CVE-2006-0147

Published Jan 9, 2006

Last updated a month ago

CVSS info 7.5

Overview

Description: Dynamic code evaluation vulnerability in tests/tmssql.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PhpOpenChat, possibly (7) MAXdev MD-Pro, and (8) Simplog, allows remote attackers to execute arbitrary PHP functions via the do parameter, which is saved in a variable that is then executed as a function, as demonstrated using phpinfo.
Source: cve@mitre.org
NVD status: Deferred

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.5
Impact score: 6.4
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:john_lim:adodb:4.66:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9F76566C-7F49-4725-91E6-8E2416CB7F03"
          },
          {
            "criteria": "cpe:2.3:a:john_lim:adodb:4.68:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "02F0F5B5-86D2-48C4-872E-3F8C38AF563C"
          },
          {
            "criteria": "cpe:2.3:a:mantis:mantis:0.19.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AE92E018-C25C-468D-9EF5-5665F0B42EA2"
          },
          {
            "criteria": "cpe:2.3:a:mantis:mantis:1.0.0_rc4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B0C7EDA7-1BED-4152-BD3D-3A596482D9D6"
          },
          {
            "criteria": "cpe:2.3:a:moodle:moodle:1.5.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "66BD9A00-DA61-4389-8731-B92585C2BE6C"
          },
          {
            "criteria": "cpe:2.3:a:postnuke_software_foundation:postnuke:0.761:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C55DA346-A7A0-466F-90D7-CC1E7C2E9EFD"
          },
          {
            "criteria": "cpe:2.3:a:the_cacti_group:cacti:0.8.6g:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DB14AEA6-00FC-4C8B-BA57-6CA7A5519493"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

References

Sources include official advisories and independent security research.

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References