CVE-2006-1xxx

There are 993 CVE in this subgroup.
Last updated: 
← Back to 2006
ID Summary Flags Max Score
CVE-2006-1000 Multiple SQL injection vulnerabilities in Pentacle In-Out Board 3.0 and earlier allow remote attacke...
E
CVE-2006-1001 SQL injection vulnerability in the board module in LanSuite LanParty Intranet System 2.0.6 and 2.1.0...
E
CVE-2006-1002 NETGEAR WGT624 Wireless DSL router has a default account of super_username "Gearguy" and super_passw...
CVE-2006-1003 The backup configuration option in NETGEAR WGT624 Wireless Firewall Router stores sensitive informat...
CVE-2006-1004 Cross-site scripting (XSS) vulnerability in agencyprofile.asp in Parodia 6.2 and earlier allows remo...
CVE-2006-1005 agencyprofile.asp in Parodia 6.2 and earlier might allow remote attackers to obtain sensitive inform...
CVE-2006-1006 Multiple SQL injection vulnerabilities in sendcard.php in sendcard before 3.3.0 allow remote attacke...
S
CVE-2006-1007 Multiple SQL injection vulnerabilities in N8cms 1.1 and 1.2 allow remote attackers to execute arbitr...
E
CVE-2006-1008 Multiple cross-site scripting (XSS) vulnerabilities in N8cms 1.1 and 1.2 allow remote attackers to i...
E
CVE-2006-1009 M4 Project enigma-suite before 0.73.3 (Windows) has a default password of "nominal" for the "enigma-...
CVE-2006-1010 Buffer overflow in socket/request.c in CrossFire before 1.9.0, when oldsocketmode is enabled, allows...
E S
CVE-2006-1011 LetterMerger 1.2 stores user information in Access database files with insecure permissions, which a...
CVE-2006-1012 SQL injection vulnerability in WordPress 1.5.2, and possibly other versions before 2.0, allows remot...
S
CVE-2006-1013 PHP remote file include vulnerability in index.php in SMartBlog (aka SMBlog) 1.2 allows remote attac...
CVE-2006-1014 Argument injection vulnerability in certain PHP 4.x and 5.x applications, when used with sendmail an...
E S
CVE-2006-1015 Argument injection vulnerability in certain PHP 3.x, 4.x, and 5.x applications, when used with sendm...
CVE-2006-1016 Buffer overflow in the IsComponentInstalled method in Internet Explorer 6.0, when used on Windows 20...
E
CVE-2006-1017 The c-client library 2000, 2001, or 2004 for PHP before 4.4.4 and 5.x before 5.1.5 do not check the ...
CVE-2006-1018 SQL injection vulnerability in poems.php in DCI-Designs Dawaween 1.03 allows remote attackers to exe...
E
CVE-2006-1019 Cross-site scripting (XSS) vulnerability in fce.php in UKiBoard 3.0.1 allows remote attackers to inj...
CVE-2006-1020 SQL injection vulnerability in forumlib.php in Johnny_Vegas Vegas Forum 1.0 allows remote attackers ...
CVE-2006-1021 Cross-site scripting (XSS) vulnerability in sol_menu.php in PeHePe Uyelik Sistemi (aka PeHePe Member...
E
CVE-2006-1022 PHP remote file include vulnerability in sol_menu.php in PeHePe Uyelik Sistemi (aka PeHePe MemberShi...
E
CVE-2006-1023 Directory traversal vulnerability in HP System Management Homepage (SMH) 2.0.0 through 2.1.4 on Wind...
S
CVE-2006-1024 SQL injection vulnerability in MgrLogin.asp in Addsoft StoreBot 2005 Professional allows remote atta...
CVE-2006-1025 Cross-site scripting (XSS) vulnerability in manage.asp in Addsoft StoreBot 2002 Standard allows remo...
E
CVE-2006-1026 JFacets before 0.2 allows remote attackers to gain privileges as any account via a GET request with ...
S
CVE-2006-1027 feedcreator.class.php (aka the syndication component) in Joomla! 1.0.7 allows remote attackers to ob...
S
CVE-2006-1028 feedcreator.class.php (aka the syndication component) in Joomla! 1.0.7 allows remote attackers to ca...
S
CVE-2006-1029 The cross-site scripting (XSS) countermeasures in class.inputfilter.php in Joomla! 1.0.7 allow remot...
E
CVE-2006-1030 Unspecified vulnerability in mod_templatechooser in Joomla! 1.0.7 allows remote attackers to obtain ...
S
CVE-2006-1031 config/config_inc.php in iGENUS Webmail 2.02 and earlier allows remote attackers to include arbitrar...
E
CVE-2006-1032 Eval injection vulnerability in the decode function in rpc_decoder.php for phpRPC 0.7 and earlier, a...
CVE-2006-1033 Multiple cross-site scripting (XSS) vulnerabilities in Dragonfly CMS before 9.0.6.1 allow remote att...
E
CVE-2006-1034 Multiple cross-site scripting (XSS) vulnerabilities in Woltlab Burning Board (wBB) allow remote atta...
E
CVE-2006-1035 Unspecified vulnerability in the Oracle Diagnostics module 2.2 and earlier allows remote attackers t...
CVE-2006-1036 Multiple unspecified vulnerabilities in the Oracle Diagnostics module 2.2 and earlier have unknown i...
S
CVE-2006-1037 SQL injection vulnerability in the Oracle Diagnostics module 2.2 and earlier allows remote attackers...
CVE-2006-1038 Buffer overflow in SecureCRT 5.0.4 and earlier and SecureFX 3.0.4 and earlier allows remote attacker...
S
CVE-2006-1039 SAP Web Application Server (WebAS) Kernel before 7.0 allows remote attackers to inject arbitrary byt...
CVE-2006-1040 Cross-site scripting (XSS) vulnerability in vBulletin 3.0.12 and 3.5.3 allows remote attackers to in...
E S
CVE-2006-1041 Multiple cross-site scripting (XSS) vulnerabilities in Gregarius 0.5.2 allow remote attackers to inj...
CVE-2006-1042 Multiple SQL injection vulnerabilities in Gregarius 0.5.2 allow remote attackers to execute arbitrar...
CVE-2006-1043 Stack-based buffer overflow in Microsoft Visual Studio 6.0 and Microsoft Visual InterDev 6.0 allows ...
E
CVE-2006-1044 Multiple buffer overflows in LISTSERV 14.3 and 14.4, including LISTSERV Lite and HPO, with the web a...
S
CVE-2006-1045 The HTML rendering engine in Mozilla Thunderbird 1.5, when "Block loading of remote images in mail m...
E
CVE-2006-1046 server.cpp in Monopd 0.9.3 allows remote attackers to cause a denial of service (CPU and memory cons...
E S
CVE-2006-1047 Unspecified vulnerability in the "Remember Me login functionality" in Joomla! 1.0.7 and earlier has ...
CVE-2006-1048 Joomla! 1.0.7 and earlier allows attackers to bypass intended access restrictions and gain certain p...
S
CVE-2006-1049 Multiple SQL injection vulnerabilities in the Admin functionality in Joomla! 1.0.7 and earlier allow...
S
CVE-2006-1050 Kwik-Pay Payroll 4.2.20, and possibly other versions, stores the KwikPay.mdb database file with inse...
CVE-2006-1051 SQL injection vulnerability in Akarru Social BookMarking Engine before 0.4.3.4 allows remote attacke...
S
CVE-2006-1052 The selinux_ptrace logic in hooks.c in SELinux for Linux 2.6.6 allows local users with ptrace permis...
S
CVE-2006-1053 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with...
R
CVE-2006-1054 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-1861. Reason: This candida...
R
CVE-2006-1055 The fill_write_buffer function in sysfs/file.c in Linux kernel 2.6.12 up to versions before 2.6.17-r...
CVE-2006-1056 The Linux kernel before 2.6.16.9 and the FreeBSD kernel, when running on AMD64 and other 7th and 8th...
S
CVE-2006-1057 Race condition in daemon/slave.c in gdm before 2.14.1 allows local users to gain privileges via a sy...
S
CVE-2006-1058 BusyBox 1.1.1 does not use a salt when generating passwords, which makes it easier for local users t...
CVE-2006-1059 The winbindd daemon in Samba 3.0.21 to 3.0.21c writes the machine trust account password in cleartex...
S
CVE-2006-1060 Heap-based buffer overflow in zgv before 5.8 and xzgv before 0.8 might allow user-assisted attackers...
S
CVE-2006-1061 Heap-based buffer overflow in cURL and libcURL 7.15.0 through 7.15.2 allows remote attackers to exec...
S
CVE-2006-1062 Unspecified vulnerability in lurker.cgi for Lurker 2.0 and earlier allows attackers to read arbitrar...
S
CVE-2006-1063 Unspecified vulnerability in Lurker 2.0 and earlier allows remote attackers to create or overwrite f...
S
CVE-2006-1064 Multiple cross-site scripting (XSS) vulnerabilities in Lurker 2.0 and earlier allow remote attackers...
S
CVE-2006-1065 SQL injection vulnerability in search.php in MyBulletinBoard (MyBB) 1.04 allows remote attackers to ...
E
CVE-2006-1066 Linux kernel 2.6.16-rc2 and earlier, when running on x86_64 systems with preemption enabled, allows ...
S
CVE-2006-1067 Linksys WRT54G routers version 5 (running VXWorks) allow remote attackers to cause a denial of servi...
CVE-2006-1068 Netgear 614 and 624 routers, possibly running VXWorks, allow remote attackers to cause a denial of s...
E
CVE-2006-1069 Unspecified vulnerability in the session handling for Geeklog 1.4.x before 1.4.0sr2, 1.3.11 before 1...
S
CVE-2006-1070 Cross-site scripting (XSS) vulnerability in dv_gbook.php in DVguestbook 1.0 allows remote attackers ...
E
CVE-2006-1071 Cross-site scripting (XSS) vulnerability in index.php in DVguestbook 1.2.2 allows remote attackers t...
E
CVE-2006-1072 Cross-site scripting (XSS) vulnerability in Daverave Simplog 1.0.2 and earlier allows remote attacke...
CVE-2006-1073 Directory traversal vulnerability in index.php in Daverave Simplog 1.0.2 and earlier allows remote a...
CVE-2006-1074 Jason Boettcher Liero Xtreme 0.62b and earlier allow remote attackers to cause a denial of service (...
CVE-2006-1075 Format string vulnerability in the visualization function in Jason Boettcher Liero Xtreme 0.62b and ...
E
CVE-2006-1076 SQL injection vulnerability in index.php, possibly during a showtopic operation, in Invision Power B...
E
CVE-2006-1077 Multiple cross-site scripting (XSS) vulnerabilities in the commentary in Evo-Dev evoBlog allow remot...
CVE-2006-1078 Multiple buffer overflows in htpasswd, as used in Acme thttpd 2.25b, and possibly other products suc...
CVE-2006-1079 htpasswd, as used in Acme thttpd 2.25b and possibly other products such as Apache, might allow local...
CVE-2006-1080 Cross-site scripting (XSS) vulnerability in login.php in Game-Panel 2.6.1 and earlier allows remote ...
E
CVE-2006-1081 SQL injection vulnerability in forgotten_password.php in Jonathan Beckett PluggedOut Nexus 0.1 allow...
E
CVE-2006-1082 Multiple cross-site scripting (XSS) vulnerabilities in phpArcadeScript 2.0 and earlier allow remote ...
E
CVE-2006-1083 Multiple directory traversal vulnerabilities in PHP-Stats 0.1.9.1 and earlier allow remote attackers...
E
CVE-2006-1084 Multiple SQL injection vulnerabilities in PHP-Stats 0.1.9.1 and earlier allow remote attackers to ex...
E
CVE-2006-1085 admin.php in PHP-Stats 0.1.9.1 and earlier allows remote attackers to bypass authentication, gain ad...
E
CVE-2006-1086 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-1083. Reason: This candida...
R
CVE-2006-1087 Direct static code injection vulnerability in the modify_config action in admin.php for PHP-Stats 0....
E
CVE-2006-1088 PHP-Stats 0.1.9.1 and earlier allows remote attackers to obtain potentially sensitive information vi...
E
CVE-2006-1089 Cross-site scripting (XSS) vulnerability in header.php in PunBB 1.2.10 allows remote attackers to in...
S
CVE-2006-1090 register.php in PunBB 1.2.10 allows remote attackers to cause an unspecified denial of service via a...
S
CVE-2006-1091 Kaspersky Antivirus 5.0.5 and 5.5.3 allows remote attackers to cause a denial of service (CPU and me...
CVE-2006-1092 Unspecified vulnerability in the pagedata subsystem of the process file system (/proc) in Solaris 8 ...
CVE-2006-1093 Unspecified vulnerability in IBM WebSphere 5.0.2.10 through 5.0.2.15 and 5.1.1.4 through 5.1.1.9 all...
CVE-2006-1094 SQL injection vulnerability in Datenbank MOD 2.7 and earlier for Woltlab Burning Board allows remote...
E
CVE-2006-1095 Directory traversal vulnerability in the FileSession object in Mod_python module 3.2.7 for Apache al...
S
CVE-2006-1096 Cross-site scripting (XSS) vulnerability in index.php in NZ Ecommerce allows remote attackers to inj...
E
CVE-2006-1097 Multiple cross-site scripting (XSS) vulnerabilities in Datenbank MOD 2.7 and earlier for Woltlab Bur...
E
CVE-2006-1098 Multiple SQL injection vulnerabilities in NZ Ecommerce allow remote attackers to execute arbitrary S...
CVE-2006-1099 PHP remote file include vulnerability in logIT 1.3 and 1.4 allows remote attackers to execute arbitr...
E
CVE-2006-1100 Buffer overflow in the sgetstr function in shared/cube.h in Sauerbraten 2006_02_28 and earlier, as d...
E
CVE-2006-1101 The (1) sgetstr and (2) getint functions in Sauerbraten 2006_02_28, as derived from the Cube engine,...
E
CVE-2006-1102 Sauerbraten 2006_02_28, as derived from the Cube engine, allows remote attackers to cause a denial o...
E
CVE-2006-1103 engine/server.cpp in Sauerbraten 2006_02_28, as derived from the Cube engine, allows remote attacker...
CVE-2006-1104 Multiple SQL injection vulnerabilities in Pixelpost 1.5 beta 1 and earlier allow remote attackers to...
E
CVE-2006-1105 Pixelpost 1.5 beta 1 and earlier allows remote attackers to obtain configuration information via a d...
E
CVE-2006-1106 Cross-site scripting (XSS) vulnerability in Pixelpost 1.5 beta 1 and earlier allows remote attackers...
CVE-2006-1107 Cross-site scripting (XSS) vulnerability in news.php in NMDeluxe before 1.0.1 allows remote attacker...
S
CVE-2006-1108 SQL injection vulnerability in news.php in NMDeluxe before 1.0.1 allows remote attackers to execute ...
S
CVE-2006-1109 SQL injection vulnerability in index.asp in Total Ecommerce 1.0 allows remote attackers to execute a...
E
CVE-2006-1110 Cross-site scripting (XSS) vulnerability in Aztek Forum 4.0 allows remote attackers to inject arbitr...
E
CVE-2006-1111 Aztek Forum 4.0 allows remote attackers to obtain sensitive information via a "*/*" in the msg param...
E
CVE-2006-1112 Aztek Forum 4.0 allows remote attackers to obtain sensitive information via a long login value in a ...
E
CVE-2006-1113 SQL injection vulnerability in podcast.php in Loudblog before 0.42 allows remote attackers to execut...
E S
CVE-2006-1114 Multiple directory traversal vulnerabilities in Loudblog before 0.42 allow remote attackers to read ...
E S
CVE-2006-1115 nCipher HSM before 2.22.6, when generating a Diffie-Hellman public/private key pair without any spec...
S
CVE-2006-1116 The CBC-MAC integrity functions in the nCipher nCore API before 2.18 transmit the initialization vec...
S
CVE-2006-1117 nCipher firmware before V10, as used by (1) nShield, (2) nForce, (3) netHSM, (4) payShield, (5) Secu...
S
CVE-2006-1118 SQL injection vulnerability in bmail before Aardvark PR9.1 allows remote attackers to execute arbitr...
S
CVE-2006-1119 fantastico in Cpanel does not properly handle when it has insufficient permissions to perform certai...
CVE-2006-1120 Multiple cross-site scripting (XSS) vulnerabilities in DCP-Portal 6.1.1 and earlier, with register_g...
E
CVE-2006-1121 Cross-site scripting (XSS) vulnerability in CuteNews 1.4.1 allows remote attackers to inject arbitra...
