2006 CVE Vulnerabilities

7,145 CVEs published in 2006.

Filter:UNKNOWNClear
CVE IDSeverityCVSSDescription
CVE-2006-2652Cross-site scripting (XSS) vulnerability in WikiNi 0.4.2 and earlier allows remote attackers to inject arbitrary HTML an...
CVE-2006-2651Cross-site scripting (XSS) vulnerability in index.php in Vacation Rental Script 1.0 allows remote attackers to inject ar...
CVE-2006-2650SQL injection vulnerability in cosmicshop/search.php in CosmicShoppingCart allows remote attackers to execute arbitrary ...
CVE-2006-2649Multiple cross-site scripting (XSS) vulnerabilities in (a) search.php, (b) search_cat.php, (c) search_price.php, and (d)...
CVE-2006-2648Cross-site scripting (XSS) vulnerability in perform_search.asp for ASPBB 0.52 and earlier allows remote attackers to inj...
CVE-2006-2647Untrusted search path vulnerability in update_flash for IBM AIX 5.1, 5.2 and 5.3 allows local users to execute arbitrary...
CVE-2006-2646Buffer overflow in Alt-N MDaemon, possibly 9.0.1 and earlier, allows remote attackers to execute arbitrary code via a lo...
CVE-2006-2645PHP remote file inclusion vulnerability in manager/frontinc/prepend.php for Plume 1.0.3 allows remote attackers to execu...
CVE-2006-2563The cURL library (libcurl) in PHP 4.4.2 and 5.1.4 allows attackers to bypass safe mode and read files via a file:// requ...
CVE-2006-1174useradd in shadow-utils before 4.0.3, and possibly other versions before 4.0.8, does not provide a required argument to ...
CVE-2006-2453Multiple unspecified format string vulnerabilities in Dia have unspecified impact and attack vectors, a different set of...
CVE-2006-2631phpFoX allows remote authenticated users to modify arbitrary accounts via a modified NATIO cookie value, possibly the ph...
CVE-2006-2630Stack-based buffer overflow in Symantec Antivirus 10.1 and Client Security 3.1 allows remote attackers to execute arbitr...
CVE-2006-2629Race condition in Linux kernel 2.6.15 to 2.6.17, when running on SMP platforms, allows local users to cause a denial of ...
CVE-2006-1054Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-1861. Reason: This candidate is a reservation ...
CVE-2006-2615ping.php in Russcom.Ping allows remote attackers to execute arbitrary commands via shell metacharacters in the domain pa...
CVE-2006-2616SQL injection vulnerability in the search script in (1) AlstraSoft Web Host Directory 1.2, aka (2) HyperStop WebHost Dir...
CVE-2006-2618Cross-site scripting (XSS) vulnerability in (1) AlstraSoft Web Host Directory 1.2, aka (2) HyperStop WebHost Directory 1...
CVE-2006-2617(1) AlstraSoft Web Host Directory 1.2, aka (2) HyperStop WebHost Directory 1.2, allows remote attackers to obtain the in...
CVE-2006-2609artmedic newsletter 4.1.2 and possibly other versions, when register_globals is enabled, allows remote attackers to modi...
CVE-2006-2611Cross-site scripting (XSS) vulnerability in includes/Sanitizer.php in the variable handler in MediaWiki 1.6.x before r14...
CVE-2006-2612Novell Client for Windows 4.8 and 4.9 does not restrict access to the clipboard contents while a machine is locked, whic...
CVE-2006-2613Mozilla Suite 1.7.13, Mozilla Firefox 1.5.0.3 and possibly other versions before before 1.8.0, and Netscape 7.2 and 8.1,...
CVE-2006-2614Sun N1 System Manager 1.1 for Solaris 10 before patch 121161-01 records system passwords in the world-readable scripts (...
CVE-2006-2610Cross-site scripting (XSS) vulnerability in view.php in phpRaid 2.9.5 allows remote attackers to inject arbitrary web sc...

Check if your code is affected by 2006 CVEs

Strix scans your code and infrastructure for known vulnerabilities automatically.

Scan your code now