CVE-2006-2xxx

There are 982 CVE in this subgroup.

Last updated:

← Back to 2006

ID	Summary	Flags
CVE-2006-2000	Cross-site scripting (XSS) vulnerability in /lms/a2z.jsp in logMethods 0.9 allows remote attackers t...
CVE-2006-2001	Cross-site scripting (XSS) vulnerability in index.php in Scry Gallery 1.1 allows remote attackers to...
CVE-2006-2002	PHP remote file inclusion vulnerability in stats.php in MyGamingLadder 7.0 allows remote attackers t...	E
CVE-2006-2003	Cross-site scripting (XSS) vulnerability in cgi-bin/guest in Community Architect Guestbook allows re...
CVE-2006-2004	Multiple SQL injection vulnerabilities in RI Blog 1.1 allow remote attackers to execute arbitrary SQ...	E
CVE-2006-2005	Eval injection vulnerability in index.php in ClanSys 1.1 allows remote attackers to execute arbitrar...	E
CVE-2006-2006	Multiple directory traversal vulnerabilities in IZArc Archiver 3.5 beta 3 allow remote attackers to ...
CVE-2006-2007	Heap-based buffer overflow in Winny 2.0 b7.1 and earlier allows remote attackers to execute arbitrar...
CVE-2006-2008	PHP remote file inclusion vulnerability in movie_cls.php in Built2Go PHP Movie Review 2B and earlier...	E
CVE-2006-2009	PHP remote file inclusion vulnerability in agenda.php3 in phpMyAgenda 3.0 Final and earlier allows r...	E
CVE-2006-2010	Multiple SQL injection vulnerabilities in check_login.asp in Bloggage allow remote attackers to exec...	E
CVE-2006-2011	Cross-site scripting (XSS) vulnerability in member.php in 4images 1.7 and earlier allows remote atta...	E
CVE-2006-2012	Format string vulnerability in Skulltag 0.96f and earlier allows remote attackers to cause a denial ...	E
CVE-2006-2013	SQL injection vulnerability in page.php in SL_site 1.0 allows remote attackers to execute arbitrary ...	E
CVE-2006-2014	Directory traversal vulnerability in gallerie.php in SL_site 1.0 allows remote attackers to list ima...	E
CVE-2006-2015	Cross-site scripting (XSS) vulnerability in SL_site 1.0 allows remote attackers to inject arbitrary ...	E
CVE-2006-2016	Multiple cross-site scripting (XSS) vulnerabilities in phpLDAPadmin 0.9.8 and earlier allow remote a...	E
CVE-2006-2017	Dnsmasq 2.29 allows remote attackers to cause a denial of service (application crash) via a DHCP cli...	S
CVE-2006-2018	SQL injection vulnerability in calendar.php in vBulletin 3.0.x allows remote attackers to execute ar...	E
CVE-2006-2019	Apple Mac OS X Safari 2.0.3, 1.3.1, and possibly other versions allows remote attackers to cause a d...	E
CVE-2006-2020	Asterisk Recording Interface (ARI) in Asterisk@Home before 2.8 stores recordings/includes/main.conf ...	E S
CVE-2006-2021	Absolute path traversal vulnerability in recordings/misc/audio.php in the Asterisk Recording Interfa...	E S
CVE-2006-2022	Buffer overflow in the parse_url function in the RTSP module (rtsp/parse_url.c) in Fenice 1.10 and e...	E
CVE-2006-2023	Integer overflow in the RTSP_msg_len function in rtsp/RTSP_msg_len.c in Fenice 1.10 and earlier allo...	E
CVE-2006-2024	Multiple vulnerabilities in libtiff before 3.8.1 allow context-dependent attackers to cause a denial...	E S
CVE-2006-2025	Integer overflow in the TIFFFetchData function in tif_dirread.c for libtiff before 3.8.1 allows cont...	E S
CVE-2006-2026	Double free vulnerability in tif_jpeg.c in libtiff before 3.8.1 allows context-dependent attackers t...	E S
CVE-2006-2027	Buffer overflow in Unicode processing in the logging functionality in Pablo Software Solutions Quick...
CVE-2006-2028	Cross-site scripting (XSS) vulnerability in imagelist.php in Jeremy Ashcraft Simplog 0.9.3 and earli...
CVE-2006-2029	Multiple SQL injection vulnerabilities in Jeremy Ashcraft Simplog 0.9.3 and earlier allow remote att...
CVE-2006-2030	The Allied Telesyn AT-9724TS switch allows remote attackers to cause a denial of service via a large...
CVE-2006-2031	Cross-site scripting (XSS) vulnerability in index.php in phpMyAdmin 2.8.0.3, 2.8.0.2, 2.8.1-dev, and...	E
CVE-2006-2032	Multiple SQL injection vulnerabilities in Core CoreNews 2.0.1 and earlier allow remote attackers to ...	E
CVE-2006-2033	PHP remote file inclusion vulnerability in Core CoreNews 2.0.1 and earlier allows remote authenticat...	E
CVE-2006-2034	SQL injection vulnerability in function/showprofile.php in FlexBB 0.5.5 allows remote attackers to e...
CVE-2006-2035	Websense, when configured to permit access to the dynamic content category, allows local users to by...
CVE-2006-2036	iOpus Secure Email Attachments (SEA), probably 1.0, does not properly handle passwords that consist ...
CVE-2006-2037	Cross-site scripting (XSS) vulnerability in index.php in Thwboard 3.0 Beta 2.84 allows remote attack...	E
CVE-2006-2038	Multiple SQL injection vulnerabilities in ampleShop 2.1 and earlier allow remote attackers to execut...
CVE-2006-2039	Multiple SQL injection vulnerabilities in the osTicket module in Help Center Live before 2.1.0 allow...	S
CVE-2006-2040	Multiple SQL injection vulnerabilities in photokorn 1.53 and 1.542 allow remote attackers to execute...	E
CVE-2006-2041	PhpWebGallery before 1.6.0RC1 allows remote attackers to obtain arbitrary pictures via a request to ...	S
CVE-2006-2042	Adobe Dreamweaver 8 before 8.0.2 and MX 2004 can generate code that allows SQL injection attacks in ...	S
CVE-2006-2043	na-img-4.0.34.bin for the IP3 Networks NetAccess NA75 allows local users to gain Unix shell access v...
CVE-2006-2044	na-img-4.0.34.bin for the IP3 Networks NetAccess NA75 has a default username of admin and a default ...
CVE-2006-2045	The (1) shadow password file in na-img-4.0.34.bin for the IP3 Networks NetAccess NA75 has world read...
CVE-2006-2046	Multiple SQL injection vulnerabilities in Application Dynamics Cartweaver ColdFusion 2.16.11 and ear...	E
CVE-2006-2047	Application Dynamics Cartweaver ColdFusion 2.16.11 and earlier allows remote attackers to obtain sen...
CVE-2006-2048	Multiple cross-site scripting (XSS) vulnerabilities in index.php in Edwin van Wijk phpWebFTP 2.3 all...	E
CVE-2006-2049	Cross-site scripting (XSS) vulnerability in dcboard.cgi in DCScripts DCForumLite 3.0 allows remote a...	E
CVE-2006-2050	SQL injection vulnerability in dcboard.cgi in DCScripts DCForumLite 3.0 allows remote attackers to e...	E
CVE-2006-2051	Multiple cross-site scripting (XSS) vulnerabilities in myadmin/index.php in NextAge Shopping Cart al...	E
CVE-2006-2052	Cross-site scripting (XSS) vulnerability in Verosky Media Instant Photo Gallery allows remote attack...	E
CVE-2006-2053	Multiple SQL injection vulnerabilities in QuickEStore 7.9 and earlier allow remote attackers to exec...
CVE-2006-2054	3Com Baseline Switch 2848-SFP Plus Model #3C16486 with firmware before 1.0.2.0 allows remote attacke...
CVE-2006-2055	Argument injection vulnerability in Microsoft Outlook 2003 SP1 allows user-assisted remote attackers...
CVE-2006-2056	Argument injection vulnerability in Internet Explorer 6 for Windows XP SP2 allows user-assisted remo...
CVE-2006-2057	Argument injection vulnerability in Mozilla Firefox 1.0.6 allows user-assisted remote attackers to m...
CVE-2006-2058	Argument injection vulnerability in Avant Browser 10.1 Build 17 allows user-assisted remote attacker...
CVE-2006-2059	action_public/search.php in Invision Power Board (IPB) 2.1.x and 2.0.x before 20060425 allows remote...	S
CVE-2006-2060	Directory traversal vulnerability in action_admin/paysubscriptions.php in Invision Power Board (IPB)...	S
CVE-2006-2061	SQL injection vulnerability in lib/func_taskmanager.php in Invision Power Board (IPB) 2.1.x and 2.0....	S
CVE-2006-2062	Multiple SQL injection vulnerabilities in Leadhound Full and LITE 2.1, and probably the Network Vers...	E
CVE-2006-2063	Multiple cross-site scripting (XSS) vulnerabilities in Leadhound Full and LITE 2.1, and probably the...	E
CVE-2006-2064	Unspecified vulnerability in the libpkcs11 library in Sun Solaris 10 might allow local users to gain...	S
CVE-2006-2065	SQL injection vulnerability in save.php in PHPSurveyor 0.995 and earlier allows remote attackers to ...	E S
CVE-2006-2066	Multiple cross-site scripting (XSS) vulnerabilities pm_popup.php in MKPortal 1.1 Rc1 and earlier, as...	E
CVE-2006-2067	SQL injection vulnerability in vb_board_functions.php in MKPortal 1.1, as used with vBulletin 3.5.4 ...	E
CVE-2006-2068	Unspecified vulnerability in Hitachi JP1 products allow remote attackers to cause a denial of servic...	S
CVE-2006-2069	The recursor in PowerDNS before 3.0.1 allows remote attackers to cause a denial of service (applicat...	S
CVE-2006-2070	Cross-site scripting (XSS) vulnerability in member.php in DevBB 1.0.0 and earlier allows remote atta...	E
CVE-2006-2071	Linux kernel 2.4.x and 2.6.x up to 2.6.16 allows local users to bypass IPC permissions and modify a ...
