2006 CVE Vulnerabilities

7,145 CVEs published in 2006.

Filter:UNKNOWNClear
CVE IDSeverityCVSSDescription
CVE-2006-0911NmService.exe in Ipswitch WhatsUp Professional 2006 allows remote attackers to cause a denial of service (CPU consumptio...
CVE-2006-0910Invision Power Board (IPB) 2.1.4 and earlier allows remote attackers to list directory contents via a direct request to ...
CVE-2006-0909Invision Power Board (IPB) 2.1.4 and earlier allows remote attackers to view sensitive information via a direct request ...
CVE-2006-0932Directory traversal vulnerability in zip.lib.php 0.1.1 in PEAR::Archive_Zip allows remote attackers to create and overwr...
CVE-2006-0915Bugzilla 2.16.10 does not properly handle certain characters in the (1) maxpatchsize and (2) maxattachmentsize parameter...
CVE-2006-0937U.N.U. Mailgust 1.9 allows remote attackers to obtain sensitive information via a direct request to index.php with metho...
CVE-2006-0923Multiple cross-site scripting (XSS) vulnerabilities in MyPHPNuke (MPN) 1.88 and earlier allow remote attackers to inject...
CVE-2006-0922CubeCart 3.0 through 3.6 does not properly check authorization for an administration session because of a missing auth.i...
CVE-2006-0921Multiple directory traversal vulnerabilities in connector.php in FCKeditor 2.0 FC, as used in products such as RunCMS, a...
CVE-2006-0931Directory traversal vulnerability in PEAR::Archive_Tar 1.2, and other versions before 1.3.2, allows remote attackers to ...
CVE-2006-0920Oi! Email Marketing System 3.0 (aka Oi! 3) stores the server's FTP password in cleartext on a Configuration web page, wh...
CVE-2006-0919SQL injection vulnerability in index.php (aka the login page) in Oi! Email Marketing System 3.0 (aka Oi! 3) allows remot...
CVE-2006-0918Buffer overflow in RITLabs The Bat! 3.60.07 allows remote attackers to execute arbitrary code via a long Subject field.
CVE-2006-0917Melange Chat Server (aka M-Chat), when accessed via a web browser, automatically sends cookies and other sensitive infor...
CVE-2006-0916Bugzilla 2.19.3 through 2.20 does not properly handle "//" sequences in URLs when redirecting a user from the login form...
CVE-2006-0924Cross-site scripting (XSS) vulnerability in Brown Bear iCal 3.10 allows remote attackers to inject arbitrary web script ...
CVE-2006-0933Cross-site scripting (XSS) vulnerability in PHPX 3.5.9 allows remote attackers to inject arbitrary web script or HTML vi...
CVE-2006-0934Cross-site scripting (XSS) vulnerability in webinsta Limbo 1.0.4.2 allows remote attackers to inject arbitrary web scrip...
CVE-2006-0935Microsoft Word 2003 allows remote attackers to cause a denial of service (application crash) via a crafted file, as demo...
CVE-2006-0936Free Host Shop Website Generator 3.3 allows remote authenticated users with administrative privileges to upload and exec...
CVE-2006-0930Directory traversal vulnerability in Webmail in ArGoSoft Mail Server Pro 1.8 allows remote authenticated users to read a...
CVE-2006-0929Directory traversal vulnerability in the IMAP server in ArGoSoft Mail Server Pro 1.8.8.1 allows remote authenticated use...
CVE-2006-0928The POP3 Server in ArGoSoft Mail Server Pro 1.8 allows remote attackers to obtain sensitive information via the _DUMP co...
CVE-2006-0927Multiple cross-site scripting (XSS) vulnerabilities in the JGS-XA JGS-Gallery Addon 4.0.0 and earlier for Woltlab Burnin...
CVE-2006-0926Multiple directory traversal vulnerabilities in Allume StuffIt Standard and Deluxe 9.0, ZipMagic Deluxe 9.0, and StuffIt...

Check if your code is affected by 2006 CVEs

Strix scans your code and infrastructure for known vulnerabilities automatically.

Scan your code now