CVE-2006-0xxx

There are 986 CVE in this subgroup.
Last updated: 
← Back to 2006
ID Summary Flags Max Score
CVE-2006-0001 Stack-based buffer overflow in Microsoft Publisher 2000 through 2003 allows user-assisted remote att...
E S
CVE-2006-0002 Unspecified vulnerability in Microsoft Outlook 2000 through 2003, Exchange 5.0 Server SP2 and 5.5 SP...
S
CVE-2006-0003 Unspecified vulnerability in the RDS.Dataspace ActiveX control, which is contained in ActiveX Data O...
E
CVE-2006-0004 Microsoft PowerPoint 2000 in Office 2000 SP3 has an interaction with Internet Explorer that allows r...
CVE-2006-0005 Buffer overflow in the plug-in for Microsoft Windows Media Player (WMP) 9 and 10, when used in brows...
CVE-2006-0006 Heap-based buffer overflow in the bitmap processing routine in Microsoft Windows Media Player 7.1 on...
E S
CVE-2006-0007 Buffer overflow in GIFIMP32.FLT, as used in Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office...
CVE-2006-0008 The ShellAbout API call in Korean Input Method Editor (IME) in Korean versions of Microsoft Windows ...
S
CVE-2006-0009 Buffer overflow in Microsoft Office 2000 SP3, XP SP3, and other versions and packages, allows user-a...
S
CVE-2006-0010 Heap-based buffer overflow in T2EMBED.DLL in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server ...
S
CVE-2006-0011 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2006-0012 Unspecified vulnerability in Windows Explorer in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Ser...
S
CVE-2006-0013 Buffer overflow in the Web Client service (WebClnt.dll) for Microsoft Windows XP SP1 and SP2, and Se...
S
CVE-2006-0014 Buffer overflow in Microsoft Outlook Express 5.5 and 6 allows remote attackers to execute arbitrary ...
S
CVE-2006-0015 Cross-site scripting (XSS) vulnerability in _vti_bin/_vti_adm/fpadmdll.dll in Microsoft FrontPage Se...
E S
CVE-2006-0016 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with...
R
CVE-2006-0017 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with...
R
CVE-2006-0018 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-3899. Reason: This candida...
R
CVE-2006-0019 Heap-based buffer overflow in the encodeURI and decodeURI functions in the kjs JavaScript interprete...
S
CVE-2006-0020 An unspecified Microsoft WMF parsing application, as used in Internet Explorer 5.01 SP4 on Windows 2...
E S
CVE-2006-0021 Microsoft Windows XP SP1 and SP2, and Server 2003 up to SP1, allows remote attackers to cause a deni...
E S
CVE-2006-0022 Unspecified vulnerability in Microsoft PowerPoint in Microsoft Office 2000 SP3, Office XP SP3, Offic...
S
CVE-2006-0023 Microsoft Windows XP SP1 and SP2 before August 2004, and possibly other operating systems and versio...
S
CVE-2006-0024 Multiple unspecified vulnerabilities in Adobe Flash Player 8.0.22.0 and earlier allow remote attacke...
S
CVE-2006-0025 Stack-based buffer overflow in Microsoft Windows Media Player 9 and 10 allows remote attackers to ex...
S
CVE-2006-0026 Buffer overflow in Microsoft Internet Information Services (IIS) 5.0, 5.1, and 6.0 allows local and ...
S
CVE-2006-0027 Unspecified vulnerability in Microsoft Exchange allows remote attackers to execute arbitrary code vi...
S
CVE-2006-0028 Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and ...
S
CVE-2006-0029 Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and ...
S
CVE-2006-0030 Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and ...
S
CVE-2006-0031 Stack-based buffer overflow in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 an...
S
CVE-2006-0032 Cross-site scripting (XSS) vulnerability in the Indexing Service in Microsoft Windows 2000, XP, and ...
S
CVE-2006-0033 Unspecified vulnerability in Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, and ...
S
CVE-2006-0034 Heap-based buffer overflow in the CRpcIoManagerServer::BuildContext function in msdtcprx.dll for Mic...
S
CVE-2006-0035 The netlink_rcv_skb function in af_netlink.c in Linux kernel 2.6.14 and 2.6.15 allows local users to...
S
CVE-2006-0036 ip_nat_pptp in the PPTP NAT helper (netfilter/ip_nat_helper_pptp.c) in Linux kernel 2.6.14, and othe...
CVE-2006-0037 ip_nat_pptp in the PPTP NAT helper (netfilter/ip_nat_helper_pptp.c) in Linux kernel 2.6.14, and othe...
CVE-2006-0038 Integer overflow in the do_replace function in netfilter for Linux before 2.6.16-rc3, when using "vi...
S
CVE-2006-0039 Race condition in the do_add_counters function in netfilter for Linux kernel 2.6.16 allows local use...
S
CVE-2006-0040 GNOME Evolution 2.4.2.1 and earlier allows remote attackers to cause a denial of service (CPU and me...
CVE-2006-0041 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was wi...
R
CVE-2006-0042 Unspecified vulnerability in (1) apreq_parse_headers and (2) apreq_parse_urlencoded functions in Apa...
S
CVE-2006-0043 Buffer overflow in the realpath function in nfs-server rpc.mountd, as used in SUSE Linux 9.1 through...
S
CVE-2006-0044 Unspecified vulnerability in context.py in Albatross web application toolkit before 1.33 allows remo...
S
CVE-2006-0045 crawl before 4.0.0 does not securely call programs when saving and loading games, which allows local...
S
CVE-2006-0046 squid_redirect script in adzapper before 2006-01-29 allows remote attackers to cause a denial of ser...
S
CVE-2006-0047 packets.c in Freeciv 2.0 before 2.0.8 allows remote attackers to cause a denial of service (server c...
S
CVE-2006-0048 Francesco Stablum tcpick 0.2.1 allows remote attackers to cause a denial of service (segmentation fa...
CVE-2006-0049 gpg in GnuPG before 1.4.2.2 does not properly verify non-detached signatures, which allows attackers...
S
CVE-2006-0050 snmptrapfmt in Debian 3.0 allows local users to overwrite arbitrary files via a symlink attack on a ...
S
CVE-2006-0051 Buffer overflow in playlistimport.cpp in Kaffeine Player 0.4.2 through 0.7.1 allows user-assisted at...
S
CVE-2006-0052 The attachment scrubber (Scrubber.py) in Mailman 2.1.5 and earlier, when using Python's library emai...
S
CVE-2006-0053 Imager (libimager-perl) before 0.50 allows user-assisted attackers to cause a denial of service (seg...
E S
CVE-2006-0054 The ipfw firewall in FreeBSD 6.0-RELEASE allows remote attackers to cause a denial of service (firew...
S
CVE-2006-0055 The ispell_op function in ee on FreeBSD 4.10 to 6.0 uses predictable filenames and does not confirm ...
S
CVE-2006-0056 Double free vulnerability in the authentication and authentication token alteration code in PAM-MySQ...
S
CVE-2006-0057 Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to bypass the Kill bit settings...
S
CVE-2006-0058 Signal handler race condition in Sendmail 8.13.x before 8.13.6 allows remote attackers to execute ar...
S
CVE-2006-0059 Heap-based buffer overflow in the ISO Transport Service over TCP (RFC 1006) implementation of LiveDa...
S
CVE-2006-0061 xlockmore 5.13 and 5.22 segfaults when using libpam-opensc and returns the underlying xsession. This...
E S
CVE-2006-0062 xlockmore 5.13 allows potential xlock bypass when FVWM switches to the same virtual desktop as a new...
E S
CVE-2006-0063 Cross-site scripting (XSS) vulnerability in phpBB 2.0.19, when "Allowed HTML tags" is enabled, allow...
E
CVE-2006-0064 PHP remote file include vulnerability in includes/orderSuccess.inc.php in CubeCart allows remote att...
E
CVE-2006-0065 SQL injection vulnerability in (1) functions.php, (2) functions_update.php, and (3) functions_displa...
CVE-2006-0066 SQL injection vulnerability in index.php in PHPjournaler 1.0 allows remote attackers to execute arbi...
E
CVE-2006-0067 SQL injection vulnerability in login.php in VEGO Links Builder 2.00 and earlier allows remote attack...
CVE-2006-0068 SQL injection vulnerability in Primo Cart 1.0 and earlier allows remote attackers to execute arbitra...
CVE-2006-0069 Cross-site scripting (XSS) vulnerability in addentry.php in Chipmunk Guestbook 1.4 and earlier allow...
CVE-2006-0070 Drupal allows remote attackers to conduct cross-site scripting (XSS) attacks via an IMG tag with an ...
E
CVE-2006-0071 The ebuild for pinentry before 0.7.2-r2 on Gentoo Linux sets setgid bits for pinentry programs, whic...
S
CVE-2006-0072 Buffer overflow in termsh on SCO OpenServer 5.0.7 allows remote attackers to execute arbitrary code ...
E
CVE-2006-0073 Cross-site scripting (XSS) vulnerability in DiscusWare Discus Freeware 3.10.5 and Professional 3.10....
CVE-2006-0074 SQL injection vulnerability in profile.php in PHPenpals allows remote attackers to execute arbitrary...
E
CVE-2006-0075 Direct static code injection vulnerability in phpBook 1.3.2 and earlier allows remote attackers to e...
S
CVE-2006-0076 PHP remote file include vulnerability in forum.php in oaBoard 1.0 allows remote attackers to execute...
E
CVE-2006-0077 Off-by-one error in the getfattr function in File::ExtAttr before 0.03 allows attackers to trigger a...
S
CVE-2006-0078 Multiple cross-site scripting (XSS) vulnerabilities in B-net Software 1.0 allow remote attackers to ...
CVE-2006-0079 SQL injection vulnerability in auth.php in ScozNet ScozBook BETA 1.1 allows remote attackers to exec...
E
CVE-2006-0080 Cross-site scripting (XSS) vulnerability in vBulletin 3.5.2, and possibly earlier versions, allows r...
E
CVE-2006-0081 ialmnt5.sys in the ialmrnt5 display driver in Intel Graphics Accelerator Driver 6.14.10.4308 allows ...
E
CVE-2006-0082 Format string vulnerability in the SetImageInfo function in image.c for ImageMagick 6.2.3 and other ...
E S
CVE-2006-0083 Format string vulnerability in the logging code of SMS Server Tools (smstools) 1.14.8 and earlier al...
S
CVE-2006-0084 Cross-site scripting vulnerability in index.php in raSMP 2.0.0 and earlier allows remote attackers t...
CVE-2006-0085 SQL injection vulnerability in Nkads 1.0 alfa 3 allows remote attackers to execute arbitrary SQL com...
E
CVE-2006-0086 Cross-site scripting vulnerability in index.php in Next Generation Image Gallery 0.0.1 Lite Edition ...
CVE-2006-0087 SQL injection vulnerability in (1) pages.php and (2) detail.php in Lizard Cart CMS 1.04 allows remot...
E
CVE-2006-0088 SQL injection vulnerability in intouch.lib.php in inTouch 0.5.1 Alpha allows remote attackers to exe...
E
CVE-2006-0089 Buffer overflow in ESRI ArcPad 7.0.0.156 allows remote attackers to cause a denial of service (appli...
CVE-2006-0090 Directory traversal vulnerability in index.php in IDV Directory Viewer before 2005.1 allows remote a...
S
CVE-2006-0091 Cross-site scripting (XSS) vulnerability in webmail in Open-Xchange 0.8.1-6 and earlier, with "Inlin...
CVE-2006-0092 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-0992, CVE-2006-0158. Reaso...
R
CVE-2006-0093 Cross-site scripting (XSS) vulnerability in index.php in @Card ME PHP allows remote attackers to inj...
E
CVE-2006-0094 PHP remote file include vulnerability in forum.php in oaBoard 1.0 allows remote attackers to execute...
CVE-2006-0095 dm-crypt in Linux kernel 2.6.15 and earlier does not clear a structure before it is freed, which lea...
CVE-2006-0096 wan/sdla.c in Linux kernel 2.6.x before 2.6.11 and 2.4.x before 2.4.29 does not require the CAP_SYS_...
CVE-2006-0097 Stack-based buffer overflow in the create_named_pipe function in libmysql.c in PHP 4.3.10 and 4.4.x ...
E
CVE-2006-0098 The dupfdopen function in sys/kern/kern_descrip.c in OpenBSD 3.7 and 3.8 allows local users to re-op...
S
CVE-2006-0099 PHP remote file include vulnerability in (1) include/templates/categories/default.php and (2) certai...
E
CVE-2006-0100 Buffer overflow in NicoFTP 3.0.1.19 and earlier might allow local users to execute arbitrary code vi...
CVE-2006-0101 Multiple cross-site scripting (XSS) vulnerabilities in sBLOG 0.7.1 Beta 20051202 and earlier allow r...
CVE-2006-0102 Cross-site scripting (XSS) vulnerability in TinyPHPForum (TPF) 3.6 and earlier allows remote attacke...
E
CVE-2006-0103 TinyPHPForum 3.6 and earlier stores the (1) users/[USERNAME].hash and (2) users/[USERNAME].email fil...
E
CVE-2006-0104 Directory traversal vulnerability in TinyPHPForum 3.6 and earlier allows remote attackers to create ...
E
CVE-2006-0105 PostgreSQL 8.0.x before 8.0.6 and 8.1.x before 8.1.2, when running on Windows, allows remote attacke...
S
CVE-2006-0106 gdi/driver.c and gdi/printdrv.c in Wine 20050930, and other versions, implement the SETABORTPROC GDI...
S
CVE-2006-0107 SQL injection vulnerability in Timecan CMS allows remote attackers to execute arbitrary SQL commands...
E
CVE-2006-0108 SQL injection vulnerability in mcl_login.asp in Timecan CMS allows remote attackers to execute arbit...
E
CVE-2006-0109 Cross-site scripting vulnerability in category.php in Modular Merchant Shopping Cart allows remote a...
E S
CVE-2006-0110 Cross-site scripting (XSS) vulnerability in escribir.php in Foro Domus 2.10 allows remote attackers ...
E
CVE-2006-0111 Cross-site scripting vulnerability in index.php in Boxcar Media Shopping Cart allows remote attacker...
CVE-2006-0112 Cross-site scripting (XSS) vulnerability in index.php in Enhanced Simple PHP Gallery 1.7 allows remo...
E
CVE-2006-0113 Enhanced Simple PHP Gallery 1.7 allows remote attackers to obtain the full path of the application v...
E
CVE-2006-0114 The vCard functions in Joomla! 1.0.5 use predictable sequential IDs for vcards and do not restrict a...
CVE-2006-0115 Multiple SQL injection vulnerabilities in OnePlug Solutions OnePlug CMS allow remote attackers to ex...
E
CVE-2006-0116 Cross-site scripting vulnerability search.inetstore in iNETstore Ebusiness Software 2.0 allows remot...
E
CVE-2006-0117 Buffer overflow in IBM Lotus Notes and Domino Server before 6.5.5 allows attackers to cause a denial...
S
CVE-2006-0118 Unspecified vulnerability in IBM Lotus Notes and Domino Server before 6.5.5, when running on AIX, al...
S
CVE-2006-0119 Multiple unspecified vulnerabilities in IBM Lotus Notes and Domino Server before 6.5.5 have unknown ...
S
CVE-2006-0120 Multiple unspecified vulnerabilities in IBM Lotus Notes and Domino Server before 6.5.5 allow attacke...
S
CVE-2006-0121 Multiple memory leaks in IBM Lotus Notes and Domino Server before 6.5.5 allow attackers to cause a d...
S
CVE-2006-0122 Cross-site scripting (XSS) vulnerability in Public/Index.asp in Aquifer CMS allows remote attackers ...
E S
CVE-2006-0123 Multiple SQL injection vulnerabilities in ADN Forum 1.0b allow remote attackers to execute arbitrary...
E
CVE-2006-0124 Cross-site scripting (XSS) vulnerability in crear.php in ADN Forum 1.0b allows remote attackers to i...
E
CVE-2006-0125 Unspecified vulnerability in appserv/main.php in AppServ 2.4.5 allows remote attackers to include ar...
CVE-2006-0126 rxvt-unicode before 6.3, on certain platforms that use openpty and non-Unix pty devices such as Linu...
S
CVE-2006-0127 Directory traversal vulnerability in the IMAP service of Rockliffe MailSite before 6.1.22.1 allows r...
E S
CVE-2006-0128 Buffer overflow in the IMAP service of Rockliffe MailSite before 6.1.22.1 allows remote attackers to...
S
CVE-2006-0129 Mail Management Agent (MAILMA) (aka Mail Management Server) in Rockliffe MailSite 7.0.3.1 and earlie...
