2006 CVE Vulnerabilities
7,145 CVEs published in 2006.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2006-1520 | — | — | 2.5% | May 22, 2006 | Format string vulnerability in ANSI C Sender Policy Framework library (libspf) before 1.0.0-p5, when debugging is enable... |
| CVE-2006-2529 | — | — | 2.4% | May 22, 2006 | editor/filemanager/upload/php/upload.php in FCKeditor before 2.3 Beta, when the upload feature is enabled, does not veri... |
| CVE-2006-2539 | — | — | 0.3% | May 22, 2006 | Sybase EAServer 5.0 for HP-UX Itanium, 5.2 for IBM AIX, HP-UX PA-RISC, Linux x86, and Sun Solaris SPARC, and 5.3 for Sun... |
| CVE-2006-2538 | — | — | 1.9% | May 22, 2006 | IE Tab 1.0.9 plugin for Mozilla Firefox 1.5.0.3 allows remote user-assisted attackers to cause a denial of service (appl... |
| CVE-2006-2537 | — | — | 4.8% | May 22, 2006 | Multiple format string vulnerabilities in (a) OpenBOR 2.0046 and earlier, (b) Beats of Rage (BOR) 1.0029 and earlier, an... |
| CVE-2006-2536 | — | — | 1.3% | May 22, 2006 | Cross-site scripting (XSS) vulnerability in Destiney Links Script 2.1.2 allows remote attackers to inject arbitrary web ... |
| CVE-2006-2535 | — | — | 1.8% | May 22, 2006 | index.php in Destiney Links Script 2.1.2 allows remote attackers to obtain the installation path via an invalid show par... |
| CVE-2006-2534 | — | — | 1.3% | May 22, 2006 | Destiney Links Script 2.1.2 does not protect library and other support files, which allows remote attackers to obtain th... |
| CVE-2006-2533 | — | — | 1.3% | May 22, 2006 | Cross-site scripting (XSS) vulnerability in (1) addWeblog.php and (2) leaveComments.php in Destiney Rated Images Script ... |
| CVE-2006-2532 | — | — | 1.1% | May 22, 2006 | stats.php in Destiney Rated Images Script 0.5.0 allows remote attackers to obtain the installation path via an invalid s... |
| CVE-2006-2531 | — | — | 7.4% | May 22, 2006 | Ipswitch WhatsUp Professional 2006 only verifies the user's identity via HTTP headers, which allows remote attackers to ... |
| CVE-2006-2530 | — | — | 1.6% | May 22, 2006 | avatar_upload.asp in Avatar MOD 1.3 for Snitz Forums 3.4, and possibly other versions, allows remote attackers to bypass... |
| CVE-2006-2517 | — | — | 1.2% | May 22, 2006 | SQL injection vulnerability in MyWeb Portal Office, Standard Edition, Public Edition, Medical Edition, Citizen Edition, ... |
| CVE-2006-2515 | — | — | 1.4% | May 22, 2006 | Cross-site scripting (XSS) vulnerability in index.php in Hiox Guestbook 3.1 allows remote attackers to inject arbitrary ... |
| CVE-2006-2518 | — | — | 1.4% | May 22, 2006 | Cross-site scripting (XSS) vulnerability in phpwcms 1.2.5-DEV allows remote attackers to inject arbitrary web script or ... |
| CVE-2006-2516 | — | — | 6.4% | May 22, 2006 | mainfile.php in XOOPS 2.0.13.2 and earlier, when register_globals is enabled, allows remote attackers to overwrite varia... |
| CVE-2006-2519 | — | — | 1.6% | May 22, 2006 | Directory traversal vulnerability in include/inc_ext/spaw/spaw_control.class.php in phpwcms 1.2.5-DEV allows remote atta... |
| CVE-2006-2520 | — | — | 2.0% | May 22, 2006 | Directory traversal vulnerability in BitZipper 4.1.2 SR-1 and earlier allows remote attackers to create files in arbitra... |
| CVE-2006-2528 | — | — | 3.0% | May 22, 2006 | PHP remote file inclusion vulnerability in classified_right.php in phpBazar 2.1.0 and earlier allows remote attackers to... |
| CVE-2006-2527 | — | — | 3.3% | May 22, 2006 | Admin/admin.php in phpBazar 2.1.0 and earlier allows remote attackers to bypass the authentication process and gain unau... |
| CVE-2006-2526 | — | — | 1.6% | May 22, 2006 | PHP remote file inclusion vulnerability in index.php in PHP Easy Galerie 1.1 allows remote attackers to execute arbitrar... |
| CVE-2006-2525 | — | — | 1.3% | May 22, 2006 | SQL injection vulnerability in UseBB 1.0 RC1 and earlier allows remote attackers to execute arbitrary SQL commands via t... |
| CVE-2006-2524 | — | — | 1.4% | May 22, 2006 | Cross-site scripting (XSS) vulnerability in UseBB 1.0 RC1 and earlier allows remote attackers to inject arbitrary web sc... |
| CVE-2006-2523 | — | — | 3.0% | May 22, 2006 | PHP remote file inclusion vulnerability in config.php in phpListPro 2.0.1 and earlier, with magic_quotes_gpc disabled, a... |
| CVE-2006-2522 | — | — | 1.9% | May 22, 2006 | Dayfox Blog 2.0 and earlier stores user credentials in edit/slog_users.txt under the web document root with insufficient... |
Check if your code is affected by 2006 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now