E
CVE-2006-1122 Cross-site scripting (XSS) vulnerability in Default.asp in D2KBlog 1.0.3 and earlier allows remote a...
E
CVE-2006-1123 SQL injection vulnerability in D2KBlog 1.0.3 and earlier allows remote attackers to execute arbitrar...
E
CVE-2006-1124 Buffer overflow in RevilloC MailServer and Proxy 1.21 allows remote attackers to execute arbitrary c...
E
CVE-2006-1125 Grisoft AVG Free 7.1, and other versions including 7.0.308, sets Everyone/Full Control permissions f...
S
CVE-2006-1126 Gallery 2 up to 2.0.2 allows remote attackers to spoof their IP address via a modified X-Forwarded-F...
S
CVE-2006-1127 Cross-site scripting (XSS) vulnerability in Gallery 2 up to 2.0.2 allows remote attackers to inject ...
S
CVE-2006-1128 Directory traversal vulnerability in the session handling class (GallerySession.class) in Gallery 2 ...
S
CVE-2006-1129 SQL injection vulnerability in config.php in EKINboard 1.0.3 allows remote attackers to execute arbi...
E S
CVE-2006-1130 Cross-site scripting (XSS) vulnerability in EKINboard 1.0.3 allows remote attackers to inject arbitr...
E S
CVE-2006-1131 Cross-site scripting (XSS) vulnerability in read.php in bitweaver CMS 1.2.1 allows remote attackers ...
E
CVE-2006-1132 SQL injection vulnerability in show.php in vbzoom 1.11 allow remote attackers to execute arbitrary S...
E
CVE-2006-1133 Multiple cross-site scripting (XSS) vulnerabilities in vbzoom 1.11 allow remote attackers to inject ...
CVE-2006-1134 SQL injection vulnerability in CyBoards PHP Lite 1.25, when magic_quotes_gpc is disabled, allows rem...
CVE-2006-1135 Multiple cross-site scripting (XSS) vulnerabilities in sBlog 0.7.2 allow remote attackers to inject ...
E
CVE-2006-1136 Buffer overflow in the PostScript file interpreter code for Xerox CopyCentre and Xerox WorkCentre Pr...
CVE-2006-1137 Multiple unspecified vulnerabilities in Xerox CopyCentre and Xerox WorkCentre Pro, running software ...
CVE-2006-1138 Unspecified vulnerability in the web server code in Xerox CopyCentre and Xerox WorkCentre Pro, runni...
CVE-2006-1139 Unspecified vulnerability in the ESS/ Network Controller in Xerox CopyCentre and Xerox WorkCentre Pr...
CVE-2006-1140 SQL injection vulnerability in rss.php in RedBLoG 0.5 allows remote attackers to execute arbitrary S...
E
CVE-2006-1141 Buffer overflow in qmailadmin.c in QmailAdmin before 1.2.10 allows remote attackers to execute arbit...
S
CVE-2006-1142 Unspecified vulnerability in Ravenous Web Server before 0.7.1 allows remote attackers to access arbi...
S
CVE-2006-1143 Cross-site scripting (XSS) vulnerability in FTPoed Blog Engine 1.1 allows remote attackers to inject...
E
CVE-2006-1144 Cross-site scripting (XSS) vulnerability in HitHost 1.0.0 allows remote attackers to inject arbitrar...
CVE-2006-1145 Format string vulnerability in the safe_cprintf function in acebot_cmds.c in Alien Arena 2006 Gold E...
E
CVE-2006-1146 Stack-based buffer overflow in the Cmd_Say_f function in g_cmds.c in Alien Arena 2006 Gold Edition 5...
E
CVE-2006-1147 The Com_sprintf function in q_shared.c in Alien Arena 2006 Gold Edition 5.00 does not properly NULL ...
E
CVE-2006-1148 Multiple stack-based buffer overflows in the procConnectArgs function in servmgr.cpp in PeerCast bef...
E S
CVE-2006-1149 PHP remote file inclusion vulnerability in lib/OWL_API.php in OWL Intranet Engine 0.82, when registe...
E
CVE-2006-1150 Buffer overflow in Tenes Empanadas Graciela (TEG) 0.11.1, automatically appends an _ (underscore) to...
E
CVE-2006-1151 Cross-site scripting vulnerability in index.php in M-Phorum 0.2 allows remote attackers to inject ar...
E
CVE-2006-1152 PHP remote file inclusion vulnerability in index.php in M-Phorum 0.2 allows remote attackers to incl...
CVE-2006-1153 SQL injection vulnerability in D2-Shoutbox 4.2 allows remote attackers to execute arbitrary SQL comm...
E
CVE-2006-1154 PHP remote file inclusion vulnerability in archive.php in Fantastic News 2.1.2 allows remote attacke...
E
CVE-2006-1155 Cross-site scripting (XSS) vulnerability in manas tungare Site Membership Script before 8 March, 200...
S
CVE-2006-1156 SQL injection vulnerability in manas tungare Site Membership Script before 8 March, 2006 allows remo...
S
CVE-2006-1157 Cross-site scripting (XSS) vulnerability in Vz Scripts ADP Forum 2.0.3 and earlier allows remote att...
E
CVE-2006-1158 Kerio MailServer before 6.1.3 Patch 1 allows remote attackers to cause a denial of service (applicat...
S
CVE-2006-1159 Format string vulnerability in Easy File Sharing (EFS) Web Server 3.2 allows remote attackers to cau...
E
CVE-2006-1160 Cross-site scripting (XSS) vulnerability in Easy File Sharing (EFS) Web Server 3.2 allows remote att...
CVE-2006-1161 Absolute path traversal vulnerability in Easy File Sharing (EFS) Web Server 3.2 allows remote regist...
CVE-2006-1162 Directory traversal vulnerability in Nodez 4.6.1.1 and earlier allows remote attackers to read or in...
E
CVE-2006-1163 Cross-site scripting (XSS) vulnerability in Nodez 4.6.1.1 allows remote attackers to inject arbitrar...
E
CVE-2006-1164 Nodez 4.6.1.1 and earlier stores sensitive data in the list.gtdat file under the web document root w...
E
CVE-2006-1165 Cross-site scripting (XSS) vulnerability in the mediamanager module in DokuWiki before 2006-03-05 al...
S
CVE-2006-1166 Monotone 0.25 and earlier, when a user creates a file in a directory called "mt", and when checking ...
S
CVE-2006-1167 SGI ProPack 3 SP6 kernel displays the frame buffer contents of the last session after a reboot, whic...
CVE-2006-1168 The decompress function in compress42.c in (1) ncompress 4.2.4 and (2) liblzw allows remote attacker...
CVE-2006-1169 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2006-1170 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2006-1171 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2006-1172 Stack-based buffer overflow in the createPKCS10 function in Cryptomathic Cenroll ActiveX Control 1.1...
E S
CVE-2006-1173 Sendmail before 8.13.7 allows remote attackers to cause a denial of service via deeply nested, malfo...
S
CVE-2006-1174 useradd in shadow-utils before 4.0.3, and possibly other versions before 4.0.8, does not provide a r...
S
CVE-2006-1175 The WeOnlyDo! SFTP (wodSFTP) ActiveX control is marked as safe for scripting, which allows remote at...
CVE-2006-1176 Buffer overflow in eBay Enhanced Picture Services (aka EPUImageControl Class) in EUPWALcontrol.dll b...
CVE-2006-1178 Tamarack MMSd before 7.992 allows remote attackers to cause a denial of service (crash) via malforme...
S
CVE-2006-1182 Adobe Graphics Server 2.0 and 2.1 (formerly AlterCast) and Adobe Document Server (ADS) 5.0 and 6.0 a...
S
CVE-2006-1183 The Ubuntu 5.10 installer does not properly clear passwords from the installer log file (questions.d...
E
CVE-2006-1184 Microsoft Distributed Transaction Coordinator (MSDTC) for Windows NT 4.0, 2000 SP4, XP SP1 and SP2, ...
S
CVE-2006-1185 Unspecified vulnerability in Microsoft Internet Explorer 5.01 through 6 allows remote attackers to e...
CVE-2006-1186 Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via by ...
S
CVE-2006-1187 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2006-1188 Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via HTM...
S
CVE-2006-1189 Buffer overflow in URLMON.DLL in Microsoft Internet Explorer 5.01 through 6 allows remote attackers ...
CVE-2006-1190 Microsoft Internet Explorer 5.01 through 6 does not always return the correct IOleClientSite informa...
CVE-2006-1191 Microsoft Internet Explorer 5.01 through 6 does not always correctly identify the domain that is ass...
CVE-2006-1192 Microsoft Internet Explorer 5.01 through 6 allows remote attackers to conduct phishing attacks by sp...
S
CVE-2006-1193 Cross-site scripting (XSS) vulnerability in Microsoft Exchange Server 2000 SP1 through SP3, when run...
S
CVE-2006-1194 Integer signedness error in the enet_protocol_handle_incoming_commands function in protocol.c for EN...
CVE-2006-1195 The enet_protocol_handle_send_fragment function in protocol.c for ENet library CVS version Jul 2005 ...
E
CVE-2006-1196 Multiple cross-site scripting (XSS) vulnerabilities in QwikiWiki 1.5 allow remote attackers to injec...
E
CVE-2006-1197 SafeDisc installs the driver service for the secdrv.sys driver with insecure permissions, which allo...
CVE-2006-1198 Comvigo IM Lock 2006 uses a simple substitution cipher to encrypt a password stored in the msnvs\prc...
CVE-2006-1199 Cross-site scripting (XSS) vulnerability in iframe.php in daverave Link Bank allows remote attackers...
E
CVE-2006-1200 Direct static code injection vulnerability in add_link.txt in daverave Link Bank allows remote attac...
E
CVE-2006-1201 Directory traversal vulnerability in resetpw.php in eschew.net phpBannerExchange 2.0 and earlier, an...
E
CVE-2006-1202 Multiple cross-site scripting (XSS) vulnerabilities in textfileBB 1.0 and earlier allow remote attac...
CVE-2006-1203 PHP remote file include vulnerability in common.php in txtForum 1.0.4-dev and earlier allows remote ...
CVE-2006-1204 Multiple cross-site scripting (XSS) vulnerabilities in txtForum 1.0.4-dev and earlier allow remote a...
E
CVE-2006-1205 Multiple cross-site scripting (XSS) vulnerabilities in myWebland myBloggie 2.1.3 beta and earlier al...
E
CVE-2006-1206 Matt Johnston Dropbear SSH server 0.47 and earlier, as used in embedded Linux devices and on general...
S
CVE-2006-1207 PHP Upload Center stores password hashes under the web root with insufficient access control, which ...
E
CVE-2006-1208 Sergey Korostel PHP Upload Center allows remote attackers to execute arbitrary PHP code by uploading...
E
CVE-2006-1209 PHP Advanced Transfer Manager 1.00 through 1.30 stores sensitive information, including password has...
E
CVE-2006-1210 The web interface for IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 includes the MySQL database use...
CVE-2006-1211 IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 configures a MySQL database to allow connections from...
CVE-2006-1212 Unspecified vulnerability in index.php in Core CoreNews 2.0.1 allows remote attackers to execute arb...
CVE-2006-1213 JiRo's Banner System Experience and Professional 1.0 and earlier allows remote attackers to bypass a...
E
CVE-2006-1214 UnrealIRCd 3.2.3 allows remote attackers to cause an unspecified denial of service by causing a link...
E S
CVE-2006-1215 Cross-site scripting (XSS) vulnerability in misc.php in Woltlab Burning Board (wBB) 2.3.4 allows rem...
E
CVE-2006-1216 Cross-site scripting (XSS) vulnerability in bigshow.php in Runcms 1.x allows remote attackers to inj...
E S
CVE-2006-1217 SQL injection vulnerability in DSPoll 1.1 allows remote attackers to execute arbitrary SQL commands ...
CVE-2006-1218 Unspecified vulnerability in the HTTP proxy in Novell BorderManager 3.8 and earlier allows remote at...
S
CVE-2006-1219 Directory traversal vulnerability in Gallery 2.0.3 and earlier, and 2.1 before RC-2a, allows remote ...
E S
CVE-2006-1220 Integer overflow in the mach_msg_send function in the kernel for Mac OS X might allow local users to...
E
CVE-2006-1221 Untrusted search path vulnerability in the TrueVector service (VSMON.exe) in Zone Labs ZoneAlarm 6.x...
E
CVE-2006-1222 Multiple cross-site scripting (XSS) vulnerabilities in zeroboard 4.1 pl7 allows allow remote attacke...
E S
CVE-2006-1223 Cross-site scripting (XSS) vulnerability in Jupiter Content Manager 1.1.5 and earlier allows remote ...
E
CVE-2006-1224 Directory traversal vulnerability in dwnld.php in GuppY 4.5.11 allows remote attackers to overwrite ...
E S
CVE-2006-1225 CRLF injection vulnerability in Drupal 4.5.x before 4.5.8 and 4.6.x before 4.5.8 allows remote attac...
S
CVE-2006-1226 Cross-site scripting (XSS) vulnerability in Drupal 4.5.x before 4.5.8 and 4.6.x before 4.5.8 allows ...
S
CVE-2006-1227 Drupal 4.5.x before 4.5.8 and 4.6.x before 4.5.8, when menu.module is used to create a menu item, do...
S
CVE-2006-1228 Session fixation vulnerability in Drupal 4.5.x before 4.5.8 and 4.6.x before 4.5.8 allows remote att...
S
CVE-2006-1229 SQL injection vulnerability in search.asp in Hosting Controller 6.1 (Hotfix 2.9) allows remote attac...
CVE-2006-1230 Multiple cross-site scripting (XSS) vulnerabilities in create.php in vCard 2.x allow remote attacker...
E
CVE-2006-1231 CAPI4HylaFAX 1.3, when compiled with GENERATE_DEBUGSFFDATAFILE set, allows local users to modify arb...
CVE-2006-1232 Multiple SQL injection vulnerabilities in DSDownload 1.0, with magic_quotes_gpc disabled, allow remo...
CVE-2006-1233 Multiple cross-site scripting (XSS) vulnerabilities in WMNews allow remote attackers to inject arbit...
E
CVE-2006-1234 SQL injection vulnerability in index.php in DSCounter 1.2, with magic_quotes_gpc disabled, allows re...
CVE-2006-1235 Directory traversal vulnerability in admin/deleteuser.php in HitHost 1.0.0 might allow remote attack...
CVE-2006-1236 Buffer overflow in the SetUp function in socket/request.c in CrossFire 1.9.0 allows remote attackers...
E
CVE-2006-1237 Multiple SQL injection vulnerabilities in DSNewsletter 1.0, with magic_quotes_gpc disabled, allow re...
CVE-2006-1238 SQL injection vulnerability in DSLogin 1.0, with magic_quotes_gpc disabled, allows remote attackers ...
CVE-2006-1239 Cross-site scripting (XSS) vulnerability in issue/createissue.aspx in Gemini 2.0 allows remote attac...
CVE-2006-1240 Buffer overflow in inet_server.cpp in (1) fb_inet_server and (2) fbserver in Firebird 1.5.2.4731 all...
E S
CVE-2006-1241 Firebird 1.5.2.4731 installs (1) fb_lock_mgr, (2) gds_drop, and (3) fb_inet_server with setuid fireb...
E S
CVE-2006-1242 The ip_push_pending_frames function in Linux 2.4.x and 2.6.x before 2.6.16 increments the IP ID fiel...
S
CVE-2006-1243 Directory traversal vulnerability in install05.php in Simple PHP Blog (SPB) 0.4.7.1 and earlier allo...
E
CVE-2006-1244 Unspecified vulnerability in certain versions of xpdf after 3.00, as used in various products includ...
S
CVE-2006-1245 Buffer overflow in mshtml.dll in Microsoft Internet Explorer 6.0.2900.2180, and probably other versi...
E S
CVE-2006-1246 Unspecified vulnerability in mklvcopy in BOS.RTE.LVM in IBM AIX 5.3 allows local users to execute ar...
S
CVE-2006-1247 rm_mlcache_file in bos.rte.install in AIX 5.1.0 through 5.3.0 allows local users to overwrite arbitr...
S
CVE-2006-1248 Unspecified vulnerability in usermod in HP-UX B.11.00, B.11.11, and B.11.23, when run with certain o...
CVE-2006-1249 Integer overflow in Apple QuickTime Player 7.0.3 and 7.0.4 and iTunes 6.0.1 and 6.0.2 allows remote ...