E S
CVE-2006-0130 Mail Management Agent (MAILMA) (aka Mail Management Server) in Rockliffe MailSite 7.0.3.1 and earlie...
CVE-2006-0131 boastMachine 3.1 allows remote attackers to obtain sensitive information via a direct request to (1)...
CVE-2006-0132 Directory traversal vulnerability in webftp.php in SysCP WebFTP 1.2.6 and possibly earlier allows re...
S
CVE-2006-0133 Multiple directory traversal vulnerabilities in AIX 5.3 ML03 allow local users to determine the exis...
E
CVE-2006-0134 Cross-site scripting (XSS) vulnerability in register.php in TheWebForum (twf) 1.2.1 allows remote at...
E
CVE-2006-0135 SQL injection vulnerability in login.php in TheWebForum (twf) 1.2.1 allows remote attackers to execu...
E
CVE-2006-0136 Multiple cross-site scripting (XSS) vulnerabilities in the guestbook module in modules.php in Phanat...
E
CVE-2006-0137 SQL injection vulnerability in linkcategory.php in Phanatic Softwares Chimera Web Portal System 0.2 ...
E
CVE-2006-0138 aMSN (aka Alvaro's Messenger) allows remote attackers to cause a denial of service (client hang and ...
E
CVE-2006-0139 The send-private-message functionality (send-private-message.asp) in PD9 Software MegaBBS 2.1 allows...
E S
CVE-2006-0140 Cross-site scripting (XSS) vulnerability in post.php in NavBoard V16 Stable(2.6.0) and V17beta2 allo...
E
CVE-2006-0141 Qualcomm Eudora Internet Mail Server (EIMS) before 3.2.8 allows remote attackers to cause a denial o...
S
CVE-2006-0142 Cross-site scripting (XSS) vulnerability in andromeda.php in Andromeda 1.9.3.4 and earlier allows re...
CVE-2006-0143 Microsoft Windows Graphics Rendering Engine (GRE) allows remote attackers to corrupt memory and caus...
E S
CVE-2006-0144 The proxy server feature in go-pear.php in PHP PEAR 0.2.2, as used in Apache2Triad, allows remote at...
S
CVE-2006-0145 The kernfs_xread function in kernfs in NetBSD 1.6 through 2.1, and OpenBSD 3.8, does not properly va...
S
CVE-2006-0146 The server.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) ...
E S
CVE-2006-0147 Dynamic code evaluation vulnerability in tests/tmssql.php test script in ADOdb for PHP before 4.70, ...
E S
CVE-2006-0148 NetSarang Xlpd 2.1 allows remote attackers to cause a denial of service (crash) via a large number o...
CVE-2006-0149 Cross-site scripting (XSS) vulnerability in SimpBook 1.0, with html_enable on (the default), allows ...
CVE-2006-0150 Multiple format string vulnerabilities in the auth_ldap_log_reason function in Apache auth_ldap 1.6....
S
CVE-2006-0151 sudo 1.6.8 and other versions does not clear the PYTHONINSPECT environment variable, which allows li...
E S
CVE-2006-0152 Cross-site scripting (XSS) in search_result.php in phpChamber 1.2 and earlier allows remote attacker...
CVE-2006-0153 427BB 2.2 and 2.2.1 verifies authentication credentials based on the username, authenticated, and us...
E
CVE-2006-0154 SQL injection vulnerability in showthread.php in 427BB 2.2 and 2.2.1 allows remote attackers to exec...
E
CVE-2006-0155 Cross-site scripting (XSS) vulnerability in posts.php in 427BB 2.2 and 2.2.1 allows remote attackers...
E
CVE-2006-0156 Cross-site scripting (XSS) vulnerability in Foxrum 4.0.4f allows remote attackers to inject arbitrar...
E
CVE-2006-0157 settings.php in Reamday Enterprises Magic News Plus 1.0.3 allows remote attackers to change the admi...
E
CVE-2006-0158 SQL injection vulnerability in index.php in CyberDoc SiteSuite CMS allows remote attackers to execut...
E
CVE-2006-0159 SQL injection vulnerability in escribir.php in Foro Domus 2.10 allows remote attackers to execute ar...
CVE-2006-0160 SQL injection vulnerability in add_post.php3 in Venom Board 1.22 allows remote attackers to execute ...
E
CVE-2006-0161 Unspecified vulnerability in uucp in Sun Solaris 8 and 9 has unknown impact and attack vectors. NOT...
S
CVE-2006-0162 Heap-based buffer overflow in libclamav/upx.c in Clam Antivirus (ClamAV) before 0.88 allows remote a...
S
CVE-2006-0163 SQL injection vulnerability in the search module (modules/Search/index.php) of PHPNuke EV 7.7 -R1 al...
E
CVE-2006-0164 phgstats.inc.php in phgstats before 0.5.1, if register_globals is enabled, allows remote attackers t...
S
CVE-2006-0165 Cross-site scripting (XSS) vulnerability in the DataForm Entries functionality in Plain Black WebGUI...
S
CVE-2006-0166 Symantec Norton SystemWorks and SystemWorks Premier 2005 and 2006 stores temporary copies of files i...
S
CVE-2006-0167 SQL injection vulnerability in MyPhPim 01.05 allows remote attackers to execute arbitrary SQL comman...
E
CVE-2006-0168 Cross-site scripting (XSS) vulnerability in MyPhPim 01.05 allows remote attackers to inject arbitrar...
E
CVE-2006-0169 addresses.php3 in MyPhPim 01.05 does not restrict uploaded files, which allows remote attackers to e...
E
CVE-2006-0170 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-0035. Reason: This candida...
R
CVE-2006-0171 PHP remote file include vulnerability in index.php in OrjinWeb E-commerce allows remote attackers to...
E
CVE-2006-0172 Cross-site scripting (XSS) vulnerability in the file manager utility in Hummingbird Collaboration (a...
E
CVE-2006-0173 Hummingbird Collaboration (aka Hummingbird Enterprise Collaboration) 5.21 and earlier allows remote ...
E
CVE-2006-0174 Hummingbird Collaboration (aka Hummingbird Enterprise Collaboration) 5.21 and earlier allows remote ...
E
CVE-2006-0175 Cross-site scripting (XSS) vulnerability in search_form.asp in Web Wiz Forums 6.34 allows remote att...
E S
CVE-2006-0176 Buffer overflow in certain functions in src/fileio.c and src/unix/fileio.c in xmame before 11 Januar...
E
CVE-2006-0177 Multiple buffer overflows in Cray UNICOS 9.0.2.2 might allow local users to gain privileges by (1) i...
E
CVE-2006-0178 Format string vulnerability in /bin/ftp in UNICOS 9.0.2.2 allows local users to have an unknown impa...
CVE-2006-0179 The Cisco IP Phone 7940 allows remote attackers to cause a denial of service (reboot) via a large am...
E S
CVE-2006-0180 Cross-site scripting (XSS) vulnerability in CaLogic Calendars 1.2.2 allows remote attackers to injec...
CVE-2006-0181 Cisco Security Monitoring, Analysis and Response System (CS-MARS) before 4.1.3 has an undocumented a...
S
CVE-2006-0182 login.php in ACal Calendar Project 2.2.5 allows remote attackers to bypass authentication by setting...
CVE-2006-0183 Direct static code injection vulnerability in edit.php in ACal Calendar Project 2.2.5 allows authent...
CVE-2006-0184 Multiple SQL injection vulnerabilities in AspTopSites allow remote attackers to execute arbitrary SQ...
E
CVE-2006-0185 Multiple cross-site scripting vulnerabilities in the (1) Pool or (2) News Modules in Php-Nuke allow ...
E
CVE-2006-0186 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-4500. Reason: This candida...
R
CVE-2006-0187 By design, Microsoft Visual Studio 2005 automatically executes code in the Load event of a user-defi...
E
CVE-2006-0188 webmail.php in SquirrelMail 1.4.0 to 1.4.5 allows remote attackers to inject arbitrary web pages int...
CVE-2006-0189 Buffer overflow in eStara Softphone 3.0.1.14 through 3.0.1.46 allows remote attackers to execute arb...
E
CVE-2006-0190 Unspecified vulnerability in Sun Solaris 9 and 10 for the x86 platform allows local users to gain pr...
S
CVE-2006-0191 Unspecified vulnerability in Sun Solaris 10 allows local users to cause a denial of service (null de...
S
CVE-2006-0192 SQL injection vulnerability in Login_Validate.asp in ASPSurvey 1.10 allows remote attackers to execu...
CVE-2006-0193 Cross-site scripting (XSS) vulnerability in the Hosting Control Panel (psoft.hsphere.CP) in Positive...
CVE-2006-0194 Cross-site scripting (XSS) vulnerability in default.asp in FogBugz 4.029, and other versions before ...
S
CVE-2006-0195 Interpretation conflict in the MagicHTML filter in SquirrelMail 1.4.0 to 1.4.5 allows remote attacke...
CVE-2006-0196 Unspecified vulnerability in Serial line sniffer (aka slsnif) 0.4.4 allows local users to gain privi...
E
CVE-2006-0197 The XClientMessageEvent struct used in certain components of X.Org 6.8.2 and earlier, possibly inclu...
CVE-2006-0198 Cross-site scripting (XSS) vulnerability in a certain module, possibly poll or Pool, for XOOPS allow...
E
CVE-2006-0199 SQL injection vulnerability in news.asp in Mini-Nuke CMS System 1.8.2 and earlier allows remote atta...
E
CVE-2006-0200 Format string vulnerability in the error-reporting feature in the mysqli extension in PHP 5.1.0 and ...
S
CVE-2006-0201 Dave Nielsen and Patrick Breitenbach PayPal Web Services (aka PHP Toolkit) 0.50, and possibly earlie...
CVE-2006-0202 Dave Nielsen and Patrick Breitenbach PayPal Web Services (aka PHP Toolkit) 0.50 and possibly earlier...
CVE-2006-0203 membership.asp in Mini-Nuke CMS System 1.8.2 and earlier does not verify the old password when chang...
E
CVE-2006-0204 Multiple cross-site scripting (XSS) vulnerabilities in Wordcircle 2.17 allow remote attackers to inj...
E
CVE-2006-0205 Multiple SQL injection vulnerabilities in Wordcircle 2.17 allow remote attackers to (1) execute arbi...
E
CVE-2006-0206 Eval injection vulnerability in Light Weight Calendar (LWC) 1.0 (20040909) and earlier allows remote...
E
CVE-2006-0207 Multiple HTTP response splitting vulnerabilities in PHP 5.1.1 allow remote attackers to inject arbit...
S
CVE-2006-0208 Multiple cross-site scripting (XSS) vulnerabilities in PHP 4.4.1 and 5.1.1, when display_errors and ...
S
CVE-2006-0209 SQL injection vulnerability in general_functions.php in TankLogger 2.4 allows remote attackers to ex...
CVE-2006-0210 Cross-site scripting (XSS) vulnerability in index.php in Interspire TrackPoint NX before 0.1 allows ...
E
CVE-2006-0211 Cross-site scripting (XSS) vulnerability in forgotPassword.asp in Helm Hosting Control Panel 3.2.8 a...
CVE-2006-0212 Directory traversal vulnerability in OBEX Push services in Toshiba Bluetooth Stack 4.00.23(T) and ea...
E
CVE-2006-0213 Kolab Server 2.0.1, 2.0.2 and development versions pre-2.1-20051215 and earlier, when authenticating...
S
CVE-2006-0214 Eval injection vulnerability in ezDatabase 2.0 and earlier allows remote attackers to execute arbitr...
CVE-2006-0215 Cross-site scripting (XSS) vulnerability in admin.php in QualityEBiz Quality PPC (QPPC) 1.0 build 16...
E
CVE-2006-0216 admin.php in QualityEBiz Quality PPC (QPPC) 1.0 build 1644 allows remote attackers to obtain sensiti...
E
CVE-2006-0217 Multiple cross-site scripting (XSS) vulnerabilities in Ultimate Auction 3.67 allow remote attackers ...
E
CVE-2006-0218 Multiple unspecified vulnerabilities in MyBulletinBoard (MyBB) before 1.0.2 have unspecified impact ...
S
CVE-2006-0219 The original distribution of MyBulletinBoard (MyBB) to update from older versions to 1.0.2 omits or ...
S
CVE-2006-0220 Multiple cross-site scripting (XSS) vulnerabilities in DCP-Portal 5.3 through 6.1.1 allow remote att...
E
CVE-2006-0221 SQL injection vulnerability in index.asp in the Admin Panel in Dragon Design Services Network (DDSN)...
CVE-2006-0222 Cross-site scripting (XSS) vulnerability in fullview.php in AlstraSoft Template Seller Pro allows re...
E
CVE-2006-0223 Directory traversal vulnerability in Shanghai TopCMM 123 Flash Chat Server Software 5.1 allows attac...
S
CVE-2006-0224 Buffer overflow in Library of Assorted Spiffy Things (LibAST) 0.6.1 and earlier, as used in Eterm an...
E S
CVE-2006-0225 scp in OpenSSH 4.2p1 allows attackers to execute arbitrary commands via filenames that contain shell...
S
CVE-2006-0226 Integer overflow in IEEE 802.11 network subsystem (ieee80211_ioctl.c) in FreeBSD before 6.0-STABLE, ...
S
CVE-2006-0227 Multiple unspecified vulnerabilities in lpsched in Sun Solaris 8, 9, and 10 allow local users to del...
S
CVE-2006-0228 The RBAC functionality in grsecurity before 2.1.8 does not properly handle when the admin role creat...
S
CVE-2006-0229 Unquoted Windows search path vulnerability in Wehntrust might allow local users to gain privileges v...
S
CVE-2006-0230 Symantec Scan Engine 5.0.0.24, and possibly other versions before 5.1.0.7, uses a client-side check ...
E S
CVE-2006-0231 Symantec Scan Engine 5.0.0.24, and possibly other versions before 5.1.0.7, uses the same private DSA...
S
CVE-2006-0232 Symantec Scan Engine 5.0.0.24, and possibly other versions before 5.1.0.7, stores sensitive log and ...
E S
CVE-2006-0233 Cross-site scripting (XSS) vulnerability in functions.php in microBlog 2.0 RC-10 allows remote attac...
CVE-2006-0234 SQL injection vulnerability in index.php in microBlog 2.0 RC-10 allows remote attackers to execute a...
E
CVE-2006-0235 SQL injection vulnerability in WhiteAlbum 2.5 allows remote attackers to execute arbitrary SQL comma...
E
CVE-2006-0236 GUI display truncation vulnerability in Mozilla Thunderbird 1.0.2, 1.0.6, and 1.0.7 allows user-assi...
S
CVE-2006-0237 Cross-site scripting (XSS) vulnerability in index.php in GTP iCommerce allows remote attackers to in...
E
CVE-2006-0238 SQL injection vulnerability in wp-stats.php in GaMerZ WP-Stats 2.0 allows remote attackers to execut...
S
CVE-2006-0239 Multiple cross-site scripting (XSS) vulnerabilities in Simple Blog 2.1 allow remote attackers to inj...
E
CVE-2006-0240 Multiple SQL injection vulnerabilities in Simple Blog 2.1 allow remote attackers to execute arbitrar...
E
CVE-2006-0241 Cross-site scripting vulnerability in WBNews 1.1.0 and earlier allows remote attackers to inject arb...
CVE-2006-0242 Cross-site scripting vulnerability in index.php in PHP Fusebox 4.0.6 allows remote attackers to inje...
E
CVE-2006-0243 Cross-site scripting (XSS) vulnerability in SMBCMS 2.1 allows remote attackers to inject arbitrary w...
CVE-2006-0244 Directory traversal vulnerability in workspaces.php in phpXplorer 0.9.33 allows remote attackers to ...
E
CVE-2006-0245 Multiple cross-site scripting (XSS) vulnerabilities in CubeCart 3.0.7-pl1 allow remote attackers to ...
E
CVE-2006-0246 Cross-site scripting (XSS) vulnerability in down.pl in Widexl Download Tracker 1.06 allows remote at...
E
CVE-2006-0247 Cross-site scripting (XSS) vulnerability in anyboard.cgi in Netbula Anyboard 9.9 and earlier allows ...
E
CVE-2006-0248 Virata-EmWeb web server 6_1_0, as used in (1) Intracom JetSpeed 500 and 520 and (2) Allied Data Tech...
CVE-2006-0249 SQL injection vulnerability in viewcat.php in BitDamaged geoBlog MOD_1.0 allows remote attackers to ...
E
CVE-2006-0250 Format string vulnerability in the snmp_input function in snmptrapd in CMU SNMP utilities (cmu-snmp)...