CVE-2006-2072	Multiple unspecified vulnerabilities in DeleGate 9.x before 9.0.6 and 8.x before 8.11.6 allow remote...	S
CVE-2006-2073	Unspecified vulnerability in ISC BIND allows remote attackers to cause a denial of service via a cra...	S
CVE-2006-2074	Unspecified vulnerability in Juniper Networks JUNOSe E-series routers before 7-1-1 has unknown impac...	S
CVE-2006-2075	Unspecified vulnerability in MyDNS 1.1.0 allows remote attackers to cause a denial of service via a ...	S
CVE-2006-2076	Memory leak in Paul Rombouts pdnsd before 1.2.4 allows remote attackers to cause a denial of service...	S
CVE-2006-2077	Buffer overflow in Paul Rombouts pdnsd before 1.2.4 has unknown impact and attack vectors. NOTE: th...
CVE-2006-2078	Multiple unspecified vulnerabilities in multiple FITELnet products, including FITELnet-F40, F80, F10...	S
CVE-2006-2079	Cross-site scripting (XSS) vulnerability in portfolio.php in Verosky Media Instant Photo Gallery, po...	E
CVE-2006-2080	SQL injection vulnerability in portfolio_photo_popup.php in Verosky Media Instant Photo Gallery 1.0....	E
CVE-2006-2081	Oracle Database Server 10g Release 2 allows local users to execute arbitrary SQL queries via the GET...	E
CVE-2006-2082	Directory traversal vulnerability in Quake 3 engine, as used in products including Quake3 Arena, Ret...
CVE-2006-2083	Integer overflow in the receive_xattr function in the extended attributes patch (xattr.c) for rsync ...
CVE-2006-2084	Multiple cross-site scripting (XSS) vulnerabilities in FarsiNews 2.5.3 Pro and earlier allow remote ...	E
CVE-2006-2085	Multiple buffer overflows in (1) CxAce60.dll and (2) CxAce60u.dll in SpeedProject Squeez 5.10 Build ...	S
CVE-2006-2086	Buffer overflow in JuniperSetupDLL.dll, loaded from JuniperSetup.ocx by the Juniper SSL-VPN Client w...
CVE-2006-2087	The Gmax Mail client in Hitachi Groupmax before 20060426 allows remote attackers to cause a denial o...
CVE-2006-2088	Multiple cross-site scripting (XSS) vulnerabilities in Devsyn Open Bulletin Board (OpenBB) 1.0.6 all...
CVE-2006-2089	Multiple cross-site scripting (XSS) vulnerabilities in misc.php in MySmartBB 1.1.x allow remote atta...	E
CVE-2006-2090	Multiple SQL injection vulnerabilities in misc.php in MySmartBB 1.1.x allow remote attackers to exec...	E
CVE-2006-2091	admin.php in Virtual War (VWar) 1.5 and versions before 1.2 allows remote attackers to obtain sensit...
CVE-2006-2092	Unspecified vulnerability in HP StorageWorks Secure Path for Windows 4.0C-SP2 before 20060419 allows...	S
CVE-2006-2093	Nessus before 2.2.8, and 3.x before 3.0.3, allows user-assisted attackers to cause a denial of servi...	S
CVE-2006-2094	Microsoft Internet Explorer before Windows XP Service Pack 2 and Windows Server 2003 Service Pack 1,...	E
CVE-2006-2095	Phex before 2.8.6 allows remote attackers to cause a denial of service (application hang) by initiat...	S
CVE-2006-2096	plug.php in Land Down Under (LDU) 802 and earlier allows remote attackers to obtain sensitive inform...
CVE-2006-2097	SQL injection vulnerability in func_msg.php in Invision Power Board (IPB) 2.1.4 allows remote attack...	E
CVE-2006-2098	PHP remote file inclusion vulnerability in Thumbnail AutoIndex before 2.0 allows remote attackers to...	S
CVE-2006-2099	Directory traversal vulnerability in UltraISO 8.0.0.1392 allows remote attackers to write arbitrary ...	E
CVE-2006-2100	Directory traversal vulnerability in Magic ISO 5.0 Build 0166 allows remote attackers to write arbit...	E
CVE-2006-2101	Directory traversal vulnerability in WinISO 5.3 allows remote attackers to write arbitrary files via...	E
CVE-2006-2102	Directory traversal vulnerability in PowerISO 2.9 allows remote attackers to write arbitrary files v...	E
CVE-2006-2103	SQL injection vulnerability in MyBB (MyBulletinBoard) 1.1.1 allows remote authenticated administrato...
CVE-2006-2104	Multiple cross-site scripting (XSS) vulnerabilities in Kamgaing Email System (kmail) 2.3 and earlier...	E
CVE-2006-2105	Directory traversal vulnerability in index.php in Jupiter CMS 1.1.4 and 1.1.5 allows remote attacker...	E
CVE-2006-2106	Cross-site scripting (XSS) vulnerability in Edgewall Software Trac 0.9.4 and earlier allows remote a...	S
CVE-2006-2107	Buffer overflow in BL4 SMTP Server 0.1.4 and earlier allows remote attackers to cause a denial of se...	E
CVE-2006-2108	parser.exe in Océ (OCE) 3121/3122 Printer allows remote attackers to cause a denial of service (cras...	E
CVE-2006-2109	Cross-site scripting (XSS) vulnerability in the parse_query_str function in include/print.php in JSB...	E S
CVE-2006-2110	Virtual Private Server (Vserver) 2.0.x before 2.0.2-rc18 and 2.1.x before 2.1.1-rc18 provides certai...	E S
CVE-2006-2111	A component in Microsoft Outlook Express 6 allows remote attackers to bypass domain restrictions and...	E
CVE-2006-2112	Fuji Xerox Printing Systems (FXPS) print engine, as used in products including (1) Dell 3000cn throu...	S
CVE-2006-2113	The embedded HTTP server in Fuji Xerox Printing Systems (FXPS) print engine, as used in products inc...	S
CVE-2006-2114	Buffer overflow in SWS web Server 0.1.7 allows remote attackers to execute arbitrary code via a long...	E
CVE-2006-2115	Format string vulnerability in SWS web Server 0.1.7 allows remote attackers to execute arbitrary cod...	E
CVE-2006-2116	planetGallery allows remote attackers to gain administrator privileges via a direct request to admin...	E
CVE-2006-2117	Cross-site scripting (XSS) vulnerability in Thyme 1.3 allows remote attackers to inject arbitrary we...
CVE-2006-2118	JMK's Picture Gallery allows remote attackers to bypass authentication via a direct request to admin...
CVE-2006-2119	PHP remote file inclusion vulnerability in event/index.php in Artmedic Event allows remote attackers...	E
CVE-2006-2120	The TIFFToRGB function in libtiff before 3.8.1 allows remote attackers to cause a denial of service ...	S
CVE-2006-2121	PHP remote file include vulnerability in admin/config_settings.tpl.php in I-RATER Platinum allows re...	E
CVE-2006-2122	PHP remote file inclusion vulnerability in index.php in CoolMenus allows remote attackers to execute...
CVE-2006-2123	Multiple SQL injection vulnerabilities in the report interface in Network Administration Visualized ...	S
CVE-2006-2124	Multiple cross-site scripting (XSS) vulnerabilities in SunShop 3.5 and earlier allow remote attacker...
CVE-2006-2125	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-3779. Reason: This candida...	R
CVE-2006-2126	SQL injection vulnerability in pocategories.php in MaxTrade 1.0.1 and earlier allows remote attacker...
CVE-2006-2127	SQL injection vulnerability in weblog_posting.php in Blog Mod 0.2.x allows remote attackers to execu...
CVE-2006-2128	Multiple SQL injection vulnerabilities in Pro Publish 2.0 allow remote attackers to execute arbitrar...
CVE-2006-2129	Direct static code injection vulnerability in Pro Publish 2.0 allows remote authenticated administra...
CVE-2006-2130	SQL injection vulnerability in include/class_poll.php in Advanced Poll 2.0.4 allows remote attackers...
CVE-2006-2131	include/class_poll.php in Advanced Poll 2.0.4 uses the HTTP_X_FORWARDED_FOR (X-Forwarded-For HTTP he...
CVE-2006-2132	SQL injection vulnerability in detail.asp in DUclassified allows remote attackers to execute arbitra...	E
CVE-2006-2133	SQL injection vulnerability in index.php in BoonEx Barracuda 1.1 and earlier allows remote attackers...
CVE-2006-2134	PHP remote file inclusion vulnerability in /includes/kb_constants.php in Knowledge Base Mod for PHPb...	E
CVE-2006-2135	SQL injection vulnerability in login.php in Ruperts News allows remote attackers to execute arbitrar...
CVE-2006-2136	SQL injection vulnerability in news.php in AZNEWS allows remote attackers to execute arbitrary SQL c...
CVE-2006-2137	PHP remote file inclusion vulnerability in master.php in OpenPHPNuke and 2.3.3 earlier allows remote...	E S
CVE-2006-2138	Cross-site scripting (XSS) vulnerability in neomail.pl in NeoMail 1.29 allows remote attackers to in...	E
CVE-2006-2139	Multiple SQL injection vulnerabilities in PHP Newsfeed 20040723 allow remote attackers to execute ar...
CVE-2006-2140	Multiple cross-site scripting (XSS) vulnerabilities in OrbitHYIP 2.0 and earlier allow remote attack...
CVE-2006-2141	Cross-site scripting (XSS) vulnerability in popup_image in Collaborative Portal Server (CPS) 3.4.0 a...	E
CVE-2006-2142	PHP remote file inclusion vulnerability in classes/adodbt/sql.php in Limbo CMS 1.04 and earlier allo...	E
CVE-2006-2143	Multiple cross-site scripting (XSS) vulnerabilities in TextFileBB 1.0.16 allow remote attackers to i...	E
CVE-2006-2144	PHP remote file inclusion vulnerability in kopf.php in DMCounter 0.9.2-b allows remote attackers to ...	E
CVE-2006-2145	Multiple SQL injection vulnerabilities in index.php in HB-NS 1.1.6 allow remote attackers to execute...	E
CVE-2006-2146	Multiple cross-site scripting (XSS) vulnerabilities in index.php in HB-NS 1.1.6 allow remote attacke...
CVE-2006-2147	resmgrd in resmgr for SUSE Linux and other distributions does not properly handle when access to a U...	S
CVE-2006-2148	Multiple buffer overflows in client.c in CGI:IRC (CGIIRC) before 0.5.8 might allow remote attackers ...	S
CVE-2006-2149	PHP remote file inclusion vulnerability in sources/lostpw.php in Aardvark Topsites PHP 4.2.2 and ear...	E
CVE-2006-2150	PHP remote file inclusion vulnerability in top/list.php in phpBB TopList 1.3.8 and earlier allows re...
