Unrated severityNVD Advisory· Published Jan 9, 2006· Updated Apr 16, 2026

CVE-2006-0147

Description

Dynamic code evaluation vulnerability in tests/tmssql.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PhpOpenChat, possibly (7) MAXdev MD-Pro, and (8) Simplog, allows remote attackers to execute arbitrary PHP functions via the do parameter, which is saved in a variable that is then executed as a function, as demonstrated using phpinfo.

Affected products

John Lim/Adodb2 versions
cpe:2.3:a:john_lim:adodb:4.66:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:john_lim:adodb:4.66:*:*:*:*:*:*:*
- cpe:2.3:a:john_lim:adodb:4.68:*:*:*:*:*:*:*
Mantis/Mantis2 versions
cpe:2.3:a:mantis:mantis:0.19.4:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:mantis:mantis:0.19.4:*:*:*:*:*:*:*
- cpe:2.3:a:mantis:mantis:1.0.0_rc4:*:*:*:*:*:*:*
Moodle/Moodle
cpe:2.3:a:moodle:moodle:1.5.3:*:*:*:*:*:*:*
Phpnuke/Postnuke
cpe:2.3:a:postnuke_software_foundation:postnuke:0.761:*:*:*:*:*:*:*
The Cacti Group/Cacti
cpe:2.3:a:the_cacti_group:cacti:0.8.6g:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/18233nvdPatchVendor Advisory
secunia.com/advisories/18254nvdPatchVendor Advisory
secunia.com/advisories/18260nvdPatchVendor Advisory
secunia.com/advisories/18276nvdPatchVendor Advisory
secunia.com/advisories/19555nvdPatchVendor Advisory
secunia.com/advisories/19590nvdPatchVendor Advisory
secunia.com/advisories/19591nvdPatchVendor Advisory
secunia.com/advisories/19628nvdPatchVendor Advisory
www.debian.org/security/2006/dsa-1029nvdPatchVendor Advisory
www.debian.org/security/2006/dsa-1030nvdPatchVendor Advisory
www.gentoo.org/security/en/glsa/glsa-200604-07.xmlnvdPatchVendor Advisory
retrogod.altervista.org/phpopenchat_30x_sql_xpl.htmlnvdExploit
retrogod.altervista.org/simplog_092_incl_xpl.htmlnvdExploit
secunia.com/advisories/17418nvdExploitPatchVendor Advisory
secunia.com/secunia_research/2005-64/advisory/nvdExploitPatchVendor Advisory
secunia.com/advisories/18267nvdVendor Advisory
secunia.com/advisories/19600nvdVendor Advisory
secunia.com/advisories/19691nvd
www.debian.org/security/2006/dsa-1031nvd
www.osvdb.org/22291nvd
www.securityfocus.com/archive/1/430448/100/0/threadednvd
www.securityfocus.com/archive/1/430743/100/0/threadednvd
www.vupen.com/english/advisories/2006/0101nvd
www.vupen.com/english/advisories/2006/0102nvd
www.vupen.com/english/advisories/2006/0103nvd
www.vupen.com/english/advisories/2006/0104nvd
www.vupen.com/english/advisories/2006/1305nvd
www.vupen.com/english/advisories/2006/1332nvd
exchange.xforce.ibmcloud.com/vulnerabilities/24052nvd
www.exploit-db.com/exploits/1663nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.024
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000