Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2006-0147

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-09 Jan, 2006 | 23:00
Updated At-07 Aug, 2024 | 16:25
Rejected At-
Credits

Dynamic code evaluation vulnerability in tests/tmssql.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PhpOpenChat, possibly (7) MAXdev MD-Pro, and (8) Simplog, allows remote attackers to execute arbitrary PHP functions via the do parameter, which is saved in a variable that is then executed as a function, as demonstrated using phpinfo.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:09 Jan, 2006 | 23:00
Updated At:07 Aug, 2024 | 16:25
Rejected At:
▼CVE Numbering Authority (CNA)

Dynamic code evaluation vulnerability in tests/tmssql.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PhpOpenChat, possibly (7) MAXdev MD-Pro, and (8) Simplog, allows remote attackers to execute arbitrary PHP functions via the do parameter, which is saved in a variable that is then executed as a function, as demonstrated using phpinfo.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://secunia.com/advisories/19590
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/18267
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/18254
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/19555
third-party-advisory
x_refsource_SECUNIA
http://www.debian.org/security/2006/dsa-1029
vendor-advisory
x_refsource_DEBIAN
https://exchange.xforce.ibmcloud.com/vulnerabilities/24052
vdb-entry
x_refsource_XF
http://secunia.com/advisories/19628
third-party-advisory
x_refsource_SECUNIA
http://www.securityfocus.com/archive/1/430448/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
http://www.debian.org/security/2006/dsa-1030
vendor-advisory
x_refsource_DEBIAN
http://www.vupen.com/english/advisories/2006/1305
vdb-entry
x_refsource_VUPEN
http://secunia.com/advisories/18276
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/19600
third-party-advisory
x_refsource_SECUNIA
https://www.exploit-db.com/exploits/1663
exploit
x_refsource_EXPLOIT-DB
http://www.vupen.com/english/advisories/2006/0103
vdb-entry
x_refsource_VUPEN
http://secunia.com/secunia_research/2005-64/advisory/
x_refsource_MISC
http://www.securityfocus.com/archive/1/430743/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
http://secunia.com/advisories/19591
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/17418
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/19691
third-party-advisory
x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2006/0102
vdb-entry
x_refsource_VUPEN
http://www.vupen.com/english/advisories/2006/0101
vdb-entry
x_refsource_VUPEN
http://secunia.com/advisories/18233
third-party-advisory
x_refsource_SECUNIA
http://retrogod.altervista.org/simplog_092_incl_xpl.html
x_refsource_MISC
http://www.vupen.com/english/advisories/2006/1332
vdb-entry
x_refsource_VUPEN
http://www.osvdb.org/22291
vdb-entry
x_refsource_OSVDB
http://www.debian.org/security/2006/dsa-1031
vendor-advisory
x_refsource_DEBIAN
http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.html
x_refsource_MISC
http://www.vupen.com/english/advisories/2006/0104
vdb-entry
x_refsource_VUPEN
http://secunia.com/advisories/18260
third-party-advisory
x_refsource_SECUNIA
http://www.gentoo.org/security/en/glsa/glsa-200604-07.xml
vendor-advisory
x_refsource_GENTOO
Hyperlink: http://secunia.com/advisories/19590
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/18267
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/18254
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/19555
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.debian.org/security/2006/dsa-1029
Resource:
vendor-advisory
x_refsource_DEBIAN
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/24052
Resource:
vdb-entry
x_refsource_XF
Hyperlink: http://secunia.com/advisories/19628
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.securityfocus.com/archive/1/430448/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://www.debian.org/security/2006/dsa-1030
Resource:
vendor-advisory
x_refsource_DEBIAN
Hyperlink: http://www.vupen.com/english/advisories/2006/1305
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://secunia.com/advisories/18276
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/19600
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: https://www.exploit-db.com/exploits/1663
Resource:
exploit
x_refsource_EXPLOIT-DB
Hyperlink: http://www.vupen.com/english/advisories/2006/0103
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://secunia.com/secunia_research/2005-64/advisory/
Resource:
x_refsource_MISC
Hyperlink: http://www.securityfocus.com/archive/1/430743/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://secunia.com/advisories/19591
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/17418
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/19691
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.vupen.com/english/advisories/2006/0102
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://www.vupen.com/english/advisories/2006/0101
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://secunia.com/advisories/18233
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://retrogod.altervista.org/simplog_092_incl_xpl.html
Resource:
x_refsource_MISC
Hyperlink: http://www.vupen.com/english/advisories/2006/1332
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://www.osvdb.org/22291
Resource:
vdb-entry
x_refsource_OSVDB
Hyperlink: http://www.debian.org/security/2006/dsa-1031
Resource:
vendor-advisory
x_refsource_DEBIAN