CVE-2006-2151	PHP remote file inclusion vulnerability in toplist.php in phpBB TopList 1.3.8 and earlier, when regi...	E
CVE-2006-2152	PHP remote file inclusion vulnerability in admin/addentry.php in phpBB Advanced Guestbook 2.4.0 and ...	E
CVE-2006-2153	Cross-site scripting (XSS) vulnerability in HTM_PASSWD in DirectAdmin Hosting Management allows remo...
CVE-2006-2154	EMC Retrospect for Windows 6.5 before 6.5.382, 7.0 before 7.0.344, and 7.5 before 7.5.1.105 does not...
CVE-2006-2155	EMC Retrospect for Windows 6.5 before 6.5.382, 7.0 before 7.0.344, and 7.5 before 7.5.1.105 allows l...
CVE-2006-2156	Directory traversal vulnerability in help/index.php in X7 Chat 2.0 and earlier allows remote attacke...	E
CVE-2006-2157	SQL injection vulnerability in gallery.php in Plogger Beta 2.1 and earlier allows remote attackers t...
CVE-2006-2158	Dynamic variable evaluation vulnerability in index.php in Stadtaus Guestbook Script 1.7 and earlier,...
CVE-2006-2159	CRLF injection vulnerability in help.php in Russcom Network Loginphp allows remote attackers to spoo...
CVE-2006-2160	Cross-site scripting (XSS) vulnerability in Russcom Network Loginphp (Russcom.Loginphp) allows remot...
CVE-2006-2161	Buffer overflow in (1) TZipBuilder 1.79.03.01, (2) Abakt 0.9.2 and 0.9.3-beta1, (3) CAM UnZip 4.0 an...	S
CVE-2006-2162	Buffer overflow in CGI scripts in Nagios 1.x before 1.4 and 2.x before 2.3 allows remote attackers t...
CVE-2006-2163	Cross-site scripting (XSS) vulnerability in index.php in Pinnacle Cart 3.33 and earlier allows remot...	E
CVE-2006-2164	Multiple SQL injection vulnerabilities in Avactis Shopping Cart 0.1.2 and earlier allow remote attac...
CVE-2006-2165	Multiple cross-site scripting (XSS) vulnerabilities in Avactis Shopping Cart 0.1.2 and earlier allow...
CVE-2006-2166	Unspecified vulnerability in the HTTP management interface in Cisco Unity Express (CUE) 2.2(2) and e...	S
CVE-2006-2167	Cross-site scripting (XSS) vulnerability in SloughFlash SF-Users 1.0, possibly in register.php, allo...
CVE-2006-2168	FileProtection Express 1.0.1 and earlier allows remote attackers to bypass authentication via a cook...
CVE-2006-2169	RT: Request Tracker 3.5.HEAD allows remote attackers to obtain sensitive information via the Rows pa...
CVE-2006-2170	Buffer overflow in ArgoSoft FTP Server 1.4.3.6 allows remote attackers to execute arbitrary code via...	E
CVE-2006-2171	Buffer overflow in WDM.exe in WarFTPD allows remote attackers to execute arbitrary code via unspecif...	E
CVE-2006-2172	Buffer overflow in Gene6 FTP Server 3.1.0 allows remote authenticated attackers to cause a denial of...	E
CVE-2006-2173	Buffer overflow in FileZilla FTP Server 2.2.22 allows remote authenticated attackers to cause a deni...	E
CVE-2006-2174	Multiple cross-site scripting (XSS) vulnerabilities in admin/server_day_stats.php in Virtual Hosting...	E
CVE-2006-2175	PHP remote file inclusion vulnerability in FtrainSoft Fast Click 2.3.8 and earlier allows remote att...	E
CVE-2006-2176	Multiple cross-site scripting (XSS) vulnerabilities in links.php in PHP Linkliste 1.0b allow remote ...	E
CVE-2006-2177	Cross-site scripting (XSS) vulnerability in viewcat.php in geoBlog 1.0 allows remote attackers to in...	E
CVE-2006-2178	Multiple cross-site scripting (XSS) vulnerabilities in CyberBuild allow remote attackers to inject a...	E
CVE-2006-2179	Multiple SQL injection vulnerabilities in CyberBuild allow remote attackers to execute arbitrary SQL...	E
CVE-2006-2180	Buffer overflow in Golden FTP Server Pro 2.70 allows remote attackers to cause a denial of service (...	E
CVE-2006-2181	Multiple cross-site scripting (XSS) vulnerabilities in Albinator 2.0.8 and earlier allow remote atta...	E
CVE-2006-2182	Multiple PHP remote file inclusion vulnerabilities in (1) eday.php, (2) eshow.php, or (3) forgot.php...	E
CVE-2006-2183	Untrusted search path vulnerability in Truecrypt 4.1, when running suid root on Linux, allows local ...	E S
CVE-2006-2184	Cross-site scripting (XSS) vulnerability in search.php in PHPKB Knowledge Base allows remote attacke...
CVE-2006-2185	PORTAL.NLM in Novell Netware 6.5 SP5 writes the username and password in cleartext to the abend.log ...	S
CVE-2006-2186	zenphoto 1.0.1 beta and earlier allow remote attackers to obtain sensitive information via a direct ...	E S
CVE-2006-2187	Multiple cross-site scripting (XSS) vulnerabilities in zenphoto 1.0.1 beta and earlier allow remote ...	E S
CVE-2006-2188	Multiple cross-site scripting (XSS) vulnerabilities in CMScout 1.10 and earlier allow remote attacke...	E S
CVE-2006-2189	SQL injection vulnerability in search.php in Servous sBLOG 0.7.2 allows remote attackers to execute ...	E
CVE-2006-2190	Cross-site scripting (XSS) vulnerability in ow-shared.pl in OpenWebMail (OWM) 2.51 and earlier allow...	E S
CVE-2006-2191	Format string vulnerability in Mailman before 2.1.9 allows attackers to execute arbitrary code via u...	S
CVE-2006-2193	Buffer overflow in the t2p_write_pdf_string function in tiff2pdf in libtiff 3.8.2 and earlier allows...	E S
CVE-2006-2194	The winbind plugin in pppd for ppp 2.4.4 and earlier does not check the return code from the setuid ...	S
CVE-2006-2195	Cross-site scripting (XSS) vulnerability in horde 3 (horde3) before 3.1.1 allows remote attackers to...	S
CVE-2006-2196	Unspecified vulnerability in pinball 0.3.1 allows local users to gain privileges via unknown attack ...	S
CVE-2006-2197	Integer overflow in wv2 before 0.2.3 might allow context-dependent attackers to execute arbitrary co...	S
CVE-2006-2198	OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attack...	S
CVE-2006-2199	Unspecified vulnerability in Java Applets in OpenOffice.org 1.1.x (aka StarOffice) up to 1.1.5 and 2...
CVE-2006-2200	Stack-based buffer overflow in libmms, as used by (a) MiMMS 0.0.9 and (b) xine-lib 1.1.0 and earlier...
CVE-2006-2201	Unspecified vulnerability in CA Resource Initialization Manager (CAIRIM) 1.x before 20060502, as use...	S
CVE-2006-2202	SQL injection vulnerability in post.php in Invision Gallery 2.0.6 allows remote attackers to execute...	S
CVE-2006-2203	Unspecified vulnerability in Kerio MailServer before 6.1.4 has unknown impact and remote attack vect...	S
CVE-2006-2204	SQL injection vulnerability in the topic deletion functionality (post_delete function in func_mod.ph...	S
CVE-2006-2205	The audio_write function in NetBSD 3.0 allows local users to cause a denial of service (kernel crash...	S
CVE-2006-2206	The MS-Logon authentication scheme in UltraVNC (aka Ultr@VNC) 1.0.1 uses weak encryption (XOR) for c...	E
CVE-2006-2208	Multiple cross-site scripting (XSS) vulnerabilities in mynews.inc.php in MyNews 1.6.2 allow remote a...	E
CVE-2006-2209	Multiple SQL injection vulnerabilities in index.php in PHP Arena paCheckBook 1.1 allow remote attack...	E
CVE-2006-2210	Cross-site scripting (XSS) vulnerability in index.php in 321soft PhP-Gallery 0.9 allows remote attac...	E
CVE-2006-2211	Absolute path traversal vulnerability in index.php in 321soft PhP-Gallery 0.9 allows remote attacker...	E
CVE-2006-2212	Buffer overflow in KarjaSoft Sami FTP Server 2.0.2 and earlier allows remote attackers to execute ar...
CVE-2006-2213	Hostapd 0.3.7-2 allows remote attackers to cause a denial of service (segmentation fault) via an uns...	S
CVE-2006-2214	Multiple SQL injection vulnerabilities in 4images 1.7.1 and earlier allow remote attackers to execut...	E
CVE-2006-2215	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-2181. Reason: This candida...	R
CVE-2006-2216	Open Bulletin Board (OpenBB) 1.0.8 allows remote attackers to obtain the full path of the web server...
CVE-2006-2217	SQL injection vulnerability in index.php in Invision Power Board allows remote attackers to execute ...
CVE-2006-2218	Unspecified vulnerability in Internet Explorer 6.0 on Microsoft Windows XP SP2 allows remote attacke...	S
CVE-2006-2219	phpBB 2.0.20 does not verify user-specified input variable types before being passed to type-depende...
CVE-2006-2220	phpBB 2.0.20 does not properly verify user-specified input variables used as limits to SQL queries, ...
CVE-2006-2221	A third-party installer generation tool, possibly BitRock InstallBuilder, as used in products includ...	S
CVE-2006-2222	Buffer overflow in zawhttpd 0.8.23, and possibly previous versions, allows remote attackers to cause...	E
CVE-2006-2223	RIPd in Quagga 0.98 and 0.99 before 20060503 does not properly implement configurations that (1) dis...	E S
CVE-2006-2224	RIPd in Quagga 0.98 and 0.99 before 20060503 does not properly enforce RIPv2 authentication requirem...	E S
CVE-2006-2225	Buffer overflow in XM Easy Personal FTP Server 4.3 and earlier allows remote attackers to execute ar...
CVE-2006-2226	Buffer overflow in XM Easy Personal FTP Server 4.2 and 5.0.1 allows remote authenticated users to ca...	E
CVE-2006-2227	Cross-site scripting (XSS) vulnerability in misc.php in PunBB 1.2.11 allows remote attackers to inje...
