2006 CVE Vulnerabilities
7,145 CVEs published in 2006.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2006-3820 | — | — | 1.3% | Jul 25, 2006 | Cross-site scripting (XSS) vulnerability in loudblog/index.php in Loudblog before 0.5 allows remote attackers to inject ... |
| CVE-2006-3821 | — | — | 1.3% | Jul 25, 2006 | Multiple cross-site scripting (XSS) vulnerabilities in ATutor 1.5.3 allow remote attackers to inject arbitrary web scrip... |
| CVE-2006-3822 | — | — | 1.0% | Jul 25, 2006 | SQL injection vulnerability in index.php in GeodesicSolutions GeoAuctions Enterprise 1.0.6 allows remote attackers to ex... |
| CVE-2006-3823 | — | — | 1.9% | Jul 25, 2006 | SQL injection vulnerability in index.php in GeodesicSolutions (1) GeoAuctions Premier 2.0.3 and (2) GeoClassifieds Basic... |
| CVE-2006-3824 | — | — | 1.0% | Jul 25, 2006 | systeminfo.c for Sun Solaris allows local users to read kernel memory via a 0 variable count argument to the sysinfo sys... |
| CVE-2006-3825 | — | — | 0.4% | Jul 25, 2006 | The IPv4 implementation in Sun Solaris 10 before 20060721 allows local users to select routes that differ from the routi... |
| CVE-2006-3826 | — | — | 1.4% | Jul 25, 2006 | Multiple cross-site scripting (XSS) vulnerabilities in Kailash Nadh boastMachine (formerly bMachine) 3.1 and earlier all... |
| CVE-2006-3827 | — | — | 1.2% | Jul 25, 2006 | SQL injection vulnerability in bmc/Inc/core/admin/search.inc.php in Kailash Nadh boastMachine (formerly bMachine) 3.1 an... |
| CVE-2006-3828 | — | — | 1.2% | Jul 25, 2006 | Incomplete blacklist vulnerability in Kailash Nadh boastMachine (formerly bMachine) 3.1 and earlier allows remote authen... |
| CVE-2006-3829 | — | — | 1.4% | Jul 25, 2006 | Cross-site request forgery (CSRF) vulnerability in bmc/admin.php in Kailash Nadh boastMachine (formerly bMachine) 3.1 an... |
| CVE-2006-3830 | — | — | 0.8% | Jul 25, 2006 | The Languages selection in the admin interface in Kailash Nadh boastMachine (formerly bMachine) 3.1 and earlier allows r... |
| CVE-2006-3831 | — | — | 1.4% | Jul 25, 2006 | The Backup selection in Kailash Nadh boastMachine (formerly bMachine) 3.1 and earlier uses predicable filenames for data... |
| CVE-2006-3832 | — | — | 2.1% | Jul 25, 2006 | SQL injection vulnerability in index.php in Gerrit van Aaken Loudblog 0.5 and earlier allows remote attackers to execute... |
| CVE-2006-3833 | — | — | 1.3% | Jul 25, 2006 | index.php in EJ3 TOPo 2.2.178 allows remote attackers to overwrite existing entries and establish new passwords for the ... |
| CVE-2006-3834 | — | — | 1.0% | Jul 25, 2006 | EJ3 TOPo 2.2.178 includes the password in cleartext in the ID field to index.php, which allows context-dependent attacke... |
| CVE-2006-3835 | — | — | 45.6% | Jul 25, 2006 | Apache Tomcat 5 before 5.5.17 allows remote attackers to list directories via a semicolon (;) preceding a filename with ... |
| CVE-2006-3836 | — | — | 3.4% | Jul 25, 2006 | Directory traversal vulnerability in index.php in UNIDOmedia Chameleon LE 1.203 and earlier, and possibly Chameleon PRO,... |
| CVE-2006-3837 | — | — | 1.1% | Jul 25, 2006 | delcookie.php in Professional Home Page Tools Guestbook changes the expiration date of a cookie instead of deleting the ... |
| CVE-2006-3791 | — | — | 2.3% | Jul 24, 2006 | The decode_stringmap function in server_transport.cpp for UFO2000 svn 1057 allows remote attackers to cause a denial of ... |
| CVE-2006-3792 | — | — | 1.8% | Jul 24, 2006 | SQL injection vulnerability in ServerClientUfo::recv_packet in server_protocol.cpp in UFO2000 svn 1057 allows remote att... |
| CVE-2006-3793 | — | — | 4.1% | Jul 24, 2006 | PHP remote file inclusion vulnerability in constants.php in SiteDepth CMS 3.01 and earlier allows remote attackers to ex... |
| CVE-2006-3776 | — | — | 3.2% | Jul 24, 2006 | PHP remote file inclusion vulnerability in order/index.php in IDevSpot (1) PhpHostBot 1.0 and (2) AutoHost 3.0 allows re... |
| CVE-2006-3795 | — | — | 1.3% | Jul 24, 2006 | Multiple cross-site scripting (XSS) vulnerabilities in DeluxeBB before 1.08 allow remote attackers to inject arbitrary w... |
| CVE-2006-3796 | — | — | 1.5% | Jul 24, 2006 | DeluxeBB 1.07 and earlier does not properly handle a username composed of a single space character, which allows remote ... |
| CVE-2006-3798 | — | — | 1.3% | Jul 24, 2006 | DeluxeBB 1.07 and earlier allows remote attackers to overwrite the (1) _GET, (2) _POST, (3) _ENV, and (4) _SERVER variab... |
Check if your code is affected by 2006 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now