Hyperlink: http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.html
Resource:
x_refsource_MISC
Hyperlink: http://www.vupen.com/english/advisories/2006/0104
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://secunia.com/advisories/18260
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.gentoo.org/security/en/glsa/glsa-200604-07.xml
Resource:
vendor-advisory
x_refsource_GENTOO
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://secunia.com/advisories/19590
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/18267
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/18254
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/19555
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.debian.org/security/2006/dsa-1029
vendor-advisory
x_refsource_DEBIAN
x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/24052
vdb-entry
x_refsource_XF
x_transferred
http://secunia.com/advisories/19628
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.securityfocus.com/archive/1/430448/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://www.debian.org/security/2006/dsa-1030
vendor-advisory
x_refsource_DEBIAN
x_transferred
http://www.vupen.com/english/advisories/2006/1305
vdb-entry
x_refsource_VUPEN
x_transferred
http://secunia.com/advisories/18276
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/19600
third-party-advisory
x_refsource_SECUNIA
x_transferred
https://www.exploit-db.com/exploits/1663
exploit
x_refsource_EXPLOIT-DB
x_transferred
http://www.vupen.com/english/advisories/2006/0103
vdb-entry
x_refsource_VUPEN
x_transferred
http://secunia.com/secunia_research/2005-64/advisory/
x_refsource_MISC
x_transferred
http://www.securityfocus.com/archive/1/430743/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://secunia.com/advisories/19591
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/17418
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/19691
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.vupen.com/english/advisories/2006/0102
vdb-entry
x_refsource_VUPEN
x_transferred
http://www.vupen.com/english/advisories/2006/0101
vdb-entry
x_refsource_VUPEN
x_transferred
http://secunia.com/advisories/18233
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://retrogod.altervista.org/simplog_092_incl_xpl.html
x_refsource_MISC
x_transferred
http://www.vupen.com/english/advisories/2006/1332
vdb-entry
x_refsource_VUPEN
x_transferred
http://www.osvdb.org/22291
vdb-entry
x_refsource_OSVDB
x_transferred
http://www.debian.org/security/2006/dsa-1031
vendor-advisory
x_refsource_DEBIAN
x_transferred
http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.html
x_refsource_MISC
x_transferred
http://www.vupen.com/english/advisories/2006/0104
vdb-entry
x_refsource_VUPEN
x_transferred
http://secunia.com/advisories/18260
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.gentoo.org/security/en/glsa/glsa-200604-07.xml
vendor-advisory
x_refsource_GENTOO
x_transferred
Hyperlink: http://secunia.com/advisories/19590
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/18267
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/18254
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/19555
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.debian.org/security/2006/dsa-1029
Resource:
vendor-advisory
x_refsource_DEBIAN
x_transferred
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/24052
Resource:
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: http://secunia.com/advisories/19628
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/430448/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://www.debian.org/security/2006/dsa-1030
Resource:
vendor-advisory
x_refsource_DEBIAN
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2006/1305
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://secunia.com/advisories/18276
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/19600
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: https://www.exploit-db.com/exploits/1663
Resource:
exploit
x_refsource_EXPLOIT-DB
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2006/0103
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://secunia.com/secunia_research/2005-64/advisory/
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/430743/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://secunia.com/advisories/19591
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/17418
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/19691
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2006/0102
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2006/0101
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://secunia.com/advisories/18233
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://retrogod.altervista.org/simplog_092_incl_xpl.html
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2006/1332
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://www.osvdb.org/22291
Resource:
vdb-entry
x_refsource_OSVDB
x_transferred
Hyperlink: http://www.debian.org/security/2006/dsa-1031
Resource:
vendor-advisory
x_refsource_DEBIAN
x_transferred
Hyperlink: http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.html
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2006/0104
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://secunia.com/advisories/18260
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.gentoo.org/security/en/glsa/glsa-200604-07.xml
Resource:
vendor-advisory
x_refsource_GENTOO
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:09 Jan, 2006 | 23:03
Updated At:03 Apr, 2025 | 01:03