CVE-2006-2228	Cross-site scripting (XSS) vulnerability in w-Agora (aka Web-Agora) 4.2.0 allows remote attackers to...	E
CVE-2006-2229	OpenVPN 2.0.7 and earlier, when configured to use the --management option with an IP that is not 127...
CVE-2006-2230	Multiple format string vulnerabilities in xiTK (xitk/main.c) in xine 0.99.4 might allow attackers to...
CVE-2006-2231	Multiple cross-site scripting (XSS) vulnerabilities in addguest.cgi in Big Webmaster Guestbook Scrip...
CVE-2006-2232	Cross-site scripting (XSS) vulnerability in Scriptsez Cute Guestbook 20060211 allows remote attacker...	E
CVE-2006-2233	Buffer overflow in BankTown Client Control (aka BtCxCtl20Com) 1.4.2.51817, and possibly 1.5.2.50209,...	E
CVE-2006-2234	Multiple cross-site scripting (XSS) vulnerabilities in TyroCMS beta 1.0 allow remote attackers to in...
CVE-2006-2235	CodeMunkyX (aka free-php.net) Simple Poll 1.0, when authentication is not required for the admin dir...	E
CVE-2006-2236	Buffer overflow in the Quake 3 Engine, as used by (1) ET 2.60, (2) Return to Castle Wolfenstein 1.41...	E S
CVE-2006-2237	The web interface for AWStats 6.4 and 6.5, when statistics updates are enabled, allows remote attack...	S
CVE-2006-2238	Heap-based buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrar...	E S
CVE-2006-2239	SQL injection vulnerability in readarticle.php in Newsadmin 1.1 allows remote attackers to execute a...
CVE-2006-2240	Unspecified vulnerability in the (1) web cache or (2) web proxy in Fujitsu NetShelter/FW allows remo...
CVE-2006-2241	PHP remote file inclusion vulnerability in show.php in Fast Click SQL Lite 1.1.3 and earlier allows ...	E
CVE-2006-2242	acFTP 1.4 allows remote attackers to cause a denial of service (application crash) via a long string...	E
CVE-2006-2243	Multiple cross-site scripting (XSS) vulnerabilities in Web4Future News Portal allow remote attackers...	E
CVE-2006-2244	Multiple SQL injection vulnerabilities in Web4Future News Portal allow remote attackers to execute a...	E
CVE-2006-2245	PHP remote file inclusion vulnerability in auction\auction_common.php in Auction mod 1.3m for phpBB ...
CVE-2006-2246	Cross-site scripting (XSS) vulnerability in UBlog 1.6 Access Edition allows remote attackers to inje...	E
CVE-2006-2247	WebCalendar 1.0.1 to 1.0.3 generates different error messages depending on whether or not a username...
CVE-2006-2248	Xeneo Web Server 2.2.22.0 allows remote attackers to obtain the source code of script files via craf...
CVE-2006-2249	Multiple cross-site scripting (XSS) vulnerabilities in search.php in CuteNews 1.4.1 and earlier, and...	E
CVE-2006-2250	CuteNews 1.4.1 allows remote attackers to obtain sensitive information via a direct request to (1) /...
CVE-2006-2251	SQL injection vulnerability in the do_mmod function in mod.php in Invision Community Blog (ICB) 1.1....	E S
CVE-2006-2252	Cross-site scripting vulnerability in submit.php in OpenFAQ 0.4.0 allows remote attackers to inject ...	E
CVE-2006-2253	PHP remote file inclusion vulnerability in visible_count_inc.php in Statit 4 (060207) allows remote ...	E S
CVE-2006-2254	Buffer overflow in filecpnt.exe in FileCOPA 1.01 allows remote attackers to cause a denial of servic...	E
CVE-2006-2255	Multiple SQL injection vulnerabilities in Creative Community Portal 1.1 and earlier allow remote att...	E
CVE-2006-2256	PHP remote file inclusion vulnerability in includes/dbal.php in EQdkp 1.3.0 and earlier allows remot...	E S
CVE-2006-2257	Cross-site scripting (XSS) vulnerability in index.php in easyEvent 1.2 allows remote attackers to in...
CVE-2006-2258	Cross-site scripting (XSS) vulnerability in Logon.asp in MaxxSchedule 1.0 allows remote attackers to...	E
CVE-2006-2259	SQL injection vulnerability in Logon.asp in MaxxSchedule 1.0 allows remote attackers to execute arbi...
CVE-2006-2260	Cross-site scripting (XSS) vulnerability in the project module (project.module) in Drupal 4.5 and 4....	S
CVE-2006-2261	PHP remote file inclusion vulnerability in day.php in ACal 2.2.6 allows remote attackers to execute ...	E
CVE-2006-2262	Cross-site scripting (XSS) vulnerability in index.php in singapore 0.9.7 allows remote attackers to ...	E
CVE-2006-2263	SQL injection vulnerability in shopcurrency.asp in VP-ASP 6.00 allows remote attackers to execute ar...	E S
CVE-2006-2264	Multiple SQL injection vulnerabilities in Ocean12 Calendar Manager Pro 1.00 allow remote attackers t...	E
CVE-2006-2265	Cross-site scripting vulnerability in admin/main.asp in Ocean12 Calendar Manager Pro 1.00 allows rem...	E
CVE-2006-2266	SQL injection vulnerability in Chirpy! 0.1 allows remote attackers to execute arbitrary SQL commands...	S
CVE-2006-2267	Kerio WinRoute Firewall before 6.2.1 allows remote attackers to cause a denial of service (applicati...	S
CVE-2006-2268	SQL injection vulnerability in FlexCustomer 0.0.4 and earlier allows remote attackers to bypass auth...	E
CVE-2006-2269	Cross-site scripting (XSS) vulnerability in myWebland MyBloggie 2.1.3 and earlier allows remote atta...	E
CVE-2006-2270	PHP remote file inclusion vulnerability in includes/config.php in Jetbox CMS 2.1 allows remote attac...	E
CVE-2006-2271	The ECNE chunk handling in Linux SCTP (lksctp) before 2.6.17 allows remote attackers to cause a deni...	S
CVE-2006-2272	Linux SCTP (lksctp) before 2.6.17 allows remote attackers to cause a denial of service (kernel panic...	S
CVE-2006-2273	The InstallProduct routine in the Verisign VUpdater.Install (aka i-Nav) ActiveX control does not ver...
CVE-2006-2274	Linux SCTP (lksctp) before 2.6.17 allows remote attackers to cause a denial of service (infinite rec...
CVE-2006-2275	Linux SCTP (lksctp) before 2.6.17 allows remote attackers to cause a denial of service (deadlock) vi...
CVE-2006-2276	bgpd in Quagga 0.98 and 0.99 before 20060504 allows local users to cause a denial of service (CPU co...	E S
CVE-2006-2277	Multiple Apple Mac OS X 10.4 applications might allow context-dependent attackers to cause a denial ...
CVE-2006-2278	SaphpLesson 3.0 does not initialize array variables, which allows remote attackers to obtain the ful...
CVE-2006-2279	Multiple SQL injection vulnerabilities in SaphpLesson 3.0 allow remote attackers to execute arbitrar...
CVE-2006-2280	Directory traversal vulnerability in website.php in openEngine 1.8 Beta 2 and earlier allows remote ...	E
CVE-2006-2281	X-Scripts X-Poll (xpoll) 2.30 allows remote attackers to execute arbitrary PHP code by using admin/i...	E
CVE-2006-2282	Cross-site scripting (XSS) vulnerability in X7 Chat 2.0.2 and earlier allows remote attackers to inj...
CVE-2006-2283	Multiple PHP remote file inclusion vulnerabilities in SpiffyJr phpRaid 2.9.5 through 3.0.b3 allow re...	E
CVE-2006-2284	Multiple PHP remote file inclusion vulnerabilities in Claroline 1.7.5 allow remote attackers to exec...	E S
CVE-2006-2285	PHP remote file inclusion vulnerability in authldap.php in Dokeos 1.6.4 allows remote attackers to e...	E S
CVE-2006-2286	Multiple PHP remote file inclusion vulnerabilities in claro_init_global.inc.php in Dokeos 1.6.3 and ...
CVE-2006-2287	Multiple cross-site scripting (XSS) vulnerabilities in Vision Source 0.6 and earlier allow remote at...
CVE-2006-2288	Avahi before 0.6.10 allows local users to cause a denial of service (mDNS/DNS-SD service disconnect)...
CVE-2006-2289	Buffer overflow in avahi-core in Avahi before 0.6.10 allows local users to execute arbitrary code vi...	S
CVE-2006-2290	Multiple cross-site scripting (XSS) vulnerabilities in kommentar.php in 2005-Comments-Script allow r...
CVE-2006-2291	Cross-site scripting (XSS) vulnerability in calendar_new.asp in IA-Calendar allows remote attackers ...
CVE-2006-2292	Multiple SQL injection vulnerabilities in IA-Calendar allow remote attackers to execute arbitrary SQ...
CVE-2006-2293	SQL injection vulnerability in all_calendars.asp in MultiCalendars 3.0 allows remote attackers to ex...
CVE-2006-2294	Cross-site scripting (XSS) vulnerability in Dynamic Galerie 1.0 allows remote attackers to inject ar...
CVE-2006-2295	Directory traversal vulnerability in Dynamic Galerie 1.0 allows remote attackers to access arbitrary...
CVE-2006-2296	SQL injection vulnerability in search_result.asp in EDirectoryPro 2.0 and earlier allows remote atta...
CVE-2006-2297	Heap-based buffer overflow in Microsoft Infotech Storage System Library (itss.dll) allows user-assis...	E
CVE-2006-2298	The Internet Key Exchange version 1 (IKEv1) implementation in the libike library in Solaris 9 and 10...
CVE-2006-2300	Multiple SQL injection vulnerabilities in EImagePro allow remote attackers to execute arbitrary SQL ...	E
CVE-2006-2301	SQL injection vulnerability in admin_default.asp in OzzyWork Galeri allows remote attackers to execu...	E
CVE-2006-2302	SQL injection vulnerability in admin_default.asp in DUGallery 2.x allows remote attackers to execute...	E
CVE-2006-2303	Cross-Application Scripting (XAS) vulnerability in ICQ Client 5.04 build 2321 and earlier allows rem...