CVE-2006-1250 Unspecified vulnerability in the Webmail module in Winmail before 4.3 has unknown impact and unknown...
CVE-2006-1251 Argument injection vulnerability in greylistclean.cron in sa-exim 4.2 allows remote attackers to del...
S
CVE-2006-1252 Eval injection vulnerability in cal.php in Light Weight Calendar (LWC) 1.0 allows remote attackers t...
E
CVE-2006-1253 Unspecified vulnerability in glFTPd before 2.01 RC5 allows remote attackers to bypass IP checks via ...
S
CVE-2006-1254 Unspecified vulnerability in BorderWare MXtreme 5.0 and 6.0 allows remote attackers to have an unkno...
S
CVE-2006-1255 Stack-based buffer overflow in the IMAP service in Mercur Messaging 5.0 SP3 and earlier allows remot...
E
CVE-2006-1256 Cross-site scripting (XSS) vulnerability in guestbook.php in Soren Boysen (SkullSplitter) PHP Guestb...
S
CVE-2006-1257 The sample files in the authfiles directory in Microsoft Commerce Server 2002 before SP2 allow remot...
S
CVE-2006-1258 Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.8.0.1 allows remote attackers to inject arb...
E S
CVE-2006-1259 Multiple SQL injection vulnerabilities in Maian Support 1.0 allow remote attackers to execute arbitr...
CVE-2006-1260 Horde Application Framework 3.0.9 allows remote attackers to read arbitrary files via a null charact...
E S
CVE-2006-1261 Multiple cross-site scripting (XSS) vulnerabilities in ASPPortal 3.00 allow remote attackers to inje...
S
CVE-2006-1262 Multiple SQL injection vulnerabilities in ASPPortal 3.00 have unknown impact and attack vectors....
S
CVE-2006-1263 Multiple "unannounced" cross-site scripting (XSS) vulnerabilities in WordPress before 2.0.2 allow re...
S
CVE-2006-1264 Cross-site scripting (XSS) vulnerability in xhawk.net discussion 2.0 beta2 allows remote attackers t...
E
CVE-2006-1265 SQL injection vulnerability in discussion.class.php in xhawk.net discussion 2.0 beta2 allows remote ...
E
CVE-2006-1266 Cross-site scripting (XSS) vulnerability in Service_Requests.asp in VPMi Enterprise 3.3 allows remot...
E
CVE-2006-1267 Invision Power Board 2.1.4 allows remote attackers to hijack sessions and possibly gain administrati...
E
CVE-2006-1268 The Internet Key Exchange implementation in Funkwerk X2300 7.2.1 allows remote attackers to cause a ...
S
CVE-2006-1269 Buffer overflow in the parse function in parse.c in zoo 2.10 might allow local users to execute arbi...
E S
CVE-2006-1270 Multiple cross-site scripting (XSS) vulnerabilities in zones.php in Inprotect 0.21 allow remote atta...
CVE-2006-1271 SQL injection vulnerability in index.php in OxyNews allows remote attackers to execute arbitrary SQL...
E
CVE-2006-1272 Multiple cross-site scripting (XSS) vulnerabilities in member.php in MyBulletin Board (MyBB) 1.0.3 a...
E
CVE-2006-1273 Mozilla Firefox 1.0.7 and 1.5.0.1 allows remote attackers to cause a denial of service (crash) via a...
CVE-2006-1274 Classic Planer in AntiVir PersonalEdition Classic 7 does not drop privileges before executing extern...
S
CVE-2006-1275 GGZ Gaming Zone 0.0.12 allows remote attackers to cause a denial of service (client disconnect) via ...
E
CVE-2006-1276 admin.php in Himpfen Consulting Company PHP SimpleNEWS 1.0.0 allows remote attackers to bypass authe...
E
CVE-2006-1277 Cross-site scripting (XSS) vulnerability in signup.php in @1 File Store 2006.03.07 allows remote att...
CVE-2006-1278 SQL injection vulnerability in @1 File Store 2006.03.07 allows remote attackers to execute arbitrary...
E
CVE-2006-1279 CGI::Session 4.03-1 allows local users to overwrite arbitrary files via a symlink attack on temporar...
CVE-2006-1280 CGI::Session 4.03-1 does not set proper permissions on temporary files created in (1) Driver::File a...
E
CVE-2006-1281 Cross-site scripting (XSS) vulnerability in member.php in MyBulletinBoard (MyBB) 1.04 allows remote ...
E S
CVE-2006-1282 CRLF injection vulnerability in inc/function.php in MyBulletinBoard (MyBB) 1.04 allows remote attack...
E S
CVE-2006-1283 opiepasswd in One-Time Passwords in Everything (OPIE) in FreeBSD 4.10-RELEASE-p22 through 6.1-STABLE...
S
CVE-2006-1284 The installation of SQLAnywhere in Symantec Ghost 8.0 and 8.2, as used in Symantec Ghost Solutions S...
CVE-2006-1285 SQLAnywhere in Symantec Ghost 8.0 and 8.2, as used in Symantec Ghost Solutions Suite (SGSS) 1.0, giv...
CVE-2006-1286 Buffer overflow in the login dialog in dbisqlc.exe in SQLAnywhere for Symantec Ghost 8.0 and 8.2, as...
CVE-2006-1287 Cross-site scripting (XSS) vulnerability in Invision Power Board (IPB) 2.0.4 and 2.1.4 before 200601...
S
CVE-2006-1288 Multiple SQL injection vulnerabilities in Invision Power Board (IPB) 2.0.4 and 2.1.4 before 20060105...
S
CVE-2006-1289 Multiple SQL injection vulnerabilities in Milkeyway Captive Portal 0.1 and 0.1.1 allow remote attack...
E
CVE-2006-1290 Multiple cross-site scripting (XSS) vulnerabilities in Milkeyway Captive Portal 0.1 and 0.1.1 allow ...
E
CVE-2006-1291 publish.ical.php in Jim Hu and Chad Little PHP iCalendar 2.21 and earlier does not require authentic...
E
CVE-2006-1292 Directory traversal vulnerability in Jim Hu and Chad Little PHP iCalendar 2.21 and earlier allows re...
E
CVE-2006-1293 Cross-site scripting (XSS) vulnerability in index.php in Contrexx CMS 1.0.8 and earlier allows remot...
E
CVE-2006-1294 PHP remote file include vulnerability in PageController.php in KnowledgebasePublisher 1.2 allows rem...
E
CVE-2006-1295 Cross-site scripting (XSS) vulnerability in recherche.php3 in SPIP 1.8.2-g allows remote attackers t...
S
CVE-2006-1296 Untrusted search path vulnerability in Beagle 0.2.2.1 might allow local users to gain privileges via...
CVE-2006-1297 Unspecified vulnerability in Veritas Backup Exec for Windows Server Remote Agent 9.1 through 10.1, f...
S
CVE-2006-1298 Format string vulnerability in the Job Engine service (bengine.exe) in the Media Server in Veritas B...
S
CVE-2006-1299 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2006-1300 Microsoft .NET framework 2.0 (ASP.NET) in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 200...
S
CVE-2006-1301 Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a .xl...
CVE-2006-1302 Buffer overflow in Microsoft Excel 2000 through 2003 allows user-assisted attackers to execute arbit...
S
CVE-2006-1303 Multiple unspecified vulnerabilities in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier a...
S
CVE-2006-1304 Buffer overflow in Microsoft Excel 2000 through 2003 allows user-assisted attackers to execute arbit...
S
CVE-2006-1305 Microsoft Outlook 2000, 2002, and 2003 allows user-assisted remote attackers to cause a denial of se...
S
CVE-2006-1306 Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a .xl...
S
CVE-2006-1307 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2006-1308 Unspecified vulnerability in Microsoft Excel 2000 through 2004 allows user-assisted attackers to exe...
S
CVE-2006-1309 Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a .xl...
CVE-2006-1310 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2006-1311 The RichEdit component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1; Office 2000 SP3, XP SP3,...
CVE-2006-1312 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2006-1313 Microsoft JScript 5.1, 5.5, and 5.6 on Windows 2000 SP4, and 5.6 on Windows XP, Server 2003, Windows...
S
CVE-2006-1314 Heap-based buffer overflow in the Server Service (SRV.SYS driver) in Microsoft Windows 2000 SP4, XP ...
S
CVE-2006-1315 The Server Service (SRV.SYS driver) in Microsoft Windows 2000 SP4, XP SP1 and SP2, Server 2003 up to...
CVE-2006-1316 Unspecified vulnerability in Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, and ...
CVE-2006-1317 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2006-1318 Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, Office 2004 for Mac, and Office X...
CVE-2006-1319 chpst in runit 1.3.3-1 for Debian GNU/Linux, when compiled on little endian i386 machines against di...
E S
CVE-2006-1320 util.c in rssh 2.3.0 in Debian GNU/Linux does not use braces to make a block, which causes a check f...
S
CVE-2006-1321 Cross-site scripting (XSS) vulnerability in webcheck before 1.9.6 allows remote attackers to inject ...
S
CVE-2006-1322 Novell Netware NWFTPD 5.06.05 allows remote attackers to cause a denial of service (ABEND) via an MD...
S
CVE-2006-1323 Directory traversal vulnerability in WinHKI 1.6 and earlier allows user-assisted attackers to overwr...
CVE-2006-1324 Cross-site scripting (XSS) vulnerability in acp/lib/class_db_mysql.php in Woltlab Burning Board (wBB...
CVE-2006-1325 Cross-site scripting (XSS) vulnerability in Streber 0.055 allows remote attackers to inject arbitrar...
CVE-2006-1326 Multiple cross-site scripting (XSS) vulnerabilities in Invision Power Board 2.0.4 allow remote attac...
E
CVE-2006-1327 SQL injection vulnerability in reg.php in SoftBB 0.1 allows remote attackers to execute arbitrary SQ...
E
CVE-2006-1328 SQL injection vulnerability in count.php in Skull-Splitter PHP Downloadcounter for Wallpapers 1.0 al...
CVE-2006-1329 The SASL negotiation in Jabber Studio jabberd before 2.0s11 allows remote attackers to cause a denia...
S
CVE-2006-1330 Multiple SQL injection vulnerabilities in phpWebsite 0.83 and earlier allow remote attackers to exec...
E
CVE-2006-1331 Multiple cross-site scripting (XSS) vulnerabilities in index.php in Noah's Classifieds 1.3 and earli...
CVE-2006-1332 Noah's Classifieds 1.3 and earlier allows remote attackers to obtain sensitive information via an in...
CVE-2006-1333 Multiple SQL injection vulnerabilities in BetaParticle Blog 6.0 and earlier allow remote attackers t...
S
CVE-2006-1334 Multiple SQL injection vulnerabilities in Maian Weblog 2.0 allow remote attackers to execute arbitra...
CVE-2006-1335 gnome screensaver before 2.14, when running on an X server with AllowDeactivateGrabs and AllowClosed...
CVE-2006-1336 Cross-site scripting vulnerability in calendar.php in ExtCalendar 1.0 and possibly other versions be...
E
CVE-2006-1337 Buffer overflow in the POP 3 (POP3) service in MailEnable Standard Edition before 1.93, Professional...
S
CVE-2006-1338 Webmail in MailEnable Professional Edition before 1.73 and Enterprise Edition before 1.21 allows rem...
S
CVE-2006-1339 Directory traversal vulnerability in inc/functions.inc.php in CuteNews 1.4.1 and possibly other vers...
E
CVE-2006-1340 CuteNews 1.4.1 and possibly other versions allows remote attackers to obtain the installation path v...
E
CVE-2006-1341 SQL injection vulnerability in events.php in Maian Events 1.0 allows remote attackers to execute arb...
CVE-2006-1342 net/ipv4/af_inet.c in Linux kernel 2.4 does not clear sockaddr_in.sin_zero before returning IPv4 soc...
CVE-2006-1343 net/ipv4/netfilter/ip_conntrack_core.c in Linux kernel 2.4 and 2.6, and possibly net/ipv4/netfilter/...
CVE-2006-1344 Cross-site scripting (XSS) vulnerability in VeriSign haydn.exe, as used in Managed PKI (MPKI) 6.0, a...
E
CVE-2006-1345 polls.php in MyBB (aka MyBulletinBoard) 1.10 allows remote attackers to obtain sensitive information...
CVE-2006-1346 Directory traversal vulnerability in inc/setLang.php in Greg Neustaetter gCards 1.45 and earlier all...
E
CVE-2006-1347 SQL injection vulnerability in loginfunction.php in Greg Neustaetter gCards 1.45 and earlier allows ...
E
CVE-2006-1348 Cross-site scripting (XSS) vulnerability in index.php in Greg Neustaetter gCards 1.45 and earlier al...
E
CVE-2006-1349 Multiple cross-site scripting (XSS) vulnerabilities in Musicbox 2.3 Beta 2 allow remote attackers to...
E
CVE-2006-1350 PHP remote file include vulnerability in index.php in 99Articles.com (aka ArticlesOne.com) Free arti...
CVE-2006-1351 BEA WebLogic Server 6.1 SP7 and earlier allows remote attackers to read arbitrary files via unknown ...
S
CVE-2006-1352 BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, 7.0 SP6 and earlier, and WebLogic Serv...
S
CVE-2006-1353 Multiple SQL injection vulnerabilities in ASPPortal 3.1.1 and earlier allow remote attackers to exec...
E
CVE-2006-1354 Unspecified vulnerability in FreeRADIUS 1.0.0 up to 1.1.0 allows remote attackers to bypass authenti...
S
CVE-2006-1355 avast! Antivirus 4.6.763 and earlier sets "BUILTIN\Everyone" permissions to critical system files in...
CVE-2006-1356 Stack-based buffer overflow in the count_vcards function in LibVC 3, as used in Rolo, allows user-as...
E
CVE-2006-1357 Cross-site scripting (XSS) vulnerability in my.support.php3 in F5 Firepass 4100 SSL VPN 5.4.2 allows...
E
CVE-2006-1358 Unspecified vulnerability in BEA WebLogic Portal 8.1 up to SP5 causes a JSR-168 Portlet to be retrie...
S
CVE-2006-1359 Microsoft Internet Explorer 6 and 7 Beta 2 allows remote attackers to cause a denial of service and ...
E
CVE-2006-1360 Multiple SQL injection vulnerabilities in MusicBox 2.3 Beta 2 allow remote attackers to execute arbi...
E
CVE-2006-1361 Cross-site scripting (XSS) vulnerability in OSWiki before 0.3.1 allows remote attackers to inject ar...
S
CVE-2006-1362 Multiple SQL injection vulnerabilities in Mini-Nuke CMS System 1.8.2 and earlier allow remote attack...
CVE-2006-1363 images.php in Justin White (aka YTZ) Free Web Publishing System (FreeWPS) 2.11 allows remote attacke...
E
CVE-2006-1364 Microsoft w3wp (aka w3wp.exe) does not properly handle when the AspCompat directive is not used when...
E
CVE-2006-1365 The Motorola PEBL U6, the Motorola V600, and possibly the Motorola E398 and other Motorola phones al...
E
CVE-2006-1366 Buffer overflow in the Motorola PEBL U6 08.83.76R, and possibly other Motorola P2K-based phones, all...
E
CVE-2006-1367 The Motorola PEBL U6 08.83.76R, the Motorola V600, and possibly the Motorola E398 and other Motorola...
E
CVE-2006-1368 Buffer overflow in the USB Gadget RNDIS implementation in the Linux kernel before 2.6.16 allows remo...
CVE-2006-1369 Cross-site scripting (XSS) vulnerability in Invision Power Board (IPB) 2.1.5 and earlier before 2006...
CVE-2006-1370 Buffer overflow in RealNetworks RealPlayer 10.5 6.0.12.1040 through 6.0.12.1348, RealPlayer 10, Real...
S
CVE-2006-1371 Laurentiu Matei eXpandable Home Page (XHP) CMS 0.5 and earlier allows remote authenticated users to ...
E S
CVE-2006-1372 Multiple SQL injection vulnerabilities in 1WebCalendar 4.0 and earlier allow remote attackers to exe...
E
CVE-2006-1373 Cross-site scripting (XSS) vulnerability in status_image.php in PHP Live! 3.0 allows remote attacker...
E
CVE-2006-1374 SQL injection vulnerability in viewStatement.php in AdMan 1.0.20051221 and earlier allows remote att...
E
CVE-2006-1375 AdMan 1.0.20051221 and earlier allows remote attackers to obtain the full path via (1) a blank campa...
CVE-2006-1376 The installation of Debian GNU/Linux 3.1r1 from the network install CD creates /var/log/debian-insta...
