Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2006-0146

CWE-89 — SQL Injection6 documents6 sources

Severity

7.5HIGH

EPSS

9.5%

top 7.18%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

John LIM Adodb Mantis Mantis Moodle Moodle +2 more

Timeline

PublishedJan 9

Latest updateMay 1

Description

The server.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PHPOpenChat, (7) MAXdev MD-Pro, and (8) MediaBeez, when the MySQL root password is empty, allows remote attackers to execute arbitrary SQL commands via the sql parameter.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages7 packages

▶Debiancacti< 0.8.6d-1+3

▶Debianlibphp-adodb< 4.72-0.1+3

▶NVDmantis/mantis0.19.4, 1.0.0_rc4+1

▶NVDmoodle/moodle1.5.3

▶NVDjohn_lim/adodb4.66, 4.68+1

Patches

Patch: secunia.com ↗Patch: secunia.com ↗Patch: secunia.com ↗

🔴Vulnerability Details

GHSA

GHSA-q9q3-j7rw-3j95: The server↗2022-05-01

▶

OSV

CVE-2006-0146: The server↗2006-01-09

▶

CVEList

CVE-2006-0146: The server↗2006-01-09

▶

💥Exploits & PoCs

Exploit-DB

Simplog 0.9.2 - 's' Remote Command Execution↗2006-04-11

▶

📋Vendor Advisories

Debian

CVE-2006-0146: cacti - The server.php test script in ADOdb for PHP before 4.70, as used in multiple pro...↗2006

▶