2006 CVE Vulnerabilities
7,145 CVEs published in 2006.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2006-3415 | — | — | 2.0% | Jul 7, 2006 | Tor before 0.1.1.20 uses improper logic to validate the "OR" destination, which allows remote attackers to perform a man... |
| CVE-2006-3414 | — | — | 2.1% | Jul 7, 2006 | Tor before 0.1.1.20 supports server descriptors that contain hostnames instead of IP addresses, which allows remote atta... |
| CVE-2006-3413 | — | — | 1.7% | Jul 7, 2006 | The privoxy configuration file in Tor before 0.1.1.20, when run on Apple OS X, logs all data via the "logfile", which al... |
| CVE-2006-3404 | — | — | 5.0% | Jul 6, 2006 | Buffer overflow in the xcf_load_vector function in app/xcf/xcf-load.c for gimp before 2.2.12 allows user-assisted attack... |
| CVE-2006-3402 | — | — | 1.1% | Jul 6, 2006 | SQL injection vulnerability in VirtuaStore 2.0 allows remote attackers to execute arbitrary SQL commands via the passwor... |
| CVE-2006-3401 | — | — | 5.6% | Jul 6, 2006 | Stack-based buffer overflow in Quake 3 Engine as used by Quake 3: Arena 1.32b and 1.32c allows remote attackers to cause... |
| CVE-2006-3400 | — | — | 4.7% | Jul 6, 2006 | Stack-based buffer overflow in the CG_ServerCommand function in Quake 3 Engine as used by Soldier of Fortune 2 (SOF2MP) ... |
| CVE-2006-3399 | — | — | 1.4% | Jul 6, 2006 | Cross-site scripting (XSS) vulnerability in wiki.php in MoniWiki before 1.1.2-20060702 allows remote attackers to inject... |
| CVE-2006-3398 | — | — | 1.4% | Jul 6, 2006 | The "change password forms" in Taskjitsu before 2.0.1 includes password hashes in hidden form fields, which allows remot... |
| CVE-2006-3397 | — | — | 1.3% | Jul 6, 2006 | Multiple cross-site scripting (XSS) vulnerabilities in Taskjitsu before 2.0.1 allow remote attackers to inject arbitrary... |
| CVE-2006-3396 | — | — | 3.8% | Jul 6, 2006 | PHP remote file inclusion vulnerability in galleria.html.php in Galleria Mambo Module 1.0 and earlier for Mambo allows r... |
| CVE-2006-3395 | — | — | 3.1% | Jul 6, 2006 | PHP remote file inclusion vulnerability in top.php in SiteBuilder-FX 3.5 allows remote attackers to execute arbitrary PH... |
| CVE-2006-3394 | — | — | 1.3% | Jul 6, 2006 | SQL injection vulnerability in the files mod in index.php in BXCP 0.3.0.4 allows remote attackers to execute arbitrary S... |
| CVE-2006-3393 | — | — | 1.9% | Jul 6, 2006 | Papyrus NASCAR Racing 4 4.1.3.1.6 and earlier, 2002 Season 1.1.0.2 and earlier, and 2003 Season 1.2.0.1 and earlier allo... |
| CVE-2006-3392 | — | — | 77.8% | Jul 6, 2006 | Webmin before 1.290 and Usermin before 1.220 calls the simplify_path function before decoding HTML, which allows remote ... |
| CVE-2006-3391 | — | — | 1.3% | Jul 6, 2006 | The Execute function in iMBCContents ActiveX Control before 2.0.0.59 allows remote attackers to execute arbitrary files ... |
| CVE-2006-3390 | — | — | 2.8% | Jul 6, 2006 | WordPress 2.0.3 allows remote attackers to obtain the installation path via a direct request to various files, such as t... |
| CVE-2006-3386 | — | — | 1.5% | Jul 6, 2006 | index.php in Vincent Leclercq News 5.2 allows remote attackers to obtain sensitive information, such as the installation... |
| CVE-2006-3388 | — | — | 1.7% | Jul 6, 2006 | Cross-site scripting (XSS) vulnerability in phpMyAdmin before 2.8.2 allows remote attackers to inject arbitrary web scri... |
| CVE-2006-3387 | — | — | 2.0% | Jul 6, 2006 | Directory traversal vulnerability in sources/post.php in Fusion News 1.0, when register_globals is enabled, allows remot... |
| CVE-2006-3389 | — | — | 2.9% | Jul 6, 2006 | index.php in WordPress 2.0.3 allows remote attackers to obtain sensitive information, such as SQL table prefixes, via an... |
| CVE-2006-3364 | — | — | 2.1% | Jul 6, 2006 | SQL injection vulnerability in index.php in the NP_SEO plugin in BLOG:CMS before 4.1.0 allows remote attackers to execut... |
| CVE-2006-3359 | — | — | 1.1% | Jul 6, 2006 | Multiple SQL injection vulnerabilities in index.php in NewsPHP 2006 PRO allow remote attackers to inject arbitrary web s... |
| CVE-2006-3380 | — | — | 1.6% | Jul 6, 2006 | Algorithmic complexity vulnerability in FreeStyle Wiki before 3.6.2 allows remote attackers to cause a denial of service... |
| CVE-2006-3368 | — | — | 1.6% | Jul 6, 2006 | Efone 20000723 stores config.inc under the web document root with insufficient access control, which allows remote attac... |
Check if your code is affected by 2006 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now