Описание
The server.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PHPOpenChat, (7) MAXdev MD-Pro, and (8) MediaBeez, when the MySQL root password is empty, allows remote attackers to execute arbitrary SQL commands via the sql parameter.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 4.72-0.1ubuntu1 |
| devel | released | 4.72-0.1ubuntu1 |
| edgy | released | 4.72-0.1ubuntu1 |
| feisty | released | 4.72-0.1ubuntu1 |
| gutsy | released | 4.72-0.1ubuntu1 |
| upstream | needs-triage |
Показывать по
Ссылки на источники
7.5 High
CVSS2
Связанные уязвимости
The server.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PHPOpenChat, (7) MAXdev MD-Pro, and (8) MediaBeez, when the MySQL root password is empty, allows remote attackers to execute arbitrary SQL commands via the sql parameter.
The server.php test script in ADOdb for PHP before 4.70, as used in mu ...
The server.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PHPOpenChat, (7) MAXdev MD-Pro, and (8) MediaBeez, when the MySQL root password is empty, allows remote attackers to execute arbitrary SQL commands via the sql parameter.
7.5 High
CVSS2