2006 CVE Vulnerabilities
7,145 CVEs published in 2006.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2006-7024 | — | — | 2.3% | Feb 15, 2007 | Multiple PHP remote file inclusion vulnerabilities in Harpia CMS 1.0.5 and earlier allow remote attackers to execute arb... |
| CVE-2006-7022 | — | — | 2.2% | Feb 15, 2007 | The Tools module in fx-APP 0.0.8.1 allows remote attackers to misrepresent the contents of a web page via an arbitrary U... |
| CVE-2006-7017 | — | — | 2.7% | Feb 15, 2007 | Multiple PHP remote file inclusion vulnerabilities in Indexu 5.0.1 allow remote attackers to execute arbitrary PHP code ... |
| CVE-2006-7023 | — | — | 1.1% | Feb 15, 2007 | Multiple cross-site scripting (XSS) vulnerabilities in fx-APP 0.0.8.1 allow remote attackers to inject arbitrary HTML or... |
| CVE-2006-5860 | — | — | 3.2% | Feb 14, 2007 | Cross-site scripting (XSS) vulnerability in the administrator console for Adobe JRun 4.0, as used in ColdFusion, allows ... |
| CVE-2006-5859 | — | — | 3.0% | Feb 14, 2007 | Cross-site scripting (XSS) vulnerability in Adobe ColdFusion MX 7 7.0 and 7.0.1, when Global Script Protection is not en... |
| CVE-2006-4697 | — | — | 31.1% | Feb 13, 2007 | Microsoft Internet Explorer 5.01, 6, and 7 uses certain COM objects from Imjpcksid.dll as ActiveX controls, which allows... |
| CVE-2006-1311 | — | — | 31.1% | Feb 13, 2007 | The RichEdit component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1; Office 2000 SP3, XP SP3, 2003 SP2, and Offic... |
| CVE-2006-3448 | — | — | 36.7% | Feb 13, 2007 | Buffer overflow in the Step-by-Step Interactive Training in Microsoft Windows 2000 SP4, XP SP2 and Professional, and Ser... |
| CVE-2006-5270 | — | — | 30.1% | Feb 13, 2007 | Integer overflow in the Microsoft Malware Protection Engine (mpengine.dll), as used by Windows Live OneCare, Antigen, De... |
| CVE-2006-7006 | — | — | 1.9% | Feb 12, 2007 | PHP remote file inclusion vulnerability in upload/admin/team.php in Robin de Graff Somery 0.4.4 allows remote attackers ... |
| CVE-2006-7009 | — | — | 1.2% | Feb 12, 2007 | Joomla! before 1.0.10 allows remote attackers to spoof the frontend submission forms, which has unknown impact and attac... |
| CVE-2006-7010 | — | — | 0.9% | Feb 12, 2007 | The mosgetparam implementation in Joomla! before 1.0.10, does not set a variable's data type to integer when the variabl... |
| CVE-2006-7004 | — | — | 1.7% | Feb 12, 2007 | Cross-site scripting (XSS) vulnerability in email_request.php in PSY Auction allows remote attackers to inject arbitrary... |
| CVE-2006-7007 | — | — | 3.6% | Feb 12, 2007 | Buffer overflow in Tiny FTPd 1.4 and earlier allows remote attackers to cause a denial of service (daemon crash) via a l... |
| CVE-2006-7005 | — | — | 0.9% | Feb 12, 2007 | SQL injection vulnerability in item.php in PSY Auction allows remote attackers to execute arbitrary SQL commands via the... |
| CVE-2006-7008 | — | — | 1.1% | Feb 12, 2007 | Unspecified vulnerability in Joomla! before 1.0.10 has unknown impact and attack vectors, related to "securing mosmsg fr... |
| CVE-2006-7003 | — | — | 1.3% | Feb 12, 2007 | PHP remote file inclusion vulnerability in admin/index.php in Fusion Polls allows remote attackers to execute arbitrary ... |
| CVE-2006-7001 | — | — | 1.6% | Feb 12, 2007 | Directory traversal vulnerability in avatar.php in PhpMyChat Plus 1.9 and earlier allows remote attackers to read arbitr... |
| CVE-2006-7002 | — | — | 0.9% | Feb 12, 2007 | Cross-site scripting (XSS) vulnerability in add_comment.php in Wheatblog (wB) 1.1 allows remote attackers to inject arbi... |
| CVE-2006-7000 | — | — | 1.1% | Feb 12, 2007 | Headstart Solutions DeskPRO allows remote attackers to obtain the full path via direct requests to (1) email/mail.php, (... |
| CVE-2006-6999 | — | — | 1.0% | Feb 12, 2007 | attachment.php in Headstart Solutions DeskPRO allows remote attackers to read all uploaded files by providing the file n... |
| CVE-2006-6998 | — | — | 1.1% | Feb 12, 2007 | install/loader_help.php in Headstart Solutions DeskPRO allows remote attackers to obtain configuration information via a... |
| CVE-2006-6993 | — | — | 1.0% | Feb 12, 2007 | Multiple SQL injection vulnerabilities in pages/addcomment2.php in Neuron Blog 1.1 allow remote attackers to inject arbi... |
| CVE-2006-6995 | — | — | 1.5% | Feb 12, 2007 | mycontacts.php in V3 Chat allows remote authenticated users to gain privileges as other users via a modified membername ... |
Check if your code is affected by 2006 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now