CVE-2006-1377 Cross-site scripting (XSS) vulnerability in img.php in (1) EasyMoblog 0.5.1 and (2) CoMoblog 1.1 all...
E
CVE-2006-1378 PasswordSafe 3.0 beta, when running on Windows before XP, uses a weak random number generator (C++ r...
E
CVE-2006-1379 Trend Micro PC-cillin Internet Security 2006 14.00.1485 and 14.10.0.1023, uses insecure DACLs for cr...
E S
CVE-2006-1380 ISNTSmtp directory in Trend Micro InterScan Messaging Security Suite (IMSS) 5.5 build 1183 and possi...
S
CVE-2006-1381 Trend Micro OfficeScan 5.5, and probably other versions before 6.5, uses insecure DACLs for critical...
CVE-2006-1382 PHP remote file inclusion vulnerability in impex/ImpExData.php in vBulletin ImpEx module 1.74, when ...
CVE-2006-1383 Directory traversal vulnerability in Baby FTP Server (BabyFTP) 1.24 allows remote authenticated user...
CVE-2006-1384 Cross-site scripting (XSS) vulnerability in apwc_win_main.jsp in the web console in IBM Tivoli Busin...
E S
CVE-2006-1385 Stack-based buffer overflow in the parseTaggedData function in WavePacket.mm in KisMAC R54 through R...
CVE-2006-1386 The (1) rdiff and (2) preview scripts in TWiki 4.0 and 4.0.1 ignore access control settings, which a...
CVE-2006-1387 TWiki 4.0, 4.0.1, and 20010901 through 20040904 allows remote authenticated users with edit rights t...
CVE-2006-1388 Unspecified vulnerability in Microsoft Internet Explorer 6.0 allows remote attackers to execute HTA ...
CVE-2006-1389 Unspecified vulnerability in swagentd in HP-UX B.11.00, B.11.04, and B.11.11 allows remote attackers...
S
CVE-2006-1390 The configuration of NetHack 3.4.3-r1 and earlier, Falcon's Eye 1.9.4a and earlier, and Slash'EM 0.0...
E S
CVE-2006-1391 The (a) Quick 'n Easy Web Server before 3.1.1 and (b) Baby ASP Web Server 2.7.2 allows remote attack...
S
CVE-2006-1392 Multiple cross-site scripting (XSS) vulnerabilities in index.cgi in the login server in University o...
S
CVE-2006-1393 Multiple cross-site scripting (XSS) vulnerabilities in the mod_pubcookie Apache application server m...
S
CVE-2006-1394 Multiple cross-site scripting (XSS) vulnerabilities in the Microsoft IIS ISAPI filter (aka applicati...
S
CVE-2006-1395 SQL injection vulnerability in mb.cgi in Cholod MySQL Based Message Board allows remote attackers to...
E
CVE-2006-1396 Multiple cross-site scripting (XSS) vulnerabilities in Cholod MySQL Based Message Board allow remote...
CVE-2006-1397 Multiple cross-site scripting (XSS) vulnerabilities in (a) phpAdsNew and (b) phpPgAds before 2.0.8 a...
S
CVE-2006-1398 Cross-site scripting (XSS) vulnerability in guestbook.php in G-Book 1.0 allows remote attackers to i...
CVE-2006-1399 Cross-site scripting (XSS) vulnerability in searchresult.php in Meeting Reserve 1.0 beta allows remo...
CVE-2006-1400 Cross-site scripting (XSS) vulnerability in MyTasks/PersonalTaskEdit.asp in Metisware Instructor 1.3...
CVE-2006-1401 Multiple cross-site scripting (XSS) vulnerabilities in search.php in Calendar Express 2.2 allow remo...
CVE-2006-1402 Buffer overflow in client/server Doom (csDoom) 0.7 and earlier allows remote attackers to (1) cause ...
E S
CVE-2006-1403 Format string vulnerability in the PrintString function in c_console.cpp in client/server Doom (csDo...
E S
CVE-2006-1404 Multiple cross-site scripting (XSS) vulnerabilities in bol.cgi in BlankOL 1.0 and earlier allow remo...
CVE-2006-1405 Cross-site scripting (XSS) vulnerability in search.aspx in SweetSuite.NET Content Management System ...
CVE-2006-1406 Multiple cross-site scripting (XSS) vulnerabilities in wbadmlog.aspx in uniForum 4.0 and earlier all...
CVE-2006-1407 Multiple cross-site scripting (XSS) vulnerabilities in Helm Web Hosting Control Panel 3.2.10 and ear...
CVE-2006-1408 Vavoom 1.19.1 and earlier allows remote attackers to cause a denial of service (infinite loop) via (...
E
CVE-2006-1409 Buffer overflow in Vavoom 1.19.1 and earlier allows remote attackers to cause a denial of service (a...
E
CVE-2006-1410 Multiple cross-site scripting (XSS) vulnerabilities in XIGLA Absolute Live Support XE 2.0 and earlie...
CVE-2006-1411 Cross-site scripting (XSS) vulnerability in Absolute Image Gallery XE 2.0 and earlier allows remote ...
CVE-2006-1412 TFT Gallery 0.10 stores sensitive information under the web root with insufficient access control, w...
E
CVE-2006-1413 Multiple cross-site scripting (XSS) vulnerabilities in EZHomepagePro 1.5 and earlier allow remote at...
E
CVE-2006-1414 Multiple cross-site scripting (XSS) vulnerabilities in toast.asp in Toast Forums 1.6 and earlier all...
E
CVE-2006-1415 Cross-site scripting (XSS) vulnerability in iforget.aspx in dotNetBB 2.42EC SP 3 and earlier allows ...
CVE-2006-1416 Cross-site scripting (XSS) vulnerability in afmsearch.aspx in Absolute FAQ Manager .NET 4.0 and earl...
CVE-2006-1417 Multiple cross-site scripting (XSS) vulnerabilities in Caloris Planitia Online Quiz System (aka Web ...
E
CVE-2006-1418 Cross-site scripting (XSS) vulnerability in default.asp in Caloris Planitia E-School Management Syst...
E
CVE-2006-1419 SQL injection vulnerability in the Calendar module in nuked-klan 1.7.5 and earlier allows remote att...
CVE-2006-1420 SQL injection vulnerability in print.php in SaphpLesson 2.0 allows remote attackers to execute arbit...
E
CVE-2006-1421 Multiple SQL injection vulnerabilities in akocomment.php in AkoComment 2.0 module for Mambo, with ma...
S
CVE-2006-1422 SQL injection vulnerability in details_view.php in PHP Booking Calendar 1.0c and earlier allows remo...
E
CVE-2006-1423 SQL injection vulnerability in showflat.php in UBB.threads 5.5.1, 6.0 br5, 6.0.1, 6.0.2, and earlier...
CVE-2006-1424 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-1482. Reason: This candida...
R
CVE-2006-1425 Cross-site scripting (XSS) vulnerability in track.php in phpmyfamily 1.4.1 allows remote attackers t...
CVE-2006-1426 Multiple SQL injection vulnerabilities in Pixel Motion Blog allow remote attackers to execute arbitr...
E
CVE-2006-1427 Multiple cross-site scripting (XSS) vulnerabilities in WebAPP 0.9.9.3.2 and earlier allow remote att...
CVE-2006-1428 Multiple cross-site scripting (XSS) vulnerabilities in phpCOIN 1.2.2 and earlier allow remote attack...
CVE-2006-1429 Cross-site scripting (XSS) vulnerability in accountlogon.cfm in classifiedZONE 1.2 and earlier allow...
E
CVE-2006-1430 Multiple cross-site scripting (XSS) vulnerabilities in CONTROLzx HMS (formerly DRZES) 3.3.4 and earl...
E
CVE-2006-1431 Cross-site scripting (XSS) vulnerability in local.cfm in fusionZONE couponZONE 4.2 allows remote att...
E
CVE-2006-1432 fusionZONE couponZONE 4.2 allows remote attackers to obtain the full path of the web server, and oth...
CVE-2006-1433 Annuaire (Directory) 1.0 allows remote attackers to obtain sensitive information via a direct reques...
CVE-2006-1434 Cross-site scripting (XSS) vulnerability in inscription.php in Annuaire (Directory) 1.0 allows remot...
CVE-2006-1435 Cross-site scripting (XSS) vulnerability in genmessage.php in Accounting Receiving and Inventory Adm...
CVE-2006-1436 Multiple cross-site scripting (XSS) vulnerabilities in UPOINT @1 Event Publisher allow remote attack...
CVE-2006-1437 UPOINT @1 Event Publisher stores sensitive information under the web document root with insufifcient...
CVE-2006-1438 Multiple cross-site scripting (XSS) vulnerabilities in Andy's PHP Knowledgebase (aphpkb) 0.57 allow ...
CVE-2006-1439 NSSecureTextField in AppKit in Apple Mac OS X 10.4.6 does not re-enable secure event input under cer...
S
CVE-2006-1440 BOM in Apple Mac OS X 10.3.9 and 10.4.6 allows attackers to overwrite arbitrary files via an archive...
S
CVE-2006-1441 Integer overflow in CFNetwork in Apple Mac OS X 10.4.6 allows remote attackers to execute arbitrary ...
S
CVE-2006-1442 The bundle API in CoreFoundation in Apple Mac OS X 10.3.9 and 10.4.6 loads dynamic libraries even if...
S
CVE-2006-1443 Integer underflow in CoreFoundation in Apple Mac OS X 10.3.9 and 10.4.6 allows context-dependent att...
S
CVE-2006-1444 CoreGraphics in Apple Mac OS X 10.4.6, when "Enable access for assistive devices" is on, allows an a...
S
CVE-2006-1445 Buffer overflow in the FTP server (FTPServer) in Apple Mac OS X 10.3.9 and 10.4.6 allows remote auth...
S
CVE-2006-1446 Keychain in Apple Mac OS X 10.3.9 and 10.4.6 might allow an application to bypass a locked Keychain ...
S
CVE-2006-1447 LaunchServices in Apple Mac OS X 10.4.6 allows remote attackers to cause Safari to launch unsafe con...
S
CVE-2006-1448 Finder in Apple Mac OS X 10.3.9 and 10.4.6 allows user-assisted attackers to execute arbitrary code ...
S
CVE-2006-1449 Integer overflow in Mail in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to execute arbi...
S
CVE-2006-1450 Mail in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to execute arbitrary code via an en...
S
CVE-2006-1451 MySQL Manager in Apple Mac OS X 10.3.9 and 10.4.6, when setting up a new MySQL database server, does...
S
CVE-2006-1452 Stack-based buffer overflow in Preview in Apple Mac OS 10.4 up to 10.4.6 allows local users to execu...
S
CVE-2006-1453 Stack-based buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitra...
S
CVE-2006-1454 Heap-based buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrar...
S
CVE-2006-1455 QuickTime Streaming Server in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to cause a de...
S
CVE-2006-1456 Buffer overflow in QuickTime Streaming Server in Apple Mac OS X 10.3.9 and 10.4.6 allows remote atta...
S
CVE-2006-1457 Safari on Apple Mac OS X 10.4.6, when "Open `safe' files after downloading" is enabled, will automat...
S
CVE-2006-1458 Integer overflow in Apple QuickTime Player before 7.1 allows remote attackers to execute arbitrary c...
S
CVE-2006-1459 Multiple integer overflows in Apple QuickTime before 7.1 allow remote attackers to cause a denial of...
S
CVE-2006-1460 Multiple buffer overflows in Apple QuickTime before 7.1 allow remote attackers to execute arbitrary ...
S
CVE-2006-1461 Multiple buffer overflows in Apple QuickTime before 7.1 allow remote attackers to execute arbitrary ...
S
CVE-2006-1462 Multiple integer overflows in Apple QuickTime before 7.1 allow remote attackers to execute arbitrary...
S
CVE-2006-1463 Heap-based buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrar...
S
CVE-2006-1464 Buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via ...
S
CVE-2006-1465 Buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via ...
S
CVE-2006-1466 Xcode Tools before 2.3 for Mac OS X 10.4, when running the WebObjects plugin, allows remote attacker...
CVE-2006-1467 Integer overflow in the AAC file parsing code in Apple iTunes before 6.0.5 on Mac OS X 10.2.8 or lat...
S
CVE-2006-1468 Unspecified vulnerability in Apple File Protocol (AFP) server in Apple Mac OS X 10.4 up to 10.4.6 in...
S
CVE-2006-1469 Stack-based buffer overflow in ImageIO in Apple Mac OS X 10.4 up to 10.4.6 allows attackers to cause...
CVE-2006-1470 OpenLDAP in Apple Mac OS X 10.4 up to 10.4.6 allows remote attackers to cause a denial of service (c...
E S
CVE-2006-1471 Format string vulnerability in the CF_syslog function launchd in Apple Mac OS X 10.4 up to 10.4.6 al...
CVE-2006-1472 Unspecified vulnerability in AFP Server in Apple Mac OS X 10.3.9 allows remote attackers to determin...
CVE-2006-1473 Integer overflow in AFP Server for Apple Mac OS X 10.3.9 and 10.4.7 allows remote attackers to cause...
CVE-2006-1474 Cross-site scripting (XSS) vulnerability in the "failed" functionality in Raindance Web Conferencing...
CVE-2006-1475 Windows Firewall in Microsoft Windows XP SP2 does not produce application alerts when an application...
CVE-2006-1476 Windows Firewall in Microsoft Windows XP SP2 produces incorrect application block alerts when the ap...
CVE-2006-1477 Multiple PHP remote file inclusion vulnerabilities in Turnkey Web Tools PHP Live Helper 1.8 allow re...
E S
CVE-2006-1478 Directory traversal vulnerability in (1) initiate.php and (2) possibly other PHP scripts in Turnkey ...
E S
CVE-2006-1479 Multiple cross-site scripting (XSS) vulnerabilities in Serge Rey gtd-php (aka Getting Things Done) 0...
E
CVE-2006-1480 Directory traversal vulnerability in start.php in WebAlbum 2.02 allows remote attackers to include a...
E
CVE-2006-1481 SQL injection vulnerability in search.php in PHP Ticket 0.71 allows remote authenticated users to ex...
E
CVE-2006-1482 Cross-site scripting (XSS) vulnerability in index.php in ConfTool 1.1 allows remote attackers to inj...
CVE-2006-1483 Blazix Web Server before 1.2.6, when running on Windows, allows remote attackers to obtain the sourc...
S
CVE-2006-1484 Genius VideoCAM NB Driver does not drop privileges when saving files, which allows local users to ga...
E
CVE-2006-1485 gm-upload.cgi in Greymatter 1.3.1 allows remote authenticated users with upload privileges to execut...
E
CVE-2006-1486 Multiple cross-site scripting (XSS) vulnerabilities in index.cfm in realestateZONE 4.2 allow remote ...
E
CVE-2006-1487 Cross-site scripting (XSS) vulnerability in ActiveCampaign SupportTrio 2.50.2 allows remote attacker...
E
CVE-2006-1488 ActiveCampaign SupportTrio 2.5 allows remote attackers to obtain the full path of the server via inv...
CVE-2006-1489 Multiple SQL injection vulnerabilities in FusionZONE CouponZONE local.cfm in 4.2 and earlier allow r...
E
CVE-2006-1490 PHP before 5.1.3-RC1 might allow remote attackers to obtain portions of memory via crafted binary da...
S
CVE-2006-1491 Eval injection vulnerability in Horde Application Framework versions 3.0 before 3.0.10 and 3.1 befor...
S
CVE-2006-1492 Directory traversal vulnerability in dir.php in Explorer XP allows remote attackers to read arbitrar...
E
CVE-2006-1493 Cross-site scripting (XSS) vulnerability in dir.php in Explorer XP allows remote attackers to inject...
E
CVE-2006-1494 Directory traversal vulnerability in file.c in PHP 4.4.2 and 5.1.2 allows local users to bypass open...
E S
CVE-2006-1495 SQL injection vulnerability in general/sendpassword.php in (1) PHPCollab 2.4 and 2.5.rc3, and (2) Ne...
E
CVE-2006-1496 Multiple cross-site scripting (XSS) vulnerabilities in index.php in ViHor Design allow remote attack...
E
CVE-2006-1497 Directory traversal vulnerability in index.php in ViHor Design allows remote attackers to read arbit...
E S
CVE-2006-1498 Cross-site scripting (XSS) vulnerability in MediaWiki before 1.5.8 and 1.4.15 allows remote attacker...
S
CVE-2006-1499 SQL injection vulnerability in vCounter.php in vCounter 1.0 allows remote attackers to execute arbit...