CVE-2006-2304	Multiple integer overflows in the DPRPC library (DPRPCW32.DLL) in Novell Client 4.83 SP3, 4.90 SP2 a...	S
CVE-2006-2305	Multiple cross-site scripting (XSS) vulnerabilities in Jadu CMS allow remote attackers to inject arb...
CVE-2006-2306	Cross-site scripting (XSS) vulnerability in moreinfo.asp in EPublisherPro allows remote attackers to...	E
CVE-2006-2307	Cross-site scripting (XSS) vulnerability in Website Baker CMS before 2.6.4 allows remote attackers t...	S
CVE-2006-2308	Directory traversal vulnerability in the IMAP service in EServ/3 3.25 allows remote authenticated us...	S
CVE-2006-2309	The HTTP service in EServ/3 3.25 allows remote attackers to obtain sensitive information via crafted...	S
CVE-2006-2310	BlueDragon Server and Server JX 6.2.1.286 for Windows allows remote attackers to cause a denial of s...	E S
CVE-2006-2311	Cross-site scripting (XSS) vulnerability in BlueDragon Server and Server JX 6.2.1.286 for Windows al...	E
CVE-2006-2312	Argument injection vulnerability in the URI handler in Skype 2.0..104 and 2.5..0 through 2.5.*.78 ...
CVE-2006-2313	PostgreSQL 8.1.x before 8.1.4, 8.0.x before 8.0.8, 7.4.x before 7.4.13, 7.3.x before 7.3.15, and ear...	S
CVE-2006-2314	PostgreSQL 8.1.x before 8.1.4, 8.0.x before 8.0.8, 7.4.x before 7.4.13, 7.3.x before 7.3.15, and ear...	S
CVE-2006-2315	PHP remote file inclusion vulnerability in session.inc.php in ISPConfig 2.2.2 and earlier allows rem...	E
CVE-2006-2316	S24EvMon.exe in the Intel PROset/Wireless software, possibly 10.1.0.33, uses a S24EventManagerShared...	E
CVE-2006-2317	Unspecified vulnerability in Ideal Science Ideal BB 1.5.4a and earlier allows remote attackers to re...
CVE-2006-2318	Incomplete blacklist vulnerability in Ideal Science Ideal BB 1.5.4a and earlier allows remote attack...	E S
CVE-2006-2319	Ideal Science Ideal BB 1.5.4a and earlier does not properly check file extensions before permitting ...
CVE-2006-2320	Multiple SQL injection vulnerabilities in Ideal Science Ideal BB 1.5.4a and earlier allow remote att...
CVE-2006-2321	Multiple cross-site scripting (XSS) vulnerabilities in Ideal Science Ideal BB 1.5.4a and earlier all...
CVE-2006-2322	The transparent proxy feature of the Cisco Application Velocity System (AVS) 3110 5.0 and 4.0 and ea...	S
CVE-2006-2323	Multiple PHP remote file inclusion vulnerabilities in SmartISoft phpListPro 2.01 and earlier allow r...
CVE-2006-2324	180solutions Zango downloads "required Adware components" without checking integrity or authenticity...	E S
CVE-2006-2325	Cross-site scripting (XSS) vulnerability in index.php in OnlyScript.info Online Universal Payment Sy...
CVE-2006-2326	Directory traversal vulnerability in index.php in OnlyScript.info Online Universal Payment System Sc...
CVE-2006-2327	Multiple integer overflows in the DPRPC library (DPRPCNLM.NLM) NDPS/iPrint module in Novell Distribu...	S
CVE-2006-2328	SQL injection vulnerability in lib/adodb/server.php in AngelineCMS 0.6.5 and earlier might allow rem...
CVE-2006-2329	AngelineCMS 0.6.5 and earlier allow remote attackers to obtain sensitive information via a direct re...	E
CVE-2006-2330	PHP-Fusion 6.00.306 and earlier, running under Apache HTTP Server 1.3.27 and PHP 4.3.3, allows remot...	E S
CVE-2006-2331	Multiple directory traversal vulnerabilities in PHP-Fusion 6.00.306 allow remote attackers to includ...	E S
CVE-2006-2332	Mozilla Firefox 1.5.0.3 allows remote attackers to cause a denial of service via a web page with a l...
CVE-2006-2333	Multiple SQL injection vulnerabilities in MyBB (aka MyBulletinBoard) 1.1.1 allow remote attackers to...	E
CVE-2006-2334	The RtlDosPathNameToNtPathName_U API function in NTDLL.DLL in Microsoft Windows 2000 SP4 and XP SP2 ...	E
CVE-2006-2335	Jelsoft vBulletin accepts uploads of Cascading Style Sheets (CSS) and processes them in a way that a...	E
CVE-2006-2336	SQL injection vulnerability in showthread.php in MyBB (aka MyBulletinBoard) 1.1.1 allows remote atta...
CVE-2006-2337	Directory traversal vulnerability in webcm in the D-Link DSL-G604T Wireless ADSL Router Modem allows...	E
CVE-2006-2338	PlaNet Concept plaNetStat 20050127 allows remote attackers to gain administrative privileges, and vi...
CVE-2006-2339	SQL injection vulnerability in index.php in evoTopsites 2.x and evoTopsites Pro 2.x allows remote at...	E
CVE-2006-2340	Cross-site scripting (XSS) vulnerability in PassMasterFlex and PassMasterFlexPlus (PassMasterFlex+) ...
CVE-2006-2341	The HTTP proxy in Symantec Gateway Security 5000 Series 2.0.1 and 3.0, and Enterprise Firewall 8.0, ...	E S
CVE-2006-2342	IBM WebSphere Application Server 6.0.2 before FixPack 3 allows remote attackers to bypass authentica...	S
CVE-2006-2343	Cross-site scripting (XSS) vulnerability in Search.do in ManageEngine OpManager 6.0 allows remote at...
CVE-2006-2344	SQL injection vulnerability in inc/elementz.php in AliPAGER 1.5, with magic_quotes_gpc disabled, all...	E S
CVE-2006-2345	Cross-site scripting (XSS) vulnerability in inc/elementz.php in AliPAGER 1.5 allows remote attackers...
CVE-2006-2346	vpopmail 5.4.14 and 5.4.15, with cleartext passwords enabled, allows remote attackers to authenticat...	S
CVE-2006-2347	E-Business Designer (eBD) 3.1.4 and earlier allows remote attackers to obtain the full path of the w...
CVE-2006-2348	Cross-site scripting (XSS) vulnerability in form_grupo.html in E-Business Designer (eBD) 3.1.4 and e...	E
CVE-2006-2349	E-Business Designer (eBD) 3.1.4 and earlier allows remote attackers to upload or modify arbitrary fi...	E S
CVE-2006-2350	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-2344. Reason: This candida...	R
CVE-2006-2351	Multiple cross-site scripting (XSS) vulnerabilities in IPswitch WhatsUp Professional 2006 and WhatsU...	E
CVE-2006-2352	Multiple cross-site scripting (XSS) vulnerabilities in IPswitch WhatsUp Professional 2006 and WhatsU...	E
CVE-2006-2353	NmConsole/DeviceSelection.asp in Ipswitch WhatsUp Professional 2006 and WhatsUp Professional 2006 Pr...
CVE-2006-2354	NmConsole/Login.asp in Ipswitch WhatsUp Professional 2006 and Ipswitch WhatsUp Professional 2006 Pre...	E
CVE-2006-2355	Ipswitch WhatsUp Professional 2006 and Ipswitch WhatsUp Professional 2006 Premium allows remote atta...	E
CVE-2006-2356	NmConsole/utility/RenderMap.asp in Ipswitch WhatsUp Professional 2006 and WhatsUp Professional 2006 ...	E
CVE-2006-2357	Ipswitch WhatsUp Professional 2006 and WhatsUp Professional 2006 Premium allows remote attackers to ...
CVE-2006-2358	Multiple cross-site scripting (XSS) vulnerabilities in various scripts in Web-Labs CMS allow remote ...
CVE-2006-2359	Cross-site scripting (XSS) vulnerability in charts.php in the Chart mod for phpBB allows remote atta...
CVE-2006-2360	SQL injection vulnerability in charts.php in the Chart mod for phpBB allows remote attackers to exec...
CVE-2006-2361	PHP remote file inclusion vulnerability in pafiledb_constants.php in Download Manager (mxBB pafiledb...	E
CVE-2006-2362	Buffer overflow in getsym in tekhex.c in libbfd in Free Software Foundation GNU Binutils before 2006...	E S
CVE-2006-2363	SQL injection vulnerability in the weblinks option (weblinks.html.php) in Limbo CMS allows remote at...	E S
CVE-2006-2364	Cross-site scripting (XSS) vulnerability in the validation feature in Macromedia ColdFusion 5 and ea...	E
CVE-2006-2365	Cross-site scripting (XSS) vulnerability in a_login.php in Vizra allows remote attackers to inject a...	E
CVE-2006-2366	ircp_io.c in libopenobex for ircp 1.2, when ircp is run with the -r option, does not prompt the user...
CVE-2006-2367	Cross-site scripting (XSS) vulnerability in index.php in Clansys (aka Clanpage System) 1.0 and 1.1 a...	E
CVE-2006-2368	Cross-site scripting (XSS) vulnerability in index.php in Clansys (aka Clanpage System) 1.1 allows re...	E
CVE-2006-2369	RealVNC 4.1.1, and other products that use RealVNC such as AdderLink IP and Cisco CallManager, allow...	E S
CVE-2006-2370	Buffer overflow in the Routing and Remote Access service (RRAS) in Microsoft Windows 2000 SP4, XP SP...	S
CVE-2006-2371	Buffer overflow in the Remote Access Connection Manager service (RASMAN) service in Microsoft Window...	S
CVE-2006-2372	Buffer overflow in the DHCP Client service for Microsoft Windows 2000 SP4, Windows XP SP1 and SP2, a...	E S
CVE-2006-2373	The Server Message Block (SMB) driver (MRXSMB.SYS) in Microsoft Windows 2000 SP4, XP SP1 and SP2, an...	S
CVE-2006-2374	The Server Message Block (SMB) driver (MRXSMB.SYS) in Microsoft Windows 2000 SP4, XP SP1 and SP2, an...	E S
CVE-2006-2375	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2006-2376	Integer overflow in the PolyPolygon function in Graphics Rendering Engine on Microsoft Windows 98 an...	S
CVE-2006-2377	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2006-2378	Buffer overflow in the ART Image Rendering component (jgdw400.dll) in Microsoft Windows XP SP1 and S...	S
CVE-2006-2379	Buffer overflow in the TCP/IP Protocol driver in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Ser...	S
CVE-2006-2380	Microsoft Windows 2000 SP4 does not properly validate an RPC server during mutual authentication ove...	S
CVE-2006-2381	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2006-2382	Heap-based buffer overflow in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allows remo...