Dynamic code evaluation vulnerability in tests/tmssql.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PhpOpenChat, possibly (7) MAXdev MD-Pro, and (8) Simplog, allows remote attackers to execute arbitrary PHP functions via the do parameter, which is saved in a variable that is then executed as a function, as demonstrated using phpinfo.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.07.5HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Type: Primary
Version: 2.0
Base score: 7.5
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
CPE Matches
john_lim
john_lim
>>adodb>>4.66
cpe:2.3:a:john_lim:adodb:4.66:*:*:*:*:*:*:*
john_lim
john_lim
>>adodb>>4.68
cpe:2.3:a:john_lim:adodb:4.68:*:*:*:*:*:*:*
Mantis Bug Tracker (MantisBT)
mantis
>>mantis>>0.19.4
cpe:2.3:a:mantis:mantis:0.19.4:*:*:*:*:*:*:*
Mantis Bug Tracker (MantisBT)
mantis
>>mantis>>1.0.0_rc4
cpe:2.3:a:mantis:mantis:1.0.0_rc4:*:*:*:*:*:*:*
Moodle Pty Ltd
moodle
>>moodle>>1.5.3
cpe:2.3:a:moodle:moodle:1.5.3:*:*:*:*:*:*:*
postnuke_software_foundation
postnuke_software_foundation
>>postnuke>>0.761
cpe:2.3:a:postnuke_software_foundation:postnuke:0.761:*:*:*:*:*:*:*
The Cacti Group, Inc.
the_cacti_group
>>cacti>>0.8.6g
cpe:2.3:a:the_cacti_group:cacti:0.8.6g:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-OtherPrimarynvd@nist.gov
CWE ID: NVD-CWE-Other
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.htmlcve@mitre.org
Exploit
http://retrogod.altervista.org/simplog_092_incl_xpl.htmlcve@mitre.org
Exploit
http://secunia.com/advisories/17418cve@mitre.org
Exploit
Patch
Vendor Advisory
http://secunia.com/advisories/18233cve@mitre.org
Patch
Vendor Advisory
http://secunia.com/advisories/18254cve@mitre.org
Patch
Vendor Advisory
http://secunia.com/advisories/18260cve@mitre.org
Patch
Vendor Advisory
http://secunia.com/advisories/18267cve@mitre.org
Vendor Advisory
http://secunia.com/advisories/18276cve@mitre.org
Patch
Vendor Advisory
http://secunia.com/advisories/19555cve@mitre.org
Patch
Vendor Advisory
http://secunia.com/advisories/19590cve@mitre.org
Patch
Vendor Advisory
http://secunia.com/advisories/19591cve@mitre.org
Patch
Vendor Advisory
http://secunia.com/advisories/19600cve@mitre.org
Vendor Advisory
http://secunia.com/advisories/19628cve@mitre.org
Patch
Vendor Advisory
http://secunia.com/advisories/19691cve@mitre.org
N/A
http://secunia.com/secunia_research/2005-64/advisory/cve@mitre.org
Exploit
Patch
Vendor Advisory
http://www.debian.org/security/2006/dsa-1029cve@mitre.org
Patch
Vendor Advisory
http://www.debian.org/security/2006/dsa-1030cve@mitre.org
Patch
Vendor Advisory
http://www.debian.org/security/2006/dsa-1031cve@mitre.org
N/A
http://www.gentoo.org/security/en/glsa/glsa-200604-07.xmlcve@mitre.org
Patch
Vendor Advisory
http://www.osvdb.org/22291cve@mitre.org
N/A
http://www.securityfocus.com/archive/1/430448/100/0/threadedcve@mitre.org
N/A
http://www.securityfocus.com/archive/1/430743/100/0/threadedcve@mitre.org
N/A
http://www.vupen.com/english/advisories/2006/0101cve@mitre.org
N/A
http://www.vupen.com/english/advisories/2006/0102cve@mitre.org
N/A
http://www.vupen.com/english/advisories/2006/0103cve@mitre.org
N/A
http://www.vupen.com/english/advisories/2006/0104cve@mitre.org
N/A
http://www.vupen.com/english/advisories/2006/1305cve@mitre.org
N/A
http://www.vupen.com/english/advisories/2006/1332cve@mitre.org
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/24052cve@mitre.org
N/A
https://www.exploit-db.com/exploits/1663cve@mitre.org
N/A
http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.htmlaf854a3a-2127-422b-91ae-364da2661108
Exploit
http://retrogod.altervista.org/simplog_092_incl_xpl.htmlaf854a3a-2127-422b-91ae-364da2661108
Exploit
http://secunia.com/advisories/17418af854a3a-2127-422b-91ae-364da2661108
Exploit
Patch
Vendor Advisory
http://secunia.com/advisories/18233af854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
http://secunia.com/advisories/18254af854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
http://secunia.com/advisories/18260af854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
http://secunia.com/advisories/18267af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/18276af854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
http://secunia.com/advisories/19555af854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
http://secunia.com/advisories/19590af854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
http://secunia.com/advisories/19591af854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
http://secunia.com/advisories/19600af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/19628af854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
http://secunia.com/advisories/19691af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/secunia_research/2005-64/advisory/af854a3a-2127-422b-91ae-364da2661108
Exploit
Patch
Vendor Advisory
http://www.debian.org/security/2006/dsa-1029af854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
http://www.debian.org/security/2006/dsa-1030af854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
http://www.debian.org/security/2006/dsa-1031af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.gentoo.org/security/en/glsa/glsa-200604-07.xmlaf854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
