2006 CVE Vulnerabilities

7,145 CVEs published in 2006.

Filter:UNKNOWNClear
CVE IDSeverityCVSSDescription
CVE-2006-3820Cross-site scripting (XSS) vulnerability in loudblog/index.php in Loudblog before 0.5 allows remote attackers to inject ...
CVE-2006-3821Multiple cross-site scripting (XSS) vulnerabilities in ATutor 1.5.3 allow remote attackers to inject arbitrary web scrip...
CVE-2006-3822SQL injection vulnerability in index.php in GeodesicSolutions GeoAuctions Enterprise 1.0.6 allows remote attackers to ex...
CVE-2006-3823SQL injection vulnerability in index.php in GeodesicSolutions (1) GeoAuctions Premier 2.0.3 and (2) GeoClassifieds Basic...
CVE-2006-3824systeminfo.c for Sun Solaris allows local users to read kernel memory via a 0 variable count argument to the sysinfo sys...
CVE-2006-3825The IPv4 implementation in Sun Solaris 10 before 20060721 allows local users to select routes that differ from the routi...
CVE-2006-3826Multiple cross-site scripting (XSS) vulnerabilities in Kailash Nadh boastMachine (formerly bMachine) 3.1 and earlier all...
CVE-2006-3827SQL injection vulnerability in bmc/Inc/core/admin/search.inc.php in Kailash Nadh boastMachine (formerly bMachine) 3.1 an...
CVE-2006-3828Incomplete blacklist vulnerability in Kailash Nadh boastMachine (formerly bMachine) 3.1 and earlier allows remote authen...
CVE-2006-3829Cross-site request forgery (CSRF) vulnerability in bmc/admin.php in Kailash Nadh boastMachine (formerly bMachine) 3.1 an...
CVE-2006-3830The Languages selection in the admin interface in Kailash Nadh boastMachine (formerly bMachine) 3.1 and earlier allows r...
CVE-2006-3831The Backup selection in Kailash Nadh boastMachine (formerly bMachine) 3.1 and earlier uses predicable filenames for data...
CVE-2006-3832SQL injection vulnerability in index.php in Gerrit van Aaken Loudblog 0.5 and earlier allows remote attackers to execute...
CVE-2006-3833index.php in EJ3 TOPo 2.2.178 allows remote attackers to overwrite existing entries and establish new passwords for the ...
CVE-2006-3834EJ3 TOPo 2.2.178 includes the password in cleartext in the ID field to index.php, which allows context-dependent attacke...
CVE-2006-3835Apache Tomcat 5 before 5.5.17 allows remote attackers to list directories via a semicolon (;) preceding a filename with ...
CVE-2006-3836Directory traversal vulnerability in index.php in UNIDOmedia Chameleon LE 1.203 and earlier, and possibly Chameleon PRO,...
CVE-2006-3837delcookie.php in Professional Home Page Tools Guestbook changes the expiration date of a cookie instead of deleting the ...
CVE-2006-3791The decode_stringmap function in server_transport.cpp for UFO2000 svn 1057 allows remote attackers to cause a denial of ...
CVE-2006-3792SQL injection vulnerability in ServerClientUfo::recv_packet in server_protocol.cpp in UFO2000 svn 1057 allows remote att...
CVE-2006-3793PHP remote file inclusion vulnerability in constants.php in SiteDepth CMS 3.01 and earlier allows remote attackers to ex...
CVE-2006-3776PHP remote file inclusion vulnerability in order/index.php in IDevSpot (1) PhpHostBot 1.0 and (2) AutoHost 3.0 allows re...
CVE-2006-3795Multiple cross-site scripting (XSS) vulnerabilities in DeluxeBB before 1.08 allow remote attackers to inject arbitrary w...
CVE-2006-3796DeluxeBB 1.07 and earlier does not properly handle a username composed of a single space character, which allows remote ...
CVE-2006-3798DeluxeBB 1.07 and earlier allows remote attackers to overwrite the (1) _GET, (2) _POST, (3) _ENV, and (4) _SERVER variab...

Check if your code is affected by 2006 CVEs

Strix scans your code and infrastructure for known vulnerabilities automatically.

Scan your code now