CVE-2006-1500 SQL injection vulnerability in index.php in Tilde CMS 3.0 allows remote attackers to execute arbitra...
E
CVE-2006-1501 SQL injection vulnerability in index.php in OneOrZero 1.6.3.0 allows remote attackers to execute arb...
E
CVE-2006-1502 Multiple integer overflows in MPlayer 1.0pre7try2 allow remote attackers to cause a denial of servic...
CVE-2006-1503 PHP remote file inclusion vulnerability in includes/functions_install.php in Virtual War (VWar) 1.5....
E
CVE-2006-1504 Multiple cross-site scripting (XSS) vulnerabilities in Arab Portal 2.0 (aka Arab Dynamic Portal or A...
E
CVE-2006-1505 base_maintenance.php in Basic Analysis and Security Engine (BASE) before 1.2.4 (melissa), when runni...
E S
CVE-2006-1506 Unspecified vulnerability in rsh in Sun Microsystems Sun Grid Engine 5.3 before 20060327 and N1 Grid...
S
CVE-2006-1507 Cross-site scripting (XSS) vulnerability in PHPKIT 1.6.03 allows remote attackers to inject arbitrar...
E
CVE-2006-1508 Multiple cross-site scripting (XSS) vulnerabilities in MH Software Connect Daily Web Calendar Softwa...
E
CVE-2006-1509 /sbin/passwd in HP-UX B.11.00, B.11.11, and B.11.23 before 20060326 "does not recover gracefully fro...
S
CVE-2006-1510 Buffer overflow in calloc.c in the Microsoft Windows XP SP2 ntdll.dll system library, when used by t...
E S
CVE-2006-1511 Buffer overflow in the ILASM assembler in the Microsoft .NET 1.0 and 1.1 Framework might allow user-...
E
CVE-2006-1512 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-1712. Reason: This candida...
R
CVE-2006-1513 Multiple buffer overflows in abc2ps before 1.3.3 allow user-assisted attackers to execute arbitrary ...
S
CVE-2006-1514 Multiple buffer overflows in the abcmidi-yaps translator in abcmidi 20050101, and other versions, al...
S
CVE-2006-1515 Buffer overflow in the addnewword function in typespeed 0.4.4 and earlier might allow remote attacke...
S
CVE-2006-1516 The check_connection function in sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5...
S
CVE-2006-1517 sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote a...
S
CVE-2006-1518 Buffer overflow in the open_table function in sql_base.cc in MySQL 5.0.x up to 5.0.20 might allow re...
S
CVE-2006-1519 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-2224. Reason: This candida...
R
CVE-2006-1520 Format string vulnerability in ANSI C Sender Policy Framework library (libspf) before 1.0.0-p5, when...
S
CVE-2006-1521 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2006-1522 The sys_add_key function in the keyring code in Linux kernel 2.6.16.1 and 2.6.17-rc1, and possibly e...
S
CVE-2006-1523 The __group_complete_signal function in the RCU signal handling (signal.c) in Linux kernel 2.6.16, a...
CVE-2006-1524 madvise_remove in Linux kernel 2.6.16 up to 2.6.16.6 does not follow file and mmap restrictions, whi...
S
CVE-2006-1525 ip_route_input in Linux kernel 2.6 before 2.6.16.8 allows local users to cause a denial of service (...
S
CVE-2006-1526 Buffer overflow in the X render (Xrender) extension in X.org X server 6.8.0 up to allows attackers t...
S
CVE-2006-1527 The SCTP-netfilter code in Linux kernel before 2.6.16.13 allows remote attackers to trigger a denial...
CVE-2006-1528 Linux kernel before 2.6.13 allows local users to cause a denial of service (crash) via a dio transfe...
CVE-2006-1529 Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, all...
S
CVE-2006-1530 Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, all...
S
CVE-2006-1531 Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, all...
S
CVE-2006-1532 Cross-site scripting (XSS) vulnerability in search.php in PHP Classifieds 6.18, 6.20, and possibly o...
CVE-2006-1533 SQL injection vulnerability in newsletter.php in Sourceworkshop newsletter 1.0 allows remote attacke...
CVE-2006-1534 Multiple SQL injection vulnerabilities in Null news allow remote attackers to execute arbitrary SQL ...
CVE-2006-1535 Cross-site scripting (XSS) vulnerability in login.php in Phoetux.net PhxContacts 0.93.1 beta and ear...
E
CVE-2006-1536 Multiple SQL injection vulnerabilities in Phoetux.net PhxContacts 0.93.1 beta and earlier allow remo...
E
CVE-2006-1537 Craig Knudsen WebCalendar 1.1.0-CVS allows remote attackers to obtain sensitive information via a di...
CVE-2006-1538 The Enova X-Wall ASIC encrypts with a key obtained via Microwire from a serial EEPROM that stores th...
CVE-2006-1539 Multiple buffer overflows in the checkscores function in scores.c in tetris-bsd in bsd-games before ...
S
CVE-2006-1540 MSO.DLL in Microsoft Office 2000, Office XP (2002), and Office 2003 allows user-assisted attackers t...
E
CVE-2006-1541 SQL injection vulnerability in Default.asp in EzASPSite 2.0 RC3 and earlier allows remote attackers ...
E
CVE-2006-1542 Stack-based buffer overflow in Python 2.4.2 and earlier, running on Linux 2.6.12.5 under gcc 4.0.3 w...
E
CVE-2006-1543 Multiple SQL injection vulnerabilities in vscripts (aka Kuba Kunkiewicz) VNews 1.2 allow remote atta...
CVE-2006-1544 Multiple cross-site scripting (XSS) vulnerabilities in news.php in vscripts (aka Kuba Kunkiewicz) VN...
CVE-2006-1545 Direct static code injection vulnerability in admin/config.php in vscripts (aka Kuba Kunkiewicz) VNe...
CVE-2006-1546 Apache Software Foundation (ASF) Struts before 1.2.9 allows remote attackers to bypass validation vi...
CVE-2006-1547 ActionForm in Apache Software Foundation (ASF) Struts before 1.2.9 with BeanUtils 1.7 allows remote ...
KEV E S
CVE-2006-1548 Cross-site scripting (XSS) vulnerability in (1) LookupDispatchAction and possibly (2) DispatchAction...
CVE-2006-1549 PHP 4.4.2 and 5.1.2 allows local users to cause a crash (segmentation fault) by defining and executi...
E
CVE-2006-1550 Multiple buffer overflows in the xfig import code (xfig-import.c) in Dia 0.87 and later before 0.95-...
S
CVE-2006-1551 Eval injection vulnerability in pajax_call_dispatcher.php in PAJAX 0.5.1 and earlier allows remote a...
E
CVE-2006-1552 Integer overflow in ImageIO in Apple Mac OS X 10.4 up to 10.4.5 allows remote attackers to cause a d...
S
CVE-2006-1553 SQL injection vulnerability in functions/final_functions.php in VSNS Lemon 3.2.0, with magic_quotes_...
CVE-2006-1554 Cross-site scripting (XSS) vulnerability in VSNS Lemon 3.2.0 allows remote attackers to inject arbit...
CVE-2006-1555 VSNS Lemon 3.2.0 allows remote attackers to bypass authentication and access password-protected arti...
CVE-2006-1556 Multiple cross-site scripting (XSS) vulnerabilities in view_caricatier.php in AL-Caricatier 2.5 allo...
E
CVE-2006-1557 Multiple SQL injection vulnerabilities in X-Changer 0.2 allow remote attackers to execute arbitrary ...
E
CVE-2006-1558 Cross-site scripting (XSS) vulnerability in search.php in PHP Script Index allows remote attackers t...
E
CVE-2006-1559 SQL injection vulnerability in PHP Script Index allows remote attackers to execute arbitrary SQL com...
CVE-2006-1560 Multiple SQL injection vulnerabilities in SkinTech phpNewsManager 1.48 allow remote attackers to exe...
CVE-2006-1561 SQL injection vulnerability in index.php in vscripts (aka Kuba Kunkiewicz) [V]Book (aka VBook) 2.0 a...
CVE-2006-1562 Multiple cross-site scripting (XSS) vulnerabilities in index.php in vscripts (aka Kuba Kunkiewicz) [...
CVE-2006-1563 Direct static code injection vulnerability in config.php in vscripts (aka Kuba Kunkiewicz) [V]Book (...
CVE-2006-1564 Untrusted search path vulnerability in libapache2-svn 1.3.0-4 for Subversion in Debian GNU/Linux inc...
E S
CVE-2006-1565 Untrusted search path vulnerability in libgpib-perl 3.2.06-2 in Debian GNU/Linux includes an RPATH v...
E S
CVE-2006-1566 Untrusted search path vulnerability in libtunepimp-perl 0.4.2-1 in Debian GNU/Linux includes an RPAT...
E S
CVE-2006-1567 Cross-site scripting (XSS) vulnerability in searchresults.asp in SiteSearch Indexer 3.5 and earlier ...
E
CVE-2006-1568 Multiple cross-site scripting (XSS) vulnerabilities in register.php in RedCMS 0.1 allow remote attac...
CVE-2006-1569 Multiple SQL injection vulnerabilities in RedCMS 0.1 allow remote attackers to execute arbitrary SQL...
CVE-2006-1570 Cross-site scripting (XSS) vulnerability in Esqlanelapse 2.0 and 2.2 allows remote attackers to inje...
S
CVE-2006-1571 Multiple SQL injection vulnerabilities in loginprocess.php in qliteNews 2005.07.01 allow remote atta...
CVE-2006-1572 SQL injection vulnerability in post.php in Oxygen 1.1.3 allows remote attackers to execute arbitrary...
CVE-2006-1573 PHP remote file inclusion vulnerability in index.php in MediaSlash Gallery allows remote attackers t...
CVE-2006-1574 Cross-site scripting (XSS) vulnerability in Groupmax World Wide Web, World Wide Web Desktop, World W...
S
CVE-2006-1575 Multiple cross-site scripting (XSS) vulnerabilities in news.php in QLnews 1.2 allow remote attackers...
CVE-2006-1576 Direct static code injection vulnerability in QLnews 1.2 allows remote authenticated administrators ...
CVE-2006-1577 Multiple cross-site scripting (XSS) vulnerabilities in view_all_set.php in Mantis 1.0.1, 1.0.0rc5, a...
E
CVE-2006-1578 Multiple SQL injection vulnerabilities in Keystone Digital Library Suite (DLS) 1.5.4 and earlier all...
CVE-2006-1579 SQL injection vulnerability in topics.php in Dynamic Bulletin Board System (DbbS) 2.0-alpha and earl...
CVE-2006-1580 Multiple cross-site scripting (XSS) vulnerabilities in Bugzero 4.3.1 and other versions allow remote...
CVE-2006-1581 Directory traversal vulnerability in index.php in Blank'N'Berg 0.2 allows remote attackers to read a...
CVE-2006-1582 Cross-site scripting (XSS) vulnerability in index.php in Blank'N'Berg 0.2 allows remote attackers to...
CVE-2006-1583 Cross-site scripting (XSS) vulnerability in index.php in Warcraft III Replay Parser for PHP 1.8c all...
CVE-2006-1584 Unspecified vulnerability in index.php in Warcraft III Replay Parser for PHP 1.8c allows remote atta...
CVE-2006-1585 Multiple SQL injection vulnerabilities in MonAlbum 0.8.7 allow remote attackers to execute arbitrary...
CVE-2006-1586 SQL injection vulnerability in admin_login.asp in ISP of Egypt SiteMan allows remote attackers to ex...
CVE-2006-1587 NetBSD 1.6 up to 3.0, when a user has "set record" in .mailrc with the default umask set, creates th...
CVE-2006-1588 The bridge ioctl (if_bridge code) in NetBSD 1.6 through 3.0 does not clear sensitive memory before c...
S
CVE-2006-1589 The elf_load_file function in NetBSD 2.0 through 3.0 allows local users to cause a denial of service...
S
CVE-2006-1590 Cross-site scripting (XSS) vulnerability in the PrintFreshPage function in (1) Basic Analysis and Se...
CVE-2006-1591 Heap-based buffer overflow in Microsoft Windows Help winhlp32.exe allows user-assisted attackers to ...
E
CVE-2006-1592 Buffer overflow in the is_client_wad_ok function in w_wad.cpp for (1) Zdaemon 1.08.01 and (2) X-Doom...
E
CVE-2006-1593 The (1) ZD_MissingPlayer, (2) ZD_UseItem, and (3) ZD_LoadNewClientLevel functions in sv_main.cpp for...
CVE-2006-1594 Multiple directory traversal vulnerabilities in document/rqmkhtml.php in Claroline 1.7.4 and earlier...
E
CVE-2006-1595 Cross-site scripting (XSS) vulnerability in document/rqmkhtml.php in Claroline 1.7.4 and earlier all...
E
CVE-2006-1596 PHP remote file inclusion vulnerability in learnPath/include/scormExport.inc.php in Claroline 1.7.4 ...
E
CVE-2006-1598 AN HTTPD 1.42n, and possibly other versions before 1.42p, allows remote attackers to obtain source c...
S
CVE-2006-1599 Unspecified vulnerability in VCEngine.php in v-creator before 1.3-pre3, when the VC_CRYPTO_METHOD op...
S
CVE-2006-1600 SQL injection vulnerability in category.php in PhpWebGallery 1.4.1 allows remote attackers to execut...
CVE-2006-1601 Unspecified vulnerability in SunPlex Manager in Sun Cluster 3.1 4/04 allows local users with solaris...
S
CVE-2006-1602 PHP remote file inclusion vulnerability in includes/functions_common.php in the VWar Account module ...
CVE-2006-1603 Cross-site scripting (XSS) vulnerability in profile.php in phpBB 2.0.19 allows remote attackers to i...
CVE-2006-1604 Unspecified vulnerability in Exponent CMS before 0.96.5 RC 1 has unknown impact and remote attack ve...
S
CVE-2006-1605 Unspecified vulnerability in the image module in Exponent CMS before 0.96.5 RC 1 allows remote attac...
S
CVE-2006-1606 Unspecified vulnerability in the image module in Exponent CMS before 0.96.5 RC 1 allows "directory d...
S
CVE-2006-1607 Unspecified vulnerability in the banner module in Exponent CMS before 0.96.5 RC 1 allows "php inject...
S
CVE-2006-1608 The copy function in file.c in PHP 4.4.2 and 5.1.2 allows local users to bypass safe mode and read a...
E S
CVE-2006-1609 Unspecified vulnerability in Hitachi XFIT/S, XFIT/S/JCA, XFIT/S/ZGN, and XFIT/S ZENGIN TCP/IP Proced...
CVE-2006-1610 PHP remote file inclusion vulnerability in lib/armygame.php in SQuery 4.5 and earlier, as used in pr...
E
CVE-2006-1611 Directory traversal vulnerability in KGB Archiver before 1.1.5.22 allows remote attackers to overwri...
S
CVE-2006-1612 Multiple cross-site scripting (XSS) vulnerabilities in visview.php in aWebNews 1.0 allow remote atta...
CVE-2006-1613 Multiple SQL injection vulnerabilities in aWebNews 1.0 allow remote attackers to execute arbitrary S...
CVE-2006-1614 Integer overflow in the cli_scanpe function in the PE header parser (libclamav/pe.c) in Clam AntiVir...
E S
CVE-2006-1615 Multiple format string vulnerabilities in the logging code in Clam AntiVirus (ClamAV) before 0.88.1 ...
S
CVE-2006-1616 Multiple SQL injection vulnerabilities in Advanced Poll 2.02 allow remote attackers to execute arbit...
E
CVE-2006-1617 Multiple cross-site scripting (XSS) vulnerabilities in Advanced Poll 2.02 allow remote attackers to ...
E
CVE-2006-1618 Format string vulnerability in the (1) Con_message and (2) conPrintf functions in con_main.c in Doom...
E
CVE-2006-1619 IBM WebSphere Application Server 4.0.1 through 4.0.3 allows remote attackers to cause a denial of se...
CVE-2006-1620 admin/accounts/AccountActions.asp in Hosting Controller 2002 RC 1 allows remote attackers to modify ...
E
CVE-2006-1621 Directory traversal vulnerability in admin/folders/saveuploadfiles.asp in Hosting Controller 2002 RC...
CVE-2006-1622 Cross-site scripting (XSS) vulnerability in PHPSelect linksubmit allows remote attackers to inject a...
CVE-2006-1623 Unspecified vulnerability in main.php in an unspecified "file created by Andries Bruinsma," possibly...
CVE-2006-1624 The default configuration of syslogd in the Linux sysklogd package does not enable the -x (disable n...