CVE-2006-2383	Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allows remot...	S
CVE-2006-2384	Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allows remote attackers to conduct spoofi...
CVE-2006-2385	Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allows user-...
CVE-2006-2386	Unspecified vulnerability in Microsoft Outlook Express 6 and earlier allows remote attackers to exec...
CVE-2006-2387	Unspecified vulnerability in Microsoft Excel 2000, 2002, 2003, 2004 for Mac, v.X for Mac, Excel View...
CVE-2006-2388	Microsoft Office Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code vi...	S
CVE-2006-2389	Unspecified vulnerability in Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, and ...
CVE-2006-2390	Cross-site scripting (XSS) vulnerability in OZJournals 1.2 allows remote attackers to inject arbitra...	E
CVE-2006-2391	Buffer overflow in EMC Retrospect Client 5.1 through 7.5 allows remote attackers to cause a denial o...	S
CVE-2006-2392	PHP remote file inclusion vulnerability in public_includes/pub_popup/popup_finduser.php in PHP Blue ...	E
CVE-2006-2393	The client_cmd function in Empire 4.3.2 and earlier allows remote attackers to cause a denial of ser...	E S
CVE-2006-2394	Cross-site scripting (XSS) vulnerability in chat.php in PHP Live Helper allows remote attackers to i...	E
CVE-2006-2395	PHP remote file inclusion vulnerability in resources/includes/popp.config.loader.inc.php in PopSoft ...
CVE-2006-2396	Cross-site scripting (XSS) vulnerability in phpODP 1.5h allows remote attackers to inject arbitrary ...	E
CVE-2006-2397	Multiple cross-site scripting (XSS) vulnerabilities in GPhotos 1.5 and earlier allow remote attacker...	E
CVE-2006-2398	Directory traversal vulnerability in index.php in GPhotos 1.5 and earlier allows remote attackers to...	E
CVE-2006-2399	Stack-based buffer overflow in the ServerNetworking::incoming_client_data function in servnet.cpp in...	E
CVE-2006-2400	The leetnet functions (leetnet/rudp.cpp) in Outgun 1.0.3 bot 2 and earlier allow remote attackers to...	E
CVE-2006-2401	The leetnet functions (leetnet/rudp.cpp) in Outgun 1.0.3 bot 2 and earlier allow remote attackers to...	E
CVE-2006-2402	Buffer overflow in the changeRegistration function in servernet.cpp for Outgun 1.0.3 bot 2 and earli...	E
CVE-2006-2403	Buffer overflow in FileZilla before 2.2.23 allows remote attackers to execute arbitrary commands via...	S
CVE-2006-2404	Directory traversal vulnerability in popup.php in RadScripts RadLance Gold 7.0 allows remote attacke...	E
CVE-2006-2405	Directory traversal vulnerability in unb_lib/abbc.conf.php in Unclassified NewsBoard (UNB) 1.6.1 pat...	E S
CVE-2006-2406	Directory traversal vulnerability in bb_lib/abbc.css.php in Unclassified NewsBoard (UNB) 1.5.3-d and...	S
CVE-2006-2407	Stack-based buffer overflow in (1) WeOnlyDo wodSSHServer ActiveX Component 1.2.7 and 1.3.3 DEMO, as ...	E S
CVE-2006-2408	Multiple buffer overflows in Raydium before SVN revision 310 allow remote attackers to execute arbit...
CVE-2006-2409	Format string vulnerability in the raydium_log function in console.c in Raydium before SVN revision ...	S
CVE-2006-2410	raydium_network_netcall_exec function in network.c in Raydium SVN revision 312 and earlier allows re...
CVE-2006-2411	Buffer overflow in raydium_network_read function in network.c in Raydium SVN revision 312 and earlie...
CVE-2006-2412	The raydium_network_read function in network.c in Raydium SVN revision 312 and earlier allows remote...
CVE-2006-2413	GNUnet before SVN revision 2781 allows remote attackers to cause a denial of service (infinite loop ...	S
CVE-2006-2414	Directory traversal vulnerability in Dovecot 1.0 beta and 1.0 allows remote attackers to list files ...	S
CVE-2006-2415	Multiple cross-site scripting (XSS) vulnerabilities in FlexChat 2.0 and earlier allow remote attacke...
CVE-2006-2416	SQL injection vulnerability in class2.php in e107 0.7.2 and earlier allows remote attackers to execu...	S
CVE-2006-2417	Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.8.0.x before 2.8.0.4 allows remote attacker...	S
CVE-2006-2418	Cross-site scripting (XSS) vulnerabilities in certain versions of phpMyAdmin before 2.8.0.4 allow re...	S
CVE-2006-2419	Cross-site scripting (XSS) vulnerability in index.php in Directory Listing Script allows remote atta...	E
CVE-2006-2420	Bugzilla 2.20rc1 through 2.20 and 2.21.1, when using RSS 1.0, allows remote attackers to conduct cro...	S
CVE-2006-2421	Stack-based buffer overflow in Pragma FortressSSH 4.0.7.20 allows remote attackers to execute arbitr...
CVE-2006-2422	phpCOIN 1.2.3 and earlier stores messages based upon e-mail addresses, which allows remote authentic...
CVE-2006-2423	Cross-site scripting (XSS) vulnerability in ftplogin/index.php in Confixx 3.1.2 allows remote attack...
CVE-2006-2424	PHP remote file inclusion vulnerability in ezUserManager 1.6 and earlier, when register_globals is e...	E S
CVE-2006-2425	Multiple cross-site scripting (XSS) vulnerabilities in PRV.php in PhpRemoteView, possibly 2003-10-23...	E
CVE-2006-2426	Sun Java Runtime Environment (JRE) 1.5.0_6 and earlier, JDK 1.5.0_6 and earlier, and SDK 1.5.0_6 and...	E
CVE-2006-2427	freshclam in (1) Clam Antivirus (ClamAV) 0.88 and (2) ClamXav 1.0.3h and earlier does not drop privi...	E
CVE-2006-2428	add.asp in DUware DUbanner 3.1 allows remote attackers to execute arbitrary code by uploading files ...
CVE-2006-2429	Unspecified vulnerability in IBM WebSphere Application Server 6.0.2, 6.0.2.1, 6.0.2.3, 6.0.2.5, and ...	S
CVE-2006-2430	IBM WebSphere Application Server 5.0.2 and earlier, 5.1.1 and earlier, and 6.0.2 up to 6.0.2.7 recor...	S
CVE-2006-2431	Cross-site scripting (XSS) vulnerability in the 500 Internal Server Error page on the SOAP port (888...	S
CVE-2006-2432	IBM WebSphere Application Server 5.0.2 (or any earlier cumulative fix) and 5.1.1 (or any earlier cum...	S
CVE-2006-2433	Unspecified vulnerability in IBM WebSphere Application Server 6.0.2, 6.0.2.1, 6.0.2.3, 6.0.2.5, and ...	S
CVE-2006-2434	Unspecified vulnerability in WebSphere 5.1.1 (or any earlier cumulative fix) Common Configuration Mo...	S
CVE-2006-2435	Unspecified vulnerability in IBM WebSphere Application Server 5.0.2 and earlier, and 5.1.1 and earli...	S
CVE-2006-2436	WebSphere Application Server 5.0.2 (or any earlier cumulative fix) stores admin and LDAP passwords i...	S
CVE-2006-2437	The viewfile servlet in the documentation package (resin-doc) for Caucho Resin 3.0.17 and 3.0.18 all...	E S
CVE-2006-2438	Directory traversal vulnerability in the viewfile servlet in the documentation package (resin-doc) f...	E S
CVE-2006-2439	Stack-based buffer overflow in ZipCentral 4.01 allows remote user-assisted attackers to execute arbi...
CVE-2006-2440	Heap-based buffer overflow in the libMagick component of ImageMagick 6.0.6.2 might allow attackers t...	S
CVE-2006-2441	Pioneers meta-server before 0.9.55, when the server-console is not installed, allows remote attacker...	S
CVE-2006-2442	kphone 4.2 creates .qt/kphonerc with world-readable permissions, which allows local users to read us...	S
CVE-2006-2443	The Debian package of knowledgetree 2.0.7 creates environment.php with world-readable permissions, w...	S
CVE-2006-2444	The snmp_trap_decode function in the SNMP NAT helper for Linux kernel before 2.6.16.18 allows remote...	S
CVE-2006-2445	Race condition in run_posix_cpu_timers in Linux kernel before 2.6.16.21 allows local users to cause ...
CVE-2006-2446	Race condition between the kfree_skb and __skb_unlink functions in the socket buffer handling in Lin...	S
CVE-2006-2447	SpamAssassin before 3.1.3, when running with vpopmail and the paranoid (-P) switch, allows remote at...	S
CVE-2006-2448	Linux kernel before 2.6.16.21 and 2.6.17, when running on PowerPC, does not perform certain required...	S
CVE-2006-2449	KDE Display Manager (KDM) in KDE 3.2.0 up to 3.5.3 allows local users to read arbitrary files via a ...	S
CVE-2006-2450	auth.c in LibVNCServer 0.7.1 allows remote attackers to bypass authentication via a request in which...	S
CVE-2006-2451	The suid_dumpable support in Linux kernel 2.6.13 up to versions before 2.6.17.4, and 2.6.16 before 2...
CVE-2006-2452	GNOME GDM 2.8, 2.12, 2.14, and 2.15, when the "face browser" feature is enabled, allows local users ...