CVE-2006-0251 Cross-site scripting (XSS) vulnerability in fom.cgi in Faq-O-Matic 2.711 allows remote attackers to ...
E
CVE-2006-0252 SQL injection vulnerability in Benders Calendar 1.0 allows remote attackers to execute arbitrary SQL...
E
CVE-2006-0253 Buffer overflow in the Bluetooth OBEX Object Push service in "Blue Neighbors.EXE" in AmbiCom Blue Ne...
E
CVE-2006-0254 Multiple cross-site scripting (XSS) vulnerabilities in Apache Geronimo 1.0 allow remote attackers to...
E
CVE-2006-0255 Unquoted Windows search path vulnerability in Check Point VPN-1 SecureClient might allow local users...
CVE-2006-0256 Unspecified vulnerability in the Advanced Queuing component of Oracle Database server 8.1.7.4, 9.0.1...
CVE-2006-0257 Unspecified vulnerability in the Change Data Capture component of Oracle Database server 9.2.0.7, 10...
E S
CVE-2006-0258 Unspecified vulnerability in the Connection Manager component of Oracle Database server 8.1.7.4 and ...
CVE-2006-0259 Multiple unspecified vulnerabilities in Oracle Database server 10.1.0.5 have unspecified impact and ...
S
CVE-2006-0260 Multiple unspecified vulnerabilities in Oracle Database server 9.2.0.7 and 10.1.0.5 have unspecified...
E S
CVE-2006-0261 Multiple unspecified vulnerabilities in Oracle Database server 8.1.7.4, 9.0.1.5, 9.2.0.7, and 10.1.0...
CVE-2006-0262 Unspecified vulnerability in the Net Foundation Layer component of Oracle Database server 8.1.7.4, 9...
CVE-2006-0263 Multiple unspecified vulnerabilities in Oracle Database server 8.1.7.4, 9.0.1.5, 9.0.1.5 FIPS, 9.2.0...
CVE-2006-0264 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-0259. Reason: This candida...
R
CVE-2006-0265 Multiple unspecified vulnerabilities in Oracle Database server 8.1.7.4, 9.0.1.5, 9.2.0.7, 10.1.0.5, ...
E S
CVE-2006-0266 Unspecified vulnerability in the Query Optimizer component of Oracle Database server 9.0.1.5, 9.2.0....
CVE-2006-0267 Unspecified vulnerability in the Query Optimizer component of Oracle Database server 9.2.0.6 and 10....
CVE-2006-0268 Unspecified vulnerability in the Security component of Oracle Database server 9.0.1.5, 9.0.1.5 FIPS,...
CVE-2006-0269 Unspecified vulnerability in the Streams Capture component of Oracle Database server 10.1.0.5 and 10...
CVE-2006-0270 Unspecified vulnerability in the Transparent Data Encryption (TDE) Wallet component of Oracle Databa...
CVE-2006-0271 Unspecified vulnerability in the Upgrade & Downgrade component of Oracle Database server 8.1.7.4, 9....
CVE-2006-0272 Unspecified vulnerability in the XML Database component of Oracle Database server 9.2.0.7 and 10.1.0...
CVE-2006-0273 Unspecified vulnerability in the Portal component of Oracle Application Server 9.0.4.2 and 10.1.2.0 ...
CVE-2006-0274 Unspecified vulnerability in the Oracle Reports Developer component of Oracle Application Server 9.0...
CVE-2006-0275 Unspecified vulnerability in the Oracle Reports Developer component of Oracle Application Server 9.0...
CVE-2006-0276 Multiple unspecified vulnerabilities in Oracle Collaboration Suite Release 2, version 9.0.4.2 (Oracl...
E S
CVE-2006-0277 Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5.10 have unspec...
CVE-2006-0278 Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5.9 have unspeci...
CVE-2006-0279 Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 4.3 have unspecifie...
CVE-2006-0280 Unspecified vulnerability in Oracle PeopleSoft Enterprise Portal 8.4 Bundle 15, 8.8 Bundle 10, and 8...
CVE-2006-0281 Unspecified vulnerability in Oracle JD Edwards HTML Server 8.95.F1 SP23_L1 has unspecified impact an...
CVE-2006-0282 Unspecified vulnerability in Oracle Database Server 8.1.7.4, 9.0.1.5, 9.0.1.5 FIPS, 9.2.0.7, and 10....
CVE-2006-0283 Unspecified vulnerability in Oracle Database Server 10.1.0.4.2, Application Server 10.1.2.0.2, and C...
E S
CVE-2006-0284 Multiple unspecified vulnerabilities in Oracle Application Server 9.0.4.2 and 10.1.2.0.2, and E-Busi...
CVE-2006-0285 Unspecified vulnerability in the Java Net component of Oracle Database Server 8.1.7.4, 9.0.1.5, 9.0....
CVE-2006-0286 Unspecified vulnerability in the Oracle HTTP Server component of Oracle Database Server 9.0.1.5, 9.0...
CVE-2006-0287 Unspecified vulnerability in the Oracle HTTP Server component of Oracle Database Server 10.1.0.5 and...
E
CVE-2006-0288 Multiple unspecified vulnerabilities in the Oracle Reports Developer component of Oracle Application...
E S
CVE-2006-0289 Multiple unspecified vulnerabilities in Oracle Application Server 6.0.8.26(PS17) and E-Business Suit...
CVE-2006-0290 Unspecified vulnerability in Oracle Database Server 9.2.0.7, Application Server 9.0.4.2 and 10.1.2.1...
CVE-2006-0291 Multiple unspecified vulnerabilities in Oracle Database Server 10.2.0.1, Application Server 9.0.4.2 ...
CVE-2006-0292 The Javascript interpreter (jsinterp.c) in Mozilla and Firefox before 1.5.1 does not properly derefe...
S
CVE-2006-0293 The function allocation code (js_NewFunction in jsfun.c) in Firefox 1.5 allows attackers to cause a ...
S
CVE-2006-0294 Mozilla Firefox before 1.5.0.1, Thunderbird 1.5 if running Javascript in mail, and SeaMonkey before ...
S
CVE-2006-0295 Mozilla Firefox 1.5, Thunderbird 1.5 if Javascript is enabled in mail, and SeaMonkey before 1.0 migh...
S
CVE-2006-0296 The XULDocument.persist function in Mozilla, Firefox before 1.5.0.1, and SeaMonkey before 1.0 does n...
CVE-2006-0297 Multiple integer overflows in Mozilla Firefox 1.5, Thunderbird 1.5 if Javascript is enabled in mail,...
CVE-2006-0298 The XML parser in Mozilla Firefox before 1.5.0.1 and SeaMonkey before 1.0 allows remote attackers to...
E S
CVE-2006-0299 The E4X implementation in Mozilla Firefox before 1.5.0.1, Thunderbird 1.5 if running Javascript in m...
CVE-2006-0300 Buffer overflow in tar 1.14 through 1.15.90 allows user-assisted attackers to cause a denial of serv...
S
CVE-2006-0301 Heap-based buffer overflow in Splash.cc in xpdf, as used in other products such as (1) poppler, (2) ...
S
CVE-2006-0302 ZyXel P2000W VoIP 802.11b Wireless Phone running firmware WV.00.02 allows remote attackers to obtain...
CVE-2006-0303 Multiple unspecified vulnerabilities in the (1) publishing component, (2) Contact Component, (3) Tin...
S
CVE-2006-0304 Buffer overflow in Dual DHCP DNS Server 1.0 allows remote attackers to cause a denial of service (ap...
E S
CVE-2006-0305 Clipcomm CPW-100E VoIP 802.11b Wireless Handset Phone running firmware 1.1.12 (051129) and CP-100E V...
CVE-2006-0306 The DM Primer (dmprimer.exe) in the DM Deployment Common Component in Computer Associates (CA) Brigh...
E
CVE-2006-0307 The DM Primer in the DM Deployment Common Component in Computer Associates (CA) BrightStor Mobile Ba...
E S
CVE-2006-0308 PHP remote file inclusion vulnerability in htmltonuke.php in the htmltonuke 2.0 alpha, and possibly ...
E
CVE-2006-0309 Linksys BEFVP41 VPN Router 2.0 with firmware 1.01.04 allows remote attackers on the local network, t...
CVE-2006-0310 Cross-site scripting (XSS) vulnerability in aoblogger 2.3 allows remote attackers to inject arbitrar...
E
CVE-2006-0311 SQL injection vulnerability in login.php in aoblogger 2.3 allows remote attackers to execute arbitra...
E
CVE-2006-0312 create.php in aoblogger 2.3 allows remote attackers to bypass authentication and create new blog ent...
E
CVE-2006-0313 Multiple SQL injection vulnerabilities in PDFdirectory before 1.0 allow remote attackers to execute ...
S
CVE-2006-0314 PDFdirectory before 1.0 stores sensitive data in plaintext, which allows remote attackers to obtain ...
CVE-2006-0315 index.php in EZDatabase before 2.1.2 does not properly cleanse the p parameter before constructing a...
E
CVE-2006-0316 Buffer overflow in YGPPicFinder.DLL in AOL You've Got Pictures (YGP) Picture Finder Tool ActiveX Con...
S
CVE-2006-0317 Cross-site scripting (XSS) vulnerability in rkrt_stats.php in RedKernel Referrer Tracker 1.1.0-3 all...
E
CVE-2006-0318 SQL injection vulnerability in index.php in BlogPHP 1.0, when magic_quotes_gpc is disabled, allows r...
E
CVE-2006-0319 Directory traversal vulnerability in the FTP server (port 22003/tcp) in Farmers WIFE 4.4 SP1 allows ...
E
CVE-2006-0320 SQL injection vulnerability in admin/processlogin.php in Bit 5 Blog 8.01 allows remote attackers to ...
E
CVE-2006-0321 fetchmail 6.3.0 and other versions before 6.3.2 allows remote attackers to cause a denial of service...
S
CVE-2006-0322 Unspecified vulnerability the edit comment formatting functionality in MediaWiki 1.5.x before 1.5.6 ...
S
CVE-2006-0323 Buffer overflow in swfformat.dll in multiple RealNetworks products and versions including RealPlayer...
E S
CVE-2006-0324 SQL injection vulnerability in WebspotBlogging 3.0 allows remote attackers to execute arbitrary SQL ...
E
CVE-2006-0325 Etomite Content Management System 0.6, and possibly earlier versions, when downloaded from the web s...
S
CVE-2006-0327 TYPO3 3.7.1 allows remote attackers to obtain sensitive information via a direct request to (1) thum...
E
CVE-2006-0328 Format string vulnerability in Tftpd32 2.81 allows remote attackers to cause a denial of service via...
E
CVE-2006-0329 SQL injection vulnerability in HITSENSER Data Mart Server BS, BS-S, BS-M, BS-L, and EX allows remote...
S
CVE-2006-0330 Cross-site scripting (XSS) vulnerability in Gallery before 1.5.2 allows remote attackers to inject a...
S
CVE-2006-0331 Buffer overflow in Change passwd 3.1 (chpasswd) SquirrelMail plugin allows local users to execute ar...
CVE-2006-0332 Pantomime in Ecartis 1.0.0 snapshot 20050909 stores e-mail attachments in a publicly accessible dire...
S
CVE-2006-0333 Cross-site scripting (XSS) vulnerability in ar-blog 5.2 allows remote attackers to inject arbitrary ...
CVE-2006-0334 Cross-site scripting (XSS) vulnerability in search.php in My Amazon Store Manager 1.0 allows remote ...
E
CVE-2006-0335 Multiple unspecified vulnerabilities in Kerio WinRoute Firewall before 6.1.4 Patch 1 allow remote at...
S
CVE-2006-0336 Kerio WinRoute Firewall before 6.1.4 Patch 2 allows attackers to cause a denial of service (CPU cons...
CVE-2006-0337 Buffer overflow in multiple F-Secure Anti-Virus products and versions for Windows and Linux, includi...
S
CVE-2006-0338 Multiple F-Secure Anti-Virus products and versions for Windows and Linux, including Anti-Virus for W...
S
CVE-2006-0339 Buffer overflow in BitComet Client 0.60 allows remote attackers to execute arbitrary code, when the ...
S
CVE-2006-0340 Unspecified vulnerability in Stack Group Bidding Protocol (SGBP) support in Cisco IOS 12.0 through 1...
S
CVE-2006-0341 Cross-site scripting (XSS) vulnerability in WCONSOLE.DLL in Rockliffe MailSite 5.x and 6.1.22 and ea...
S
CVE-2006-0342 RockLiffe MailSite HTTP Mail management agent (httpma) 7.0.3.1 allows remote attackers to cause a de...
E S
CVE-2006-0343 Unspecified vulnerability in the Port Discovery Standard and Advanced features in Hitachi JP1/NetIns...
S
CVE-2006-0344 Directory traversal vulnerability in Intervations FileCOPA FTP Server 1.01 allows remote attackers t...
S
CVE-2006-0345 Multiple SQL injection vulnerabilities in SaralBlog 1.0 allow remote attackers to execute arbitrary ...
E
CVE-2006-0346 Cross-site scripting (XSS) vulnerability in SaralBlog 1.0 allows remote attackers to inject arbitrar...
E
CVE-2006-0347 Directory traversal vulnerability in ELOG before 2.6.1 allows remote attackers to access arbitrary f...
S
CVE-2006-0348 Format string vulnerability in the write_logfile function in ELOG before 2.6.1 allows remote attacke...
S
CVE-2006-0349 SQL injection vulnerability in eggblog 2.0 allows remote attackers to execute arbitrary SQL commands...
E
CVE-2006-0350 Cross-site scripting (XSS) vulnerability in eggblog 2.0 allow remote attackers to inject arbitrary w...
E
CVE-2006-0351 Unspecified "critical denial-of-service vulnerability" in MyDNS before 1.1.0 has unknown impact and ...
S
CVE-2006-0352 The default configuration of Fluffington FLog 1.01 installs users.0.dat under the web document root ...
CVE-2006-0353 unix_random.c in lshd for lsh 2.0.1 leaks file descriptors related to the randomness generator, whic...
S
CVE-2006-0354 Cisco IOS before 12.3-7-JA2 on Aironet Wireless Access Points (WAP) allows remote authenticated user...
E S
CVE-2006-0355 Helmsman Research (aka CoolUtils) HomeFtp 1.1 allows remote attackers to cause an unspecified denial...
E
CVE-2006-0356 Ari Pikivirta Home Ftp Server 1.0.7 allows remote attackers to cause an unspecified denial of servic...
E
CVE-2006-0357 Grant Averett Cerberus FTP Server 2.32, and possibly earlier versions, allows remote attackers to ca...
E
CVE-2006-0358 Multiple SQL injection vulnerabilities in PowerPortal, possibly 1.1 beta through 1.3, allow remote a...
E
CVE-2006-0359 Buffer overflow in CounterPath eyeBeam SIP Softphone allows remote attackers to (1) cause a denial o...
CVE-2006-0360 MPM SIP HP-180W Wireless IP Phone WE.00.17 allows remote attackers to obtain sensitive information a...
CVE-2006-0361 Cross-site scripting (XSS) vulnerability in addcomment.php in Bit 5 Blog 8.01 allows remote attacker...
E
CVE-2006-0362 TippingPoint Intrusion Prevention System (IPS) TOS before 2.1.4.6324, and TOS 2.2.x before 2.2.1.650...
S
CVE-2006-0363 The "Remember my Password" feature in MSN Messenger 7.5 stores passwords in an encrypted format unde...
CVE-2006-0364 Cross-site scripting (XSS) vulnerability in MyBulletinBoard (MyBB) allows remote attackers to inject...
E S
CVE-2006-0365 Cross-site scripting (XSS) vulnerability in XMB (aka extreme message board) allows remote attackers ...
CVE-2006-0366 Cross-site scripting (XSS) vulnerability in Phpclanwebsite (aka PCW) allows remote attackers to inje...
S
CVE-2006-0367 Unspecified vulnerability in Cisco CallManager 3.2 and earlier, 3.3 before 3.3(5)SR1, 4.0 before 4.0...
S
CVE-2006-0368 Cisco CallManager 3.2 and earlier, 3.3 before 3.3(5)SR1, 4.0 before 4.0(2a)SR2c, and 4.1 before 4.1(...
S
CVE-2006-0369 MySQL 5.0.18 allows local users with access to a VIEW to obtain sensitive information via the "SELEC...
CVE-2006-0370 Noah Medling RCBlog 1.03 stores the data and config directories under the web root with insufficient...
E
CVE-2006-0371 Directory traversal vulnerability in index.php in Noah Medling RCBlog 1.03 allows remote attackers t...