http://www.osvdb.org/22291af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/archive/1/430448/100/0/threadedaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/archive/1/430743/100/0/threadedaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vupen.com/english/advisories/2006/0101af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vupen.com/english/advisories/2006/0102af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vupen.com/english/advisories/2006/0103af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vupen.com/english/advisories/2006/0104af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vupen.com/english/advisories/2006/1305af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vupen.com/english/advisories/2006/1332af854a3a-2127-422b-91ae-364da2661108
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/24052af854a3a-2127-422b-91ae-364da2661108
N/A
https://www.exploit-db.com/exploits/1663af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.html
Source: cve@mitre.org
Resource:
Exploit
Hyperlink: http://retrogod.altervista.org/simplog_092_incl_xpl.html
Source: cve@mitre.org
Resource:
Exploit
Hyperlink: http://secunia.com/advisories/17418
Source: cve@mitre.org
Resource:
Exploit
Patch
Vendor Advisory
Hyperlink: http://secunia.com/advisories/18233
Source: cve@mitre.org
Resource:
Patch
Vendor Advisory
Hyperlink: http://secunia.com/advisories/18254
Source: cve@mitre.org
Resource:
Patch
Vendor Advisory
Hyperlink: http://secunia.com/advisories/18260
Source: cve@mitre.org
Resource:
Patch
Vendor Advisory
Hyperlink: http://secunia.com/advisories/18267
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/18276
Source: cve@mitre.org
Resource:
Patch
Vendor Advisory
Hyperlink: http://secunia.com/advisories/19555
Source: cve@mitre.org
Resource:
Patch
Vendor Advisory
Hyperlink: http://secunia.com/advisories/19590
Source: cve@mitre.org
Resource:
Patch
Vendor Advisory
Hyperlink: http://secunia.com/advisories/19591
Source: cve@mitre.org
Resource:
Patch
Vendor Advisory
Hyperlink: http://secunia.com/advisories/19600
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/19628
Source: cve@mitre.org
Resource:
Patch
Vendor Advisory
Hyperlink: http://secunia.com/advisories/19691
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/secunia_research/2005-64/advisory/
Source: cve@mitre.org
Resource:
Exploit
Patch
Vendor Advisory
Hyperlink: http://www.debian.org/security/2006/dsa-1029
Source: cve@mitre.org
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.debian.org/security/2006/dsa-1030
Source: cve@mitre.org
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.debian.org/security/2006/dsa-1031
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.gentoo.org/security/en/glsa/glsa-200604-07.xml
Source: cve@mitre.org
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.osvdb.org/22291
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/430448/100/0/threaded
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/430743/100/0/threaded
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2006/0101
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2006/0102
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2006/0103
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2006/0104
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2006/1305
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2006/1332
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/24052
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://www.exploit-db.com/exploits/1663
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Hyperlink: http://retrogod.altervista.org/simplog_092_incl_xpl.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Hyperlink: http://secunia.com/advisories/17418
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Patch
Vendor Advisory
Hyperlink: http://secunia.com/advisories/18233
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: http://secunia.com/advisories/18254
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: http://secunia.com/advisories/18260
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: http://secunia.com/advisories/18267
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/18276
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: http://secunia.com/advisories/19555
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: http://secunia.com/advisories/19590
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: http://secunia.com/advisories/19591
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: http://secunia.com/advisories/19600
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/19628
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: http://secunia.com/advisories/19691
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/secunia_research/2005-64/advisory/
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Patch
Vendor Advisory
Hyperlink: http://www.debian.org/security/2006/dsa-1029
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.debian.org/security/2006/dsa-1030
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.debian.org/security/2006/dsa-1031
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.gentoo.org/security/en/glsa/glsa-200604-07.xml
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.osvdb.org/22291
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/430448/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/430743/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2006/0101
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2006/0102
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2006/0103
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2006/0104
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2006/1305
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2006/1332
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/24052
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://www.exploit-db.com/exploits/1663
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

