CVE-2006-0146

N/A Unknown

Published: January 09, 2006 Modified: April 16, 2026

Description

The server.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PHPOpenChat, (7) MAXdev MD-Pro, and (8) MediaBeez, when the MySQL root password is empty, allows remote attackers to execute arbitrary SQL commands via the sql parameter.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.html

Source: cve@mitre.org

Exploit

http://secunia.com/advisories/17418

Source: cve@mitre.org

Exploit Patch Vendor Advisory

http://secunia.com/advisories/18233

Source: cve@mitre.org

Patch Vendor Advisory

http://secunia.com/advisories/18254

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/18260

Source: cve@mitre.org

Patch Vendor Advisory

http://secunia.com/advisories/18267

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/18276

Source: cve@mitre.org

Patch Vendor Advisory

http://secunia.com/advisories/18720

Source: cve@mitre.org

Patch Vendor Advisory

http://secunia.com/advisories/19555

Source: cve@mitre.org

Patch Vendor Advisory

http://secunia.com/advisories/19563

Source: cve@mitre.org

Patch Vendor Advisory

http://secunia.com/advisories/19590

Source: cve@mitre.org

Patch Vendor Advisory

http://secunia.com/advisories/19591

Source: cve@mitre.org

Patch Vendor Advisory

http://secunia.com/advisories/19600

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/19691

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/19699

Source: cve@mitre.org

Patch Vendor Advisory

http://secunia.com/advisories/24954

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/secunia_research/2005-64/advisory/

Source: cve@mitre.org

Exploit Patch Vendor Advisory

http://securityreason.com/securityalert/713

Source: cve@mitre.org

http://www.debian.org/security/2006/dsa-1029

Source: cve@mitre.org

Patch Vendor Advisory

http://www.debian.org/security/2006/dsa-1030

Source: cve@mitre.org

Patch Vendor Advisory

http://www.debian.org/security/2006/dsa-1031

Source: cve@mitre.org

Patch Vendor Advisory

http://www.gentoo.org/security/en/glsa/glsa-200604-07.xml

Source: cve@mitre.org

Patch Vendor Advisory

http://www.maxdev.com/Article550.phtml

Source: cve@mitre.org

URL Repurposed

http://www.osvdb.org/22290

Source: cve@mitre.org

Exploit Patch

http://www.securityfocus.com/archive/1/423784/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/430448/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/466171/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/16187

Source: cve@mitre.org

Exploit Patch

http://www.vupen.com/english/advisories/2006/0101

Source: cve@mitre.org

Vendor Advisory

http://www.vupen.com/english/advisories/2006/0102

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2006/0103

Source: cve@mitre.org

Vendor Advisory

http://www.vupen.com/english/advisories/2006/0104

Source: cve@mitre.org

Vendor Advisory

http://www.vupen.com/english/advisories/2006/0105

Source: cve@mitre.org

Vendor Advisory

http://www.vupen.com/english/advisories/2006/0370

Source: cve@mitre.org

Vendor Advisory

http://www.vupen.com/english/advisories/2006/0447

Source: cve@mitre.org

Vendor Advisory

http://www.vupen.com/english/advisories/2006/1304

Source: cve@mitre.org

Vendor Advisory

http://www.vupen.com/english/advisories/2006/1305

Source: cve@mitre.org

Vendor Advisory

http://www.vupen.com/english/advisories/2006/1419

Source: cve@mitre.org

http://www.xaraya.com/index.php/news/569

Source: cve@mitre.org

Patch

https://exchange.xforce.ibmcloud.com/vulnerabilities/24051

Source: cve@mitre.org

http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.html