E
CVE-2006-0372 Multiple SQL injection vulnerabilities in config.php in Insane Visions BlogPHP, possibly 1.0, allow ...
E
CVE-2006-0373 Cross-site scripting (XSS) vulnerability in register.aspx in Douran FollowWeb allows remote attacker...
CVE-2006-0374 Advantage Century Telecommunication (ACT) P202S IP Phone 1.01.21 running firmware 1.1.21 has multipl...
CVE-2006-0375 Advantage Century Telecommunication (ACT) P202S IP Phone 1.01.21 running firmware 1.1.21 on VxWorks ...
CVE-2006-0376 The 802.11 wireless client in certain operating systems including Windows 2000, Windows XP, and Wind...
CVE-2006-0377 CRLF injection vulnerability in SquirrelMail 1.4.0 to 1.4.5 allows remote attackers to inject arbitr...
S
CVE-2006-0378 Cross-site scripting (XSS) vulnerability in Netrix X-Site Manager allows remote attackers to inject ...
E
CVE-2006-0379 FreeBSD kernel 5.4-STABLE and 6.0 does not completely initialize a buffer before making it available...
S
CVE-2006-0380 A logic error in FreeBSD kernel 5.4-STABLE and 6.0 causes the kernel to calculate an incorrect buffe...
S
CVE-2006-0381 A logic error in the IP fragment cache functionality in pf in FreeBSD 5.3, 5.4, and 6.0, and OpenBSD...
S
CVE-2006-0382 Apple Mac OS X 10.4.5 and allows local users to cause a denial of service (crash) via an undocumente...
CVE-2006-0383 IPSec when used with VPN networks in Mac OS X 10.4 through 10.4.5 allows remote attackers to cause a...
S
CVE-2006-0384 automount in Mac OS X 10.4.5 and earlier allows remote file servers to cause a denial of service (un...
S
CVE-2006-0386 FileVault in Mac OS X 10.4.5 and earlier does not properly mount user directories when creating a Fi...
S
CVE-2006-0387 Stack-based buffer overflow in Safari in Mac OS X 10.4.5 and earlier, and 10.3.9 and earlier, allows...
S
CVE-2006-0388 Safari in Mac OS X 10.3 before 10.3.9 and 10.4 before 10.4.5 allows remote attackers to redirect use...
S
CVE-2006-0389 Cross-site scripting (XSS) vulnerability in Syndication (Safari RSS) in Mac OS X 10.4 through 10.4.5...
S
CVE-2006-0390 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-4504. Reason: This candida...
R
CVE-2006-0391 Directory traversal vulnerability in the BOM framework in Mac OS X 10.x before 10.3.9 and 10.4 befor...
S
CVE-2006-0392 Buffer overflow in Apple Mac OS X 10.4.7 allows user-assisted attackers to cause a denial of service...
CVE-2006-0393 OpenSSH in Apple Mac OS X 10.4.7 allows remote attackers to cause a denial of service or determine a...
CVE-2006-0394 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-0848. Reason: This candida...
R
CVE-2006-0395 The Download Validation in Mail in Mac OS X 10.4 does not properly recognize attachment file types t...
CVE-2006-0396 Buffer overflow in Mail in Apple Mac OS X 10.4 up to 10.4.5, when patched with Security Update 2006-...
E S
CVE-2006-0397 Unspecified vulnerability in Safari, LaunchServices, and/or CoreTypes in Apple Mac OS X 10.4 up to 1...
S
CVE-2006-0398 Unspecified vulnerability in Safari, LaunchServices, and/or CoreTypes in Apple Mac OS X 10.4 up to 1...
S
CVE-2006-0399 Unspecified vulnerability in Safari, LaunchServices, and/or CoreTypes in Apple Mac OS X 10.4 up to 1...
S
CVE-2006-0400 CoreTypes in Apple Mac OS X 10.4 up to 10.4.5 allows remote attackers to bypass the same-origin poli...
S
CVE-2006-0401 Unspecified vulnerability in Mac OS X before 10.4.6, when running on an Intel-based computer, allows...
S
CVE-2006-0402 SQL injection vulnerability in Zoph before 0.5pre1 allows remote attackers to execute arbitrary SQL ...
S
CVE-2006-0403 Multiple SQL injection vulnerabilities in e-moBLOG 1.3 allow remote attackers to execute arbitrary S...
E
CVE-2006-0404 Note-A-Day Weblog 2.2 stores sensitive data under the web document root with insufficient access con...
E
CVE-2006-0405 The TIFFFetchShortPair function in tif_dirread.c in libtiff 3.8.0 allows remote attackers to cause a...
CVE-2006-0406 search.php in MyBB 1.0.2 allows remote attackers to obtain sensitive information via a certain searc...
E
CVE-2006-0407 Cross-site scripting (XSS) vulnerability in post.php in AZ Bulletin Board (AZbb) 1.1.00 and earlier ...
E
CVE-2006-0408 rsh utility in Sun Grid Engine (SGE) before 6.0u7_1 allows local users to gain privileges and execut...
S
CVE-2006-0409 Cross-site scripting (XSS) vulnerability in index.php in Pixelpost Photoblog 1.4.3 allows remote att...
E
CVE-2006-0410 SQL injection vulnerability in ADOdb before 4.71, when using PostgreSQL, allows remote attackers to ...
S
CVE-2006-0411 claro_init_local.inc.php in Claroline 1.7.2 uses guessable session cookies (MD5 hash of connection t...
CVE-2006-0412 SQL injection vulnerability in CyberShop allows remote attackers to execute arbitrary SQL commands a...
E
CVE-2006-0413 Multiple SQL injection vulnerabilities in index.php in NewsPHP allow remote attackers to execute arb...
E
CVE-2006-0414 Tor before 0.1.1.20 allows remote attackers to identify hidden services via a malicious Tor server t...
S
CVE-2006-0415 Cross-site scripting (XSS) vulnerability in index.php in SleeperChat 0.3f and earlier allows remote ...
E
CVE-2006-0416 SleeperChat 0.3f and earlier allows remote attackers to bypass authentication and create new entries...
E
CVE-2006-0417 SQL injection vulnerability in login.php in miniBloggie 1.0 and earlier, when gpc_magic_quotes is di...
E
CVE-2006-0418 Eval injection vulnerability in 123 Flash Chat Server 5.0 and 5.1 allows attackers to execute arbitr...
E S
CVE-2006-0419 BEA WebLogic Server and WebLogic Express 9.0, 8.1 through SP5, and 7.0 through SP6 allows anonymous ...
E S
CVE-2006-0420 BEA WebLogic Server and WebLogic Express 8.1 through SP4 and 7.0 through SP6 does not properly handl...
S
CVE-2006-0421 By design, BEA WebLogic Server and WebLogic Express 7.0 and 6.1, when creating multiple domains from...
S
CVE-2006-0422 Multiple unspecified vulnerabilities in BEA WebLogic Server and WebLogic Express 8.1 through SP4, 7....
S
CVE-2006-0423 BEA WebLogic Portal 8.1 through SP3 stores the password for the RDBMS Authentication provider in cle...
S
CVE-2006-0424 BEA WebLogic Server and WebLogic Express 8.1 through SP4, 7.0 through SP6, and 6.1 through SP7 allow...
S
CVE-2006-0425 BEA WebLogic Portal 8.1 through SP4 allows remote attackers to obtain the source for a deployment de...
S
CVE-2006-0426 BEA WebLogic Server and WebLogic Express 8.1 through SP4, when configuration auditing is enabled and...
S
CVE-2006-0427 Unspecified vulnerability in BEA WebLogic Server and WebLogic Express 9.0 and 8.1 through SP5 allows...
S
CVE-2006-0428 Unspecified vulnerability in BEA WebLogic Portal 8.1 SP3 through SP5, when using Web Services Remote...
S
CVE-2006-0429 BEA WebLogic Server and WebLogic Express 9.0 causes new security providers to appear active even if ...
S
CVE-2006-0430 Certain configurations of BEA WebLogic Server and WebLogic Express 9.0, 8.1 through SP5, and 7.0 thr...
S
CVE-2006-0431 Unspecified vulnerability in BEA WebLogic Server and WebLogic Express 8.1 SP5 allows untrusted appli...
S
CVE-2006-0432 Unspecified vulnerability in BEA WebLogic Server and WebLogic Express 9.0, when an Administrator use...
S
CVE-2006-0433 Selective Acknowledgement (SACK) in FreeBSD 5.3 and 5.4 does not properly handle an incoming selecti...
S
CVE-2006-0434 Directory traversal vulnerability in action.php in phpXplorer allows remote attackers to read arbitr...
CVE-2006-0435 Unspecified vulnerability in Oracle PL/SQL (PLSQL), as used in Database Server DS 9.2.0.7 and 10.1.0...
S
CVE-2006-0436 Unspecified vulnerability in HP HP-UX B.11.00, B.11.04, and B.11.11 allows local users to gain privi...
S
CVE-2006-0437 Cross-site scripting (XSS) vulnerability in admin_smilies.php in phpBB 2.0.19 allows remote attacker...
E
CVE-2006-0438 Cross-site request forgery (CSRF) vulnerability in phpBB 2.0.19, when Link to off-site Avatar or bbc...
E
CVE-2006-0439 Text Rider 2.4 stores sensitive data in the data directory under the web document root with insuffic...
E
CVE-2006-0440 Text Rider 2.4 allows attackers to bypass authentication and upload files without providing a valid ...
E
CVE-2006-0441 Stack-based buffer overflow in Sami FTP Server 2.0.1 allows remote attackers to execute arbitrary co...
E
CVE-2006-0442 Multiple cross-site scripting (XSS) vulnerabilities in usercp.php in MyBulletinBoard (MyBB) 1.02 all...
E
CVE-2006-0443 Cross-site scripting (XSS) vulnerability in archive.php in CheesyBlog 1.0 allows remote attackers to...
E
CVE-2006-0444 SQL injection vulnerability in index.php in Phpclanwebsite (aka PCW) 1.23.1 allows remote attackers ...
E S
CVE-2006-0445 index.php in Phpclanwebsite 1.23.1 allows remote authenticated users to obtain the installation path...
E
CVE-2006-0446 Unspecified vulnerability in WeBWorK 2.1.3 and 2.2-pre1 allows remote privileged attackers to execut...
S
CVE-2006-0447 Multiple buffer overflows in E-Post Mail Server 4.10 and SPA-PRO Mail @Solomon 4.00 allow remote att...
S
CVE-2006-0448 Multiple directory traversal vulnerabilities in (1) EPSTIMAP4S.EXE and (2) SPA-IMAP4S.EXE in the IMA...
S
CVE-2006-0449 Early termination vulnerability in the IMAP service in E-Post Mail 4.05 and SPA-PRO Mail 4.05 allows...
S
CVE-2006-0450 phpBB 2.0.19 and earlier allows remote attackers to cause a denial of service (application crash) by...
E
CVE-2006-0451 Multiple memory leaks in the LDAP component in Fedora Directory Server 1.0 allow remote attackers to...
CVE-2006-0452 dn2ancestor in the LDAP component in Fedora Directory Server 1.0 allows remote attackers to cause a ...
CVE-2006-0453 The LDAP component in Fedora Directory Server 1.0 allow remote attackers to cause a denial of servic...
CVE-2006-0454 Linux kernel before 2.6.15.3 down to 2.6.12, while constructing an ICMP response in icmp_send, does ...
S
CVE-2006-0455 gpgv in GnuPG before 1.4.2.1, when using unattended signature verification, returns a 0 exit code in...
E S
CVE-2006-0456 The strnlen_user function in Linux kernel before 2.6.16 on IBM S/390 can return an incorrect value, ...
CVE-2006-0457 Race condition in the (1) add_key, (2) request_key, and (3) keyctl functions in Linux kernel 2.6.x a...
CVE-2006-0458 The DCC ACCEPT command handler in irssi before 0.8.9+0.8.10rc5-0ubuntu4.1 in Ubuntu Linux, and possi...
S
CVE-2006-0459 flex.skl in Will Estes and John Millaway Fast Lexical Analyzer Generator (flex) before 2.5.33 does n...
S
CVE-2006-0460 Multiple buffer overflows in BomberClone before 0.11.6.2 allow remote attackers to execute arbitrary...
S
CVE-2006-0461 Cross-site scripting (XSS) vulnerability in core.input.php in ExpressionEngine 1.4.1 allows remote a...
E S
CVE-2006-0462 SQL injection vulnerability in comentarios.php in AndoNET Blog 2004.09.02 allows remote attackers to...
E
CVE-2006-0463 Cross-site scripting (XSS) vulnerability in IdeoContent Manager allows remote attackers to inject ar...
E
CVE-2006-0464 Multiple SQL injection vulnerabilities in index.php in IdeoContent Manager allow remote attackers to...
E
CVE-2006-0465 Cross-site scripting (XSS) vulnerability in risultati_ricerca.php in active121 Site Manager allows r...
E
CVE-2006-0466 Cross-site scripting (XSS) vulnerability in search.asp in Goldstag Content Management System allows ...
E
CVE-2006-0467 Unspecified vulnerability in Pioneers (formerly gnocatan) before 0.9.49 allows remote attackers to c...
S
CVE-2006-0468 CommuniGate Pro Core Server before 5.0.7 allows remote attackers to cause a denial of service (crash...
S
CVE-2006-0469 Cross-site scripting (XSS) vulnerability in UebiMiau 2.7.9, and possibly earlier versions, allows re...
CVE-2006-0470 Cross-site scripting (XSS) vulnerability in search.php in MyBulletinBoard (MyBB) 1.02 allows remote ...
E
CVE-2006-0471 Cross-site scripting (XSS) vulnerability in the bbcode function in functions.php in my little homepa...
E
CVE-2006-0472 Cross-site scripting (XSS) vulnerability in guestbook.php in my little homepage my little guestbook,...
E
CVE-2006-0473 Cross-site scripting (XSS) vulnerability in the bbcode function in weblog.php in my little homepage ...
E
CVE-2006-0474 Multiple integer overflows in Shareaza 2.2.1.0 allow remote attackers to execute arbitrary code via ...
CVE-2006-0475 PHP-Ping 1.3 does not properly validate ping counts, which allows remote attackers to cause a denial...
CVE-2006-0476 Buffer overflow in Nullsoft Winamp 5.12 allows remote attackers to execute arbitrary code via a play...
E S
CVE-2006-0477 Buffer overflow in git-checkout-index in GIT before 1.1.5 allows remote attackers to execute arbitra...
S
CVE-2006-0478 CRE Loaded 6.15 allows remote attackers to perform privileged actions, including uploading and creat...
S
CVE-2006-0479 pmwiki.php in PmWiki 2.1 beta 20, with register_globals enabled, allows remote attackers to bypass p...
CVE-2006-0480 Cross-site scripting (XSS) vulnerability in the Articles module in sPaiz-Nuke allows remote attacker...
CVE-2006-0481 Heap-based buffer overflow in the alpha strip capability in libpng 1.2.7 allows context-dependent at...
S
CVE-2006-0482 Linux kernel 2.6.15.1 and earlier, when running on SPARC architectures, allows local users to cause ...
CVE-2006-0483 Cisco VPN 3000 series concentrators running software 4.7.0 through 4.7.2.A allow remote attackers to...
S
CVE-2006-0484 Directory traversal vulnerability in Vis.pl, as part of the FACE CONTROL product, allows remote atta...
S
CVE-2006-0485 The TCL shell in Cisco IOS 12.2(14)S before 12.2(14)S16, 12.2(18)S before 12.2(18)S11, and certain o...
CVE-2006-0486 Certain Cisco IOS releases in 12.2S based trains with maintenance release number 25 and later, 12.3T...
CVE-2006-0487 Multiple unspecified vulnerabilities in Tumbleweed MailGate Email Firewall (EMF) 6.x allow remote at...
CVE-2006-0488 The VDM (Virtual DOS Machine) emulation environment for MS-DOS applications in Windows 2000, Windows...
CVE-2006-0489 Buffer overflow in the font command of mIRC, probably 6.16, allows local users to execute arbitrary ...
CVE-2006-0490 SQL injection vulnerability in login.asp in ASPThai.Net ASPThai Forums 8.0 and earlier allows remote...
CVE-2006-0491 SQL injection vulnerability in SZUserMgnt.class.php in SZUserMgnt 1.4 allows remote attackers to exe...
E
CVE-2006-0492 Multiple SQL injection vulnerabilities in Calendarix allow remote attackers to execute arbitrary SQL...
E
CVE-2006-0493 Cross-site scripting (XSS) vulnerability in MG2 (formerly known as Minigal) 0.5.1 allows remote atta...
