2006 CVE Vulnerabilities

7,145 CVEs published in 2006.

Filter:UNKNOWNClear
CVE IDSeverityCVSSDescription
CVE-2006-0659Multiple PHP remote file include vulnerabilities in RunCMS 1.2 and earlier, with register_globals and allow_url_fopen en...
CVE-2006-0658Incomplete blacklist vulnerability in connector.php in FCKeditor 2.0 and 2.2, as used in products such as RunCMS, allows...
CVE-2006-0657Cross-site scripting (XSS) vulnerability in Softcomplex PHP Event Calendar 1.5 allows remote authenticated users to inje...
CVE-2006-0656Directory traversal vulnerability in HP Systems Insight Manager 4.2 through 5.0 SP3 for Windows allows remote attackers ...
CVE-2006-0655Multiple cross-site scripting (XSS) vulnerabilities in (1) link_edited.php and (2) link_added.php in Hinton Design phpht...
CVE-2006-0654check.php in Hinton Design phpht Topsites 1.3 does not validate passwords when using cookies, which allows remote attack...
CVE-2006-0653Multiple SQL injection vulnerabilities in Hinton Design phpht Topsites 1.3 allow remote attackers to execute arbitrary S...
CVE-2006-0652WHMCompleteSolution (WHMCS) before 2.3 assigns incorrect permissions to "resellers", which allows remote authenticated u...
CVE-2006-0651SQL injection vulnerability in index.php in vwdev allows remote attackers to execute arbitrary SQL commands via the UID ...
CVE-2006-0650Cross-site scripting (XSS) vulnerability in cpaint2.inc.php in the CPAINT library before 2.0.3, as used in multiple scri...
CVE-2006-0649Cross-site scripting (XSS) vulnerability in DataparkSearch before 4.37 allows remote attackers to inject arbitrary web s...
CVE-2006-0648Multiple directory traversal vulnerabilities in PHP iCalendar 2.0.1, 2.1, and 2.2 allow remote attackers to include arbi...
CVE-2006-0647LDAP service in Sun Java System Directory Server 5.2, running on Linux and possibly other platforms, allows remote attac...
CVE-2006-0646ld in SUSE Linux 9.1 through 10.0, and SLES 9, in certain circumstances when linking binaries, can leave an empty RPATH ...
CVE-2006-0645Tiny ASN.1 Library (libtasn1) before 0.2.18, as used by (1) GnuTLS 1.2.x before 1.2.10 and 1.3.x before 1.3.4, and (2) G...
CVE-2006-0631CRLF injection vulnerability in mailback.pl in Erik C. Thauvin mailback allows remote attackers to use mailback as a "sp...
CVE-2006-0633The make_password function in ipsclass.php in Invision Power Board (IPB) 2.1.4 uses random data generated from partially...
CVE-2006-0632The gen_rand_string function in phpBB 2.0.19 uses insufficiently random data (small value space) to create the activatio...
CVE-2006-0630RITLabs The Bat! before 3.0.0.15 displays certain important headers from encapsulated data in message/partial MIME messa...
CVE-2006-0628myquiz.pl in Dale Ray MyQuiz 1.01 allows remote attackers to execute arbitrary commands via shell metacharacters in the ...
CVE-2006-0629Unspecified vulnerability in AOL Instant Messenger (AIM) 5.9.3861 allows user-assisted remote attackers to cause a denia...
CVE-2006-0644Multiple directory traversal vulnerabilities in install.php in CPG-Nuke Dragonfly CMS (aka CPG Dragonfly CMS) 9.0.6.1 al...
CVE-2006-0643Cross-site scripting (XSS) vulnerability in WiredRed e/pop Web Conferencing 4.1.0.755 allows remote authenticated users ...
CVE-2006-0642Trend Micro ServerProtect 5.58, and possibly InterScan Messaging Security Suite and InterScan Web Security Suite, have a...
CVE-2006-0641Orbicule Undercover uses a third-party web server to determine the IP address through which the computer is accessing th...

Check if your code is affected by 2006 CVEs

Strix scans your code and infrastructure for known vulnerabilities automatically.

Scan your code now