CVE-2006-2453	Multiple unspecified format string vulnerabilities in Dia have unspecified impact and attack vectors...	S
CVE-2006-2458	Multiple heap-based buffer overflows in Libextractor 0.5.13 and earlier allow remote attackers to ex...	E S
CVE-2006-2459	SQL injection vulnerability in messages.php in PHP-Fusion 6.00.307 and earlier allows remote authent...	E
CVE-2006-2460	Sugar Suite Open Source (SugarCRM) 4.2 and earlier, when register_globals is enabled, does not prote...	E
CVE-2006-2461	BEA WebLogic Server before 8.1 Service Pack 4 does not properly set the Quality of Service in certai...	S
CVE-2006-2462	BEA WebLogic Server 8.1 before Service Pack 4 and 7.0 before Service Pack 6, may send sensitive data...	S
CVE-2006-2463	view_album.php in SelectaPix 1.31 and earlier allows remote attackers to obtain the installation pat...	E
CVE-2006-2464	stopWebLogic.sh in BEA WebLogic Server 8.1 before Service Pack 4 and 7.0 before Service Pack 6 displ...	S
CVE-2006-2465	Buffer overflow in MP3Info 0.8.4 allows attackers to execute arbitrary code via a long command line ...	E
CVE-2006-2466	BEA WebLogic Server 8.1 up to SP4 and 7.0 up to SP6 allows remote attackers to obtain the source cod...	S
CVE-2006-2467	BEA WebLogic Server 8.1 up to SP4, 7.0 up to SP6, and 6.1 up to SP7 displays the internal IP address...	S
CVE-2006-2468	The WebLogic Server Administration Console in BEA WebLogic Server 8.1 up to SP4 and 7.0 up to SP6 di...	S
CVE-2006-2469	The HTTP handlers in BEA WebLogic Server 9.0, 8.1 up to SP5, 7.0 up to SP6, and 6.1 up to SP7 stores...	S
CVE-2006-2470	Unspecified vulnerability in the WebLogic Server Administration Console for BEA WebLogic Server 9.0 ...	S
CVE-2006-2471	Multiple vulnerabilities in BEA WebLogic Server 8.1 through SP4, 7.0 through SP6, and 6.1 through SP...	S
CVE-2006-2472	Unspecified vulnerability in BEA WebLogic Server 9.1 and 9.0, 8.1 through SP5, 7.0 through SP6, and ...	S
CVE-2006-2473	Cross-site scripting (XSS) vulnerability in ow.asp in OpenWiki 0.78 allows remote attackers to injec...
CVE-2006-2474	SQL injection vulnerability in lshop.cgi in Cosmoshop 8.11.106 and earlier allows remote attackers t...	E
CVE-2006-2475	Directory traversal vulnerability in (1) edit_mailtexte.cgi and (2) bestmail.cgi in Cosmoshop 8.11.1...
CVE-2006-2476	Bitrix Site Manager 4.1.x stores updater.log under the web document root with insufficient access co...	E
CVE-2006-2477	Cross-site scripting (XSS) vulnerability in the administrative interface Bitrix Site Manager 4.1.x a...	E
CVE-2006-2478	Bitrix Site Manager 4.1.x allows remote attackers to redirect users to other websites via a modified...	E
CVE-2006-2479	The Update functionality in Bitrix Site Manager 4.1.x does not verify the authenticity of downloaded...	E
CVE-2006-2480	Format string vulnerability in Dia 0.94 allows user-assisted attackers to cause a denial of service ...	E S
CVE-2006-2481	VMware ESX Server 2.0.x before 2.0.2 and 2.x before 2.5.2 patch 4 stores authentication credentials ...
CVE-2006-2482	Heap-based buffer overflow in the TZipTV component in (1) ZipTV for Delphi 7 2006.1.26 and for C++ B...
CVE-2006-2483	PHP remote file inclusion vulnerability in cart_content.php in Squirrelcart 2.2.2 and earlier allows...	E S
CVE-2006-2484	Cross-site scripting (XSS) vulnerability in index.html in IceWarp WebMail 5.5.1 and earlier allows r...	E
CVE-2006-2485	PHP remote file inclusion vulnerability in includes/class_template.php in Quezza 1.0 and earlier, an...	E S
CVE-2006-2486	SQL injection vulnerability in find.php in YapBB 1.2 Beta2 and earlier allows remote attackers to ex...
CVE-2006-2487	Multiple PHP remote file inclusion vulnerabilities in ScozNews 1.2.1 and earlier allow remote attack...	E
CVE-2006-2488	Multiple cross-site scripting (XSS) vulnerabilities in Spymac WebOS (WOS) 5.0 allow remote attackers...	E
CVE-2006-2489	Integer overflow in CGI scripts in Nagios 1.x before 1.4.1 and 2.x before 2.3.1 allows remote attack...	S
CVE-2006-2490	Multiple cross-site scripting (XSS) vulnerabilities in Mobotix IP Network Cameras M1 1.9.4.7 and M10...	E S
CVE-2006-2491	Cross-site scripting (XSS) vulnerability in (1) index.php and (2) bmc/admin.php in BoastMachine (bMa...	E
CVE-2006-2492	Buffer overflow in Microsoft Word in Office 2000 SP3, Office XP SP3, Office 2003 Sp1 and SP2, and Mi...	KEV E S
CVE-2006-2493	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-1861. Reason: This candida...	R
CVE-2006-2494	Stack-based buffer overflow in IntelliTamper 2.07 allows remote attackers to execute arbitrary code ...	E
CVE-2006-2495	Cross-site request forgery (CSRF) vulnerability in the Entry Manager in Serendipity before 1.0-beta3...	S
CVE-2006-2496	Buffer overflow in iMonitor 2.4 in Novell eDirectory 8.8 allows remote attackers to cause a denial o...	S
CVE-2006-2497	Multiple cross-site scripting (XSS) vulnerabilities in AspBB 0.5.2 allow remote attackers to inject ...	E
CVE-2006-2498	Invision Power Board (IPB) before 2.1.6 allows remote attackers to execute arbitrary PHP script via ...	S
CVE-2006-2499	SQL injection vulnerability in default.asp in CodeAvalanche News (CANews) 1.2 allows remote attacker...	E
CVE-2006-2500	Cross-site scripting (XSS) vulnerability in add_news.asp in CodeAvalanche News (CANews) 1.2 allows r...	E
CVE-2006-2501	Cross-site scripting (XSS) vulnerability in Sun ONE Web Server 6.0 SP9 and earlier, Java System Web ...	S
CVE-2006-2502	Stack-based buffer overflow in pop3d in Cyrus IMAPD (cyrus-imapd) 2.3.2, when the popsubfolders opti...	E
CVE-2006-2503	SQL injection vulnerability in misc.php in DeluxeBB 1.06 allows remote attackers to execute arbitrar...	E
CVE-2006-2504	Multiple SQL injection vulnerabilities in mono AZBOARD 1.0 and earlier allow remote attackers to exe...	E
CVE-2006-2505	Oracle Database Server 10g Release 2 allows local users to execute arbitrary SQL queries via a refer...	E
CVE-2006-2506	Multiple cross-site scripting (XSS) vulnerabilities in search.php in Sphider allow remote attackers ...	E
CVE-2006-2507	Multiple PHP remote file inclusion vulnerabilities in Teake Nutma Foing 0.2.0 through 0.7.0, as used...	E
CVE-2006-2508	SQL injection vulnerability in tr1.php in YourFreeWorld.com Stylish Text Ads Script allows remote at...	E
CVE-2006-2509	SQL injection vulnerability in login.php in YourFreeWorld.com Short Url & Url Tracker Script allows ...
CVE-2006-2510	Cross-site scripting (XSS) vulnerability in the URL submission form in YourFreeWorld.com Short Url &...
CVE-2006-2511	The ActiveX version of FrontRange iHEAT allows remote authenticated users to run arbitrary programs ...
CVE-2006-2512	SQL injection vulnerability in Hitachi EUR Professional Edition, EUR Viewer, EUR Print Service, and ...	S
CVE-2006-2513	Unspecified vulnerability in the installation process in Sun Java System Directory Server 5.2 causes...	S
CVE-2006-2514	Coppermine galleries before 1.4.6, when running on Apache with mod_mime installed, allows remote att...	S
CVE-2006-2515	Cross-site scripting (XSS) vulnerability in index.php in Hiox Guestbook 3.1 allows remote attackers ...
CVE-2006-2516	mainfile.php in XOOPS 2.0.13.2 and earlier, when register_globals is enabled, allows remote attacker...	E
CVE-2006-2517	SQL injection vulnerability in MyWeb Portal Office, Standard Edition, Public Edition, Medical Editio...	S
CVE-2006-2518	Cross-site scripting (XSS) vulnerability in phpwcms 1.2.5-DEV allows remote attackers to inject arbi...	E
CVE-2006-2519	Directory traversal vulnerability in include/inc_ext/spaw/spaw_control.class.php in phpwcms 1.2.5-DE...	E
CVE-2006-2520	Directory traversal vulnerability in BitZipper 4.1.2 SR-1 and earlier allows remote attackers to cre...	E
CVE-2006-2521	PHP remote file inclusion vulnerability in cron.php in phpMyDirectory 10.4.4 and earlier allows remo...	E
CVE-2006-2522	Dayfox Blog 2.0 and earlier stores user credentials in edit/slog_users.txt under the web document ro...	E
CVE-2006-2523	PHP remote file inclusion vulnerability in config.php in phpListPro 2.0.1 and earlier, with magic_qu...	E
CVE-2006-2524	Cross-site scripting (XSS) vulnerability in UseBB 1.0 RC1 and earlier allows remote attackers to inj...	S
CVE-2006-2525	SQL injection vulnerability in UseBB 1.0 RC1 and earlier allows remote attackers to execute arbitrar...	S
CVE-2006-2526	PHP remote file inclusion vulnerability in index.php in PHP Easy Galerie 1.1 allows remote attackers...
CVE-2006-2527	Admin/admin.php in phpBazar 2.1.0 and earlier allows remote attackers to bypass the authentication p...
CVE-2006-2528	PHP remote file inclusion vulnerability in classified_right.php in phpBazar 2.1.0 and earlier allows...	E
CVE-2006-2529	editor/filemanager/upload/php/upload.php in FCKeditor before 2.3 Beta, when the upload feature is en...	S
CVE-2006-2530	avatar_upload.asp in Avatar MOD 1.3 for Snitz Forums 3.4, and possibly other versions, allows remote...	E S
CVE-2006-2531	Ipswitch WhatsUp Professional 2006 only verifies the user's identity via HTTP headers, which allows ...
CVE-2006-2532	stats.php in Destiney Rated Images Script 0.5.0 allows remote attackers to obtain the installation p...
CVE-2006-2533	Cross-site scripting (XSS) vulnerability in (1) addWeblog.php and (2) leaveComments.php in Destiney ...
CVE-2006-2534	Destiney Links Script 2.1.2 does not protect library and other support files, which allows remote at...
CVE-2006-2535	index.php in Destiney Links Script 2.1.2 allows remote attackers to obtain the installation path via...
