{
  "modified": "2025-08-09T19:01:26Z",
  "published": "2006-01-09T23:03:00Z",
  "id": "CVE-2006-0146",
  "details": "The server.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PHPOpenChat, (7) MAXdev MD-Pro, and (8) MediaBeez, when the MySQL root password is empty, allows remote attackers to execute arbitrary SQL commands via the sql parameter.",
  "references": [
    {
      "type": "ADVISORY",
      "url": "http://secunia.com/advisories/17418"
    },
    {
      "type": "ADVISORY",
      "url": "http://secunia.com/advisories/18233"
    },
    {
      "type": "ADVISORY",
      "url": "http://secunia.com/advisories/18254"
    },
    {
      "type": "ADVISORY",
      "url": "http://secunia.com/advisories/18260"
    },
    {
      "type": "ADVISORY",
      "url": "http://secunia.com/advisories/18267"
    },
    {
      "type": "ADVISORY",
      "url": "http://secunia.com/advisories/18276"
    },
    {
      "type": "ADVISORY",
      "url": "http://secunia.com/advisories/18720"
    },
    {
      "type": "ADVISORY",
      "url": "http://secunia.com/advisories/19555"
    },
    {
      "type": "ADVISORY",
      "url": "http://secunia.com/advisories/19563"
    },
    {
      "type": "ADVISORY",
      "url": "http://secunia.com/advisories/19590"
    },
    {
      "type": "ADVISORY",
      "url": "http://secunia.com/advisories/19591"
    },
    {
      "type": "ADVISORY",
      "url": "http://secunia.com/advisories/19600"
    },
    {
      "type": "ADVISORY",
      "url": "http://secunia.com/advisories/19691"
    },
    {
      "type": "ADVISORY",
      "url": "http://secunia.com/advisories/19699"
    },
    {
      "type": "ADVISORY",
      "url": "http://secunia.com/advisories/24954"
    },
    {
      "type": "ADVISORY",
      "url": "http://secunia.com/secunia_research/2005-64/advisory/"
    },
    {
      "type": "ADVISORY",
      "url": "http://www.debian.org/security/2006/dsa-1029"
    },
    {
      "type": "ADVISORY",
      "url": "http://www.debian.org/security/2006/dsa-1030"
    },
    {
      "type": "ADVISORY",
      "url": "http://www.debian.org/security/2006/dsa-1031"
    },
    {
      "type": "ADVISORY",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-07.xml"
    },
    {
      "type": "ADVISORY",
      "url": "http://www.vupen.com/english/advisories/2006/0101"
    },
    {
      "type": "ADVISORY",
      "url": "http://www.vupen.com/english/advisories/2006/0102"
    },
    {
      "type": "ADVISORY",
      "url": "http://www.vupen.com/english/advisories/2006/0103"
    },
    {
      "type": "ADVISORY",
      "url": "http://www.vupen.com/english/advisories/2006/0104"
    },
    {
      "type": "ADVISORY",
      "url": "http://www.vupen.com/english/advisories/2006/0105"
    },
    {
      "type": "ADVISORY",
      "url": "http://www.vupen.com/english/advisories/2006/0370"
    },
    {
      "type": "ADVISORY",
      "url": "http://www.vupen.com/english/advisories/2006/0447"
    },
    {
      "type": "ADVISORY",
      "url": "http://www.vupen.com/english/advisories/2006/1304"
    },
    {
      "type": "ADVISORY",
      "url": "http://www.vupen.com/english/advisories/2006/1305"
    },
    {
      "type": "ADVISORY",
      "url": "http://www.vupen.com/english/advisories/2006/1419"
    },
    {
      "type": "EVIDENCE",
      "url": "http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.html"
    },
    {
      "type": "EVIDENCE",
      "url": "http://secunia.com/advisories/17418"
    },
    {
      "type": "EVIDENCE",
      "url": "http://secunia.com/secunia_research/2005-64/advisory/"
    },
    {
      "type": "EVIDENCE",
      "url": "http://www.osvdb.org/22290"
    },
    {
      "type": "EVIDENCE",
      "url": "http://www.securityfocus.com/bid/16187"
    },
    {
      "type": "FIX",
      "url": "http://secunia.com/advisories/17418"
    },
    {
      "type": "FIX",
      "url": "http://secunia.com/advisories/18233"
    },
    {
      "type": "FIX",
      "url": "http://secunia.com/advisories/18260"
    },
    {
      "type": "FIX",
      "url": "http://secunia.com/advisories/18276"
    },
    {
      "type": "FIX",
      "url": "http://secunia.com/advisories/18720"
    },
    {
      "type": "FIX",
      "url": "http://secunia.com/advisories/19555"
    },
    {
      "type": "FIX",
      "url": "http://secunia.com/advisories/19563"
    },
    {
      "type": "FIX",
      "url": "http://secunia.com/advisories/19590"
    },
    {
      "type": "FIX",
      "url": "http://secunia.com/advisories/19591"
    },
    {
      "type": "FIX",
      "url": "http://secunia.com/advisories/19699"
    },
    {
      "type": "FIX",
      "url": "http://secunia.com/secunia_research/2005-64/advisory/"
    },
    {
      "type": "FIX",
      "url": "http://www.debian.org/security/2006/dsa-1029"
    },
    {
      "type": "FIX",
      "url": "http://www.debian.org/security/2006/dsa-1030"
    },
    {
      "type": "FIX",
      "url": "http://www.debian.org/security/2006/dsa-1031"
    },
    {
      "type": "FIX",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-07.xml"
    },
    {
      "type": "FIX",
      "url": "http://www.osvdb.org/22290"
    },
    {
      "type": "FIX",
      "url": "http://www.securityfocus.com/bid/16187"
    },
    {
      "type": "FIX",
      "url": "http://www.xaraya.com/index.php/news/569"
    },
    {
      "type": "WEB",
      "url": "http://securityreason.com/securityalert/713"
    },
    {
      "type": "WEB",
      "url": "http://www.maxdev.com/Article550.phtml"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/423784/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/430448/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/466171/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24051"
    }
  ]
}