CVE-2006-1625 Cross-site scripting (XSS) vulnerability in inc/functions_post.php in MyBB (aka MyBulletinBoard) 1.1...
CVE-2006-1626 Internet Explorer 6 for Windows XP SP2 and earlier allows remote attackers to spoof the address bar ...
E
CVE-2006-1627 Adobe Document Server for Reader Extensions 6.0 does not provide proper access control, which allows...
CVE-2006-1628 Adobe LiveCycle Workflow 7.01 and LiveCycle Forum Manager 7.01 allows users to authenticate and perf...
S
CVE-2006-1629 OpenVPN 2.0 through 2.0.5 allows remote malicious servers to execute arbitrary code on the client by...
S
CVE-2006-1630 The cli_bitset_set function in libclamav/others.c in Clam AntiVirus (ClamAV) before 0.88.1 allows re...
S
CVE-2006-1631 Unspecified vulnerability in the HTTP compression functionality in Cisco CSS 11500 Series Content Se...
S
CVE-2006-1634 Cross-site scripting (XSS) vulnerability in index.php in LucidCMS 2.0.0 RC4 allows remote attackers ...
E
CVE-2006-1635 LucidCMS 2.0.0 RC4 allows remote attackers to obtain sensitive information via a direct request to /...
E
CVE-2006-1636 PHP remote file inclusion vulnerability in get_header.php in VWar 1.5.0 R12 and earlier allows remot...
E S
CVE-2006-1637 Multiple cross-site scripting (XSS) vulnerabilities in aWebBB 1.2 allow remote attackers to inject a...
CVE-2006-1638 Multiple SQL injection vulnerabilities in aWebBB 1.2 allow remote attackers to execute arbitrary SQL...
CVE-2006-1639 SQL injection vulnerability in index.php in wpBlog 0.4 allows remote attackers to execute arbitrary ...
CVE-2006-1640 Cross-site scripting (XSS) vulnerability in news.php in CzarNews 1.14 allows remote attackers to inj...
CVE-2006-1641 Multiple SQL injection vulnerabilities in CzarNews 1.14 allow remote attackers to execute arbitrary ...
CVE-2006-1642 Cross-site scripting (XSS) vulnerability in Interact 2.1.1 allows remote attackers to inject arbitra...
CVE-2006-1643 SQL injection vulnerability in login.php in Interact 2.1.1 allows remote attackers to execute arbitr...
CVE-2006-1644 login.php in Interact 2.1.1 generates different responses depending on whether or not a username is ...
CVE-2006-1645 Cross-site scripting (XSS) vulnerability in Anton Vlasov and Rostislav Gaitkuloff ReloadCMS 1.2.5 an...
E
CVE-2006-1646 The Internet Key Exchange version 1 (IKEv1) implementation (isakmp_agg.c) in the Shoichi Sakane KAME...
CVE-2006-1647 An unspecified "logical programming mistake" in SMART SynchronEyes Student and Teacher 6.0, and poss...
E
CVE-2006-1648 SMART SynchronEyes Student and Teacher 6.0, and possibly earlier versions, allows remote attackers t...
E
CVE-2006-1649 The "restore to" selection in the "quarantine a file" capability of ESET NOD32 before 2.51.26 allows...
E S
CVE-2006-1650 Firefox 1.5.0.1 allows remote attackers to spoof the address bar and possibly conduct phishing attac...
CVE-2006-1651 Microsoft ISA Server 2004 allows remote attackers to bypass certain filtering rules, including ones ...
CVE-2006-1652 Multiple buffer overflows in (a) UltraVNC (aka Ultr@VNC) 1.0.1 and earlier and (b) tabbed_viewer 1.2...
E
CVE-2006-1653 PHP remote file inclusion vulnerability in loadkernel.php in AngelineCMS 0.8.1 allows remote attacke...
E
CVE-2006-1654 Directory traversal vulnerability in the HP Color LaserJet 2500 Toolbox and Color LaserJet 4600 Tool...
E S
CVE-2006-1655 Multiple buffer overflows in mpg123 0.59r allow user-assisted attackers to trigger a segmentation fa...
E
CVE-2006-1656 vserver in util-vserver 0.30.209 executes a command as root when the suexec userid parameter is inva...
S
CVE-2006-1657 Cross-site scripting (XSS) vulnerability in index.php in Chucky A. Ivey N.T. 1.1.0 allows remote att...
CVE-2006-1658 Direct static code injection vulnerability in ticker.db.php in Chucky A. Ivey N.T. 1.1.0 allows rem...
CVE-2006-1659 Multiple SQL injection vulnerabilities in Softbiz Image Gallery allow remote attackers to execute ar...
E
CVE-2006-1660 Cross-site scripting (XSS) vulnerability in image_desc.php in Softbiz Image Gallery allows remote at...
CVE-2006-1661 Multiple cross-site scripting (XSS) vulnerabilities in SKForum 1.5 and earlier allow remote attacker...
E
CVE-2006-1662 The frontpage option in Limbo CMS 1.0.4.2 and 1.0.4.1 allows remote attackers to execute arbitrary P...
E
CVE-2006-1663 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-0996. Reason: This candida...
R
CVE-2006-1664 Buffer overflow in xine_list_delete_current in libxine 1.14 and earlier, as distributed in xine-lib ...
E
CVE-2006-1665 Multiple cross-site scripting (XSS) vulnerabilities in Arab Portal 2.0.1 stable allow remote attacke...
CVE-2006-1666 SQL injection vulnerability in forum.php in Arab Portal 2.0.1 stable allows remote attackers to exec...
CVE-2006-1667 SQL injection vulnerability in slides.php in Eric Gerdes Crafty Syntax Image Gallery (CSIG) (aka PHP...
E
CVE-2006-1668 newimage.php in Eric Gerdes Crafty Syntax Image Gallery (CSIG) (aka PHP thumbnail Photo Gallery) 3.1...
E
CVE-2006-1669 SQL injection vulnerability in chat/messagesL.php3 in phpHeaven Team PHPMyChat 0.14.5 and earlier al...
E
CVE-2006-1670 Control cards for Cisco Optical Networking System (ONS) 15000 series nodes before 20060405 allow rem...
E S
CVE-2006-1671 Control cards for Cisco Optical Networking System (ONS) 15000 series nodes before 20060405 allow rem...
CVE-2006-1672 The installation of Cisco Transport Controller (CTC) for Cisco Optical Networking System (ONS) 15000...
CVE-2006-1673 Cross-site scripting (XSS) vulnerability in vbugs.php in Dark_Wizard vBug Tracker 3.5.1 and earlier ...
CVE-2006-1674 Cross-site scripting (XSS) vulnerability in search.php in PHPWebGallery 1.4.1 allows remote attacker...
E
CVE-2006-1675 Multiple cross-site scripting (XSS) vulnerabilities in PHPWebGallery 1.4.1 allow remote attackers to...
E
CVE-2006-1676 SQL injection vulnerability in the display function in the Topics module for MAXdev MDPro (MD-Pro) 1...
CVE-2006-1677 MAXdev MDPro 1.0.73 and 1.0.72, and possibly other versions before 1.076, allows remote attackers to...
CVE-2006-1678 Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.8.0.3 allow remote attack...
S
CVE-2006-1679 Cross-site scripting (XSS) vulnerability in modules/online.php in Jupiter CMS 1.1.5 allows remote at...
E
CVE-2006-1680 Jupiter CMS 1.1.5, when display_errors is enabled, allows remote attackers to obtain the full server...
CVE-2006-1681 Cross-site scripting (XSS) vulnerability in Cherokee HTTPD 0.5 and earlier allows remote attackers t...
E S
CVE-2006-1682 Cross-site scripting (XSS) vulnerability in webplus.exe in TalentSoft Web+Shop 5.0 and earlier allow...
E
CVE-2006-1683 SQL injection vulnerability in admin/login.php in Chipmunk Guestbook allows remote attackers to exec...
CVE-2006-1684 Unspecified vulnerability in ecotwo Shopsystem 1.0-192 and earlier allows remote attackers to includ...
CVE-2006-1685 Multiple SQL injection vulnerabilities in modules.php in APT-webshop-system 4.0 PRO, 3.0 BASIC, and ...
CVE-2006-1686 Unspecified vulnerability in modules.php in APT-webshop-system 4.0 PRO, 3.0 BASIC, and 3.0 LIGHT all...
CVE-2006-1687 Cross-site scripting (XSS) vulnerability in APT-webshop-system 4.0 PRO, 3.0 BASIC, and 3.0 LIGHT all...
CVE-2006-1688 Multiple PHP remote file inclusion vulnerabilities in SQuery 4.5 and earlier, as used in products su...
E
CVE-2006-1689 Unspecified vulnerability in su in HP HP-UX B.11.11, when using the LDAP netgroup feature, allows lo...
CVE-2006-1690 Cross-site scripting (XSS) vulnerability in subscribe.php in MWNewsletter 1.0.0b allows remote attac...
CVE-2006-1691 SQL injection vulnerability in MWNewsletter 1.0.0b allows remote attackers to execute arbitrary SQL ...
CVE-2006-1692 Multiple SQL injection vulnerabilities in MWNewsletter 1.0.0b allow remote attackers to execute arbi...
CVE-2006-1693 Unspecified vulnerability in GlobalSCAPE Secure FTP Server before 3.1.4 Build 01.10.2006 allows atta...
S
CVE-2006-1694 SQL injection vulnerability in members.php in XBrite Members 1.1 and earlier allows remote attackers...
E
CVE-2006-1695 The fbgs script in the fbi package 2.01-1.4, when the TMPDIR environment variable is not defined, al...
CVE-2006-1696 Cross-site scripting (XSS) vulnerability in Gallery before 1.5.3 allows remote attackers to inject a...
S
CVE-2006-1697 Cross-site scripting (XSS) vulnerability in Matt Wright Guestbook 2.3.1 allows remote attackers to e...
E
CVE-2006-1698 Cross-site scripting (XSS) vulnerability in Matt Wright Guestbook 2.3.1 allows remote attackers to e...
CVE-2006-1699 Cross-site scripting (XSS) vulnerability in index.php in Aweb Banner Generator 3.0 and earlier allow...
E
CVE-2006-1700 Buy.php in Aweb Scripts Seller uses predictable cookies for authentication based on the time and the...
CVE-2006-1701 Cross-site scripting (XSS) vulnerability in the Pages module in Shadowed Portal allows remote attack...
E
CVE-2006-1702 PHP remote file inclusion vulnerability in spip_login.php3 in SPIP 1.8.3 allows remote attackers to ...
E
CVE-2006-1703 PHP remote file inclusion vulnerability in lire.php in Sire 2.0 nws allows remote attackers to execu...
E
CVE-2006-1704 Sire 2.0 nws allows remote attackers to upload arbitrary image files without authentication via a di...
E
CVE-2006-1705 Oracle Database 9.2.0.0 to 10.2.0.3 allows local users with "SELECT" privileges for a base table to ...
CVE-2006-1706 Multiple SQL injection vulnerabilities in Shopweezle 2.0 allow remote attackers to execute arbitrary...
E
CVE-2006-1707 index.php in Shopweezle 2.0 allows remote attackers to include arbitrary local files via the url par...
CVE-2006-1708 SQL injection vulnerability in member.php in Clansys 1.1 allows remote attackers to execute arbitrar...
E
CVE-2006-1709 Cross-site scripting (XSS) vulnerability in shop_main.cgi in interaktiv.shop 5 allows remote attacke...
E
CVE-2006-1710 SQL injection vulnerability in admin.php in Design Nation DNGuestbook 2.0 allows remote attackers to...
E
CVE-2006-1711 Plone 2.0.5, 2.1.2, and 2.5-beta1 does not restrict access to the (1) changeMemberPortrait, (2) dele...
CVE-2006-1712 Cross-site scripting (XSS) vulnerability in the private archive script (private.py) in GNU Mailman 2...
S
CVE-2006-1713 Cross-site scripting (XSS) vulnerability in index.php in Christoph Roeder phpMyForum 4.0 allows remo...
E
CVE-2006-1714 CRLF injection vulnerability in index.php in Christoph Roeder phpMyForum 4.0 allows remote attackers...
E
CVE-2006-1715 Multiple directory traversal vulnerabilities in Christian Kindahl TUGZip 3.4.0.0, 3.3.0.0, and 3.1.0...
E
CVE-2006-1716 Cross-site scripting (XSS) vulnerability in inc/functions_post.php in MyBB (aka MyBulletinBoard) 1.1...
CVE-2006-1717 Cross-site scripting (XSS) vulnerability in newthread.php in MyBB (aka MyBulletinBoard) 1.10, when c...
CVE-2006-1718 Magus Perde Clever Copy 3.0 and earlier stores sensitive information under the web root with insuffi...
E
CVE-2006-1719 Internet Explorer 6 allows remote attackers to cause a denial of service (application crash) via any...
CVE-2006-1720 Cross-site scripting (XSS) vulnerability in search.php in SaphpLesson 3.0 allows remote attackers to...
CVE-2006-1721 digestmd5.c in the CMU Cyrus Simple Authentication and Security Layer (SASL) library 2.1.18, and pos...
S
CVE-2006-1722 Cross-site scripting (XSS) vulnerability in suche.htm in ShopXS 4.0 allows remote attackers to injec...
CVE-2006-1723 Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, all...
CVE-2006-1724 Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, 1.0.x before 1.0.8, Mozilla Sui...
CVE-2006-1725 Mozilla Firefox 1.5 before 1.5.0.2 and SeaMonkey before 1.0.1 causes certain windows to become trans...
E
CVE-2006-1726 Unspecified vulnerability in Firefox and Thunderbird 1.5 before 1.5.0.2, and SeaMonkey before 1.0.1,...
S
CVE-2006-1727 Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0...
CVE-2006-1728 Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0...
CVE-2006-1729 Mozilla Firefox 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonke...
CVE-2006-1730 Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozil...
S
CVE-2006-1731 Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, ...
CVE-2006-1732 Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, ...
S
CVE-2006-1733 Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, ...
S
CVE-2006-1734 Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, ...
E
CVE-2006-1735 Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, ...
E
CVE-2006-1736 Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey be...
CVE-2006-1737 Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla S...
CVE-2006-1738 Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, ...
CVE-2006-1739 The CSS border-rendering code in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0...
S
CVE-2006-1740 Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey be...
CVE-2006-1741 Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey be...
E
CVE-2006-1742 The JavaScript engine in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozi...
CVE-2006-1743 Multiple SQL injection vulnerabilities in form.php in JBook 1.4 allow remote attackers to execute ar...
CVE-2006-1744 Buffer overflow in pl_main.c in sail in BSDgames before 2.17-7 allows local users to execute arbitra...
S
CVE-2006-1745 Cross-site scripting (XSS) vulnerability in login.php in Bitweaver 1.3 allows remote attackers to in...
E
CVE-2006-1746 Directory traversal vulnerability in PHPList 2.10.2 and earlier allows remote attackers to include a...
E S
CVE-2006-1747 PHP remote file inclusion vulnerability in Virtual War (VWar) 1.5.0 allows remote attackers to execu...
E
CVE-2006-1748 Cross-site scripting (XSS) vulnerability in XMB Forum 1.9.5 allows remote attackers to inject arbitr...
CVE-2006-1749 PHP remote file inclusion vulnerability in config.php in phpListPro 2.0 and earlier allows remote at...
E
CVE-2006-1750 Multiple cross-site scripting (XSS) vulnerabilities in index.php in Autogallery 0.41 allow remote at...
CVE-2006-1751 Multiple SQL injection vulnerabilities in MvBlog before 1.6 allow remote attackers to execute arbitr...
S
CVE-2006-1752 Multiple cross-site scripting (XSS) vulnerabilities in the backend in MvBlog before 1.6 allow remote...
S
CVE-2006-1753 A cron job in fcheck before 2.7.59 allows local users to overwrite arbitrary files via a symlink att...
S
CVE-2006-1754 SQL injection vulnerability in index.php in SWSoft Confixx 3.0.6, 3.0.8, and 3.1.2 allows remote att...
E S
CVE-2006-1755 SQL injection vulnerability in admin.php in MD News 1 allows remote attackers to execute arbitrary S...
CVE-2006-1756 MD News 1 allows remote attackers to bypass authentication via a direct request to a script in the A...
CVE-2006-1757 Cross-site scripting (XSS) vulnerability in index.php in Vegadns 0.99 allows remote attackers to inj...
E
CVE-2006-1758 SQL injection vulnerability in index.php in Vegadns 0.99 allows remote attackers to execute arbitrar...
