7, 2024
PUBLISHED
Description
The server.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PHPOpenChat, (7) MAXdev MD-Pro, and (8) MediaBeez, when the MySQL root password is empty, allows remote attackers to execute arbitrary SQL commands via the sql parameter.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
19590
third-party-advisory
x_refsource_SECUNIA
18267
third-party-advisory
x_refsource_SECUNIA
18254
third-party-advisory
x_refsource_SECUNIA
19555
third-party-advisory
x_refsource_SECUNIA
DSA-1029
vendor-advisory
x_refsource_DEBIAN
20060409 PhpOpenChat 3.0.x ADODB Server.php "sql" SQL injection
mailing-list
x_refsource_BUGTRAQ
http://www.maxdev.com/Article550.phtml
x_refsource_CONFIRM
ADV-2006-0105
vdb-entry
x_refsource_VUPEN
19699
third-party-advisory
x_refsource_SECUNIA
DSA-1030
vendor-advisory
x_refsource_DEBIAN
ADV-2006-1305
vdb-entry
x_refsource_VUPEN
24954
third-party-advisory
x_refsource_SECUNIA
18276
third-party-advisory
x_refsource_SECUNIA
713
third-party-advisory
x_refsource_SREASON
ADV-2006-1304
vdb-entry
x_refsource_VUPEN
19600
third-party-advisory
x_refsource_SECUNIA
20070418 MediaBeez Sql query Execution .. Wear isn't ?? :)
mailing-list
x_refsource_BUGTRAQ
ADV-2006-0103
vdb-entry
x_refsource_VUPEN
http://secunia.com/secunia_research/2005-64/advisory/
x_refsource_MISC
16187
vdb-entry
x_refsource_BID
18720
third-party-advisory
x_refsource_SECUNIA
ADV-2006-1419
vdb-entry
x_refsource_VUPEN
19591
third-party-advisory
x_refsource_SECUNIA
ADV-2006-0447
vdb-entry
x_refsource_VUPEN
adodb-server-command-execution(24051)
vdb-entry
x_refsource_XF
17418
third-party-advisory
x_refsource_SECUNIA
http://www.xaraya.com/index.php/news/569
x_refsource_CONFIRM
19691
third-party-advisory
x_refsource_SECUNIA
ADV-2006-0102
vdb-entry
x_refsource_VUPEN
ADV-2006-0101
vdb-entry
x_refsource_VUPEN
18233
third-party-advisory
x_refsource_SECUNIA
22290
vdb-entry
x_refsource_OSVDB
ADV-2006-0370
vdb-entry
x_refsource_VUPEN
DSA-1031
vendor-advisory
x_refsource_DEBIAN
http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.html
x_refsource_MISC
20060202 Bug for libs in php link directory 2.0
mailing-list
x_refsource_BUGTRAQ
ADV-2006-0104
vdb-entry
x_refsource_VUPEN
18260
third-party-advisory
x_refsource_SECUNIA
GLSA-200604-07
vendor-advisory
x_refsource_GENTOO
19563
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now