CVE-2006-0147
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2006-0147
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Dynamic code evaluation vulnerability in tests/tmssql.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PhpOpenChat, possibly (7) MAXdev MD-Pro, and (8) Simplog, allows remote attackers to execute arbitrary PHP functions via the do parameter, which is saved in a variable that is then executed as a function, as demonstrated using phpinfo.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
ADOdb for PHP 'tmssql.php'测试脚本动态代码求值漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
ADOdb for PHP 4.70之前版本的tests/tmssql.php测试脚本中的动态代码求值漏洞(用在多个产品中,包括(1) Mantis、(2) PostNuke、(3) Moodle、(4) Cacti、(5) Xaraya、(6) PhpOpenChat,可能还有(7) MAXdev MD-Pro和(8) Simplog),远程攻击者可以通过保存在随后作为函数执行的变量中的do参数执行任意PHP函数,如使用phpinfo所示。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2006-0147
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2006-0147
Please Login to view more intelligence information
- http://secunia.com/secunia_research/2005-64/advisory/x_refsource_MISC
- http://retrogod.altervista.org/simplog_092_incl_xpl.htmlx_refsource_MISC
- http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.htmlx_refsource_MISC
- https://nvd.nist.gov/vuln/detail/CVE-2006-0147
Same Patch Batch · n/a · 2006-01-09 · 52 CVEs total
| CVE-2006-0142 | Andromeda Andromeda.PHP跨站脚本攻击漏洞 | |
| CVE-2006-0151 | Sudo Python环境变量处理安全性绕过漏洞 | |
| CVE-2006-0150 | Dave Carrigan Auth_LDAP远程格式化字符串漏洞 | |
| CVE-2006-0144 | PHP PEAR Go-Pear.PHP任意远程代码执行漏洞 | |
| CVE-2006-0148 | NetSarang XLPD拒绝服务漏洞 | |
| CVE-2006-0146 | ADOdb Server.PHP SQL注入漏洞 | |
| CVE-2006-0145 | NetBSD KernFS LSEEK Kernel内存泄露漏洞 | |
| CVE-2006-0149 | SimpBook 跨站脚本攻击漏洞 | |
| CVE-2005-4352 | BSD SecureLevel时间设置安全性限制绕过漏洞 | |
| CVE-2005-4351 | FreeBSD、OpenBSD、DragonFly 绕过文件设置漏洞 | |
| CVE-2006-0083 | Stefan Frings SMS Server Tools本地格式化字符串漏洞 | |
| CVE-2006-0141 | Qualcomm Eudora Internet Mail Server多个拒绝服务漏洞 | |
| CVE-2006-0140 | Navboard多个BBCode跨站脚本攻击漏洞 | |
| CVE-2005-4592 | Bogofilter多个远程缓冲区溢出漏洞 | |
| CVE-2005-4591 | Bogofilter多个远程缓冲区溢出漏洞 | |
| CVE-2006-0139 | PD9 Software MegaBBS 信息泄露漏洞 | |
| CVE-2005-3540 | Petris本地缓冲区溢出漏洞 | |
| CVE-2005-2762 | Avaya VPNRemote VPN用户凭证泄露漏洞 | |
| CVE-2004-2653 | PD9 Software MegaBBS提升特权漏洞 | |
| CVE-2006-0138 | aMSN 拒绝服务漏洞 |
Showing top 20 of 52 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8226
Open5GS types.c ogs_pcc_rule_install_flow_from_media denial - CVE-2026-8225
Open5GS delete Endpoint sm-sm.c pcf_npcf_smpolicycontrol_han - CVE-2026-8224
Open5GS PCF context.c pcf_sess_set_ipv6prefix denial of serv - CVE-2026-8223
Open5GS sm-policies Endpoint pcf_sess_sbi_discover_and_send - CVE-2026-8222
Open5GS sm-policies Endpoint nbsf-handler.c pcf_nbsf_managem
V. Comments for CVE-2006-0147
No comments yet