admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2006/CVE-2006-01xx/CVE-2006-0146.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

248 lines
6.7 KiB
JSON
Raw Blame History

{
"id": "CVE-2006-0146",
"sourceIdentifier": "cve@mitre.org",
"published": "2006-01-09T23:03:00.000",
"lastModified": "2018-10-19T15:42:50.527",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "The server.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PHPOpenChat, (7) MAXdev MD-Pro, and (8) MediaBeez, when the MySQL root password is empty, allows remote attackers to execute arbitrary SQL commands via the sql parameter."
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": true,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:john_lim:adodb:4.66:*:*:*:*:*:*:*",
"matchCriteriaId": "9F76566C-7F49-4725-91E6-8E2416CB7F03"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:john_lim:adodb:4.68:*:*:*:*:*:*:*",
"matchCriteriaId": "02F0F5B5-86D2-48C4-872E-3F8C38AF563C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mantis:mantis:0.19.4:*:*:*:*:*:*:*",
"matchCriteriaId": "AE92E018-C25C-468D-9EF5-5665F0B42EA2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mantis:mantis:1.0.0_rc4:*:*:*:*:*:*:*",
"matchCriteriaId": "B0C7EDA7-1BED-4152-BD3D-3A596482D9D6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mediabeez:mediabeez:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EE171CCD-6AEE-4FCB-9F45-C7CFDE84D6AA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:1.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "66BD9A00-DA61-4389-8731-B92585C2BE6C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:postnuke_software_foundation:postnuke:0.761:*:*:*:*:*:*:*",
"matchCriteriaId": "C55DA346-A7A0-466F-90D7-CC1E7C2E9EFD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:the_cacti_group:cacti:0.8.6g:*:*:*:*:*:*:*",
"matchCriteriaId": "DB14AEA6-00FC-4C8B-BA57-6CA7A5519493"
}
]
}
]
}
],
"references": [
{
"url": "http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.html",
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
},
{
"url": "http://securityreason.com/securityalert/713",
"source": "cve@mitre.org"
},
{
"url": "http://www.debian.org/security/2006/dsa-1029",
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "http://www.debian.org/security/2006/dsa-1030",
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "http://www.debian.org/security/2006/dsa-1031",
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "http://www.gentoo.org/security/en/glsa/glsa-200604-07.xml",
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "http://www.maxdev.com/Article550.phtml",
"source": "cve@mitre.org"
},
{
"url": "http://www.securityfocus.com/archive/1/423784/100/0/threaded",
"source": "cve@mitre.org"
},
{
"url": "http://www.securityfocus.com/archive/1/430448/100/0/threaded",
"source": "cve@mitre.org"
},
{
"url": "http://www.securityfocus.com/archive/1/466171/100/0/threaded",
"source": "cve@mitre.org"
},
{
"url": "http://www.securityfocus.com/bid/16187",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
]
},
{
"url": "http://www.vupen.com/english/advisories/2006/0101",
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.vupen.com/english/advisories/2006/0102",
"source": "cve@mitre.org"
},
{
"url": "http://www.vupen.com/english/advisories/2006/0103",
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.vupen.com/english/advisories/2006/0104",
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.vupen.com/english/advisories/2006/0105",
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.vupen.com/english/advisories/2006/0370",
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.vupen.com/english/advisories/2006/0447",
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.vupen.com/english/advisories/2006/1304",
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.vupen.com/english/advisories/2006/1305",
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.vupen.com/english/advisories/2006/1419",
"source": "cve@mitre.org"
},
{
"url": "http://www.xaraya.com/index.php/news/569",
"source": "cve@mitre.org",
"tags": [
"Patch"
]
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24051",
"source": "cve@mitre.org"
}
]
}
Reference in New Issue View Git Blame Copy Permalink