CVE-2006-0494 Directory traversal vulnerability in MyBB (aka MyBulletinBoard) 1.02 allows local users with MyBB ad...
CVE-2006-0495 Cross-site scripting (XSS) vulnerability in the Add Thread to Favorites feature in usercp2.php in My...
CVE-2006-0496 Cross-site scripting (XSS) vulnerability in Mozilla 1.7.12 and possibly earlier, Mozilla Firefox 1.0...
E
CVE-2006-0497 Multiple SQL injection vulnerabilities in PHP GEN before 1.4 allow remote attackers to inject arbitr...
CVE-2006-0498 Multiple cross-site scripting (XSS) vulnerabilities in PHP GEN before 1.4 allow remote attackers to ...
CVE-2006-0499 Cross-site scripting (XSS) vulnerability in rlink.php in Rlink 1.0.0 module for phpBB allows remote ...
CVE-2006-0500 MyCO Guestbook 1.0 stores the admin directory under the web document root with insufficient access c...
CVE-2006-0501 Cross-site scripting (XSS) vulnerability in MyCO Guestbook 1.0 allows remote attackers to inject arb...
CVE-2006-0502 PHP remote file inclusion vulnerability in loginout.php in FarsiNews 2.1 Beta 2 and earlier, with re...
E
CVE-2006-0503 IMAP service in MailEnable Professional Edition before 1.72 allows remote attackers to cause a denia...
S
CVE-2006-0504 Unspecified vulnerability in MailEnable Enterprise Edition before 1.2 allows remote attackers to cau...
CVE-2006-0505 zbattle.net Zbattle client 1.09 SR-1 beta allows remote attackers to cause an unspecified denial of ...
CVE-2006-0506 Cross-site scripting (XSS) vulnerability in index.php in Nuked-klaN 1.7 allows remote attackers to i...
CVE-2006-0507 Multiple cross-site scripting (XSS) vulnerabilities in Easy CMS allow remote attackers to inject arb...
CVE-2006-0508 Easy CMS stores the images directory under the web document root with insufficient access control an...
CVE-2006-0509 Multiple cross-site scripting (XSS) vulnerabilities in clients.php in Cerberus Helpdesk, possibly 2....
E
CVE-2006-0510 SQL injection vulnerability in userlogin.jsp in Daffodil CRM 1.5 allows remote attackers to execute ...
E
CVE-2006-0511 Blackboard Academic Suite 6.0 and earlier does not properly clear session information when de-authen...
CVE-2006-0512 PADL MigrationTools 46 creates temporary files insecurely, which allows local users to overwrite arb...
CVE-2006-0513 Directory traversal vulnerability in pkmslogout in Tivoli Web Server Plug-in 5.1.0.10 in Tivoli Acce...
E S
CVE-2006-0515 Cisco PIX/ASA 7.1.x before 7.1(2) and 7.0.x before 7.0(5), PIX 6.3.x before 6.3.5(112), and FWSM 2.3...
E S
CVE-2006-0516 Unspecified vulnerability in the kernel processing in Solaris 10 64 bit platform, when running in 64...
CVE-2006-0517 Multiple SQL injection vulnerabilities in formulaires/inc-formulaire_forum.php3 in SPIP 1.8.2-e and ...
E S
CVE-2006-0518 Cross-site scripting (XSS) vulnerability in index.php3 in SPIP 1.8.2-e and earlier and 1.9 Alpha 2 (...
CVE-2006-0519 SPIP 1.8.2-e and earlier and 1.9 Alpha 2 (5539) and earlier allows remote attackers to obtain sensit...
CVE-2006-0520 SQL injection vulnerability index.php in Dragoran Portal module 1.3 for Invision Power Board (IPB) a...
E
CVE-2006-0521 Cross-site scripting (XSS) vulnerability in results.php in BrowserCRM allows remote attackers to inj...
CVE-2006-0522 SQL injection vulnerability in the Authentication Servlet in Symantec Sygate Management Server (SMS)...
S
CVE-2006-0523 SQL injection vulnerability in global.php in MyBB before 1.03 allows remote attackers to execute arb...
S
CVE-2006-0524 Cross-site scripting (XSS) vulnerability in ashnews.php in Derek Ashauer ashNews 0.83 allows remote ...
E
CVE-2006-0525 Multiple Adobe products, including (1) Photoshop CS2, (2) Illustrator CS2, and (3) Adobe Help Center...
CVE-2006-0526 The default configuration of the America Online (AOL) client software allows all users to modify a c...
CVE-2006-0527 BIND 4 (BIND4) and BIND 8 (BIND8), if used as a target forwarder, allows remote attackers to gain pr...
S
CVE-2006-0528 The cairo library (libcairo), as used in GNOME Evolution and possibly other products, allows remote ...
E
CVE-2006-0529 Computer Associates (CA) Message Queuing (CAM / CAFT) before 1.07 Build 220_16 and 1.11 Build 29_20,...
S
CVE-2006-0530 Computer Associates (CA) Message Queuing (CAM / CAFT) before 1.07 Build 220_16 and 1.11 Build 29_20,...
S
CVE-2006-0531 Unspecified vulnerability in Sun Java System Access Manager 7.0 allows local users logged in as "roo...
S
CVE-2006-0532 Cross-site scripting (XSS) vulnerability in resultat.asp in SoftMaker Shop allows remote attackers t...
E
CVE-2006-0533 Cross-site scripting (XSS) vulnerability in webmailaging.cgi in cPanel allows remote attackers to in...
E
CVE-2006-0534 Multiple cross-site scripting (XSS) vulnerabilities in default.asp in CyberShop Ultimate E-commerce ...
E
CVE-2006-0535 Multiple cross-site scripting (XSS) vulnerabilities in Community Server allow remote attackers to in...
CVE-2006-0536 Cross-site scripting (XSS) vulnerability in neomail.pl in NeoMail 1.27 allows remote attackers to in...
E
CVE-2006-0537 Buffer overflow in the POP3 server in Kinesphere Corporation eXchange before 5.0.060125 allows remot...
E
CVE-2006-0538 CipherTrust IronMail 5.0.1, when "Denial of Service Protection" is enabled, allows remote attackers ...
CVE-2006-0539 The convert-fcrontab program in fcron 3.0.0 might allow local users to gain privileges via a long co...
CVE-2006-0540 Multiple SQL injection vulnerabilities in Tachyon Vanilla Guestbook 1.0 beta allow remote attackers ...
CVE-2006-0541 Multiple cross-site scripting (XSS) vulnerabilities in Tachyon Vanilla Guestbook 1.0 beta allow remo...
CVE-2006-0542 Multiple SQL injection vulnerabilities in config.php in NukedWeb GuestBookHost 2005.04.25 allow remo...
CVE-2006-0543 Cerulean Trillian 3.1.0.120 allows remote attackers to cause a denial of service (client crash) via ...
S
CVE-2006-0544 urlmon.dll in Microsoft Internet Explorer 7.0 beta 2 (aka 7.0.5296.0) allows remote attackers to cau...
E
CVE-2006-0545 SQL injection vulnerability in showflat.php in Groupee (formerly known as Infopop) UBB.threads 6.3 a...
E
CVE-2006-0546 Unspecified vulnerability in index.php in a certain application available from /v1/tr/portfoy.php on...
CVE-2006-0547 Oracle Database 8i, 9i, and 10g allow remote authenticated users to execute arbitrary SQL statements...
CVE-2006-0548 SQL injection vulnerability in the Oracle Text component of Oracle Database 10g, and possibly earlie...
CVE-2006-0549 SQL injection vulnerability in the SYS.DBMS_METADATA_UTIL package in Oracle Database 10g, and possib...
CVE-2006-0550 Buffer overflow in an unspecified Oracle Client utility might allow remote attackers to execute arbi...
S
CVE-2006-0551 SQL injection vulnerability in the Data Pump Metadata API in Oracle Database 10g and possibly earlie...
S
CVE-2006-0552 Unspecified vulnerability in the Net Listener component of Oracle Database server 8.1.7.4, 9.0.1.5, ...
S
CVE-2006-0553 PostgreSQL 8.1.0 through 8.1.2 allows authenticated database users to gain additional privileges via...
S
CVE-2006-0554 Linux kernel 2.6 before 2.6.15.5 allows local users to obtain sensitive information via a crafted XF...
CVE-2006-0555 The Linux Kernel before 2.6.15.5 allows local users to cause a denial of service (NFS client panic) ...
CVE-2006-0556 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2006-0557 sys_mbind in mempolicy.c in Linux kernel 2.6.16 and earlier does not sanity check the maxnod variabl...
CVE-2006-0558 perfmon (perfmon.c) in Linux kernel on IA64 architectures allows local users to cause a denial of se...
CVE-2006-0559 Format string vulnerability in the SMTP server for McAfee WebShield 4.5 MR2 and earlier allows remot...
S
CVE-2006-0560 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2006-0561 Cisco Secure Access Control Server (ACS) 3.x for Windows stores ACS administrator passwords and the ...
S
CVE-2006-0562 Cross-site scripting (XSS) vulnerability in problem.php in PluggedOut Blog 1.9.9c allows remote atta...
E
CVE-2006-0563 SQL injection vulnerability in exec.php in PluggedOut Blog 1.9.9c allows remote attackers to execute...
E
CVE-2006-0564 Stack-based buffer overflow in Microsoft HTML Help Workshop 4.74.8702.0, and possibly earlier versio...
CVE-2006-0565 PHP remote file include vulnerability in inc/backend_settings.php in Loudblog 0.4 and earlier allows...
E
CVE-2006-0566 The LDAP component in CommuniGate Pro Core Server 5.0.7 allows remote attackers to cause a denial of...
CVE-2006-0567 Directory traversal vulnerability in Files Xaraya module before 0.5.1, when the Archive Directory fi...
S
CVE-2006-0568 Cross-site scripting (XSS) vulnerability in throw.main in Outblaze allows remote attackers to inject...
E
CVE-2006-0569 Cross-site scripting (XSS) vulnerability in user_class.php in Papoo 2.1.4 and earlier allows remote ...
S
CVE-2006-0570 Multiple SQL injection vulnerabilities in phpstatus 1.0, when gpc_magic_quotes is disabled, allow re...
CVE-2006-0571 Multiple cross-site scripting (XSS) vulnerabilities in phpstatus 1.0 allow remote attackers to injec...
CVE-2006-0572 phpstatus 1.0 does not require passwords when using cookies to identify a user, which allows remote ...
CVE-2006-0573 Multiple cross-site scripting (XSS) vulnerabilies in cPanel 10 and earlier allow remote attackers to...
E
CVE-2006-0574 Cross-site scripting (XSS) vulnerability in mime/handle.html in cPanel 10 allows remote attackers to...
CVE-2006-0575 convert-fcrontab in Fcron 2.9.5 and 3.0.0 allows remote attackers to create or overwrite arbitrary f...
CVE-2006-0576 Untrusted search path vulnerability in opcontrol in OProfile 0.9.1 and earlier allows local users to...
CVE-2006-0577 Lexmark X1185 printer allows local users to gain SYSTEM privileges by navigating to the "Appearance"...
CVE-2006-0578 Blue Coat Proxy Security Gateway OS (SGOS) 4.1.2.1 does not enforce CONNECT rules when using Deep Co...
CVE-2006-0579 Multiple integer overflows in (1) the new_demux_packet function in demuxer.h and (2) the demux_asf_r...
CVE-2006-0580 IBM Lotus Domino Server 7.0 allows remote attackers to cause a denial of service (segmentation fault...
CVE-2006-0581 SQL injection vulnerability in Hosting Controller 6.1 Hotfix 2.8 allows remote authenticated users t...
E
CVE-2006-0582 Unspecified vulnerability in rshd in Heimdal 0.6.x before 0.6.6 and 0.7.x before 0.7.2, when storing...
S
CVE-2006-0583 SQL injection vulnerability in mailarticle.php in Clever Copy 3.0 and earlier allows remote attacker...
E
CVE-2006-0584 The PSCipher function in PeopleSoft People Tools 8.4x uses PKCS #5 with a fixed DES key to store use...
CVE-2006-0585 jscript.dll in Microsoft Internet Explorer 6.0 SP1 and earlier allows remote attackers to cause a de...
E
CVE-2006-0586 Multiple SQL injection vulnerabilities in Oracle 10g Release 1 before CPU Jan 2006 allow remote atta...
CVE-2006-0587 Unspecified vulnerability in util.php in Gallery before 1.5.2-pl2 allows remote authenticated users ...
S
CVE-2006-0588 SQL injection vulnerability in search.php in MyTopix 1.2.3 allows remote attackers to execute arbitr...
E
CVE-2006-0589 MyTopix 1.2.3 allows remote attackers to obtain the installation path via a direct request to logon....
E
CVE-2006-0590 MyTopix 1.2.3 allows remote attackers to obtain the installation path via an invalid hl parameter to...
E
CVE-2006-0591 The crypt_gensalt functions for BSDI-style extended DES-based and FreeBSD-sytle MD5-based password h...
S
CVE-2006-0592 Unspecified vulnerability in the Lexmark Printer Sharing LexBce Server Service (LexPPS), possibly 8....
CVE-2006-0593 Cross-site scripting (XSS) vulnerability in PHP-Fusion before 6.00.304 allows remote attackers to in...
CVE-2006-0597 Multiple stack-based buffer overflows in elogd.c in elog before 2.5.7 r1558-4 allow attackers to cau...
S
CVE-2006-0598 Buffer overflow in elogd.c in elog before 2.5.7 r1558-4 allows attackers to execute code via unspeci...
S
CVE-2006-0599 The (1) elog.c and (2) elogd.c components in elog before 2.5.7 r1558-4 generate different responses ...
S
CVE-2006-0600 elog before 2.5.7 r1558-4 allows remote attackers to cause a denial of service (infinite redirection...
S
CVE-2006-0602 Multiple SQL injection vulnerabilities in Hinton Design phphg Guestbook 1.2 allow remote attackers t...
E
CVE-2006-0603 Multiple cross-site scripting vulnerabilities in signed.php in Hinton Design phphg Guestbook 1.2 all...
S
CVE-2006-0604 check.php in Hinton Design phphg Guestbook 1.2 does not check the user password when authenticating ...
CVE-2006-0605 Multiple cross-site scripting (XSS) vulnerabilities in Unknown Domain Shoutbox 2005.07.21 allow remo...
CVE-2006-0606 SQL injection vulnerability in Unknown Domain Shoutbox 2005.07.21 allows remote attackers to execute...
CVE-2006-0607 check.php in Hinton Design phphd 1.0 does not check passwords when certain cookies are provided, whi...
E
CVE-2006-0608 Multiple SQL injection vulnerabilities in Hinton Design phphd 1.0 allow remote attackers to execute ...
E
CVE-2006-0609 Cross-site scripting (XSS) vulnerability in add.php in Hinton Design phphd 1.0 allows remote attacke...
E
CVE-2006-0610 Multiple SQL injection vulnerabilities in 2200net Calendar system 1.2, with gpc_magic_quotes disable...
CVE-2006-0611 Directory traversal vulnerability in compose.pl in @Mail 4.3 and earlier for Windows allows remote a...
S
CVE-2006-0612 Powersave daemon before 0.10.15.2 allows local users to gain privileges (unauthorized access to an X...
S
CVE-2006-0613 Unspecified vulnerability in Java Web Start after 1.0.1_02, as used in J2SE 5.0 Update 5 and earlier...
S
CVE-2006-0614 Unspecified vulnerability in Sun Java JDK and JRE 5.0 Update 3 and earlier, SDK and JRE 1.3.x throug...
S
CVE-2006-0615 Multiple unspecified vulnerabilities in Sun Java JDK and JRE 5.0 Update 4 and earlier, SDK and JRE 1...
S
CVE-2006-0616 Unspecified vulnerability in Sun Java JDK and JRE 5.0 Update 4 and earlier allows remote attackers t...
S
CVE-2006-0617 Multiple unspecified vulnerabilities in Sun Java JDK and JRE 5.0 Update 5 and earlier allow remote a...
S
CVE-2006-0618 Format string vulnerability in fontsleuth in QNX Neutrino RTOS 6.3.0 allows local users to execute a...
CVE-2006-0619 Multiple stack-based buffer overflows in QNX Neutrino RTOS 6.3.0 allow local users to execute arbitr...
CVE-2006-0620 Race condition in phfont in QNX Neutrino RTOS 6.2.1 allows local users to execute arbitrary code via...
CVE-2006-0621 Multiple buffer overflows in QNX Neutrino RTOS 6.2.0 allow local users to execute arbitrary code via...
CVE-2006-0622 QNX Neutrino RTOS 6.3.0 allows local users to cause a denial of service (hang) by supplying a "break...