60Records found
CVE-2018-10891
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-6.3||MEDIUM
EPSS-0.29% / 52.09%
||
7 Day CHG~0.00%
Published-10 Jul, 2018 | 18:00
Updated-05 Aug, 2024 | 07:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in moodle before versions 3.5.1, 3.4.4, 3.3.7, 3.1.13. When a quiz question bank is imported, it was possible for the question preview that is displayed to execute JavaScript that is written into the question bank.

Action-Not Available
Vendor-[UNKNOWN]Moodle Pty Ltd
Product-moodlemoodle
CWE ID-CWE-20
Improper Input Validation
CVE-2007-3584
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.28% / 50.97%
||
7 Day CHG~0.00%
Published-05 Jul, 2007 | 20:00
Updated-07 Aug, 2024 | 14:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SQL injection vulnerability in viewforum.php in PNphpBB2 1.2i and earlier for Postnuke allows remote attackers to execute arbitrary SQL commands via the order parameter.

Action-Not Available
Vendor-postnuke_software_foundationn/a
Product-pnphpbb2n/a
CVE-2005-1525
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.58% / 80.85%
||
7 Day CHG~0.00%
Published-22 Jun, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SQL injection vulnerability in config_settings.php for Cacti before 0.8.6e allows remote attackers to execute arbitrary SQL commands via the id parameter.

Action-Not Available
Vendor-n/aThe Cacti Group, Inc.
Product-cactin/a
CVE-2005-1526
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-7.58% / 91.46%
||
7 Day CHG~0.00%
Published-22 Jun, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

PHP remote file inclusion vulnerability in config_settings.php in Cacti before 0.8.6e allows remote attackers to execute arbitrary PHP code via the config[include_path] parameter.

Action-Not Available
Vendor-n/aThe Cacti Group, Inc.
Product-cactin/a
CVE-2007-3052
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.05% / 76.60%
||
7 Day CHG+0.07%
Published-06 Jun, 2007 | 01:00
Updated-07 Aug, 2024 | 14:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SQL injection vulnerability in index.php in the PNphpBB2 1.2i and earlier module for PostNuke allows remote attackers to execute arbitrary SQL commands via the c parameter.

Action-Not Available
Vendor-postnuke_software_foundationn/a
Product-pnphpbbn/a
CVE-2007-2492
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.03% / 76.39%
||
7 Day CHG~0.00%
Published-04 May, 2007 | 00:00
Updated-07 Aug, 2024 | 13:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SQL injection vulnerability in index.php in the v4bJournal module for PostNuke allows remote authenticated users to execute arbitrary SQL commands via the id parameter in a journal_comment action.

Action-Not Available
Vendor-postnuke_software_foundationn/a
Product-postnuke_v4bjournal_modulen/a
CVE-2017-2641
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-9.8||CRITICAL
EPSS-1.90% / 82.45%
||
7 Day CHG~0.00%
Published-26 Mar, 2017 | 18:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Moodle 2.x and 3.x, SQL injection can occur via user preferences.

Action-Not Available
Vendor-n/aMoodle Pty Ltd
Product-moodleMoodle 2.x and 3.x
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2022-0332
Matching Score-8
Assigner-Fedora Project
ShareView Details
Matching Score-8
Assigner-Fedora Project
CVSS Score-9.8||CRITICAL
EPSS-4.19% / 88.26%
||
7 Day CHG~0.00%
Published-25 Jan, 2022 | 19:11
Updated-02 Aug, 2024 | 23:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in Moodle in versions 3.11 to 3.11.4. An SQL injection risk was identified in the h5p activity web service responsible for fetching user attempt data.

Action-Not Available
Vendor-n/aMoodle Pty Ltd
Product-moodlemoodle
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2004-2232
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.82% / 73.37%
||
7 Day CHG~0.00%
Published-17 Jul, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SQL injection vulnerability in sql.php in the Glossary module in Moodle 1.4.1 and earlier allows remote attackers to modify SQL statements.

Action-Not Available
Vendor-n/aMoodle Pty Ltd
Product-moodlen/a
CVE-2022-30599
Matching Score-8
Assigner-Fedora Project
ShareView Details
Matching Score-8
Assigner-Fedora Project
CVSS Score-9.8||CRITICAL
EPSS-0.90% / 74.67%
||
7 Day CHG~0.00%
Published-18 May, 2022 | 17:09
Updated-03 Aug, 2024 | 06:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in moodle where an SQL injection risk was identified in Badges code relating to configuring criteria.

Action-Not Available
Vendor-n/aMoodle Pty LtdRed Hat, Inc.Fedora Project
Product-enterprise_linuxfedoramoodlemoodle
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
  • Previous
  • 1
  • 2
  • Next
Details not found