2006 CVE Vulnerabilities

7,145 CVEs published in 2006.

Filter:UNKNOWNClear
CVE IDSeverityCVSSDescription
CVE-2006-3369Kamikaze-QSCM 0.1 stores config.inc under the web document root with insufficient access control, which allows remote at...
CVE-2006-3370Blueboy 1.0.3 stores bb_news_config.inc under the web document root with insufficient access control, which allows remot...
CVE-2006-3371Eupla Foros 1.0 stores the inc/config.inc file under the web document root with insufficient access control, which allow...
CVE-2006-3381SturGeoN Upload allows remote attackers to execute arbitrary PHP code by uploading a file with a .php extension, then di...
CVE-2006-3382Cross-site scripting (XSS) vulnerability in search.php in mAds 1.0 allows remote attackers to inject arbitrary web scrip...
CVE-2006-3372Apple Safari 2.0.4/419.3 allows remote attackers to cause a denial of service (application crash) via a DHTML setAttribu...
CVE-2006-3383Cross-site scripting (XSS) vulnerability in index.php in mAds 1.0 allows remote attackers to inject arbitrary web script...
CVE-2006-3355Heap-based buffer overflow in httpdget.c in mpg123 before 0.59s-rll allows remote attackers to execute arbitrary code vi...
CVE-2006-3375PHP remote file inclusion vulnerability in includes/header.inc.php in Randshop 1.1.1 allows remote attackers to execute ...
CVE-2006-3374PHP remote file inclusion vulnerability in index.php in Randshop 1.2 and earlier, including 0.9.3, allows remote attacke...
CVE-2006-3373Unspecified vulnerability in the client/bin/logfetch script in Hobbit 4.2-beta allows local users to read arbitrary file...
CVE-2006-3376Integer overflow in player.c in libwmf 0.2.8.4, as used in multiple products including (1) wv, (2) abiword, (3) freetype...
CVE-2006-3377Cross-site scripting (XSS) vulnerability in JMB Software AutoRank PHP 3.02 and earlier, and AutoRank Pro 5.01 and earlie...
CVE-2006-3384SQL injection vulnerability in divers.php in Vincent Leclercq News 5.2 allows remote attackers to execute arbitrary SQL ...
CVE-2006-3365V3 Chat allows remote attackers to obtain the installation path via (1) an invalid id parameter to mail/index.php or (2)...
CVE-2006-3385Cross-site scripting (XSS) vulnerability in divers.php in Vincent Leclercq News 5.2 allows remote attackers to inject ar...
CVE-2006-3366Multiple cross-site scripting (XSS) vulnerabilities in V3 Chat allow remote attackers to inject arbitrary web script or ...
CVE-2006-3367Mp3 JudeBox Server (Mp3NetBox) Beta 1 stores config.inc under the web document root with insufficient access control, wh...
CVE-2006-3378passwd command in shadow in Ubuntu 5.04 through 6.06 LTS, when called with the -f, -g, or -s flag, does not check the re...
CVE-2006-3379Algorithmic complexity vulnerability in Hiki Wiki 0.6.0 through 0.6.5 and 0.8.0 through 0.8.5 allows remote attackers to...
CVE-2006-3358Multiple cross-site scripting (XSS) vulnerabilities in index.php in NewsPHP 2006 PRO allow remote attackers to inject ar...
CVE-2006-3357Heap-based buffer overflow in HTML Help ActiveX control (hhctrl.ocx) in Microsoft Internet Explorer 6.0 allows remote at...
CVE-2006-3356The TIFFFetchAnyArray function in ImageIO in Apple OS X 10.4.7 and earlier allows remote user-assisted attackers to caus...
CVE-2006-3362Unrestricted file upload vulnerability in connectors/php/connector.php in FCKeditor mcpuk file manager, as used in (1) G...
CVE-2006-3361PHP remote file inclusion vulnerability in Stud.IP 1.3.0-2 and earlier, when register_globals is enabled, allows remote ...

Check if your code is affected by 2006 CVEs

Strix scans your code and infrastructure for known vulnerabilities automatically.

Scan your code now