E
CVE-2006-0623 QNX Neutrino RTOS 6.3.0 ships /etc/rc.d/rc.local with world-writable permissions, which allows local...
CVE-2006-0624 SQL injection vulnerability in check.asp in Whomp Real Estate Manager XP 2005 allows remote attacker...
E
CVE-2006-0625 Directory traversal vulnerability in Spip_RSS.PHP in SPIP 1.8.2g and earlier allows remote attackers...
E
CVE-2006-0626 SQL injection vulnerability in spip_acces_doc.php3 in SPIP 1.8.2g and earlier allows remote attacker...
E
CVE-2006-0627 Cross-site scripting (XSS) vulnerability in Clever Copy 2.0, 2.0a, and 3.0 allows remote attackers t...
E
CVE-2006-0628 myquiz.pl in Dale Ray MyQuiz 1.01 allows remote attackers to execute arbitrary commands via shell me...
E S
CVE-2006-0629 Unspecified vulnerability in AOL Instant Messenger (AIM) 5.9.3861 allows user-assisted remote attack...
CVE-2006-0630 RITLabs The Bat! before 3.0.0.15 displays certain important headers from encapsulated data in messag...
E
CVE-2006-0631 CRLF injection vulnerability in mailback.pl in Erik C. Thauvin mailback allows remote attackers to u...
E S
CVE-2006-0632 The gen_rand_string function in phpBB 2.0.19 uses insufficiently random data (small value space) to ...
E
CVE-2006-0633 The make_password function in ipsclass.php in Invision Power Board (IPB) 2.1.4 uses random data gene...
S
CVE-2006-0634 Borland C++Builder 6 (BCB6) with Update Pack 4 Enterprise edition (ent_upd4) evaluates the "i>sizeof...
CVE-2006-0635 Tiny C Compiler (TCC) 0.9.23 (aka TinyCC) evaluates the "i>sizeof(int)" expression to false when i e...
CVE-2006-0636 desktop.php in eyeOS 0.8.9 and earlier tests for the existence of the _SESSION variable before calli...
S
CVE-2006-0637 Buffer overflow in cram.dll in QUALCOMM Eudora WorldMail 3.0 allows remote attackers to execute arbi...
CVE-2006-0638 SQL injection vulnerability in moderation.php in MyBB (aka MyBulletinBoard) 1.0.3 allows remote auth...
E
CVE-2006-0639 Cross-site scripting (XSS) vulnerability in search.php in MyBB (aka MyBulletinBoard) 1.0.2 allows re...
E S
CVE-2006-0640 Orbicule Undercover allows attackers with physical or root access to disable the protection by using...
CVE-2006-0641 Orbicule Undercover uses a third-party web server to determine the IP address through which the comp...
CVE-2006-0642 Trend Micro ServerProtect 5.58, and possibly InterScan Messaging Security Suite and InterScan Web Se...
CVE-2006-0643 Cross-site scripting (XSS) vulnerability in WiredRed e/pop Web Conferencing 4.1.0.755 allows remote ...
CVE-2006-0644 Multiple directory traversal vulnerabilities in install.php in CPG-Nuke Dragonfly CMS (aka CPG Drago...
E
CVE-2006-0645 Tiny ASN.1 Library (libtasn1) before 0.2.18, as used by (1) GnuTLS 1.2.x before 1.2.10 and 1.3.x bef...
CVE-2006-0646 ld in SUSE Linux 9.1 through 10.0, and SLES 9, in certain circumstances when linking binaries, can l...
S
CVE-2006-0647 LDAP service in Sun Java System Directory Server 5.2, running on Linux and possibly other platforms,...
E
CVE-2006-0648 Multiple directory traversal vulnerabilities in PHP iCalendar 2.0.1, 2.1, and 2.2 allow remote attac...
E S
CVE-2006-0649 Cross-site scripting (XSS) vulnerability in DataparkSearch before 4.37 allows remote attackers to in...
S
CVE-2006-0650 Cross-site scripting (XSS) vulnerability in cpaint2.inc.php in the CPAINT library before 2.0.3, as u...
E S
CVE-2006-0651 SQL injection vulnerability in index.php in vwdev allows remote attackers to execute arbitrary SQL c...
E
CVE-2006-0652 WHMCompleteSolution (WHMCS) before 2.3 assigns incorrect permissions to "resellers", which allows re...
S
CVE-2006-0653 Multiple SQL injection vulnerabilities in Hinton Design phpht Topsites 1.3 allow remote attackers to...
E
CVE-2006-0654 check.php in Hinton Design phpht Topsites 1.3 does not validate passwords when using cookies, which ...
E
CVE-2006-0655 Multiple cross-site scripting (XSS) vulnerabilities in (1) link_edited.php and (2) link_added.php in...
E
CVE-2006-0656 Directory traversal vulnerability in HP Systems Insight Manager 4.2 through 5.0 SP3 for Windows allo...
CVE-2006-0657 Cross-site scripting (XSS) vulnerability in Softcomplex PHP Event Calendar 1.5 allows remote authent...
CVE-2006-0658 Incomplete blacklist vulnerability in connector.php in FCKeditor 2.0 and 2.2, as used in products su...
E
CVE-2006-0659 Multiple PHP remote file include vulnerabilities in RunCMS 1.2 and earlier, with register_globals an...
E S
CVE-2006-0660 Multiple directory traversal vulnerabilities in FarsiNews 2.5 and earlier allows remote attackers to...
E S
CVE-2006-0661 Cross-site scripting (XSS) vulnerability in Scriptme SmE GB Host 1.21 and SmE Blog Host allows remot...
CVE-2006-0662 Cross-site scripting (XSS) vulnerability in Lotus Domino iNotes Client 6.5.4 allows remote attackers...
S
CVE-2006-0663 Multiple cross-site scripting (XSS) vulnerabilities in Lotus Domino iNotes Client 6.5.4 and 7.0 allo...
E S
CVE-2006-0664 Cross-site scripting (XSS) vulnerability in config_defaults_inc.php in Mantis before 1.0 allows remo...
S
CVE-2006-0665 Unspecified vulnerability in (1) query_store.php and (2) manage_proj_create.php in Mantis before 1.0...
S
CVE-2006-0666 Unspecified vulnerability in the (1) unix_mp and (2) unix_64 kernels in IBM AIX 5.3 VRMF 5.3.0.30 th...
S
CVE-2006-0667 lscfg in IBM AIX 5.2 and 5.3 allows local users to modify arbitrary files via a symlink attack....
S
CVE-2006-0668 SQL injection vulnerability in index.php in PwsPHP 1.2.3 allows remote attackers to execute arbitrar...
E S
CVE-2006-0669 Multiple SQL injection vulnerabilities in archive.asp in GA's Forum Light allow remote attackers to ...
E
CVE-2006-0670 Buffer overflow in l2cap.c in hcidump 1.29 allows remote attackers to cause a denial of service (cra...
E
CVE-2006-0671 Buffer overflow in Sony Ericsson K600i, V600i, W800i, and T68i cell phone allows remote attackers to...
CVE-2006-0672 Unspecified vulnerability in HP PSC 1210 All-in-One Drivers before 1.0.06 has unknown impact and att...
S
CVE-2006-0673 Multiple SQL injection vulnerabilities in cms/index.php in Magic Calendar Lite 1.02, with magic_quot...
CVE-2006-0674 Buffer overflow in the arp command of IBM AIX 5.3 L, 5.3, 5.2.2, 5.2 L, and 5.2 allows local users t...
S
CVE-2006-0675 Cross-site scripting (XSS) vulnerability in search.php in Siteframe 5.0.1 allows remote attackers to...
E
CVE-2006-0676 Cross-site scripting (XSS) vulnerability in header.php in PHP-Nuke 6.0 to 7.8 allows remote attacker...
E
CVE-2006-0677 telnetd in Heimdal 0.6.x before 0.6.6 and 0.7.x before 0.7.2 allows remote unauthenticated attackers...
S
CVE-2006-0678 PostgreSQL 7.3.x before 7.3.14, 7.4.x before 7.4.12, 8.0.x before 8.0.7, and 8.1.x before 8.1.3, whe...
S
CVE-2006-0679 SQL injection vulnerability in index.php in the Your_Account module in PHP-Nuke 7.8 and earlier allo...
E
CVE-2006-0680 Unspecified vulnerability in WebGUI before 6.8.6-gamma allows remote attackers to create an account,...
S
CVE-2006-0681 Format string vulnerability in powerd.c in Power Daemon (powerd) 2.0.2 and earlier allows remote att...
CVE-2006-0682 Multiple cross-site scripting (XSS) vulnerabilities in bbcodes system in e107 before 0.7.2 allow rem...
S
CVE-2006-0683 Cross-site scripting (XSS) vulnerability in Virtual Hosting Control System (VHCS) 2.4.7.1 with v.1 p...
S
CVE-2006-0684 change_password.php in Virtual Hosting Control System (VHCS) 2.4.7.1 and earlier does not verify the...
S
CVE-2006-0685 The check_login function in login.php in Virtual Hosting Control System (VHCS) 2.4.7.1 and earlier d...
S
CVE-2006-0686 add_user.php in Virtual Hosting Control System (VHCS) 2.4.7.1 and earlier does not check user privil...
S
CVE-2006-0687 process.php in DocMGR 0.54.2 does not initialize the $siteModInfo variable when a direct request is ...
E
CVE-2006-0688 PHP remote file include vulnerability in application.php in nicecoder.com indexu 5.0.0 and 5.0.1 all...
CVE-2006-0689 Cross-site scripting (XSS) vulnerability in the Registration Form in TTS Time Tracking Software 3.0 ...
CVE-2006-0690 Multiple SQL injection vulnerabilities in TTS Time Tracking Software 3.0 allow remote attackers to e...
CVE-2006-0691 edituser.php in TTS Time Tracking Software 3.0 does not verify that the name and password are correc...
CVE-2006-0692 Multiple SQL injection vulnerabilities in Carey Briggs PHP/MYSQL Timesheet 1 and 2 allow remote atta...
CVE-2006-0693 Multiple SQL injection vulnerabilities in rb_auth.php in Roberto Butti CALimba 0.99.2 beta and earli...
CVE-2006-0694 Unspecified vulnerability in the loaders (load_*.php) in Ansilove before 1.03 allows remote attacker...
S
CVE-2006-0695 Ansilove before 1.03 does not filter uploaded file extensions, which allows remote attackers to exec...
S
CVE-2006-0696 SQL injection vulnerability in Zen Cart before 1.2.7 allows remote attackers to execute arbitrary SQ...
S
CVE-2006-0697 Zen Cart before 1.2.7 does not protect the admin/includes directory, which allows remote attackers t...
S
CVE-2006-0698 Unspecified vulnerabilities in Zen Cart before 1.2.7 allow remote attackers to cause unknown impact ...
S
CVE-2006-0699 Cross-site scripting (XSS) vulnerability in search.php in QWikiWiki 1.5, and possibly 1.5.1 and othe...
CVE-2006-0700 imageVue 16.1 allows remote attackers to obtain folder permission settings via a direct request to d...
E
CVE-2006-0701 readfolder.php in imageVue 16.1 allows remote attackers to list directories via modified path and ex...
E
CVE-2006-0702 admin/upload.php in imageVue 16.1 allows remote attackers to upload arbitrary files to certain allow...
E
CVE-2006-0703 Unspecified vulnerability in index.php in imageVue 16.1 has unknown impact, probably a cross-site sc...
E
CVE-2006-0704 iE Integrator 4.4.220114, when configured without a "bespoke error page" in acm.ini, allows remote a...
CVE-2006-0705 Format string vulnerability in a logging function as used by various SFTP servers, including (1) Att...
S
CVE-2006-0706 Cross-site scripting vulnerability in eintrag.php in Gästebuch (Gastebuch) before 1.3.3 allows remot...
E S
CVE-2006-0707 PyBlosxom before 1.3.2, when running on certain webservers, allows remote attackers to read arbitrar...
S
CVE-2006-0708 Multiple buffer overflows in NullSoft Winamp 5.13 and earlier allow remote attackers to execute arbi...
E
CVE-2006-0709 Buffer overflow in Metamail 2.7-50 allows remote attackers to cause a denial of service (application...
E S
CVE-2006-0710 Double free vulnerability in isode.eddy in Isode M-Vault Server 11.3 allows remote attackers to exec...
E
CVE-2006-0711 The (1) addfolder and (2) deletefolder functions in neomail-prefs.pl in NeoMail 1.28 do not validate...
S
CVE-2006-0712 mail_html template in Squishdot 1.5.0 and earlier does not properly validate the (1) email and (2) t...
CVE-2006-0713 Directory traversal vulnerability in LinPHA 1.0 allows remote attackers to include arbitrary files v...
E
CVE-2006-0714 Directory traversal vulnerability in the installation file (sql/install-0.9.7.php) in Flyspray 0.9.7...
E S
CVE-2006-0715 Cross-site scripting (XSS) vulnerability in sNews 1.3 allows remote attackers to inject arbitrary we...
E
CVE-2006-0716 SQL injection vulnerability in index.php in sNews 1.3 allows remote attackers to execute arbitrary S...
E
CVE-2006-0717 IBM Tivoli Directory Server 6.0 allows remote attackers to cause a denial of service (crash) via a c...
E
CVE-2006-0718 The Internet Key Exchange version 1 (IKEv1) implementation in Avaya VSU 100, 2000, 7500, 10000, and ...
S
CVE-2006-0719 SQL injection vulnerability in member_login.php in PHP Classifieds 6.18 through 6.20 allows remote a...
E
CVE-2006-0720 Stack-based buffer overflow in Nullsoft Winamp 5.12 and 5.13 allows user-assisted attackers to cause...
S
CVE-2006-0721 SQL injection vulnerability in pmlite.php in RunCMS 1.2 and 1.3a allows remote attackers to execute ...
E S
CVE-2006-0722 settings.php in Reamday Enterprises Magic Downloads 1.1.3, when register_globals is enabled, allows ...
CVE-2006-0723 PHP remote file inclusion vulnerability in preview.php in Reamday Enterprises Magic News Lite 1.2.3,...
CVE-2006-0724 profile.php in Reamday Enterprises Magic News Lite 1.2.3, when register_globals is enabled, allows r...
CVE-2006-0725 PHP remote file inclusion vulnerability in prepend.php in Plume CMS 1.0.2, when register_globals is ...
CVE-2006-0726 Cross-site scripting (XSS) vulnerability in linking.php in CPG-Nuke Dragonfly CMS 9.0.6.1 allows rem...
CVE-2006-0727 SQL injection vulnerability in mstrack.php in MusOX DF MSAnalysis (DFMSA), as used in some environme...
CVE-2006-0728 SQL injection vulnerability in search.php in webSPELL 4.01.00 and earlier allows remote attackers to...
S
CVE-2006-0729 SQL injection vulnerability in functions.php in Teca Diary PE 1.0 allows remote attackers to execute...
CVE-2006-0730 Multiple unspecified vulnerabilities in Dovecot before 1.0beta3 allow remote attackers to cause a de...
CVE-2006-0731 WmRoot/adapter-index.dsp in SAP Business Connector Core Fix 7 and earlier allows remote attackers to...
CVE-2006-0732 Directory traversal vulnerability in SAP Business Connector (BC) 4.6 and 4.7 allows remote attackers...
CVE-2006-0733 Cross-site scripting (XSS) vulnerability in WordPress 2.0.0 allows remote attackers to inject arbitr...
E
CVE-2006-0734 The SV_CheckForDuplicateNames function in Valve Software Half-Life CSTRIKE Dedicated Server 1.6 and ...
E
CVE-2006-0735 Cross-site scripting (XSS) vulnerability in BBcode.pm in M. Blom HTML::BBCode 1.04 and earlier, as u...
E S
CVE-2006-0736 Stack-based buffer overflow in the pam_micasa PAM authentication module in CASA on Novell Linux Desk...
CVE-2006-0737 eStara SIP softphone allows remote attackers to cause a denial of service (crash) via a SIP OPTIONS ...
CVE-2006-0738 Multiple format string vulnerabilities in eStara SIP softphone allow remote attackers to cause a den...
CVE-2006-0739 eStara SIP softphone allows remote attackers to cause a denial of service (crash) via an INVITE requ...
CVE-2006-0740 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with...
R
CVE-2006-0741 Linux kernel before 2.6.15.5, when running on Intel processors, allows local users to cause a denial...
CVE-2006-0742 The die_if_kernel function in arch/ia64/kernel/unaligned.c in Linux kernel 2.6.x before 2.6.15.6, po...
S
CVE-2006-0743 Format string vulnerability in LocalSyslogAppender in Apache log4net 1.2.9 might allow remote attack...
