2006 CVE Vulnerabilities

7,145 CVEs published in 2006.

Filter:UNKNOWNClear
CVE IDSeverityCVSSDescription
CVE-2006-2928Multiple PHP remote file inclusion vulnerabilities in CMS-Bandits 2.5 and earlier, when register_globals is enabled, all...
CVE-2006-2921PHP remote file inclusion vulnerability in cmpro_header.inc.php in Clan Manager Pro (CMPRO) 1.1 and earlier, when regist...
CVE-2006-2919Unspecified vulnerability in Microsoft NetMeeting 3.01 allows remote attackers to cause a denial of service (crash or CP...
CVE-2006-2920Sylpheed-Claws before 2.2.2 and Sylpheed before 2.2.6 allow remote attackers to bypass the URI check functionality and m...
CVE-2006-2193Buffer overflow in the t2p_write_pdf_string function in tiff2pdf in libtiff 3.8.2 and earlier allows attackers to cause ...
CVE-2006-2902Directory traversal vulnerability in Particle Links 1.2.2 might allow remote attackers to access arbitrary files via ".....
CVE-2006-2904SQL injection vulnerability in index.php in Partial Links 1.2.2 allows remote attackers to execute arbitrary SQL command...
CVE-2006-2905Partial Links 1.2.2 allows remote attackers to obtain sensitive information via a direct request to (1) page_footer.php ...
CVE-2006-2906The LZW decoding in the gdImageCreateFromGifPtr function in the Thomas Boutell graphics draw (GD) library (aka libgd) 2....
CVE-2006-2903Cross-site scripting (XSS) vulnerability in admin.php in Particle Links 1.2.2 allows remote attackers to inject arbitrar...
CVE-2006-1173Sendmail before 8.13.7 allows remote attackers to cause a denial of service via deeply nested, malformed multipart MIME ...
CVE-2006-2901The web server for D-Link Wireless Access-Point (DWL-2100ap) firmware 2.10na and earlier allows remote attackers to obta...
CVE-2006-2900Internet Explorer 6 allows user-assisted remote attackers to read arbitrary files by tricking a user into typing the cha...
CVE-2006-2879SQL injection vulnerability in newscomments.php in Alex News-Engine 1.5.0 and earlier allows remote attackers to execute...
CVE-2006-2892Cross-site scripting (XSS) vulnerability in index.php in GANTTy 1.0.3 allows remote attackers to inject arbitrary HTML a...
CVE-2006-2899Unspecified vulnerability in ESTsoft InternetDISK versions before 2006/04/20 allows remote authenticated users to execut...
CVE-2006-2898The IAX2 channel driver (chan_iax2) for Asterisk 1.2.x before 1.2.9 and 1.0.x before 1.0.11 allows remote attackers to c...
CVE-2006-2897Cross-site scripting (XSS) vulnerability in FunkBoard 0.71 allows remote attackers to inject arbitrary HTML or web scrip...
CVE-2006-2896profile.php in FunkBoard CF0.71 allows remote attackers to change arbitrary passwords via a modified uid hidden form fie...
CVE-2006-2895Cross-site scripting (XSS) vulnerability in MediaWiki 1.6.0 up to versions before 1.6.7 allows remote attackers to injec...
CVE-2006-2893index.php in GANTTy 1.0.3 allows remote attackers to obtain the full path of the web server via an invalid lang paramete...
CVE-2006-2894Mozilla Firefox 1.5.0.4, 2.0.x before 2.0.0.8, Mozilla Suite 1.7.13, Mozilla SeaMonkey 1.0.2 and other versions before 1...
CVE-2006-2891Cross-site scripting (XSS) vulnerability in admin/index.php for Pixelpost 1-5rc1-2 and earlier allows remote attackers t...
CVE-2006-2890Pixelpost 1-5rc1-2 and earlier, when register_globals is enabled, allows remote attackers to gain administrator privileg...
CVE-2006-2889Multiple SQL injection vulnerabilities in index.php in Pixelpost 1-5rc1-2 and earlier allow remote attackers to execute ...

Check if your code is affected by 2006 CVEs

Strix scans your code and infrastructure for known vulnerabilities automatically.

Scan your code now