2006 CVE Vulnerabilities

7,145 CVEs published in 2006.

Filter:UNKNOWNClear
CVE IDSeverityCVSSDescription
CVE-2006-0866PunBB 1.2.10 and earlier allows remote attackers to conduct brute force guessing attacks for an account's password, whic...
CVE-2006-0865PunBB 1.2.10 and earlier allows remote attackers to cause a denial of service (resource consumption) by registering many...
CVE-2006-0860Multiple cross-site scripting (XSS) vulnerabilities in Michael Salzer Guestbox 0.6, and other versions before 0.8, allow...
CVE-2006-0868Multiple unspecified injection vulnerabilities in unspecified Auth Container back ends for PEAR::Auth before 1.2.4, and ...
CVE-2006-0858Unquoted Windows search path vulnerability in (1) snsmcon.exe, (2) the autostartup mechanism, and (3) an unspecified ins...
CVE-2006-0859Michael Salzer Guestbox 0.6, and other versions before 0.8, allows remote attackers to post an admin comment to a guestb...
CVE-2006-0720Stack-based buffer overflow in Nullsoft Winamp 5.12 and 5.13 allows user-assisted attackers to cause a denial of service...
CVE-2006-0855Stack-based buffer overflow in the fullpath function in misc.c for zoo 2.10 and earlier, as used in products such as Bar...
CVE-2006-0812The VisNetic AntiVirus Plug-in (DKAVUpSch.exe) for Mail Server 4.6.0.4, 4.6.1.1, and possibly other versions before 4.6....
CVE-2006-0803The signature verification functionality in the YaST Online Update (YOU) script handling relies on a gpg feature that is...
CVE-2006-0853Buffer overflow in the IMAP service of TrueNorth Internet Anywhere (IA) eMailserver 5.3.4 allows remote authenticated us...
CVE-2006-0852Direct static code injection vulnerability in write.php in Admbook 1.2.2 and earlier allows remote attackers to execute ...
CVE-2006-0851SQL injection vulnerability in the forum module of ilchClan 1.05g and earlier allows remote attackers to execute arbitra...
CVE-2006-0850SQL injection vulnerability in include/includes/user/login.php in ilchClan before 1.05g allows remote attackers to execu...
CVE-2006-0854PHP remote file inclusion vulnerability in common.php in Intensive Point iUser Ecommerce allows remote attackers to incl...
CVE-2006-0848The "Open 'safe' files after downloading" option in Safari on Apple Mac OS X allows remote user-assisted attackers to ex...
CVE-2006-0837IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 has world-readable permissions for (1) /etc/neusecure.conf, (2) /opt/NeuS...
CVE-2006-0834Uniden UIP1868P VoIP Telephone and Router has a default password of admin for the web-based configuration utility, which...
CVE-2006-0835SQL injection vulnerability in dropbase.php in MitriDAT Web Calendar Pro allows remote attackers to modify internal SQL ...
CVE-2006-0838IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 stores cleartext passwords in the (1) CMS_DBPASS, (2) CMSM_DBPASS, and (3...
CVE-2006-0836Mozilla Thunderbird 1.5 allows user-assisted attackers to cause an unspecified denial of service by tricking the user in...
CVE-2006-0847Directory traversal vulnerability in the staticfilter component in CherryPy before 2.1.1 allows remote attackers to read...
CVE-2006-0846Multiple cross-site scripting (XSS) vulnerabilities in Leif M. Wright's Blog 3.5 allow remote attackers to inject arbitr...
CVE-2006-0845Leif M. Wright's Blog 3.5 allows remote authenticated users with administrative privileges to execute arbitrary programs...
CVE-2006-0844Leif M. Wright's Blog 3.5 does not make a password comparison when authenticating an administrator via a cookie, which a...

Check if your code is affected by 2006 CVEs

Strix scans your code and infrastructure for known vulnerabilities automatically.

Scan your code now