2006 CVE Vulnerabilities

7,145 CVEs published in 2006.

Filter:UNKNOWNClear
CVE IDSeverityCVSSDescription
CVE-2006-1709Cross-site scripting (XSS) vulnerability in shop_main.cgi in interaktiv.shop 5 allows remote attackers to inject arbitra...
CVE-2006-1708SQL injection vulnerability in member.php in Clansys 1.1 allows remote attackers to execute arbitrary SQL commands via t...
CVE-2006-1707index.php in Shopweezle 2.0 allows remote attackers to include arbitrary local files via the url parameter.
CVE-2006-1706Multiple SQL injection vulnerabilities in Shopweezle 2.0 allow remote attackers to execute arbitrary SQL commands via th...
CVE-2006-1705Oracle Database 9.2.0.0 to 10.2.0.3 allows local users with "SELECT" privileges for a base table to insert, update, or d...
CVE-2006-1704Sire 2.0 nws allows remote attackers to upload arbitrary image files without authentication via a direct request to uplo...
CVE-2006-1703PHP remote file inclusion vulnerability in lire.php in Sire 2.0 nws allows remote attackers to execute arbitrary PHP cod...
CVE-2006-1701Cross-site scripting (XSS) vulnerability in the Pages module in Shadowed Portal allows remote attackers to inject arbitr...
CVE-2006-1700Buy.php in Aweb Scripts Seller uses predictable cookies for authentication based on the time and the script number, whic...
CVE-2006-1699Cross-site scripting (XSS) vulnerability in index.php in Aweb Banner Generator 3.0 and earlier allows remote attackers t...
CVE-2006-1698Cross-site scripting (XSS) vulnerability in Matt Wright Guestbook 2.3.1 allows remote attackers to execute arbitrary web...
CVE-2006-1697Cross-site scripting (XSS) vulnerability in Matt Wright Guestbook 2.3.1 allows remote attackers to execute arbitrary web...
CVE-2006-1696Cross-site scripting (XSS) vulnerability in Gallery before 1.5.3 allows remote attackers to inject arbitrary web script ...
CVE-2006-1695The fbgs script in the fbi package 2.01-1.4, when the TMPDIR environment variable is not defined, allows local users to ...
CVE-2006-1694SQL injection vulnerability in members.php in XBrite Members 1.1 and earlier allows remote attackers to execute arbitrar...
CVE-2006-1693Unspecified vulnerability in GlobalSCAPE Secure FTP Server before 3.1.4 Build 01.10.2006 allows attackers to cause a den...
CVE-2006-1692Multiple SQL injection vulnerabilities in MWNewsletter 1.0.0b allow remote attackers to execute arbitrary SQL commands v...
CVE-2006-1691SQL injection vulnerability in MWNewsletter 1.0.0b allows remote attackers to execute arbitrary SQL commands via the use...
CVE-2006-1690Cross-site scripting (XSS) vulnerability in subscribe.php in MWNewsletter 1.0.0b allows remote attackers to inject arbit...
CVE-2006-1060Heap-based buffer overflow in zgv before 5.8 and xzgv before 0.8 might allow user-assisted attackers to execute arbitrar...
CVE-2006-1678Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.8.0.3 allow remote attackers to inject arbitr...
CVE-2006-1677MAXdev MDPro 1.0.73 and 1.0.72, and possibly other versions before 1.076, allows remote attackers to obtain the full pat...
CVE-2006-1686Unspecified vulnerability in modules.php in APT-webshop-system 4.0 PRO, 3.0 BASIC, and 3.0 LIGHT allows remote attackers...
CVE-2006-1688Multiple PHP remote file inclusion vulnerabilities in SQuery 4.5 and earlier, as used in products such as Autonomous LAN...
CVE-2006-1689Unspecified vulnerability in su in HP HP-UX B.11.11, when using the LDAP netgroup feature, allows local users to gain un...

Check if your code is affected by 2006 CVEs

Strix scans your code and infrastructure for known vulnerabilities automatically.

Scan your code now