S
CVE-2006-0744 Linux kernel before 2.6.16.5 does not properly handle uncanonical return addresses on Intel EM64T CP...
CVE-2006-0745 X.Org server (xorg-server) 1.0.0 and later, X11R6.9.0, and X11R7.0 inadvertently treats the address ...
E S
CVE-2006-0746 Certain patches for kpdf do not include all relevant patches from xpdf that were associated with CVE...
CVE-2006-0747 Integer underflow in Freetype before 2.2 allows remote attackers to cause a denial of service (crash...
S
CVE-2006-0748 Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7....
CVE-2006-0749 nsHTMLContentSink.cpp in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozi...
CVE-2006-0750 SQL injection vulnerability in army.php in supersmashbrothers (SSB) Army System 2.1.0 for Invision P...
E
CVE-2006-0751 Multiple unspecified vulnerabilities in the (1) Filesystem in USErspace (FUSE) client and (2) NOOFS ...
CVE-2006-0752 Niels Provos Honeyd before 1.5 replies to certain illegal IP packet fragments that other IP stack im...
S
CVE-2006-0753 Memory leak in Microsoft Internet Explorer 6 for Windows XP Service Pack 2 allows remote attackers t...
CVE-2006-0754 dotProject 2.0.1 and earlier allows remote attackers to obtain sensitive information via direct requ...
E
CVE-2006-0755 Multiple PHP remote file include vulnerabilities in dotProject 2.0.1 and earlier, when register_glob...
E
CVE-2006-0756 dotProject 2.0.1 and earlier leaves (1) phpinfo.php and (2) check.php accessible under the /docs/ di...
E
CVE-2006-0757 Multiple eval injection vulnerabilities in HiveMail 1.3 and earlier allow remote attackers to execut...
CVE-2006-0758 Multiple cross-site scripting (XSS) vulnerabilities in HiveMail 1.3 and earlier allow remote attacke...
CVE-2006-0759 Multiple SQL injection vulnerabilities in HiveMail 1.3 and earlier allow remote attackers to execute...
CVE-2006-0760 LightTPD 1.4.8 and earlier, when the web root is on a case-insensitive filesystem, allows remote att...
S
CVE-2006-0761 Buffer overflow in BlackBerry Attachment Service in Research in Motion (RIM) BlackBerry Enterprise S...
CVE-2006-0762 WinAbility Folder Guard 4.11 allows local users to gain unauthorized access to certain capabilities ...
CVE-2006-0763 Cross-site scripting (XSS) vulnerability in dowebmailforward.cgi in cPanel allows remote attackers t...
E
CVE-2006-0764 The Authentication, Authorization, and Accounting (AAA) capability in versions 5.0(1) and 5.0(3) of ...
CVE-2006-0765 GUI display truncation vulnerability in ICQ Inc. (formerly Mirabilis) ICQ 2003a, 2003b, Lite 4.0, Li...
CVE-2006-0766 ICQ Inc. (formerly Mirabilis) ICQ 2003a, 2003b, Lite 4.0, Lite 4.1, and possibly other Windows versi...
CVE-2006-0767 CGIWrap before 3.10 allows remote attackers to obtain sensitive information via unknown attack vecto...
S
CVE-2006-0768 Kadu 0.4.3 allows remote attackers to cause a denial of service (application crash) via a large numb...
E
CVE-2006-0769 Unspecified vulnerability in in.rexecd in Solaris 10 allows local users to gain privileges on Kerber...
S
CVE-2006-0770 Cross-site scripting (XSS) vulnerability in calendar.php in MyBulletinBoard (MyBB) 1.0.4 allows remo...
E
CVE-2006-0771 Format string vulnerability in PunkBuster 1.180 and earlier, as used by Soldier of Fortune II and po...
CVE-2006-0772 SQL injection vulnerability in Hitachi Business Logic - Container 02-03 through 03-00-/B on Windows,...
S
CVE-2006-0773 Cross-site scripting (XSS) vulnerability in Hitachi Business Logic - Container 02-03 through 03-00-/...
S
CVE-2006-0774 SQL injection vulnerability in deleteSession() in DB_eSession library 1.0.2 and earlier, as used in ...
E
CVE-2006-0775 Multiple SQL injection vulnerabilities in show.php in BirthSys 3.1 allow remote attackers to execute...
E
CVE-2006-0776 Cross-site scripting (XSS) vulnerability in guestex.pl in Teca Scripts Guestex 1.0 allows remote att...
CVE-2006-0777 Unspecified vulnerability in guestex.pl in Teca Scripts Guestex 1.0 allows remote attackers to execu...
CVE-2006-0778 Multiple SQL injection vulnerabilities in XMB Forums 1.9.3 and earlier allow remote attackers to exe...
E
CVE-2006-0779 Cross-site scripting (XSS) vulnerability in u2u.php in XMB Forums 1.9.3 and earlier allows remote at...
E
CVE-2006-0780 Multiple cross-site scripting (XSS) vulnerabilities in weblog.pl in PerlBlog 1.09b and earlier allow...
CVE-2006-0781 Directory traversal vulnerability in weblog.pl in PerlBlog 1.09b and earlier allows remote attackers...
CVE-2006-0782 Unspecified vulnerability in weblog.pl in PerlBlog 1.09b and earlier allows remote attackers to crea...
CVE-2006-0783 Cross-site scripting (XSS) vulnerability in page.php in in Siteframe Beaumont, possibly 5.0.2 or 5.0...
E
CVE-2006-0784 D-Link DWL-G700AP with firmware 2.00 and 2.01 allows remote attackers to cause a denial of service (...
E
CVE-2006-0785 Absolute path traversal vulnerability in include.php in PHPKIT 1.6.1 Release 2 and earlier allows re...
E
CVE-2006-0786 Incomplete blacklist vulnerability in include.php in PHPKIT 1.6.1 Release 2 and earlier, with allow_...
E
CVE-2006-0787 wimpy_trackplays.php in Plaino Wimpy MP3 Player, possibly 5.2 and earlier, allows remote attackers t...
E
CVE-2006-0788 Kyocera 3830 (aka FS-3830N) printers have a back door that allows remote attackers to read and alter...
CVE-2006-0789 Certain unspecified Kyocera printers have a default "admin" account with a blank password, which all...
CVE-2006-0790 Rockliffe MailSite 7.0 and earlier allows remote attackers to cause a denial of service by sending c...
CVE-2006-0791 PHP remote file inclusion vulnerability in index.php in DreamCost HostAdmin allows remote attackers ...
E
CVE-2006-0792 Cross-site scripting (XSS) vulnerability in preferences.personal.php in V-webmail 1.6.2 allows remot...
E
CVE-2006-0793 frameset.php in V-webmail 1.6.2 allows remote attackers to conduct phishing attacks by referencing a...
E
CVE-2006-0794 help.php in V-webmail 1.6.2 allows remote attackers to obtain the installation path via unspecified ...
CVE-2006-0795 Absolute path traversal vulnerability in convert.cgi in Quirex 2.0.2 and earlier allows remote attac...
CVE-2006-0796 Cross-site scripting (XSS) vulnerability in default.php in Clever Copy 3.0 allows remote attackers t...
CVE-2006-0797 Nokia N70 cell phone allows remote attackers to cause a denial of service (reboot or shutdown) throu...
E
CVE-2006-0798 Multiple directory traversal vulnerabilities in the IMAP service in Macallan Mail Solution before 4....
E S
CVE-2006-0799 Microsoft Internet Explorer allows remote attackers to spoof a legitimate URL in the status bar and ...
CVE-2006-0800 Interpretation conflict in PostNuke 0.761 and earlier allows remote attackers to conduct cross-site ...
E S
CVE-2006-0801 SQL injection vulnerability in the NS-Languages module for PostNuke 0.761 and earlier, when magic_qu...
S
CVE-2006-0802 Cross-site scripting (XSS) vulnerability in the NS-Languages module for PostNuke 0.761 and earlier, ...
CVE-2006-0803 The signature verification functionality in the YaST Online Update (YOU) script handling relies on a...
CVE-2006-0804 Off-by-one error in TIN 1.8.0 and earlier might allow attackers to execute arbitrary code via unknow...
CVE-2006-0805 The CAPTCHA functionality in php-Nuke 6.0 through 7.9 uses fixed challenge/response pairs that only ...
E
CVE-2006-0806 Multiple cross-site scripting (XSS) vulnerabilities in ADOdb 4.71, as used in multiple packages such...
CVE-2006-0807 Stack-based buffer overflow in NJStar Chinese and Japanese Word Processor 4.x and 5.x before 5.10 al...
E S
CVE-2006-0808 MUTE 0.4 allows remote attackers to cause a denial of service (messages not forwarded) and obtain se...
CVE-2006-0809 Multiple SQL injection vulnerabilities in Skate Board 0.9 allow remote attackers to execute arbitrar...
CVE-2006-0810 Unspecified vulnerability in config.php in Skate Board 0.9 allows remote authenticated administrator...
CVE-2006-0811 Cross-site scripting (XSS) vulnerability in reguser.php in Skate Board 0.9 allows remote attackers t...
CVE-2006-0812 The VisNetic AntiVirus Plug-in (DKAVUpSch.exe) for Mail Server 4.6.0.4, 4.6.1.1, and possibly other ...
S
CVE-2006-0813 Heap-based buffer overflow in WinACE 2.60 allows user-assisted attackers to execute arbitrary code v...
CVE-2006-0814 response.c in Lighttpd 1.4.10 and possibly previous versions, when run on Windows, allows remote att...
S
CVE-2006-0815 NetworkActiv Web Server 3.5.15 allows remote attackers to read script source code via a crafted URL ...
S
CVE-2006-0816 Orion Application Server before 2.0.7, when running on Windows, allows remote attackers to obtain th...
CVE-2006-0817 Absolute path directory traversal vulnerability in (a) MERAK Mail Server for Windows 8.3.8r with bef...
E S
CVE-2006-0818 Absolute path directory traversal vulnerability in (1) MERAK Mail Server for Windows 8.3.8r with bef...
E S
CVE-2006-0819 Dwarf HTTP Server 1.3.2 allows remote attackers to obtain the source code of JSP files via (1) dot, ...
S
CVE-2006-0820 Cross-site scripting (XSS) vulnerability in Dwarf HTTP Server 1.3.2 allows remote attackers to injec...
S
CVE-2006-0821 SQL injection vulnerability in index.php in BXCP 0.299 allows remote attackers to execute arbitrary ...
E
CVE-2006-0822 Unspecified vulnerability in EmuLinker Kaillera Server before 0.99.17 allows remote attackers to cau...
S
CVE-2006-0823 Multiple SQL injection vulnerabilities in Geeklog 1.4.0 before 1.4.0sr1 and 1.3.11 before 1.3.11sr4 ...
S
CVE-2006-0824 Multiple unspecified vulnerabilities in lib-common.php in Geeklog 1.4.0 before 1.4.0sr1 and 1.3.11 b...
S
CVE-2006-0825 Multiple unspecified vulnerabilities in ESS/ Network Controller and MicroServer Web Server in Xerox ...
S
CVE-2006-0826 Unspecified vulnerability in ESS/ Network Controller and MicroServer Web Server in Xerox WorkCentre ...
S
CVE-2006-0827 Cross-site scripting vulnerability in ESS/ Network Controller and MicroServer Web Server in Xerox Wo...
S
CVE-2006-0828 Unspecified vulnerability in ESS/ Network Controller and MicroServer Web Server in Xerox WorkCentre ...
S
CVE-2006-0829 Cross-site scripting vulnerability in E-Blah Platinum 9.7 allows remote attackers to inject arbitrar...
E S
CVE-2006-0830 The scripting engine in Internet Explorer allows remote attackers to cause a denial of service (reso...
CVE-2006-0831 PHP remote file include vulnerability in index.php in Tasarim Rehberi allows remote attackers to exe...
CVE-2006-0832 Multiple SQL injection vulnerabilities in admin.asp in WPC.easy allow remote attackers to execute ar...
CVE-2006-0833 Multiple cross-site scripting (XSS) vulnerabilities in Barracuda Directory 1.1 allow remote attacker...
CVE-2006-0834 Uniden UIP1868P VoIP Telephone and Router has a default password of admin for the web-based configur...
CVE-2006-0835 SQL injection vulnerability in dropbase.php in MitriDAT Web Calendar Pro allows remote attackers to ...
E
CVE-2006-0836 Mozilla Thunderbird 1.5 allows user-assisted attackers to cause an unspecified denial of service by ...
E
CVE-2006-0837 IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 has world-readable permissions for (1) /etc/neusecure...
CVE-2006-0838 IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 stores cleartext passwords in the (1) CMS_DBPASS, (2)...
CVE-2006-0839 The frag3 preprocessor in Sourcefire Snort 2.4.3 does not properly reassemble certain fragmented pac...
CVE-2006-0840 manage_user_page.php in Mantis 1.00rc4 and earlier does not properly handle a sort parameter contain...
E S
CVE-2006-0841 Multiple cross-site scripting (XSS) vulnerabilities in Mantis 1.00rc4 and earlier allow remote attac...
E S
CVE-2006-0842 Cross-site scripting (XSS) vulnerability in Calacode @Mail 4.3 allows remote attackers to inject arb...
CVE-2006-0843 Leif M. Wright's Blog 3.5 stores the config file and other txt files under the web root with insuffi...
CVE-2006-0844 Leif M. Wright's Blog 3.5 does not make a password comparison when authenticating an administrator v...
CVE-2006-0845 Leif M. Wright's Blog 3.5 allows remote authenticated users with administrative privileges to execut...
CVE-2006-0846 Multiple cross-site scripting (XSS) vulnerabilities in Leif M. Wright's Blog 3.5 allow remote attack...
CVE-2006-0847 Directory traversal vulnerability in the staticfilter component in CherryPy before 2.1.1 allows remo...
S
CVE-2006-0848 The "Open 'safe' files after downloading" option in Safari on Apple Mac OS X allows remote user-assi...
E
CVE-2006-0849 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with...
R
CVE-2006-0850 SQL injection vulnerability in include/includes/user/login.php in ilchClan before 1.05g allows remot...
CVE-2006-0851 SQL injection vulnerability in the forum module of ilchClan 1.05g and earlier allows remote attacker...
E
CVE-2006-0852 Direct static code injection vulnerability in write.php in Admbook 1.2.2 and earlier allows remote a...
E
CVE-2006-0853 Buffer overflow in the IMAP service of TrueNorth Internet Anywhere (IA) eMailserver 5.3.4 allows rem...
CVE-2006-0854 PHP remote file inclusion vulnerability in common.php in Intensive Point iUser Ecommerce allows remo...
E
CVE-2006-0855 Stack-based buffer overflow in the fullpath function in misc.c for zoo 2.10 and earlier, as used in ...
E S
CVE-2006-0856 SQL injection vulnerability in login.php in Scriptme SmE GB Host 1.21 allows remote attackers to exe...
E
CVE-2006-0857 Cross-site scripting (XSS) vulnerability in Chatbox Plugin 1.0 in e107 0.7.2 allows remote attackers...
CVE-2006-0858 Unquoted Windows search path vulnerability in (1) snsmcon.exe, (2) the autostartup mechanism, and (3...
CVE-2006-0859 Michael Salzer Guestbox 0.6, and other versions before 0.8, allows remote attackers to post an admin...
S
CVE-2006-0860 Multiple cross-site scripting (XSS) vulnerabilities in Michael Salzer Guestbox 0.6, and other versio...
S
CVE-2006-0861 Michael Salzer Guestbox 0.6, and other versions before 0.8, allows remote attackers to obtain the so...
S
CVE-2006-0862 Unspecified vulnerability in InfoVista PortalSE 2.0 Build 20087 on Solaris 8 without the IV00038969 ...
CVE-2006-0863 InfoVista PortalSE 2.0 Build 20087 on Solaris 8 allows remote attackers to obtain sensitive informat...
CVE-2006-0864 filescan in Global Hauri ViRobot 2.0 20050817 does not verify the Cookie HTTP header, which allows r...
CVE-2006-0865 PunBB 1.2.10 and earlier allows remote attackers to cause a denial of service (resource consumption)...
E
CVE-2006-0866 PunBB 1.2.10 and earlier allows remote attackers to conduct brute force guessing attacks for an acco...
CVE-2006-0867 Buffer overflow in certain versions of South River (aka SRT) WebDrive, possibly version 6.08 build 1...
CVE-2006-0868 Multiple unspecified injection vulnerabilities in unspecified Auth Container back ends for PEAR::Aut...
S
CVE-2006-0869 Directory traversal vulnerability in the "remember me" feature in liveuser.php in PHP Extension and ...
