2006 CVE Vulnerabilities
7,145 CVEs published in 2006.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2006-1208 | — | — | 2.0% | Mar 14, 2006 | Sergey Korostel PHP Upload Center allows remote attackers to execute arbitrary PHP code by uploading a file whose name e... |
| CVE-2006-1202 | — | — | 1.9% | Mar 14, 2006 | Multiple cross-site scripting (XSS) vulnerabilities in textfileBB 1.0 and earlier allow remote attackers to inject arbit... |
| CVE-2006-1201 | — | — | 2.7% | Mar 14, 2006 | Directory traversal vulnerability in resetpw.php in eschew.net phpBannerExchange 2.0 and earlier, and other versions bef... |
| CVE-2006-1200 | — | — | 1.9% | Mar 14, 2006 | Direct static code injection vulnerability in add_link.txt in daverave Link Bank allows remote attackers to execute arbi... |
| CVE-2006-1199 | — | — | 1.9% | Mar 14, 2006 | Cross-site scripting (XSS) vulnerability in iframe.php in daverave Link Bank allows remote attackers to inject arbitrary... |
| CVE-2006-1198 | — | — | 0.3% | Mar 14, 2006 | Comvigo IM Lock 2006 uses a simple substitution cipher to encrypt a password stored in the msnvs\prc registry value, for... |
| CVE-2006-1213 | — | — | 8.6% | Mar 14, 2006 | JiRo's Banner System Experience and Professional 1.0 and earlier allows remote attackers to bypass access restrictions a... |
| CVE-2006-1212 | — | — | 4.0% | Mar 14, 2006 | Unspecified vulnerability in index.php in Core CoreNews 2.0.1 allows remote attackers to execute arbitrary commands via ... |
| CVE-2006-1211 | — | — | 1.4% | Mar 14, 2006 | IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 configures a MySQL database to allow connections from any source IP addre... |
| CVE-2006-1210 | — | — | 1.5% | Mar 14, 2006 | The web interface for IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 includes the MySQL database username and password i... |
| CVE-2006-1207 | — | — | 1.5% | Mar 14, 2006 | PHP Upload Center stores password hashes under the web root with insufficient access control, which allows remote attack... |
| CVE-2006-1206 | — | — | 11.7% | Mar 14, 2006 | Matt Johnston Dropbear SSH server 0.47 and earlier, as used in embedded Linux devices and on general-purpose operating s... |
| CVE-2006-1205 | — | — | 2.9% | Mar 14, 2006 | Multiple cross-site scripting (XSS) vulnerabilities in myWebland myBloggie 2.1.3 beta and earlier allow remote attackers... |
| CVE-2006-1204 | — | — | 2.5% | Mar 14, 2006 | Multiple cross-site scripting (XSS) vulnerabilities in txtForum 1.0.4-dev and earlier allow remote attackers to inject a... |
| CVE-2006-1203 | — | — | 1.6% | Mar 14, 2006 | PHP remote file include vulnerability in common.php in txtForum 1.0.4-dev and earlier allows remote attackers to include... |
| CVE-2006-1196 | — | — | 2.5% | Mar 13, 2006 | Multiple cross-site scripting (XSS) vulnerabilities in QwikiWiki 1.5 allow remote attackers to inject arbitrary web scri... |
| CVE-2006-1195 | — | — | 2.3% | Mar 13, 2006 | The enet_protocol_handle_send_fragment function in protocol.c for ENet library CVS version Jul 2005 and earlier, as used... |
| CVE-2006-1194 | — | — | 4.3% | Mar 13, 2006 | Integer signedness error in the enet_protocol_handle_incoming_commands function in protocol.c for ENet library CVS versi... |
| CVE-2006-1197 | — | — | 0.4% | Mar 13, 2006 | SafeDisc installs the driver service for the secdrv.sys driver with insecure permissions, which allows local users to ga... |
| CVE-2006-0049 | — | — | 2.4% | Mar 13, 2006 | gpg in GnuPG before 1.4.2.2 does not properly verify non-detached signatures, which allows attackers to inject unsigned ... |
| CVE-2006-0950 | — | — | 1.7% | Mar 13, 2006 | unalz 0.53 allows user-assisted attackers to overwrite arbitrary files via an ALZ archive with ".." (dot dot) sequences ... |
| CVE-2006-0819 | — | — | 2.2% | Mar 13, 2006 | Dwarf HTTP Server 1.3.2 allows remote attackers to obtain the source code of JSP files via (1) dot, (2) space, (3) slash... |
| CVE-2006-0820 | — | — | 1.4% | Mar 13, 2006 | Cross-site scripting (XSS) vulnerability in Dwarf HTTP Server 1.3.2 allows remote attackers to inject arbitrary web scri... |
| CVE-2006-1183 | — | — | 3.2% | Mar 13, 2006 | The Ubuntu 5.10 installer does not properly clear passwords from the installer log file (questions.dat), and leaves the ... |
| CVE-2006-1162 | — | — | 2.7% | Mar 12, 2006 | Directory traversal vulnerability in Nodez 4.6.1.1 and earlier allows remote attackers to read or include arbitrary PHP ... |
Check if your code is affected by 2006 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now