2006 CVE Vulnerabilities
7,145 CVEs published in 2006.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2006-0450 | — | — | 5.0% | Jan 27, 2006 | phpBB 2.0.19 and earlier allows remote attackers to cause a denial of service (application crash) by (1) registering man... |
| CVE-2006-0443 | — | — | 2.1% | Jan 26, 2006 | Cross-site scripting (XSS) vulnerability in archive.php in CheesyBlog 1.0 allows remote attackers to inject arbitrary we... |
| CVE-2006-0442 | — | — | 1.8% | Jan 26, 2006 | Multiple cross-site scripting (XSS) vulnerabilities in usercp.php in MyBulletinBoard (MyBB) 1.02 allow remote attackers ... |
| CVE-2006-0441 | — | — | 70.4% | Jan 26, 2006 | Stack-based buffer overflow in Sami FTP Server 2.0.1 allows remote attackers to execute arbitrary code via a long USER c... |
| CVE-2006-0440 | — | — | 1.4% | Jan 26, 2006 | Text Rider 2.4 allows attackers to bypass authentication and upload files without providing a valid password by obtainin... |
| CVE-2006-0439 | — | — | 1.7% | Jan 26, 2006 | Text Rider 2.4 stores sensitive data in the data directory under the web document root with insufficient access control,... |
| CVE-2006-0445 | — | — | 1.2% | Jan 26, 2006 | index.php in Phpclanwebsite 1.23.1 allows remote authenticated users to obtain the installation path by specifying an in... |
| CVE-2006-0444 | — | — | 3.0% | Jan 26, 2006 | SQL injection vulnerability in index.php in Phpclanwebsite (aka PCW) 1.23.1 allows remote attackers to execute arbitrary... |
| CVE-2006-0434 | — | — | 1.8% | Jan 26, 2006 | Directory traversal vulnerability in action.php in phpXplorer allows remote attackers to read arbitrary files via ".." (... |
| CVE-2006-0436 | — | — | 0.5% | Jan 26, 2006 | Unspecified vulnerability in HP HP-UX B.11.00, B.11.04, and B.11.11 allows local users to gain privileges via unknown at... |
| CVE-2006-0435 | — | — | 5.7% | Jan 26, 2006 | Unspecified vulnerability in Oracle PL/SQL (PLSQL), as used in Database Server DS 9.2.0.7 and 10.1.0.5, Application Serv... |
| CVE-2006-0430 | — | — | 1.8% | Jan 25, 2006 | Certain configurations of BEA WebLogic Server and WebLogic Express 9.0, 8.1 through SP5, and 7.0 through SP6, when conne... |
| CVE-2006-0429 | — | — | 0.4% | Jan 25, 2006 | BEA WebLogic Server and WebLogic Express 9.0 causes new security providers to appear active even if they have not been a... |
| CVE-2006-0428 | — | — | 2.4% | Jan 25, 2006 | Unspecified vulnerability in BEA WebLogic Portal 8.1 SP3 through SP5, when using Web Services Remote Portlets (WSRP), al... |
| CVE-2006-0427 | — | — | 0.4% | Jan 25, 2006 | Unspecified vulnerability in BEA WebLogic Server and WebLogic Express 9.0 and 8.1 through SP5 allows malicious EJBs or s... |
| CVE-2006-0426 | — | — | 2.0% | Jan 25, 2006 | BEA WebLogic Server and WebLogic Express 8.1 through SP4, when configuration auditing is enabled and a password change o... |
| CVE-2006-0425 | — | — | 2.1% | Jan 25, 2006 | BEA WebLogic Portal 8.1 through SP4 allows remote attackers to obtain the source for a deployment descriptor file via un... |
| CVE-2006-0424 | — | — | 1.3% | Jan 25, 2006 | BEA WebLogic Server and WebLogic Express 8.1 through SP4, 7.0 through SP6, and 6.1 through SP7 allows remote authenticat... |
| CVE-2006-0423 | — | — | 3.6% | Jan 25, 2006 | BEA WebLogic Portal 8.1 through SP3 stores the password for the RDBMS Authentication provider in cleartext in the config... |
| CVE-2006-0422 | — | — | 1.8% | Jan 25, 2006 | Multiple unspecified vulnerabilities in BEA WebLogic Server and WebLogic Express 8.1 through SP4, 7.0 through SP6, and 6... |
| CVE-2006-0421 | — | — | 0.4% | Jan 25, 2006 | By design, BEA WebLogic Server and WebLogic Express 7.0 and 6.1, when creating multiple domains from the same WebLogic i... |
| CVE-2006-0420 | — | — | 1.3% | Jan 25, 2006 | BEA WebLogic Server and WebLogic Express 8.1 through SP4 and 7.0 through SP6 does not properly handle when servlets use ... |
| CVE-2006-0419 | — | — | 2.3% | Jan 25, 2006 | BEA WebLogic Server and WebLogic Express 9.0, 8.1 through SP5, and 7.0 through SP6 allows anonymous binds to the embedde... |
| CVE-2006-0432 | — | — | 0.4% | Jan 25, 2006 | Unspecified vulnerability in BEA WebLogic Server and WebLogic Express 9.0, when an Administrator uses the WebLogic Admin... |
| CVE-2006-0431 | — | — | 0.4% | Jan 25, 2006 | Unspecified vulnerability in BEA WebLogic Server and WebLogic Express 8.1 SP5 allows untrusted applications to obtain th... |
Check if your code is affected by 2006 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now