S
CVE-2006-0870 SQL injection vulnerability in pages.asp in Mini-Nuke CMS System 1.8.2 and earlier allows remote att...
E
CVE-2006-0871 Directory traversal vulnerability in the _setTemplate function in Mambo 4.5.3, 4.5.3h, and possibly ...
S
CVE-2006-0872 Directory traversal vulnerability in init.inc.php in Coppermine Photo Gallery 1.4.3 and earlier allo...
E S
CVE-2006-0873 Absolute path traversal vulnerability in docs/showdocs.php in Coppermine Photo Gallery 1.4.3 and ear...
E S
CVE-2006-0874 Multiple unspecified vulnerabilities in Intensive Point iUser Ecommerce before 2.2 have unspecified ...
S
CVE-2006-0875 Cross-site scripting vulnerability in ratefile.php in RunCMS 1.3a5 allows remote attackers to inject...
E
CVE-2006-0876 POPFile before 0.22.4 allows remote attackers to cause a denial of service (application crash) via u...
S
CVE-2006-0877 Cross-site scripting vulnerability in Easy Forum 2.5 allows remote attackers to inject arbitrary web...
CVE-2006-0878 Noah's Classifieds 1.3 allows remote attackers to obtain the installation path via a direct request ...
E
CVE-2006-0879 SQL injection vulnerability in the search tool in Noah's Classifieds 1.3 allows remote attackers to ...
E
CVE-2006-0880 Multiple cross-site scripting (XSS) vulnerabilities in index.php in Noah's Classifieds 1.3 allow rem...
E
CVE-2006-0881 Multiple PHP remote file include vulnerabilities in gorum/gorumlib.php in Noah's Classifieds 1.3, wh...
E
CVE-2006-0882 Directory traversal vulnerability in include.php in Noah's Classifieds 1.3 allows remote attackers t...
E
CVE-2006-0883 OpenSSH on FreeBSD 5.3 and 5.4, when used with OpenPAM, does not properly handle when a forked child...
S
CVE-2006-0884 The WYSIWYG rendering engine ("rich mail" editor) in Mozilla Thunderbird 1.0.7 and earlier allows us...
E S
CVE-2006-0885 Cross-site scripting (XSS) vulnerability in show_news.php in CuteNews 1.4.1 allows remote attackers ...
E
CVE-2006-0886 Cross-site scripting (XSS) vulnerability in register.php in DEV web management system 1.5 allows rem...
CVE-2006-0887 Eval injection vulnerability in sessions.inc in PHP Base Library (PHPLib) before 7.4a, when index.ph...
S
CVE-2006-0888 index.php in Invision Power Board (IPB) 2.0.1, with Code Confirmation disabled, allows remote attack...
E
CVE-2006-0889 Cross-site scripting (XSS) vulnerability in Calcium 3.10.1 allows remote attackers to inject arbitra...
CVE-2006-0890 Directory traversal vulnerability in SpeedProject Squeez 5.1, as used in (1) ZipStar 5.1 and (2) Spe...
CVE-2006-0891 Multiple directory traversal vulnerabilities in NOCC Webmail 1.0 allow remote attackers to include a...
E
CVE-2006-0892 NOCC Webmail 1.0 stores e-mail attachments in temporary files with predictable filenames, which make...
E
CVE-2006-0893 NOCC Webmail 1.0 allows remote attackers to obtain sensitive information via a direct request to (1)...
E
CVE-2006-0894 Multiple cross-site scripting (XSS) vulnerabilities in NOCC Webmail 1.0 allow remote attackers to in...
E
CVE-2006-0895 NOCC Webmail 1.0 allows remote attackers to obtain the installation path via a direct request to htm...
E
CVE-2006-0896 Cross-site scripting (XSS) vulnerability in Sources/Register.php in Simple Machine Forum (SMF) 1.0.6...
CVE-2006-0897 SQL injection vulnerability in VCS Virtual Program Management Intranet (VPMi) Enterprise 3.3 allows ...
CVE-2006-0898 Crypt::CBC Perl module 2.16 and earlier, when running in RandomIV mode, uses an initialization vecto...
S
CVE-2006-0899 Directory traversal vulnerability in index.php in 4Images 1.7.1 and earlier allows remote attackers ...
E
CVE-2006-0900 nfsd in FreeBSD 6.0 kernel allows remote attackers to cause a denial of service via a crafted NFS mo...
CVE-2006-0901 Unspecified vulnerability in the hsfs filesystem in Solaris 8, 9, and 10 allows unspecified attacker...
S
CVE-2006-0903 MySQL 5.0.18 and earlier allows local users to bypass logging mechanisms via SQL queries that contai...
CVE-2006-0904 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2006-0905 A "programming error" in fast_ipsec in FreeBSD 4.8-RELEASE through 6.1-STABLE and NetBSD 2 through 3...
S
CVE-2006-0906 SQL injection vulnerability in D3Jeeb Pro 3 allows remote attackers to execute arbitrary SQL command...
CVE-2006-0907 SQL injection vulnerability in PHP-Nuke before 7.8 Patched 3.2 allows remote attackers to execute ar...
E
CVE-2006-0908 PHP-Nuke 7.8 Patched 3.2 allows remote attackers to bypass SQL injection protection mechanisms via /...
E
CVE-2006-0909 Invision Power Board (IPB) 2.1.4 and earlier allows remote attackers to view sensitive information v...
CVE-2006-0910 Invision Power Board (IPB) 2.1.4 and earlier allows remote attackers to list directory contents via ...
CVE-2006-0911 NmService.exe in Ipswitch WhatsUp Professional 2006 allows remote attackers to cause a denial of ser...
E
CVE-2006-0912 Oreka before 0.5 allows remote attackers to cause a denial of service (application crash) via a "cer...
CVE-2006-0913 SQL injection vulnerability in whineatnews.pl in Bugzilla 2.17 through 2.18.4 and 2.20 allows remote...
E S
CVE-2006-0914 Bugzilla 2.16.10, 2.17 through 2.18.4, and 2.20 does not properly handle certain characters in the m...
E S
CVE-2006-0915 Bugzilla 2.16.10 does not properly handle certain characters in the (1) maxpatchsize and (2) maxatta...
CVE-2006-0916 Bugzilla 2.19.3 through 2.20 does not properly handle "//" sequences in URLs when redirecting a user...
S
CVE-2006-0917 Melange Chat Server (aka M-Chat), when accessed via a web browser, automatically sends cookies and o...
CVE-2006-0918 Buffer overflow in RITLabs The Bat! 3.60.07 allows remote attackers to execute arbitrary code via a ...
S
CVE-2006-0919 SQL injection vulnerability in index.php (aka the login page) in Oi! Email Marketing System 3.0 (aka...
E
CVE-2006-0920 Oi! Email Marketing System 3.0 (aka Oi! 3) stores the server's FTP password in cleartext on a Config...
E
CVE-2006-0921 Multiple directory traversal vulnerabilities in connector.php in FCKeditor 2.0 FC, as used in produc...
CVE-2006-0922 CubeCart 3.0 through 3.6 does not properly check authorization for an administration session because...
S
CVE-2006-0923 Multiple cross-site scripting (XSS) vulnerabilities in MyPHPNuke (MPN) 1.88 and earlier allow remote...
E
CVE-2006-0924 Cross-site scripting (XSS) vulnerability in Brown Bear iCal 3.10 allows remote attackers to inject a...
CVE-2006-0925 Format string vulnerability in the IMAP4rev1 server in Alt-N MDaemon 8.1.1 and possibly 8.1.4 allows...
CVE-2006-0926 Multiple directory traversal vulnerabilities in Allume StuffIt Standard and Deluxe 9.0, ZipMagic Del...
CVE-2006-0927 Multiple cross-site scripting (XSS) vulnerabilities in the JGS-XA JGS-Gallery Addon 4.0.0 and earlie...
E
CVE-2006-0928 The POP3 Server in ArGoSoft Mail Server Pro 1.8 allows remote attackers to obtain sensitive informat...
CVE-2006-0929 Directory traversal vulnerability in the IMAP server in ArGoSoft Mail Server Pro 1.8.8.1 allows remo...
CVE-2006-0930 Directory traversal vulnerability in Webmail in ArGoSoft Mail Server Pro 1.8 allows remote authentic...
E
CVE-2006-0931 Directory traversal vulnerability in PEAR::Archive_Tar 1.2, and other versions before 1.3.2, allows ...
CVE-2006-0932 Directory traversal vulnerability in zip.lib.php 0.1.1 in PEAR::Archive_Zip allows remote attackers ...
CVE-2006-0933 Cross-site scripting (XSS) vulnerability in PHPX 3.5.9 allows remote attackers to inject arbitrary w...
E
CVE-2006-0934 Cross-site scripting (XSS) vulnerability in webinsta Limbo 1.0.4.2 allows remote attackers to inject...
CVE-2006-0935 Microsoft Word 2003 allows remote attackers to cause a denial of service (application crash) via a c...
E
CVE-2006-0936 Free Host Shop Website Generator 3.3 allows remote authenticated users with administrative privilege...
E
CVE-2006-0937 U.N.U. Mailgust 1.9 allows remote attackers to obtain sensitive information via a direct request to ...
CVE-2006-0938 Cross-site scripting (XSS) vulnerability in eZ publish 3.7.3 and earlier allows remote attackers to ...
E
CVE-2006-0939 SQL injection vulnerability in DCI-Taskeen 1.03 allows remote attackers to execute arbitrary SQL com...
E
CVE-2006-0940 Multiple direct static code injection vulnerabilities in savesettings.php in ShoutLIVE 1.1.0 allow r...
CVE-2006-0941 Multiple cross-site scripting (XSS) vulnerabilities in post.php in ShoutLIVE 1.1.0 allow remote atta...
CVE-2006-0942 SQL injection vulnerability in profil.php in PwsPHP 1.2.3, and possibly earlier versions, allows rem...
E
CVE-2006-0943 SQL injection vulnerability in the sondages module in index.php in PwsPHP 1.2.3 allows remote attack...
CVE-2006-0944 Archangel Weblog 0.90.02 allows remote attackers to bypass authentication by setting the ba_admin co...
E
CVE-2006-0945 PHP remote file include vulnerability in admin/index.php in Archangel Weblog 0.90.02 allows remote a...
CVE-2006-0946 Cross-site scripting (XSS) vulnerability in Thomson SpeedTouch modems running firmware 5.3.2.6.0 all...
E
CVE-2006-0947 Thomson SpeedTouch modem running firmware 5.3.2.6.0 allows remote attackers to create users that can...
E
CVE-2006-0948 AOL 9.0 Security Edition revision 4184.2340, and probably other versions, uses insecure permissions ...
S
CVE-2006-0949 RaidenHTTPD 1.1.47 allows remote attackers to obtain source code of script files, including PHP, via...
S
CVE-2006-0950 unalz 0.53 allows user-assisted attackers to overwrite arbitrary files via an ALZ archive with ".." ...
S
CVE-2006-0951 The GUI (nod32.exe) in NOD32 2.5 runs with SYSTEM privileges when the scheduler runs a scheduled on-...
S
CVE-2006-0956 nuauth in NuFW before 1.0.21 does not properly handle blocking TLS sockets, which allows remote auth...
S
CVE-2006-0957 Direct static code injection vulnerability in func.inc.php in ZoneO-Soft freeForum before 1.2.1 allo...
S
CVE-2006-0958 Cross-site scripting (XSS) vulnerability in func.inc.php in ZoneO-Soft freeForum before 1.2.1 allows...
S
CVE-2006-0959 SQL injection vulnerability in misc.php in MyBulletinBoard (MyBB) 1.03, when register_globals is ena...
E
CVE-2006-0960 uConfig agent in Compex NetPassage WPE54G router allows remote attackers to cause a denial of servic...
CVE-2006-0961 SQL injection vulnerability in yazdir.asp in Cilem Hiber 1.1 allows remote attackers to execute arbi...
E
CVE-2006-0962 SQL injection vulnerability in vuBB 0.2 allows remote attackers to execute arbitrary SQL commands vi...
E
CVE-2006-0963 Multiple buffer overflows in STLport 5.0.2 might allow local users to execute arbitrary code via (1)...
S
CVE-2006-0964 Client Firewall in NCP Network Communication Secure Client 8.11 Build 146, and possibly other versio...
CVE-2006-0965 NCP Network Communication Secure Client 8.11 Build 146, and possibly other versions, allows local us...
CVE-2006-0966 NCP Network Communication Secure Client 8.11 Build 146, and possibly other versions, allows local us...
CVE-2006-0967 NCP Network Communication Secure Client 8.11 Build 146, and possibly other versions, allows local us...
CVE-2006-0968 The ncprwsnt service in NCP Network Communication Secure Client 8.11 Build 146, and possibly other v...
CVE-2006-0969 PHP remote file inclusion vulnerability in index.php in Top sites de PixelArtKingdom allows remote a...
CVE-2006-0970 PHP remote file inclusion vulnerability in index.php in one or more ActiveCampaign products, possibl...
CVE-2006-0971 Directory traversal vulnerability in Lionel Reyero DirectContact 0.3b allows remote attackers to rea...
CVE-2006-0972 SQL injection vulnerability in news.php in Tony Baird Fantastic News 2.1.1 allows remote attackers t...
CVE-2006-0973 SQL injection vulnerability in topics.php in Appalachian State University phpWebSite 0.10.2 and earl...
E
CVE-2006-0974 Cross-site scripting (XSS) vulnerability in failure.asp in Battleaxe bttlxeForum 2.0 allows remote a...
E
CVE-2006-0975 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-0459. Reason: This candida...
R
CVE-2006-0976 Directory traversal vulnerability in scan_lang_insert.php in Boris Herbiniere-Seve SPiD 1.3.1 allows...
E
CVE-2006-0977 Craig Morrison Mail Transport System Professional (aka MTS Pro) acts as an open relay when configure...
CVE-2006-0978 Multiple cross-site scripting (XSS) vulnerabilities in the View Headers (aka viewheaders) functional...
CVE-2006-0979 Unspecified vulnerability in the local weblog publisher in Nidelven IT Issue Dealer before 0.9.96 ha...
S
CVE-2006-0980 Multiple cross-site scripting (XSS) vulnerabilities in Jay Eckles CGI Calendar 2.7 allow remote atta...
CVE-2006-0981 Directory traversal vulnerability in e-merge WinAce 2.6 and earlier allows remote attackers to creat...
E
CVE-2006-0982 The on-access scanner for McAfee Virex 7.7 for Macintosh, in some circumstances, might not activate ...
CVE-2006-0983 Cross-site scripting (XSS) vulnerability in index.php in QwikiWiki 1.4 allows remote attackers to in...
E S
CVE-2006-0984 Cross-site scripting (XSS) vulnerability in inc_header.php in EJ3 TOPo 2.2.178 allows remote attacke...
E
CVE-2006-0985 Multiple cross-site scripting (XSS) vulnerabilities in the "post comment" functionality of WordPress...
E S
CVE-2006-0986 WordPress 2.0.1 and earlier allows remote attackers to obtain sensitive information via a direct req...
E S
CVE-2006-0987 The default configuration of ISC BIND before 9.4.1-P1, when configured as a caching name server, all...
S
CVE-2006-0988 The default configuration of the DNS Server service on Windows Server 2003 and Windows 2000, and the...
S
CVE-2006-0989 Stack-based buffer overflow in the volume manager daemon (vmd) in Veritas NetBackup Enterprise Serve...
CVE-2006-0990 Stack-based buffer overflow in the NetBackup Catalog daemon (bpdbm) in Veritas NetBackup Enterprise ...
S
CVE-2006-0991 Buffer overflow in the NetBackup Sharepoint Services server daemon (bpspsserver) on NetBackup 6.0 fo...
S
CVE-2006-0992 Stack-based buffer overflow in Novell GroupWise Messenger before 2.0 Public Beta 2 allows remote att...
E S
CVE-2006-0993 The web management interface in 3Com TippingPoint SMS Server before 2.2.1.4478 does not restrict acc...
CVE-2006-0994 Multiple Sophos Anti-Virus products, including Anti-Virus for Windows 5.x before 5.2.1 and 4.x befor...
CVE-2006-0995 EMC Dantz Retrospect 7 backup client 7.0.107, and other versions before 7.0.109, and 6.5 before 6.5....
S
CVE-2006-0996 Cross-site scripting (XSS) vulnerability in phpinfo (info.c) in PHP 5.1.2 and 4.4.2 allows remote at...
E S
CVE-2006-0997 The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (O...
CVE-2006-0998 The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (O...
CVE-2006-0999 The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (O...
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.