CVE-2006-0410

SQL injection vulnerability in ADOdb before 4.71, when using PostgreSQL, allows remote attackers to execute arbitrary SQL commands via unspecified attack vectors involving binary strings.

Published: 2006-01-25 Last update: 2026-04-16 Assigner: [email protected] Source: [email protected]
NVD Status:ModifiedCVE State: published
View at NVD, CVE.org, EUVD

CVE-2006-0410 is rated Moderate Risk (51.2/100): CVSS Medium severity, with medium exploitation likelihood (EPSS 2.84%). EPSS rose +1.52% over the last day, indicating growing attacker interest. Review affected assets and schedule remediation.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Exploit prediction scoring system (EPSS) score for CVE-2006-0410

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

# Date Old EPSS score New EPSS score Delta (New - Old)
1 2026-06-15 1.32% 2.84% +1.52%
2 2026-03-02 1.50% 1.32% -0.18%
3 2025-03-30 1.50%

Full EPSS history (9 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2006-0410

CVSS metrics for this CVE.

Base score Version Severity Vector Exploitability Impact Score source
5.0 2.0 MEDIUM
AV:N/AC:L/Au:N/C:N/I:P/A:N Click to expand
Access vector (AV:N)
Can be exploited remotely over network reachability.
Access complexity (AC:L)
Exploitation conditions are straightforward and predictable.
Authentication (AU:N)
No authentication is required.
Confidentiality impact (C:N)
No confidentiality impact.
Integrity impact (I:P)
Partial integrity impact.
Availability impact (A:N)
No availability impact.
 10.0 2.9 [email protected]

Weakness enumeration for CVE-2006-0410

OS Trackers for CVE-2006-0410

vendor priority summary link
debian medium CVE-2006-0410 medium priority: Debian including 2 source packages (cacti, libphp-adodb), 10 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): resolved 10. https://security-tracker.debian.org/tracker/CVE-2006-0410
gentoo high CVE-2006-0410: 2 GLSA(s) (200602-02, 200604-07), 2 atom(s) (dev-php/adodb, net-analyzer/cacti); latest impact high. https://bugs.gentoo.org/buglist.cgi?quicksearch=CVE-2006-0410
ubuntu medium CVE-2006-0410 medium priority: Ubuntu including 2 source packages (libphp-adodb, moodle), 10 status rows across 5 suites (dapper, edgy, feisty, gutsy, upstream): released 8, needs-triage 2. https://ubuntu.com/security/CVE-2006-0410

Affected software / configurations for CVE-2006-0410

Vendor Product Version Raw CPE
john_lim adodb 4.66 cpe:2.3:a:john_lim:adodb:4.66:*:*:*:*:*:*:*
john_lim adodb 4.68 cpe:2.3:a:john_lim:adodb:4.68:*:*:*:*:*:*:*
john_lim adodb 4.70 cpe:2.3:a:john_lim:adodb:4.70:*:*:*:*:*:*:*

References for CVE-2006-0410

URL Tags
http://secunia.com/advisories/18575 Patch Vendor Advisory
http://secunia.com/advisories/18732
http://secunia.com/advisories/18745
http://secunia.com/advisories/19555
http://secunia.com/advisories/19590
http://secunia.com/advisories/19591
http://secunia.com/advisories/19691
http://sourceforge.net/project/shownotes.php?release_id=387862&group_id=42718 Patch
http://www.debian.org/security/2006/dsa-1029
http://www.debian.org/security/2006/dsa-1030
http://www.debian.org/security/2006/dsa-1031
http://www.gentoo.org/security/en/glsa/glsa-200602-02.xml
http://www.gentoo.org/security/en/glsa/glsa-200604-07.xml
http://www.osvdb.org/22705
http://www.securityfocus.com/bid/16364
http://www.vupen.com/english/advisories/2006/0315
http://www.vupen.com/english/advisories/2006/0448
https://exchange.xforce.ibmcloud.com/vulnerabilities/24314
cvelogic Threat Intelligence