2006 CVE Vulnerabilities

7,145 CVEs published in 2006.

Filter:UNKNOWNClear
CVE IDSeverityCVSSDescription
CVE-2006-4958Multiple cross-site scripting (XSS) vulnerabilities in Sun Secure Global Desktop (SSGD, aka Tarantella) before 4.20.983 ...
CVE-2006-4957SQL injection vulnerability in the GetMember function in functions.php in MyReview 1.9.4 allows remote attackers to exec...
CVE-2006-4956Cross-site scripting (XSS) vulnerability in the updateuser servlet in Neon WebMail for Java before 5.08 allows remote at...
CVE-2006-4955Directory traversal vulnerability in the downloadfile servlet in Neon WebMail for Java before 5.08 allows remote attacke...
CVE-2006-4954The updateuser servlet in Neon WebMail for Java before 5.08 does not validate the in_id parameter, which allows remote a...
CVE-2006-4953Multiple SQL injection vulnerabilities in Neon WebMail for Java before 5.08 allow remote attackers to execute arbitrary ...
CVE-2006-4952The updatemail servlet in Neon WebMail for Java before 5.08 allows remote attackers to move e-mail messages of arbitrary...
CVE-2006-4951Neon WebMail for Java before 5.08 allows remote attackers to execute arbitrary Java (JSP) code by sending an e-mail mess...
CVE-2006-4950Cisco IOS 12.2 through 12.4 before 20060920, as used by Cisco IAD2430, IAD2431, and IAD2432 Integrated Access Devices, t...
CVE-2006-4947Cross-site scripting (XSS) vulnerability in the Drupal 4.7 Search Keywords module before 1.15 2006/09/15 allows remote a...
CVE-2006-4946PHP remote file inclusion vulnerability in include/startup.inc.php in CMSDevelopment Business Card Web Builder (BCWB) 0....
CVE-2006-4945Multiple PHP remote file inclusion vulnerabilities in Cardway (aka Frederic Boudaud) DigitalWebShop 1.128 and earlier al...
CVE-2006-4949Cross-site scripting (XSS) vulnerability in the Drupal 4.6 Site Profile Directory (profile_pages.module) before 1.1.2.1 ...
CVE-2006-4948Stack-based buffer overflow in tftpd.exe in ProSysInfo TFTP Server TFTPDWIN 0.4.2 and earlier allows remote attackers to...
CVE-2006-4943course/jumpto.php in Moodle before 1.6.2 does not validate the session key (sesskey) before providing content from arbit...
CVE-2006-4942Moodle before 1.6.2, when the configuration lacks (1) algebra or (2) tex filters, allows remote authenticated users to w...
CVE-2006-4941Multiple cross-site scripting (XSS) vulnerabilities in Moodle before 1.6.2 might allow remote attackers to inject arbitr...
CVE-2006-4940login/forgot_password.php in Moodle before 1.6.2 allows remote attackers to obtain sensitive information (e-mail address...
CVE-2006-4939backup/backup_scheduled.php in Moodle before 1.6.2 generates trace data with the full backup pathname even when debuggin...
CVE-2006-4938help.php in Moodle before 1.6.2 does not check the existence of certain help files before including them, which might al...
CVE-2006-4937lib/setup.php in Moodle before 1.6.2 sets the error reporting level to 7 to display E_WARNING messages to users even if ...
CVE-2006-4936Moodle before 1.6.2 does not properly validate the module instance id when creating a course module object, which has un...
CVE-2006-4935The Database module in Moodle before 1.6.2 does not properly handle uploaded files, which has unspecified impact and rem...
CVE-2006-4944PHP remote file inclusion vulnerability in includes/pear/Net/DNS/RR.php in ProgSys 0.151 and earlier allows remote attac...
CVE-2006-4900Directory traversal vulnerability in Computer Associates (CA) eTrust Security Command Center 1.0 and r8 up to SP1 CR2, a...

Check if your code is affected by 2006 CVEs

Strix scans your code and infrastructure for known vulnerabilities automatically.

Scan your code now