2006 CVE Vulnerabilities
7,145 CVEs published in 2006.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2006-4958 | — | — | 2.9% | Sep 23, 2006 | Multiple cross-site scripting (XSS) vulnerabilities in Sun Secure Global Desktop (SSGD, aka Tarantella) before 4.20.983 ... |
| CVE-2006-4957 | — | — | 1.1% | Sep 23, 2006 | SQL injection vulnerability in the GetMember function in functions.php in MyReview 1.9.4 allows remote attackers to exec... |
| CVE-2006-4956 | — | — | 4.6% | Sep 23, 2006 | Cross-site scripting (XSS) vulnerability in the updateuser servlet in Neon WebMail for Java before 5.08 allows remote at... |
| CVE-2006-4955 | — | — | 7.9% | Sep 23, 2006 | Directory traversal vulnerability in the downloadfile servlet in Neon WebMail for Java before 5.08 allows remote attacke... |
| CVE-2006-4954 | — | — | 7.8% | Sep 23, 2006 | The updateuser servlet in Neon WebMail for Java before 5.08 does not validate the in_id parameter, which allows remote a... |
| CVE-2006-4953 | — | — | 3.7% | Sep 23, 2006 | Multiple SQL injection vulnerabilities in Neon WebMail for Java before 5.08 allow remote attackers to execute arbitrary ... |
| CVE-2006-4952 | — | — | 7.8% | Sep 23, 2006 | The updatemail servlet in Neon WebMail for Java before 5.08 allows remote attackers to move e-mail messages of arbitrary... |
| CVE-2006-4951 | — | — | 2.5% | Sep 23, 2006 | Neon WebMail for Java before 5.08 allows remote attackers to execute arbitrary Java (JSP) code by sending an e-mail mess... |
| CVE-2006-4950 | — | — | 5.7% | Sep 23, 2006 | Cisco IOS 12.2 through 12.4 before 20060920, as used by Cisco IAD2430, IAD2431, and IAD2432 Integrated Access Devices, t... |
| CVE-2006-4947 | — | — | 1.3% | Sep 23, 2006 | Cross-site scripting (XSS) vulnerability in the Drupal 4.7 Search Keywords module before 1.15 2006/09/15 allows remote a... |
| CVE-2006-4946 | — | — | 2.6% | Sep 23, 2006 | PHP remote file inclusion vulnerability in include/startup.inc.php in CMSDevelopment Business Card Web Builder (BCWB) 0.... |
| CVE-2006-4945 | — | — | 2.6% | Sep 23, 2006 | Multiple PHP remote file inclusion vulnerabilities in Cardway (aka Frederic Boudaud) DigitalWebShop 1.128 and earlier al... |
| CVE-2006-4949 | — | — | 1.1% | Sep 23, 2006 | Cross-site scripting (XSS) vulnerability in the Drupal 4.6 Site Profile Directory (profile_pages.module) before 1.1.2.1 ... |
| CVE-2006-4948 | — | — | 54.1% | Sep 23, 2006 | Stack-based buffer overflow in tftpd.exe in ProSysInfo TFTP Server TFTPDWIN 0.4.2 and earlier allows remote attackers to... |
| CVE-2006-4943 | — | — | 1.2% | Sep 23, 2006 | course/jumpto.php in Moodle before 1.6.2 does not validate the session key (sesskey) before providing content from arbit... |
| CVE-2006-4942 | — | — | 0.9% | Sep 23, 2006 | Moodle before 1.6.2, when the configuration lacks (1) algebra or (2) tex filters, allows remote authenticated users to w... |
| CVE-2006-4941 | — | — | 1.0% | Sep 23, 2006 | Multiple cross-site scripting (XSS) vulnerabilities in Moodle before 1.6.2 might allow remote attackers to inject arbitr... |
| CVE-2006-4940 | — | — | 1.2% | Sep 23, 2006 | login/forgot_password.php in Moodle before 1.6.2 allows remote attackers to obtain sensitive information (e-mail address... |
| CVE-2006-4939 | — | — | 1.0% | Sep 23, 2006 | backup/backup_scheduled.php in Moodle before 1.6.2 generates trace data with the full backup pathname even when debuggin... |
| CVE-2006-4938 | — | — | 1.0% | Sep 23, 2006 | help.php in Moodle before 1.6.2 does not check the existence of certain help files before including them, which might al... |
| CVE-2006-4937 | — | — | 1.0% | Sep 23, 2006 | lib/setup.php in Moodle before 1.6.2 sets the error reporting level to 7 to display E_WARNING messages to users even if ... |
| CVE-2006-4936 | — | — | 1.5% | Sep 23, 2006 | Moodle before 1.6.2 does not properly validate the module instance id when creating a course module object, which has un... |
| CVE-2006-4935 | — | — | 1.5% | Sep 23, 2006 | The Database module in Moodle before 1.6.2 does not properly handle uploaded files, which has unspecified impact and rem... |
| CVE-2006-4944 | — | — | 2.4% | Sep 23, 2006 | PHP remote file inclusion vulnerability in includes/pear/Net/DNS/RR.php in ProgSys 0.151 and earlier allows remote attac... |
| CVE-2006-4900 | — | — | 7.9% | Sep 22, 2006 | Directory traversal vulnerability in Computer Associates (CA) eTrust Security Command Center 1.0 and r8 up to SP1 CR2, a... |
Check if your code is affected by 2006 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now