2006 CVE Vulnerabilities
7,145 CVEs published in 2006.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2006-6818 | — | — | 1.5% | Dec 29, 2006 | AlstraSoft Web Host Directory allows remote attackers to bypass authentication and change the admin password via a direc... |
| CVE-2006-6817 | — | — | 1.1% | Dec 29, 2006 | AlstraSoft Web Host Directory allows remote attackers to obtain sensitive information by requesting any invalid URI, whi... |
| CVE-2006-6821 | — | — | 1.7% | Dec 29, 2006 | myprofile.asp in Enthrallweb eNews does not properly validate the MM_recordId parameter during profile updates, which al... |
| CVE-2006-6822 | — | — | 1.7% | Dec 29, 2006 | myprofile.asp in Enthrallweb eClassifieds does not properly validate the MM_recordId parameter during profile updates, w... |
| CVE-2006-6820 | — | — | 1.7% | Dec 29, 2006 | myprofile.asp in Enthrallweb eCoupons does not properly validate the MM_recordId parameter during profile updates, which... |
| CVE-2006-6824 | — | — | 2.4% | Dec 29, 2006 | Multiple cross-site scripting (XSS) vulnerabilities in Jim Hu and Chad Little PHP iCalendar 2.23 rc1 and earlier allow r... |
| CVE-2006-6819 | — | — | 1.8% | Dec 29, 2006 | AlstraSoft Web Host Directory stores sensitive information under the web root with insufficient access control, which al... |
| CVE-2006-6823 | — | — | 2.3% | Dec 29, 2006 | PHP remote file inclusion vulnerability in plugins/metasearch/plug.inc.php in Yrch! 1.0 allows remote attackers to execu... |
| CVE-2006-6816 | — | — | 3.6% | Dec 29, 2006 | Multiple SQL injection vulnerabilities in DMXReady Secure Login Manager 1.0 allow remote attackers to execute arbitrary ... |
| CVE-2006-6806 | — | — | 1.0% | Dec 28, 2006 | SQL injection vulnerability in newsdetail.asp in Enthrallweb eMates 1.0 allows remote attackers to execute arbitrary SQL... |
| CVE-2006-6808 | — | — | 6.6% | Dec 28, 2006 | Cross-site scripting (XSS) vulnerability in wp-admin/templates.php in WordPress 2.0.5 allows remote attackers to inject ... |
| CVE-2006-6803 | — | — | 1.0% | Dec 28, 2006 | SQL injection vulnerability in Types.asp in Enthrallweb eCars 1.0 allows remote attackers to execute arbitrary SQL comma... |
| CVE-2006-6804 | — | — | 1.0% | Dec 28, 2006 | SQL injection vulnerability in bus_details.asp in Dragon Business Directory - Pro (aka Dragon Internet Business Search D... |
| CVE-2006-6801 | — | — | 2.0% | Dec 28, 2006 | PHP remote file inclusion vulnerability in misc.php in SH-News 0.93, when register_globals is enabled, allows remote att... |
| CVE-2006-6802 | — | — | 1.0% | Dec 28, 2006 | SQL injection vulnerability in actualpic.asp in Enthrallweb ePages allows remote attackers to execute arbitrary SQL comm... |
| CVE-2006-6807 | — | — | 1.0% | Dec 28, 2006 | SQL injection vulnerability in list.asp in Softwebs Nepal (aka Ananda Raj Pandey) Ananda Real Estate 3.4 and earlier all... |
| CVE-2006-6800 | — | — | 3.4% | Dec 28, 2006 | PHP remote file inclusion in eventcal/mod_eventcal.php in the event module 1.0 for Limbo CMS allows remote attackers to ... |
| CVE-2006-6799 | — | — | 2.4% | Dec 28, 2006 | SQL injection vulnerability in Cacti 0.8.6i and earlier, when register_argc_argv is enabled, allows remote attackers to ... |
| CVE-2006-6805 | — | — | 1.0% | Dec 28, 2006 | SQL injection vulnerability in newsdetail.asp in Enthrallweb eJobs allows remote attackers to execute arbitrary SQL comm... |
| CVE-2006-6318 | — | — | 3.2% | Dec 28, 2006 | The show_elog_list function in elogd.c in elog 2.6.2 and earlier allows remote authenticated users to cause a denial of ... |
| CVE-2006-6797 | — | — | 6.8% | Dec 28, 2006 | The Client Server Run-Time Subsystem (CSRSS) in Microsoft Windows allows local users to cause a denial of service (crash... |
| CVE-2006-6777 | — | — | 1.7% | Dec 28, 2006 | Cross-site scripting (XSS) vulnerability in index.cfm in Future Internet allows remote attackers to inject arbitrary web... |
| CVE-2006-6779 | — | — | 3.5% | Dec 28, 2006 | Cross-site scripting (XSS) vulnerability in Jelsoft vBulletin allows remote attackers to inject arbitrary web script or ... |
| CVE-2006-6786 | — | — | 1.7% | Dec 28, 2006 | Open Newsletter 2.5 and earlier allows remote authenticated administrators to execute arbitrary PHP code by inserting th... |
| CVE-2006-6776 | — | — | 1.0% | Dec 28, 2006 | Multiple SQL injection vulnerabilities in Future Internet allow remote attackers to execute arbitrary SQL commands via t... |
Check if your code is affected by 2006 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now