CVE-2006-4618

Published: Sep 7, 2006Modified: Apr 16, 2026

5.1

Vector

AV:N/AC:H/Au:N/C:P/I:P/A:P

Exploitability: 4.9 / Impact: 6.4

Source: NVD

Description

PHP remote file inclusion vulnerability in adodb-postgres7.inc.php in John Lim ADOdb, possibly 4.01 and earlier, as used in Intechnic In-link 2.3.4, allows remote attackers to execute arbitrary PHP code via a URL in the ADODB_DIR parameter.

Affected (1)

Products: John Lim: Adodb

John Lim

1 product

Adodb

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
John Lim Adodb	Up to 4.01

References (10)

http://adodb.cvs.sourceforge.net/adodb/adodb_official/adodb-postgres7.inc.php?revision=1.1&view=markup

Source: cve@mitre.org

http://prdownloads.sourceforge.net/adodb/adodb492.tgz?download

Source: cve@mitre.org

Patch

http://securityreason.com/securityalert/1517

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/445259/100/0/threaded

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/28709

Source: cve@mitre.org

http://adodb.cvs.sourceforge.net/adodb/adodb_official/adodb-postgres7.inc.php?revision=1.1&view=markup