2006 CVE Vulnerabilities

7,145 CVEs published in 2006.

Filter:UNKNOWNClear
CVE IDSeverityCVSSDescription
CVE-2006-2737utilities/register.asp in Nukedit 4.9.6 and earlier allows remote attackers to create new users as part of arbitrary gro...
CVE-2006-2725SQL injection vulnerability in rss/posts.php in Eggblog before 3.07 allows remote attackers to execute arbitrary SQL com...
CVE-2006-2736PHP remote file inclusion vulnerability in blend_data/blend_common.php in Blend Portal 1.2.0, as used with phpBB when re...
CVE-2006-2703The RedCarpet command-line client (rug) does not verify SSL certificates from a server, which allows remote attackers to...
CVE-2006-2739PHP remote file inclusion vulnerability in footers.php in Epicdesigns tinyBB 0.3, when register_globals is enabled, allo...
CVE-2006-2740Multiple SQL injection vulnerabilities in Epicdesigns tinyBB 0.3 allow remote attackers to execute arbitrary SQL command...
CVE-2006-2741Cross-site scripting (XSS) vulnerability in Epicdesigns tinyBB 0.3 allow remote attackers to inject arbitrary web script...
CVE-2006-2742SQL injection vulnerability in Drupal 4.6.x before 4.6.7 and 4.7.0 allows remote attackers to execute arbitrary SQL comm...
CVE-2006-2743Drupal 4.6.x before 4.6.7 and 4.7.0, when running on Apache with mod_mime, does not properly handle files with multiple ...
CVE-2006-2744PHP remote file inclusion vulnerability in p-popupgallery.php in F@cile Interactive Web 0.8.41 through 0.8.5 allows remo...
CVE-2006-2745Multiple PHP remote file inclusion vulnerabilities in F@cile Interactive Web 0.8.5 and earlier, when register_globals is...
CVE-2006-2746Multiple cross-site scripting (XSS) vulnerabilities in F@cile Interactive Web 0.8.5 and earlier allow remote attackers t...
CVE-2006-2747Directory traversal vulnerability in index.php in PhpMyDesktop|arcade 1.0 FINAL allows remote attackers to read arbitrar...
CVE-2006-2748SQL injection vulnerability in the do_mysql_query function in core.php for Open Searchable Image Catalogue (OSIC) before...
CVE-2006-2749SQL injection vulnerability in search.php in Open Searchable Image Catalogue (OSIC) 0.7.0.1 and earlier allows remote at...
CVE-2006-2750Cross-site scripting (XSS) vulnerability in the do_mysql_query function in core.php for Open Searchable Image Catalogue ...
CVE-2006-2751Cross-site scripting (XSS) vulnerability in Open Searchable Image Catalogue (OSIC) 0.7.0.1 and earlier allows remote att...
CVE-2006-2752The RedCarpet /etc/ximian/rcd.conf configuration file in Novell Linux Desktop 9 and SUSE SLES 9 has world-readable permi...
CVE-2006-2738The open source version of Open-Xchange 0.8.2 and earlier uses a static default username and password with a valid login...
CVE-2006-2439Stack-based buffer overflow in ZipCentral 4.01 allows remote user-assisted attackers to execute arbitrary code via a ZIP...
CVE-2006-2720SQL injection vulnerability in news.php in VARIOMAT allows remote attackers to execute arbitrary SQL commands via the su...
CVE-2006-2719JIWA Financials 6.4.14 stores usernames and passwords for all accounts in cleartext in the HR_Staff table in Microsoft S...
CVE-2006-2718JIWA Financials 6.4.14 passes a Microsoft SQL Server account's username and password, and the name of a data source, to ...
CVE-2006-2724Cross-site scripting (XSS) vulnerability in PunBB 1.2.11 allows remote authenticated administrators to inject arbitrary ...
CVE-2006-2723Unspecified versions of Mozilla Firefox allow remote attackers to cause a denial of service (crash) via a web page that ...

Check if your code is affected by 2006 CVEs

Strix scans your code and infrastructure for known vulnerabilities automatically.

Scan your code now