Unrated severityNVD Advisory· Published Jan 9, 2006· Updated Jun 16, 2026
CVE-2006-0146
CVE-2006-0146
Description
The server.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PHPOpenChat, (7) MAXdev MD-Pro, and (8) MediaBeez, when the MySQL root password is empty, allows remote attackers to execute arbitrary SQL commands via the sql parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
9- cpe:2.3:a:the_cacti_group:cacti:0.8.6g:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
40- secunia.com/advisories/18233nvdPatchVendor Advisory
- secunia.com/advisories/18260nvdPatchVendor Advisory
- secunia.com/advisories/18276nvdPatchVendor Advisory
- secunia.com/advisories/18720nvdPatchVendor Advisory
- secunia.com/advisories/19555nvdPatchVendor Advisory
- secunia.com/advisories/19563nvdPatchVendor Advisory
- secunia.com/advisories/19590nvdPatchVendor Advisory
- secunia.com/advisories/19591nvdPatchVendor Advisory
- secunia.com/advisories/19699nvdPatchVendor Advisory
- www.debian.org/security/2006/dsa-1029nvdPatchVendor Advisory
- www.debian.org/security/2006/dsa-1030nvdPatchVendor Advisory
- www.debian.org/security/2006/dsa-1031nvdPatchVendor Advisory
- www.gentoo.org/security/en/glsa/glsa-200604-07.xmlnvdPatchVendor Advisory
- www.xaraya.com/index.php/news/569nvdPatch
- retrogod.altervista.org/phpopenchat_30x_sql_xpl.htmlnvdExploit
- secunia.com/advisories/17418nvdExploitPatchVendor Advisory
- secunia.com/secunia_research/2005-64/advisory/nvdExploitPatchVendor Advisory
- www.osvdb.org/22290nvdExploitPatch
- www.securityfocus.com/bid/16187nvdExploitPatch
- secunia.com/advisories/18254nvdVendor Advisory
- secunia.com/advisories/18267nvdVendor Advisory
- secunia.com/advisories/19600nvdVendor Advisory
- secunia.com/advisories/19691nvdVendor Advisory
- secunia.com/advisories/24954nvdVendor Advisory
- www.vupen.com/english/advisories/2006/0101nvdVendor Advisory
- www.vupen.com/english/advisories/2006/0103nvdVendor Advisory
- www.vupen.com/english/advisories/2006/0104nvdVendor Advisory
- www.vupen.com/english/advisories/2006/0105nvdVendor Advisory
- www.vupen.com/english/advisories/2006/0370nvdVendor Advisory
- www.vupen.com/english/advisories/2006/0447nvdVendor Advisory
- www.vupen.com/english/advisories/2006/1304nvdVendor Advisory
- www.vupen.com/english/advisories/2006/1305nvdVendor Advisory
- www.maxdev.com/Article550.phtmlnvdURL Repurposed
- securityreason.com/securityalert/713nvd
- www.securityfocus.com/archive/1/423784/100/0/threadednvd
- www.securityfocus.com/archive/1/430448/100/0/threadednvd
- www.securityfocus.com/archive/1/466171/100/0/threadednvd
- www.vupen.com/english/advisories/2006/0102nvd
- www.vupen.com/english/advisories/2006/1419nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/24051nvd
News mentions
0No linked articles in our index yet.