2006 CVE Vulnerabilities

7,145 CVEs published in 2006.

Filter:UNKNOWNClear
CVE IDSeverityCVSSDescription
CVE-2006-1208Sergey Korostel PHP Upload Center allows remote attackers to execute arbitrary PHP code by uploading a file whose name e...
CVE-2006-1202Multiple cross-site scripting (XSS) vulnerabilities in textfileBB 1.0 and earlier allow remote attackers to inject arbit...
CVE-2006-1201Directory traversal vulnerability in resetpw.php in eschew.net phpBannerExchange 2.0 and earlier, and other versions bef...
CVE-2006-1200Direct static code injection vulnerability in add_link.txt in daverave Link Bank allows remote attackers to execute arbi...
CVE-2006-1199Cross-site scripting (XSS) vulnerability in iframe.php in daverave Link Bank allows remote attackers to inject arbitrary...
CVE-2006-1198Comvigo IM Lock 2006 uses a simple substitution cipher to encrypt a password stored in the msnvs\prc registry value, for...
CVE-2006-1213JiRo's Banner System Experience and Professional 1.0 and earlier allows remote attackers to bypass access restrictions a...
CVE-2006-1212Unspecified vulnerability in index.php in Core CoreNews 2.0.1 allows remote attackers to execute arbitrary commands via ...
CVE-2006-1211IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 configures a MySQL database to allow connections from any source IP addre...
CVE-2006-1210The web interface for IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 includes the MySQL database username and password i...
CVE-2006-1207PHP Upload Center stores password hashes under the web root with insufficient access control, which allows remote attack...
CVE-2006-1206Matt Johnston Dropbear SSH server 0.47 and earlier, as used in embedded Linux devices and on general-purpose operating s...
CVE-2006-1205Multiple cross-site scripting (XSS) vulnerabilities in myWebland myBloggie 2.1.3 beta and earlier allow remote attackers...
CVE-2006-1204Multiple cross-site scripting (XSS) vulnerabilities in txtForum 1.0.4-dev and earlier allow remote attackers to inject a...
CVE-2006-1203PHP remote file include vulnerability in common.php in txtForum 1.0.4-dev and earlier allows remote attackers to include...
CVE-2006-1196Multiple cross-site scripting (XSS) vulnerabilities in QwikiWiki 1.5 allow remote attackers to inject arbitrary web scri...
CVE-2006-1195The enet_protocol_handle_send_fragment function in protocol.c for ENet library CVS version Jul 2005 and earlier, as used...
CVE-2006-1194Integer signedness error in the enet_protocol_handle_incoming_commands function in protocol.c for ENet library CVS versi...
CVE-2006-1197SafeDisc installs the driver service for the secdrv.sys driver with insecure permissions, which allows local users to ga...
CVE-2006-0049gpg in GnuPG before 1.4.2.2 does not properly verify non-detached signatures, which allows attackers to inject unsigned ...
CVE-2006-0950unalz 0.53 allows user-assisted attackers to overwrite arbitrary files via an ALZ archive with ".." (dot dot) sequences ...
CVE-2006-0819Dwarf HTTP Server 1.3.2 allows remote attackers to obtain the source code of JSP files via (1) dot, (2) space, (3) slash...
CVE-2006-0820Cross-site scripting (XSS) vulnerability in Dwarf HTTP Server 1.3.2 allows remote attackers to inject arbitrary web scri...
CVE-2006-1183The Ubuntu 5.10 installer does not properly clear passwords from the installer log file (questions.dat), and leaves the ...
CVE-2006-1162Directory traversal vulnerability in Nodez 4.6.1.1 and earlier allows remote attackers to read or include arbitrary PHP ...

Check if your code is affected by 2006 CVEs

Strix scans your code and infrastructure for known vulnerabilities automatically.

Scan your code now