E
CVE-2006-1759 Cross-site scripting (XSS) vulnerability in allgemein_transfer.php in SWSoft Confixx 3.1.2 allows re...
E S
CVE-2006-1760 Multiple cross-site scripting (XSS) vulnerabilities in JetPhoto allow remote attackers to inject arb...
E
CVE-2006-1761 Cross-site scripting vulnerability in index.php in blur6ex 0.3.452 allows remote attackers to inject...
E
CVE-2006-1762 Directory traversal vulnerability in index.php in blur6ex 0.3.452 allows remote attackers to include...
E
CVE-2006-1763 Multiple SQL injection vulnerabilities in index.php in blur6ex 0.3.452 allows remote attackers to ex...
E
CVE-2006-1764 Hosting Controller 6.1 stores forum/db/forum.mdb under the web document root with insufficient acces...
CVE-2006-1765 Cross-site scripting (XSS) vulnerability in index.php in JBook 1.3 allows remote attackers to inject...
E
CVE-2006-1766 Multiple SQL injection vulnerabilities in Papoo 2.1.5, and 3 beta1 and earlier, allow remote attacke...
CVE-2006-1767 Multiple PHP remote file inclusion vulnerabilities in nicecoder.com INDEXU 5.0.0 and 5.0.1 allow rem...
E
CVE-2006-1768 Multiple cross-site scripting (XSS) vulnerabilities in register.php in Tritanium Bulletin Board (TBB...
E
CVE-2006-1769 Multiple cross-site scripting (XSS) vulnerabilities in UserLand Manila 9.5 and earlier allow remote ...
E
CVE-2006-1770 Multiple PHP remote file inclusion vulnerabilities in Azerbaijan Design & Development Group (AZDG) A...
CVE-2006-1771 Directory traversal vulnerability in misc in pbcs.dll in SAXoTECH SAXoPRESS, aka Saxotech Online (fo...
E
CVE-2006-1772 debconf in Debian GNU/Linux, when configuring mnogosearch in the mnogosearch-common 3.2.31-1 package...
CVE-2006-1773 SQL injection vulnerability in include.php in PHPKIT 1.6.1 Release 2 and earlier allows remote attac...
E
CVE-2006-1774 HP System Management Homepage (SMH) 2.1.3.132, when running on CompaqHTTPServer/9.9 on Windows, Linu...
CVE-2006-1775 Multiple cross-site scripting (XSS) vulnerabilities in phpBB 2.0.19 allow remote attackers to inject...
CVE-2006-1776 PHP remote file inclusion vulnerability in doc/index.php in Jeremy Ashcraft Simplog 0.9.2 and earlie...
E
CVE-2006-1777 Directory traversal vulnerability in doc/index.php in Jeremy Ashcraft Simplog 0.9.2 and earlier allo...
E
CVE-2006-1778 Multiple SQL injection vulnerabilities in Jeremy Ashcraft Simplog 0.9.2 and earlier allow remote att...
E
CVE-2006-1779 Cross-site scripting (XSS) vulnerability in login.php in Jeremy Ashcraft Simplog 0.9.2 and earlier a...
E
CVE-2006-1780 The Bourne shell (sh) in Solaris 8, 9, and 10 allows local users to cause a denial of service (sh cr...
S
CVE-2006-1781 PHP remote file inclusion vulnerability in functions.php in Circle R Monster Top List (MTL) 1.4 allo...
E
CVE-2006-1782 Unspecified vulnerability in Solaris 8 and 9 allows local users to obtain the LDAP Directory Server ...
CVE-2006-1783 Cross-site scripting (XSS) vulnerability in PatroNet CMS allows remote attackers to inject arbitrary...
E
CVE-2006-1784 PHP remote file inclusion vulnerability in admin/configset.php in Sphider 1.3 and earlier, when regi...
E
CVE-2006-1785 Adobe Document Server for Reader Extensions 6.0 allows remote authenticated users to inject arbitrar...
CVE-2006-1786 Cross-site scripting (XSS) vulnerability in Adobe Document Server for Reader Extensions 6.0 allows r...
E
CVE-2006-1787 Adobe Document Server for Reader Extensions 6.0 includes a user's session (jsession) ID in the HTTP ...
S
CVE-2006-1788 Adobe Document Server for Reader Extensions 6.0, during log on, provides different error messages de...
S
CVE-2006-1789 Directory traversal vulnerability in pajax_call_dispatcher.php in PAJAX 0.5.1 and earlier allows rem...
CVE-2006-1790 A regression fix in Mozilla Firefox 1.0.7 allows remote attackers to cause a denial of service (cras...
CVE-2006-1791 Directory traversal vulnerability in acc.php in QuickBlogger 1.4 allows remote attackers to read or ...
E
CVE-2006-1792 Unspecified vulnerability in the POP service in MailEnable Standard Edition before 1.94, Professiona...
CVE-2006-1793 Directory traversal vulnerability in runCMS 1.2 and earlier allows remote attackers to read arbitrar...
E
CVE-2006-1794 SQL injection vulnerability in Mambo 4.5.3, 4.5.3h, and possibly earlier versions allows remote atta...
E S
CVE-2006-1795 Cross-site scripting (XSS) vulnerability in tablepublisher.cgi in UPDI Network Enterprise @1 Table P...
CVE-2006-1796 Cross-site scripting (XSS) vulnerability in the paging links functionality in template-functions-lin...
S
CVE-2006-1797 The kernel in NetBSD-current before September 28, 2005 allows local users to cause a denial of servi...
CVE-2006-1798 SQL injection vulnerability in rateit.php in RateIt 2.2 allows remote attackers to execute arbitrary...
CVE-2006-1799 censtore.cgi in Censtore 7.3.002 and earlier allows remote attackers to execute arbitrary commands v...
E
CVE-2006-1800 Directory traversal vulnerability in posts.php in SimpleBBS 1.0.6 through 1.1 allows remote attacker...
E
CVE-2006-1801 Cross-site scripting (XSS) vulnerability in planetsearchplus.php in planetSearch+ allows remote atta...
E
CVE-2006-1802 Cross-site scripting (XSS) vulnerability in index.php in TinyWebGallery 1.3 and 1.4 allows remote at...
CVE-2006-1803 Cross-site scripting (XSS) vulnerability in sql.php in phpMyAdmin 2.7.0-pl1 allows remote attackers ...
E
CVE-2006-1804 SQL injection vulnerability in sql.php in phpMyAdmin 2.7.0-pl1 allows remote attackers to execute ar...
E
CVE-2006-1805 SQL injection vulnerability in member.php in PowerClan 1.14 allows remote attackers to execute arbit...
E S
CVE-2006-1806 Cross-site scripting (XSS) vulnerability in index.php in Musicbox 2.3.3 and earlier allows remote at...
CVE-2006-1807 Multiple SQL injection vulnerabilities in index.php in Musicbox 2.3.3 and earlier allow remote attac...
CVE-2006-1808 Cross-site scripting (XSS) vulnerability in index.php in Lifetype 1.0.3 allows remote attackers to i...
E
CVE-2006-1809 index.php in Lifetype 1.0.3 allows remote attackers to obtain sensitive information via an invalid s...
CVE-2006-1810 Multiple cross-site scripting (XSS) vulnerabilities in FlexBB 0.5.5 BETA allow remote attackers to i...
CVE-2006-1811 Multiple SQL injection vulnerabilities in FlexBB 0.5.5 BETA allow remote attackers to execute arbitr...
CVE-2006-1812 phpWebFTP 3.2 and earlier stores script.js under the web document root with insufficient access cont...
CVE-2006-1813 Directory traversal vulnerability in index.php in phpWebFTP 3.2 and earlier allows remote attackers ...
CVE-2006-1814 NetBSD 1.6, 2.0, 2.1 and 3.0 allows local users to cause a denial of service (memory exhaustion) by ...
CVE-2006-1815 Multiple cross-site scripting (XSS) vulnerabilities in register.php in Tritanium Bulletin Board (TBB...
CVE-2006-1816 PHP remote file inclusion vulnerability in VBulletin 3.5.1, 3.5.2, and 3.5.4 allows remote attackers...
CVE-2006-1817 SQL injection vulnerability in authcheck.php in warforge.NEWS 1.0, with magic_quotes_gpc disabled, a...
CVE-2006-1818 Multiple cross-site scripting (XSS) vulnerabilities in warforge.NEWS 1.0 allow remote attackers to i...
CVE-2006-1819 Directory traversal vulnerability in the loadConfig function in index.php in phpWebSite 0.10.2 and e...
E
CVE-2006-1820 Cross-site scripting (XSS) vulnerability in index.php in ModX 0.9.1 allows remote attackers to injec...
E
CVE-2006-1821 Directory traversal vulnerability in index.php in ModX 0.9.1 allows remote attackers to read arbitra...
CVE-2006-1822 Cross-site scripting (XSS) vulnerability in search.php in FarsiNews 2.5.3 Pro and earlier allows rem...
E
CVE-2006-1823 Directory traversal vulnerability in FarsiNews 2.5.3 Pro and earlier allows remote attackers to obta...
CVE-2006-1824 Multiple cross-site scripting (XSS) vulnerabilities in PhpGuestbook.php in PhpGuestbook 1.0 allow re...
CVE-2006-1825 Cross-site scripting (XSS) vulnerability in index.php in phpLinks 2.1.3.1 and earlier allows remote ...
CVE-2006-1826 Multiple cross-site scripting (XSS) vulnerabilities in Snipe Gallery 3.1.4 and earlier allow remote ...
CVE-2006-1827 Integer signedness error in format_jpeg.c in Asterisk 1.2.6 and earlier allows remote attackers to e...
E S
CVE-2006-1828 SQL injection vulnerability in php121language.php in PHP121 1.4 allows remote attackers to execute a...
E
CVE-2006-1829 EAServer Manager in Sybase EAServer 5.2 and 5.3 allows remote authenticated users, possibly guests, ...
CVE-2006-1830 Sun Java Studio Enterprise 8, when installed as root, creates certain files with world-writable perm...
S
CVE-2006-1831 Direct static code injection vulnerability in sysinfo.cgi in sysinfo 1.21 and possibly other version...
E S
CVE-2006-1832 sysinfo.cgi in sysinfo 1.21 allows remote attackers to obtain the installation path via the debugger...
E S
CVE-2006-1833 Intel RNG Driver in NetBSD 1.6 through 3.0 may incorrectly detect the presence of the pchb interface...
CVE-2006-1834 Integer signedness error in Opera before 8.54 allows remote attackers to execute arbitrary code via ...
E S
CVE-2006-1835 Cross-site scripting (XSS) vulnerability in yearcal.php in Calendarix allows remote attackers to inj...
E
CVE-2006-1836 Untrusted search path vulnerability in unspecified components in Symantec LiveUpdate for Macintosh 3...
S
CVE-2006-1837 SQL injection vulnerability in archiv2.php in Fuju News 1.0 allows remote attackers to execute arbit...
E
CVE-2006-1838 edit_kategorie.php in Fuju News 1.0 allows remote attackers to bypass authentication by setting the ...
E
CVE-2006-1839 PHP remote file inclusion vulnerability in language.php in PHP Album 0.3.2.3, when register_globals ...
E
CVE-2006-1840 Multiple format string vulnerabilities in Empire Server before 4.3.1 allow attackers to cause a deni...
S
CVE-2006-1841 Cross-site scripting (XSS) vulnerability in search.php in boastMachine (bMachine) 2.7, and possibly ...
CVE-2006-1842 Cross-site scripting (XSS) vulnerability in global.php in ShoutBOOK 1.1 allows remote attackers to i...
CVE-2006-1843 Cross-site scripting (XSS) vulnerability in global.php in ShoutBOOK 1.1 allows remote attackers to i...
CVE-2006-1844 The Debian installer for the (1) shadow 4.0.14 and (2) base-config 2.53.10 packages includes sensiti...
S
CVE-2006-1845 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-0537. Reason: This candida...
R
CVE-2006-1846 Cross-site scripting (XSS) vulnerability in the Your_Account module in PHP-Nuke 7.8 might allows rem...
CVE-2006-1847 SQL injection vulnerability in the Your_Account module in PHP-Nuke 7.8 might allows remote attackers...
CVE-2006-1848 Multiple cross-site scripting (XSS) vulnerabilities in stats_view.php in LinPHA 1.1.0 allow remote a...
E
CVE-2006-1849 Multiple SQL injection vulnerabilities in members_only/index.cgi in xFlow 5.46.11 and earlier allow ...
CVE-2006-1850 Multiple cross-site scripting (XSS) vulnerabilities in xFlow 5.46.11 and earlier allow remote attack...
CVE-2006-1851 xFlow 5.46.11 and earlier allows remote attackers to determine the installation path of the applicat...
CVE-2006-1852 SQL injection vulnerability in category.php in Article Publisher Pro 1.0.1 and earlier allows remote...
CVE-2006-1853 Multiple SQL injection vulnerabilities in ModernBill 4.3.2 and earlier allow remote attackers or adm...
CVE-2006-1854 Multiple cross-site scripting (XSS) vulnerabilities in BluePay Manager 2.0 and earlier allow remote ...
CVE-2006-1855 choose_new_parent in Linux kernel before 2.6.11.12 includes certain debugging code, which allows loc...
CVE-2006-1856 Certain modifications to the Linux kernel 2.6.16 and earlier do not add the appropriate Linux Securi...
CVE-2006-1857 Buffer overflow in SCTP in Linux kernel before 2.6.16.17 allows remote attackers to cause a denial o...
CVE-2006-1858 SCTP in Linux kernel before 2.6.16.17 allows remote attackers to cause a denial of service (crash) a...
CVE-2006-1859 Memory leak in __setlease in fs/locks.c in Linux kernel before 2.6.16.16 allows attackers to cause a...
S
CVE-2006-1860 lease_init in fs/locks.c in Linux kernel before 2.6.16.16 allows attackers to cause a denial of serv...
S
CVE-2006-1861 Multiple integer overflows in FreeType before 2.2 allow remote attackers to cause a denial of servic...
S
CVE-2006-1862 The virtual memory implementation in Linux kernel 2.6.x allows local users to cause a denial of serv...
E S
CVE-2006-1863 Directory traversal vulnerability in CIFS in Linux 2.6.16 and earlier allows local users to escape c...
E S
CVE-2006-1864 Directory traversal vulnerability in smbfs in Linux 2.6.16 and earlier allows local users to escape ...
E
CVE-2006-1865 Argument injection vulnerability in Beagle before 0.2.5 allows attackers to execute arbitrary comman...
CVE-2006-1866 Multiple unspecified vulnerabilities in Oracle Database Server 8.1.7.4, 9.0.1.5, 9.2.0.7, 10.1.0.5, ...
E S
CVE-2006-1867 Unspecified vulnerability in Oracle Database Server 9.2.0.6 has unknown impact and attack vectors in...
E S
CVE-2006-1868 Buffer overflow in the Advanced Replication component in Oracle Database Server 10.1.0.4 allows data...
E S
CVE-2006-1869 Unspecified vulnerability in Oracle Database Server 8.1.7.4 and 9.0.1.5 has unknown impact and attac...
E S
CVE-2006-1870 Unspecified vulnerability in Oracle Database Server 8.1.7.4, 9.0.1.5, 9.2.0.7, 10.1.0.5, and 10.2.0....
E S
CVE-2006-1871 SQL injection vulnerability in Oracle Database Server 9.2.0.7 and 10.1.0.5 allows remote attackers t...
E S
CVE-2006-1872 Unspecified vulnerability in Oracle Database Server 9.0.1.5 and 9.2.0.7 has unknown impact and attac...
E
CVE-2006-1873 Unspecified vulnerability in Oracle Database Server 9.2.0.7, 10.1.0.4, and 10.2.0.1 has unknown impa...
E
CVE-2006-1874 Unspecified vulnerability in Oracle Database Server 8.1.7.4, 9.0.1.5, and 9.2.0.6 has unknown impact...
E
CVE-2006-1875 Unspecified vulnerability in Oracle Database Server 9.0.1.5, 9.2.0.7, and 10.1.0.5 has unknown impac...
S
CVE-2006-1876 Unspecified vulnerability in Oracle Database Server 9.2.0.7 and 10.1.0.4 has unknown impact and atta...
E S
CVE-2006-1877 Unspecified vulnerability in Oracle Database Server 8.1.7.4, 9.0.1.5, and 9.2.0.7 has unknown impact...
E S
CVE-2006-1878 Cross-site scripting (XSS) vulnerability in index.php in phpFaber TopSites allows remote attackers t...
