CVE-2006-0147: CVE-2006-0147

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2006-0147

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Dynamic code evaluation vulnerability in tests/tmssql.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PhpOpenChat, possibly (7) MAXdev MD-Pro, and (8) Simplog, allows remote attackers to execute arbitrary PHP functions via the do parameter, which is saved in a variable that is then executed as a function, as demonstrated using phpinfo.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

ADOdb for PHP 'tmssql.php'测试脚本动态代码求值漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

ADOdb for PHP 4.70之前版本的tests/tmssql.php测试脚本中的动态代码求值漏洞(用在多个产品中，包括(1) Mantis、(2) PostNuke、(3) Moodle、(4) Cacti、(5) Xaraya、(6) PhpOpenChat，可能还有(7) MAXdev MD-Pro和(8) Simplog)，远程攻击者可以通过保存在随后作为函数执行的变量中的do参数执行任意PHP函数，如使用phpinfo所示。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2006-0147

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2006-0147

Please Login to view more intelligence information

http://secunia.com/secunia_research/2005-64/advisory/x_refsource_MISC
http://retrogod.altervista.org/simplog_092_incl_xpl.htmlx_refsource_MISC
http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.htmlx_refsource_MISC
https://www.exploit-db.com/exploits/1663exploitx_refsource_EXPLOIT-DB
http://secunia.com/advisories/18267third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/19591third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/18233third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/19590third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/18254third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/18276third-party-advisoryx_refsource_SECUNIA
http://www.osvdb.org/22291vdb-entryx_refsource_OSVDB
http://secunia.com/advisories/18260third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/19691third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/19600third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/19628third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/17418third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/19555third-party-advisoryx_refsource_SECUNIA
http://www.debian.org/security/2006/dsa-1030vendor-advisoryx_refsource_DEBIAN
http://www.debian.org/security/2006/dsa-1029vendor-advisoryx_refsource_DEBIAN
http://www.debian.org/security/2006/dsa-1031vendor-advisoryx_refsource_DEBIAN
http://www.vupen.com/english/advisories/2006/1305vdb-entryx_refsource_VUPEN
http://www.vupen.com/english/advisories/2006/0102vdb-entryx_refsource_VUPEN
http://www.vupen.com/english/advisories/2006/0101vdb-entryx_refsource_VUPEN
http://www.vupen.com/english/advisories/2006/0104vdb-entryx_refsource_VUPEN
http://www.vupen.com/english/advisories/2006/1332vdb-entryx_refsource_VUPEN
http://www.vupen.com/english/advisories/2006/0103vdb-entryx_refsource_VUPEN
http://www.gentoo.org/security/en/glsa/glsa-200604-07.xmlvendor-advisoryx_refsource_GENTOO
https://exchange.xforce.ibmcloud.com/vulnerabilities/24052vdb-entryx_refsource_XF
http://www.securityfocus.com/archive/1/430743/100/0/threadedmailing-listx_refsource_BUGTRAQ
http://www.securityfocus.com/archive/1/430448/100/0/threadedmailing-listx_refsource_BUGTRAQ
https://nvd.nist.gov/vuln/detail/CVE-2006-0147

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2006-0147

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2006-0147

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2006-0147

III. Intelligence Information for CVE-2006-0147

IV. Related Vulnerabilities

V. Comments for CVE-2006-0147

Leave a comment