2006 CVE Vulnerabilities

7,145 CVEs published in 2006.

Filter:UNKNOWNClear
CVE IDSeverityCVSSDescription
CVE-2006-2722SQL injection vulnerability in view_album.php in SelectaPix 1.4 allows remote attackers to execute arbitrary SQL command...
CVE-2006-2721Cross-site scripting (XSS) vulnerability in news.php in VARIOMAT allows remote attackers to inject arbitrary HTML or web...
CVE-2006-2713Secure Elements Class 5 AVR client (aka C5 EVM) before 2.8.1 generates predictable CEIDs, which allows remote attackers ...
CVE-2006-2712Secure Elements Class 5 AVR (aka C5 EVM) client and server before 2.8.1 do not verify the integrity of a message digest,...
CVE-2006-2711Secure Elements Class 5 AVR (aka C5 EVM) 2.8.1 and earlier, and possibly later 2.8.x releases, uses the same initializat...
CVE-2006-2710Secure Elements Class 5 AVR (aka C5 EVM) before 2.8.1 uses the same invariant RSA key for all installations, which allow...
CVE-2006-2709Secure Elements Class 5 AVR (aka C5 EVM) before 2.8.1 do not validate the source address of a message, which allows remo...
CVE-2006-2708Secure Elements Class 5 AVR client (aka C5 EVM) before 2.8.1 allows remote attackers to read portions of process memory ...
CVE-2006-2706Secure Elements Class 5 AVR server (aka C5 EVM) before 2.8.1 allows remote attackers to cause a denial of service via fo...
CVE-2006-2707Secure Elements Class 5 AVR server (aka C5 EVM) before 2.8.1 does not validate the peer certificate when obtaining an up...
CVE-2006-2705Secure Elements Class 5 AVR server (aka C5 EVM) before 2.8.1 allows remote attackers to cause an unspecified denial of s...
CVE-2006-2704Secure Elements Class 5 AVR server and client (aka C5 EVM) before 2.8.1 send messages in cleartext, which allows remote ...
CVE-2006-2717Unspecified vulnerability in Secure Elements Class 5 AVR client and server (aka C5 EVM) before 2.8.1 allows authenticate...
CVE-2006-2716Secure Elements Class 5 AVR server (aka C5 EVM) before 2.8.1 uses a hard-coded user ID and password, which allows remote...
CVE-2006-2715The Administration Console in Secure Elements Class 5 AVR (aka C5 EVM) before 2.8.1 does not enforce access control, whi...
CVE-2006-2714Secure Elements Class 5 AVR client (aka C5 EVM) before 2.8.1 does not validate the CEID of an incoming message, which al...
CVE-2006-1515Buffer overflow in the addnewword function in typespeed 0.4.4 and earlier might allow remote attackers to execute arbitr...
CVE-2006-1175The WeOnlyDo! SFTP (wodSFTP) ActiveX control is marked as safe for scripting, which allows remote attackers to read and ...
CVE-2006-2698Geeklog 1.4.0sr2 and earlier allows remote attackers to obtain the full installation path via a direct request and possi...
CVE-2006-2685PHP remote file inclusion vulnerability in Basic Analysis and Security Engine (BASE) 1.2.4 and earlier, with register_gl...
CVE-2006-2702vars.php in WordPress 2.0.2, possibly when running on Mac OS X, allows remote attackers to spoof their IP address via a ...
CVE-2006-2701SQL injection vulnerability in Geeklog 1.4.0sr2 and earlier allows remote attackers to execute arbitrary SQL commands vi...
CVE-2006-2700SQL injection vulnerability in admin/auth.inc.php in Geeklog 1.4.0sr2 and earlier allows remote attackers to execute arb...
CVE-2006-2699Cross-site scripting (XSS) vulnerability in getimage.php in Geeklog 1.4.0sr2 and earlier allows remote attackers to inje...
CVE-2006-2697Multiple SQL injection vulnerabilities in Easy-Content Forums 1.0 allow remote attackers to execute arbitrary SQL comman...

Check if your code is affected by 2006 CVEs

Strix scans your code and infrastructure for known vulnerabilities automatically.

Scan your code now