E
CVE-2006-1879 Multiple unspecified vulnerabilities in the Email Server component in Oracle Collaboration Suite 9.0...
S
CVE-2006-1880 Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5.10CU2 have unk...
S
CVE-2006-1881 Unspecified vulnerability in the Financials for Asia/Pacific component in Oracle E-Business Suite an...
S
CVE-2006-1882 Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5.10 have unknow...
S
CVE-2006-1883 Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Su...
S
CVE-2006-1884 Unspecified vulnerability in the Oracle Thesaurus Management System component in Oracle E-Business S...
S
CVE-2006-1885 Multiple unspecified vulnerabilities in the Reporting Framework component in Oracle Enterprise Manag...
S
CVE-2006-1886 Unspecified vulnerability in the PeopleTools component in Oracle PeopleSoft Enterprise 8.46.12 and 8...
S
CVE-2006-1887 Unspecified vulnerability in Oracle JD Edwards EnterpriseOne Security Server 8.95.J1 has unknown imp...
S
CVE-2006-1888 phpGraphy 0.9.11 and earlier allows remote attackers to bypass authentication and gain administrator...
E S
CVE-2006-1889 Cross-site scripting (XSS) vulnerability in the search action handler in index.php in Nils Asmussen ...
CVE-2006-1890 Multiple PHP remote file inclusion vulnerabilities in myWebland myEvent 1.2 allow remote attackers t...
E
CVE-2006-1891 Cross-site scripting (XSS) vulnerability in Martin Scheffler betaboard 0.1 allows remote attackers t...
CVE-2006-1892 avast! 4 Linux Home Edition 1.0.5 allows local users to modify permissions of arbitrary files via a ...
E
CVE-2006-1893 Cross-site scripting (XSS) vulnerability in print.php in ar-blog 5.2 allows remote attackers to inje...
E
CVE-2006-1894 Cross-site scripting (XSS) vulnerability in RevoBoard 1.8, as derived from PunBB, allows remote atta...
CVE-2006-1895 Direct static code injection vulnerability in includes/template.php in phpBB allows remote authentic...
E
CVE-2006-1896 Unspecified vulnerability in phpBB allows remote authenticated users with Administration Panel acces...
S
CVE-2006-1897 Webplus (aka talentsoft) Web+Shop 5.3.6, when Redirect URL for "Script Not Found" Error is not confi...
E S
CVE-2006-1898 Multiple cross-site scripting (XSS) vulnerabilities in Ralph Capper Tiny PHP Forum (TPF) 3.6 allow r...
CVE-2006-1899 Multiple cross-site scripting (XSS) vulnerabilities in dev Neuron Blog 1.1 and earlier allow remote ...
CVE-2006-1900 Multiple buffer overflows in World Wide Web Consortium (W3C) Amaya 9.4, and possibly other versions ...
E S
CVE-2006-1901 Mozilla Camino 1.0 and earlier allow remote attackers to cause a denial of service (null dereference...
CVE-2006-1902 fold_binary in fold-const.c in GNU Compiler Collection (gcc) 4.1 improperly handles pointer overflow...
CVE-2006-1903 Multiple cross-site scripting (XSS) vulnerabilities in UserLand Manila allow remote attackers to inj...
CVE-2006-1904 Cross-site scripting (XSS) vulnerability in index.php in AnimeGenesis Gallery allows remote attacker...
CVE-2006-1905 Multiple format string vulnerabilities in xiTK (xitk/main.c) in xine 0.99.3 allow remote attackers t...
E
CVE-2006-1906 Cross-site scripting (XSS) vulnerability in index.php in jjgan852 phpLister 0.4.1 allows remote atta...
E
CVE-2006-1907 Multiple SQL injection vulnerabilities in myEvent 1.x allow remote attackers to inject arbitrary SQL...
CVE-2006-1908 Cross-site scripting vulnerability in addevent.php in myEvent 1.x allows remote attackers to inject ...
CVE-2006-1909 Directory traversal vulnerability in index.php in Coppermine 1.4.4 allows remote attackers to read a...
E
CVE-2006-1910 config.php in S9Y Serendipity 1.0 beta 2 allows remote attackers to inject arbitrary PHP code by edi...
E
CVE-2006-1911 Cross-site scripting (XSS) vulnerability in MyBB (MyBulletinBoard) 1.1 allows remote attackers to in...
E S
CVE-2006-1912 MyBB (MyBulletinBoard) 1.1.0 does not set the constant KILL_GLOBAL variable in (1) global.php and (2...
CVE-2006-1913 Cross-site scripting (XSS) vulnerability in jax_guestbook.php in Jax Guestbook 3.1, 3.31, and 3.50 a...
E
CVE-2006-1914 DbbS 2.0-alpha and earlier allows remote attackers to obtain sensitive information via an invalid (1...
CVE-2006-1915 SQL injection vulnerability in topics.php in DbbS 2.0-alpha and earlier allows remote attackers to e...
E
CVE-2006-1916 Multiple cross-site scripting (XSS) vulnerabilities in profile.php in DbbS 2.0-alpha and earlier all...
E
CVE-2006-1917 SQL injection vulnerability in member.php in Blackorpheus ClanMemberSkript 1.0 allows remote attacke...
E
CVE-2006-1918 Multiple cross-site scripting (XSS) vulnerabilities in Papoo 2.1.5 allow remote attackers to inject ...
CVE-2006-1919 PHP remote file inclusion vulnerability in index.php in Internet Photoshow 1.3 allows remote attacke...
E
CVE-2006-1920 SQL injection vulnerability in index.php in PMTool 1.2.2 allows remote attackers to execute arbitrar...
CVE-2006-1921 nettools.php in PHP Net Tools 2.7.1 allows remote attackers to execute arbitrary commands via shell ...
E
CVE-2006-1922 PHP remote file inclusion vulnerability in (1) about.php or (2) auth.php in TotalCalendar allows rem...
CVE-2006-1923 Multiple cross-site scripting (XSS) vulnerabilities in LinPHA before 1.1.1 allow remote attackers to...
S
CVE-2006-1924 SQL injection vulnerability in functions/db_api.php in LinPHA 1.1.1 allows remote attackers to execu...
S
CVE-2006-1925 Directory traversal vulnerability in the editnews module (inc/editnews.mdu) in index.php in CuteNews...
E
CVE-2006-1926 SQL injection vulnerability in showtopic.php in ThWboard 2.84 beta 3 and earlier allows remote attac...
CVE-2006-1927 Cisco IOS XR, when configured for Multi Protocol Label Switching (MPLS) and running on Cisco CRS-1 o...
CVE-2006-1928 Cisco IOS XR, when configured for Multi Protocol Label Switching (MPLS) and running on Cisco CRS-1 r...
CVE-2006-1929 PHP remote file inclusion vulnerability in include/common.php in I-Rater Platinum allows remote atta...
CVE-2006-1930 Multiple SQL injection vulnerabilities in userscript.php in Green Minute 1.0 and earlier allow remot...
CVE-2006-1931 The HTTP/XMLRPC server in Ruby before 1.8.2 uses blocking sockets, which allows attackers to cause a...
S
CVE-2006-1932 Off-by-one error in the OID printing routine in Ethereal 0.10.x up to 0.10.14 has unknown impact and...
S
CVE-2006-1933 Multiple unspecified vulnerabilities in Ethereal 0.10.x up to 0.10.14 allow remote attackers to caus...
S
CVE-2006-1934 Multiple buffer overflows in Ethereal 0.10.x up to 0.10.14 allow remote attackers to cause a denial ...
S
CVE-2006-1935 Buffer overflow in Ethereal 0.9.15 up to 0.10.14 allows remote attackers to cause a denial of servic...
S
CVE-2006-1936 Buffer overflow in Ethereal 0.8.5 up to 0.10.14 allows remote attackers to execute arbitrary code vi...
S
CVE-2006-1937 Multiple unspecified vulnerabilities in Ethereal 0.10.x up to 0.10.14 allow remote attackers to caus...
S
CVE-2006-1938 Multiple unspecified vulnerabilities in Ethereal 0.8.x up to 0.10.14 allow remote attackers to cause...
S
CVE-2006-1939 Multiple unspecified vulnerabilities in Ethereal 0.9.x up to 0.10.14 allow remote attackers to cause...
S
CVE-2006-1940 Unspecified vulnerability in Ethereal 0.10.4 up to 0.10.14 allows remote attackers to cause a denial...
S
CVE-2006-1941 Neon Responder 5.4 for LANsurveyor allows remote attackers to cause a denial of service (application...
E
CVE-2006-1942 Mozilla Firefox 1.5.0.2 and possibly other versions before 1.5.0.4, Netscape 8.1, 8.0.4, and 7.2, an...
S
CVE-2006-1943 Multiple cross-site scripting (XSS) vulnerabilities in Smarter Scripts IntelliLink Pro 5.06 and earl...
E
CVE-2006-1944 Multiple cross-site scripting (XSS) vulnerabilities in SibSoft CommuniMail 1.2 and earlier allow rem...
E
CVE-2006-1945 Cross-site scripting (XSS) vulnerability in awstats.pl in AWStats 6.5 and earlier allows remote atta...
CVE-2006-1946 Multiple cross-site scripting (XSS) vulnerabilities in Visale 1.0 and earlier allow remote attackers...
E
CVE-2006-1947 Multiple SQL injection vulnerabilities in plexum.php in NicPlex Plexum X5 and earlier allow remote a...
E
CVE-2006-1948 The "Add Sender to Address Book" operation (AddSenderToAddressBook.lss) and NameHelper.lss in IBM Lo...
CVE-2006-1949 SQL injection vulnerability in plexcart.pl in NicPlex PlexCart X3 and earlier allows remote attacker...
CVE-2006-1950 Multiple cross-site scripting (XSS) vulnerabilities in banners.cgi in PerlCoders BannerFarm 2.3 and ...
E
CVE-2006-1951 Directory traversal vulnerability in SolarWinds TFTP Server 8.1 and earlier allows remote attackers ...
S
CVE-2006-1952 Directory traversal vulnerability in WinAgents TFTP Server for Windows 3.1 and earlier allows remote...
CVE-2006-1953 Directory traversal vulnerability in Caucho Resin 3.0.17 and 3.0.18 for Windows allows remote attack...
S
CVE-2006-1954 SQL injection vulnerability in authent.php4 in Nicolas Fischer (aka NFec) RechnungsZentrale V2 1.1.3...
E
CVE-2006-1955 PHP remote file inclusion vulnerability in authent.php4 in Nicolas Fischer (aka NFec) RechnungsZentr...
E
CVE-2006-1956 The com_rss option (rss.php) in (1) Mambo and (2) Joomla! allows remote attackers to obtain sensitiv...
E
CVE-2006-1957 The com_rss option (rss.php) in (1) Mambo and (2) Joomla! allows remote attackers to cause a denial ...
E
CVE-2006-1958 Multiple SQL injection vulnerabilities in WWWThreads RC 3 allow remote attackers to execute arbitrar...
CVE-2006-1959 PHP remote file inclusion vulnerability in direct.php in ActualScripts ActualAnalyzer Lite 2.72 and ...
CVE-2006-1960 Cross-site scripting (XSS) vulnerability in the appliance web user interface in Cisco CiscoWorks Wir...
S
CVE-2006-1961 Cisco CiscoWorks Wireless LAN Solution Engine (WLSE) and WLSE Express before 2.13, Hosting Solution ...
S
CVE-2006-1962 SQL injection vulnerability in PCPIN Chat 5.0.4 and earlier allows remote attackers to execute arbit...
E
CVE-2006-1963 Directory traversal vulnerability in main.php in PCPIN Chat 5.0.4 and earlier allows remote authenti...
E
CVE-2006-1964 SQL injection vulnerability in Haberler.asp in ASPSitem 1.83 and earlier allows remote attackers to ...
E S
CVE-2006-1965 Multiple cross-site scripting (XSS) vulnerabilities in aasi media Net Clubs Pro 4.0 and earlier allo...
CVE-2006-1966 An unspecified Fortinet product, possibly Fortinet28, allows remote attackers to cause a denial of s...
CVE-2006-1967 Cross-site scripting (XSS) vulnerability in calendar/Visitor.cgi in KCScripts Calendar, distributed ...
CVE-2006-1968 Cross-site scripting (XSS) vulnerability in news/NsVisitor.cgi in KCScripts News Publisher, distribu...
CVE-2006-1969 Cross-site scripting (XSS) vulnerability in search/search.cgi in an unspecified KCScripts script, pr...
CVE-2006-1970 Cross-site scripting (XSS) vulnerability in classifieds/viewcat.cgi in KCScripts Classifieds, distri...
CVE-2006-1971 Cross-site scripting (XSS) vulnerability in login.php in KRANKIKOM ContentBoxX allows remote attacke...
E
CVE-2006-1972 Cross-site scripting (XSS) vulnerability in EasyGallery.php in Wingnut EasyGallery allows remote att...
CVE-2006-1973 Multiple unspecified vulnerabilities in Linksys RT31P2 VoIP router allow remote attackers to cause a...
CVE-2006-1974 SQL injection vulnerability in index.php in MyBB (MyBulletinBoard) before 1.04 allows remote attacke...
CVE-2006-1975 Cross-site scripting (XSS) vulnerability in guestbook_newentry.php in PHP-Gastebuch 1.61 allows remo...
E
CVE-2006-1976 Cross-site scripting (XSS) vulnerability in addRequest.php in Prayer Request Board (PRB) Beta 1 befo...
S
CVE-2006-1977 Cross-site scripting (XSS) vulnerability in FlexBB 0.5.7 BETA and earlier allows remote attackers to...
CVE-2006-1978 SQL injection vulnerability in inc/start.php in FlexBB 0.5.5 and earlier allows remote attackers to ...
E
CVE-2006-1979 Cross-site scripting (XSS) vulnerability in mwguest.php in Manic Web MWGuest 2.1.0 allows remote att...
E
CVE-2006-1980 Cross-site scripting (XSS) vulnerability in W2B Online Banking allows remote attackers to inject arb...
E
CVE-2006-1981 Unspecified vulnerability in Java InputMethods on Mac OS X 10.4.5 may cause InputMethods to send inp...
CVE-2006-1982 Heap-based buffer overflow in the LZWDecodeVector function in Mac OS X before 10.4.6, as used in app...
E S
CVE-2006-1983 Multiple heap-based buffer overflows in Mac OS X 10.4.6 and earlier allow remote attackers to cause ...
E S
CVE-2006-1984 Unspecified vulnerability in the _cg_TIFFSetField function in Mac OS X 10.4.6 and earlier, as used i...
E S
CVE-2006-1985 Heap-based buffer overflow in BOM BOMArchiveHelper 10.4 (6.3) Build 312, as used in Mac OS X 10.4.6 ...
S
CVE-2006-1986 Apple Safari 2.0.3 allows remote attackers to cause a denial of service and possibly execute code vi...
E
CVE-2006-1987 Apple Safari 2.0.3 allows remote attackers to cause a denial of service and possibly execute code vi...
E
CVE-2006-1988 The WebTextRenderer(WebInternal) _CG_drawRun:style:geometry: function in Apple Safari 2.0.3 allows r...
E
CVE-2006-1989 Buffer overflow in the get_database function in the HTTP client in Freshclam in ClamAV 0.80 to 0.88....
E S
CVE-2006-1990 Integer overflow in the wordwrap function in string.c in PHP 4.4.2 and 5.1.2 might allow context-dep...
E
CVE-2006-1991 The substr_compare function in string.c in PHP 5.1.2 allows context-dependent attackers to cause a d...
E S
CVE-2006-1992 mshtml.dll 6.00.2900.2873, as used in Microsoft Internet Explorer, allows remote attackers to cause ...
E S
CVE-2006-1993 Mozilla Firefox 1.5.0.2, when designMode is enabled, allows remote attackers to cause a denial of se...
E S
CVE-2006-1994 PHP remote file inclusion vulnerability in dForum 1.5 and earlier allows remote attackers to execute...
E
CVE-2006-1995 Directory traversal vulnerability in index.php in Scry Gallery 1.1 allows remote attackers to read a...
E
CVE-2006-1996 Scry Gallery 1.1 allows remote attackers to obtain sensitive information via an invalid p parameter,...
CVE-2006-1997 Unspecified vulnerability in Sybase Pylon Anywhere groupware synchronization server before 7.0 allow...
S
CVE-2006-1998 OpenTTD 0.4.7 and earlier allows local users to cause a denial of service (application exit) via a l...
E S
CVE-2006-1999 The multiplayer menu in OpenTTD 0.4.7 allows remote attackers to cause a denial of service via a UDP...
E S
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.