2006 CVE Vulnerabilities
7,145 CVEs published in 2006.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2006-0719 | — | — | 1.2% | Feb 15, 2006 | SQL injection vulnerability in member_login.php in PHP Classifieds 6.18 through 6.20 allows remote attackers to execute ... |
| CVE-2006-0718 | — | — | 2.0% | Feb 15, 2006 | The Internet Key Exchange version 1 (IKEv1) implementation in Avaya VSU 100, 2000, 7500, 10000, and CSU 5000, when runni... |
| CVE-2006-0716 | — | — | 1.3% | Feb 15, 2006 | SQL injection vulnerability in index.php in sNews 1.3 allows remote attackers to execute arbitrary SQL commands via the ... |
| CVE-2006-0715 | — | — | 1.7% | Feb 15, 2006 | Cross-site scripting (XSS) vulnerability in sNews 1.3 allows remote attackers to inject arbitrary web script or HTML via... |
| CVE-2006-0714 | — | — | 7.6% | Feb 15, 2006 | Directory traversal vulnerability in the installation file (sql/install-0.9.7.php) in Flyspray 0.9.7 allows remote attac... |
| CVE-2006-0713 | — | — | 3.0% | Feb 15, 2006 | Directory traversal vulnerability in LinPHA 1.0 allows remote attackers to include arbitrary files via .. (dot dot) sequ... |
| CVE-2006-0712 | — | — | 1.6% | Feb 15, 2006 | mail_html template in Squishdot 1.5.0 and earlier does not properly validate the (1) email and (2) title variables, whic... |
| CVE-2006-0690 | — | — | 1.3% | Feb 15, 2006 | Multiple SQL injection vulnerabilities in TTS Time Tracking Software 3.0 allow remote attackers to execute arbitrary SQL... |
| CVE-2006-0689 | — | — | 1.3% | Feb 15, 2006 | Cross-site scripting (XSS) vulnerability in the Registration Form in TTS Time Tracking Software 3.0 allows remote attack... |
| CVE-2006-0688 | — | — | 3.9% | Feb 15, 2006 | PHP remote file include vulnerability in application.php in nicecoder.com indexu 5.0.0 and 5.0.1 allows remote attackers... |
| CVE-2006-0691 | — | — | 2.8% | Feb 15, 2006 | edituser.php in TTS Time Tracking Software 3.0 does not verify that the name and password are correct, which allows remo... |
| CVE-2006-0692 | — | — | 1.4% | Feb 15, 2006 | Multiple SQL injection vulnerabilities in Carey Briggs PHP/MYSQL Timesheet 1 and 2 allow remote attackers to execute arb... |
| CVE-2006-0710 | — | — | 4.4% | Feb 15, 2006 | Double free vulnerability in isode.eddy in Isode M-Vault Server 11.3 allows remote attackers to execute arbitrary code v... |
| CVE-2006-0711 | — | — | 1.5% | Feb 15, 2006 | The (1) addfolder and (2) deletefolder functions in neomail-prefs.pl in NeoMail 1.28 do not validate the Session ID, whi... |
| CVE-2006-0666 | — | — | 0.4% | Feb 15, 2006 | Unspecified vulnerability in the (1) unix_mp and (2) unix_64 kernels in IBM AIX 5.3 VRMF 5.3.0.30 through 5.3.0.33 allow... |
| CVE-2006-0693 | — | — | 1.5% | Feb 15, 2006 | Multiple SQL injection vulnerabilities in rb_auth.php in Roberto Butti CALimba 0.99.2 beta and earlier allow remote atta... |
| CVE-2006-0717 | — | — | 9.4% | Feb 15, 2006 | IBM Tivoli Directory Server 6.0 allows remote attackers to cause a denial of service (crash) via a crafted LDAP request,... |
| CVE-2006-0698 | — | — | 1.9% | Feb 15, 2006 | Unspecified vulnerabilities in Zen Cart before 1.2.7 allow remote attackers to cause unknown impact via unspecified vect... |
| CVE-2006-0699 | — | — | 1.7% | Feb 15, 2006 | Cross-site scripting (XSS) vulnerability in search.php in QWikiWiki 1.5, and possibly 1.5.1 and other versions, allows r... |
| CVE-2006-0700 | — | — | 6.5% | Feb 15, 2006 | imageVue 16.1 allows remote attackers to obtain folder permission settings via a direct request to dir.php, which return... |
| CVE-2006-0701 | — | — | 7.7% | Feb 15, 2006 | readfolder.php in imageVue 16.1 allows remote attackers to list directories via modified path and ext parameters. |
| CVE-2006-0697 | — | — | 5.2% | Feb 15, 2006 | Zen Cart before 1.2.7 does not protect the admin/includes directory, which allows remote attackers to cause unknown impa... |
| CVE-2006-0696 | — | — | 1.2% | Feb 15, 2006 | SQL injection vulnerability in Zen Cart before 1.2.7 allows remote attackers to execute arbitrary SQL commands via unspe... |
| CVE-2006-0695 | — | — | 2.7% | Feb 15, 2006 | Ansilove before 1.03 does not filter uploaded file extensions, which allows remote attackers to execute arbitrary code b... |
| CVE-2006-0694 | — | — | 1.4% | Feb 15, 2006 | Unspecified vulnerability in the loaders (load_*.php) in Ansilove before 1.03 allows remote attackers to read arbitrary ... |
Check if your code is affected by 2006 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now