CVE-2006-2536	Cross-site scripting (XSS) vulnerability in Destiney Links Script 2.1.2 allows remote attackers to i...
CVE-2006-2537	Multiple format string vulnerabilities in (a) OpenBOR 2.0046 and earlier, (b) Beats of Rage (BOR) 1....	E
CVE-2006-2538	IE Tab 1.0.9 plugin for Mozilla Firefox 1.5.0.3 allows remote user-assisted attackers to cause a den...
CVE-2006-2539	Sybase EAServer 5.0 for HP-UX Itanium, 5.2 for IBM AIX, HP-UX PA-RISC, Linux x86, and Sun Solaris SP...	S
CVE-2006-2540	Privacy leak in install.php for Diesel PHP Job Site sends sensitive information such as user credent...
CVE-2006-2541	SQL injection vulnerability in settings.asp in Zixforum 1.12 allows remote attackers to execute arbi...	E
CVE-2006-2542	xmcdconfig in xmcd for Debian GNU/Linux 2.6-17.1 creates /var/lib/cddb and /var/lib/xmcd/discog with...	S
CVE-2006-2543	Xtreme Topsites 1.1 allows remote attackers to trigger MySQL errors and possibly conduct SQL injecti...
CVE-2006-2544	Multiple SQL injection vulnerabilities in Xtreme Topsites 1.1, with magic_quotes_gpc disabled, allow...
CVE-2006-2545	Multiple cross-site scripting (XSS) vulnerabilities in Xtreme Topsites 1.1 allow remote attackers to...
CVE-2006-2546	A recommended admin password reset mechanism for BEA WebLogic Server 8.1, when followed before Octob...	S
CVE-2006-2547	Unspecified vulnerability in the sapdba command in SAP with Informix before 700, and 700 up to patch...	S
CVE-2006-2548	Prodder before 0.5, and perlpodder before 0.5, allows remote attackers to execute arbitrary code via...	E S
CVE-2006-2549	Stack-based buffer overflow in PDF Form Filling and Flattening Tool before 3.1.0.12 allows remote at...	E S
CVE-2006-2550	perlpodder before 0.5 allows remote attackers to execute arbitrary code via shell metacharacters in ...	E
CVE-2006-2551	Unspecified vulnerability in the kernel in HP-UX B.11.00 allows local users to cause an unspecified ...	S
CVE-2006-2552	Jemscripts DownloadControl 1.0 allows remote attackers to obtain sensitive information via an invali...	E
CVE-2006-2553	Cross-site scripting (XSS) vulnerability in Jemscripts DownloadControl 1.0 allows remote attackers t...
CVE-2006-2554	Buffer overflow in the tell_player_surr_changes function in Genecys 0.2 and earlier might allow remo...	E
CVE-2006-2555	The parse_command function in Genecys 0.2 and earlier allows remote attackers to cause a denial of s...	E
CVE-2006-2556	Cross-site scripting (XSS) vulnerability in Florian Amrhein NewsPortal before 0.37, and possibly TR ...	S
CVE-2006-2557	PHP remote file inclusion vulnerability in extras/poll/poll.php in Florian Amrhein NewsPortal before...	E S
CVE-2006-2558	Cross-site scripting (XSS) vulnerability in IpLogger 1.7 and earlier allows remote attackers to inje...
CVE-2006-2559	Linksys WRT54G Wireless-G Broadband Router allows remote attackers to bypass access restrictions and...	S
CVE-2006-2560	Sitecom WL-153 router firmware before 1.38 allows remote attackers to bypass access restrictions and...
CVE-2006-2561	Edimax BR-6104K router allows remote attackers to bypass access restrictions and conduct unauthorize...
CVE-2006-2562	ZyXEL P-335WT router allows remote attackers to bypass access restrictions and conduct unauthorized ...
CVE-2006-2563	The cURL library (libcurl) in PHP 4.4.2 and 5.1.4 allows attackers to bypass safe mode and read file...
CVE-2006-2564	Multiple cross-site scripting (XSS) vulnerabilities in index.php in AlstraSoft E-Friends allow remot...
CVE-2006-2565	SQL injection vulnerability in Alstrasoft Article Manager Pro 1.6 allows remote attackers to execute...
CVE-2006-2566	Alstrasoft Article Manager Pro 1.6 allows remote attackers to obtain sensitive information via (1) a...
CVE-2006-2567	Cross-site scripting (XSS) vulnerability in submit_article.php in Alstrasoft Article Manager Pro 1.6...
CVE-2006-2568	PHP remote file inclusion vulnerability in addpost_newpoll.php in UBB.threads 6.4 through 6.5.2 and ...	E
CVE-2006-2569	SQL injection vulnerability in links.php in 4R Linklist 1.0 RC2 and earlier, a module for Woltlab Bu...	E
CVE-2006-2570	PHP remote file inclusion vulnerability in CaLogic Calendars 1.2.2 allows remote attackers to execut...	E
CVE-2006-2571	Cross-site scripting (XSS) vulnerability in search.html in Alkacon OpenCms 6.0.0, 6.0.2, and 6.0.3 a...	E S
CVE-2006-2572	Cross-site scripting (XSS) vulnerability in index.php in DGBook 1.0 allows remote attackers to injec...
CVE-2006-2573	SQL injection vulnerability in index.php in DGBook 1.0, with magic_quotes_gpc disabled, allows remot...
CVE-2006-2574	Multiple unspecified vulnerabilities in Software Distributor in HP-UX B.11.00, B.11.04, B.11.11, and...	S
CVE-2006-2575	The setFrame function in Lib/2D/Surface.hpp for NetPanzer 0.8 and earlier allows remote attackers to...	E
CVE-2006-2576	Multiple PHP remote file inclusion vulnerabilities in Docebo 3.0.3 and earlier, when register_global...	E
CVE-2006-2577	Multiple PHP remote file inclusion vulnerabilities in Docebo 3.0.3 and earlier, when register_global...	E
CVE-2006-2578	admin/cron.php in eSyndicat Directory 1.2, when register_globals is enabled and magic_quotes_gpc is ...
CVE-2006-2579	Unspecified vulnerability in HP OpenView Storage Data Protector 5.1 and 5.5 allows remote attackers ...	S
CVE-2006-2580	Multiple unspecified vulnerabilities in HP OpenView Network Node Manager (OV NNM) 6.20, 6.4x, 7.01, ...	S
CVE-2006-2581	Cross-site scripting (XSS) vulnerability in Wiki content in RWiki 2.1.0pre1 through 2.1.0 allows rem...	S
CVE-2006-2582	The editing form in RWiki 2.1.0pre1 through 2.1.0 allows remote attackers to execute arbitrary Ruby ...	S
CVE-2006-2583	PHP remote file inclusion vulnerability in nucleus/libs/PLUGINADMIN.php in Nucleus 3.22 and earlier ...	E S
CVE-2006-2584	Multiple cross-site scripting (XSS) vulnerabilities in post.php in SkyeBox 1.2.0 allow remote attack...
CVE-2006-2585	SQL injection vulnerability in Destiney Links Script 2.1.2 allows remote attackers to execute arbitr...
CVE-2006-2586	Cross-site scripting (XSS) vulnerability in IpLogger 1.7 and earlier allows remote attackers to inje...
CVE-2006-2587	Buffer overflow in the WebTool HTTP server component in (1) PunkBuster before 1.229, as used by mult...	E S
CVE-2006-2588	Russcom PHPImages allows remote attackers to upload files of arbitrary types by uploading a file wit...
CVE-2006-2589	SQL injection vulnerability in rss.php in MyBB (aka MyBulletinBoard) 1.1.1 allows remote attackers t...
CVE-2006-2590	SQL injection vulnerability in e107 before 0.7.5 allows remote attackers to execute arbitrary SQL co...	S
CVE-2006-2591	Unspecified vulnerability in e107 before 0.7.5 has unknown impact and remote attack vectors related ...	S
CVE-2006-2592	Unspecified vulnerability in DSChat 1.0 allows remote attackers to execute arbitrary PHP code via th...
CVE-2006-2593	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-2581. Reason: This candida...	R
CVE-2006-2594	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-2582. Reason: This candida...	R
CVE-2006-2595	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-2583. Reason: This candida...	R
CVE-2006-2596	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-2584. Reason: This candida...	R
CVE-2006-2597	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-2585. Reason: This candida...	R
CVE-2006-2598	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-2586. Reason: This candida...	R
CVE-2006-2599	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-2587. Reason: This candida...	R
CVE-2006-2600	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-2588. Reason: This candida...	R
CVE-2006-2601	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-2589. Reason: This candida...	R
CVE-2006-2602	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-2590. Reason: This candida...	R
CVE-2006-2603	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-2591. Reason: This candida...	R
CVE-2006-2604	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-2592. Reason: This candida...	R
CVE-2006-2605	Cross-site scripting (XSS) vulnerability in DSChat 1.0 and earlier allows remote attackers to inject...	S
CVE-2006-2606	Cross-site scripting (XSS) vulnerability in Chatty, possibly 1.0.2 and other versions, allows remote...
CVE-2006-2607	do_command.c in Vixie cron (vixie-cron) 4.1 does not check the return code of a setuid call, which m...	E S
CVE-2006-2608	artmedic newsletter 4.1 and possibly other versions, when register_globals is enabled, allows remote...	E
CVE-2006-2609	artmedic newsletter 4.1.2 and possibly other versions, when register_globals is enabled, allows remo...
CVE-2006-2610	Cross-site scripting (XSS) vulnerability in view.php in phpRaid 2.9.5 allows remote attackers to inj...	E
CVE-2006-2611	Cross-site scripting (XSS) vulnerability in includes/Sanitizer.php in the variable handler in MediaW...	E S
CVE-2006-2612	Novell Client for Windows 4.8 and 4.9 does not restrict access to the clipboard contents while a mac...
CVE-2006-2613	Mozilla Suite 1.7.13, Mozilla Firefox 1.5.0.3 and possibly other versions before before 1.8.0, and N...	E S
CVE-2006-2614	Sun N1 System Manager 1.1 for Solaris 10 before patch 121161-01 records system passwords in the worl...	S
CVE-2006-2615	ping.php in Russcom.Ping allows remote attackers to execute arbitrary commands via shell metacharact...
CVE-2006-2616	SQL injection vulnerability in the search script in (1) AlstraSoft Web Host Directory 1.2, aka (2) H...
CVE-2006-2617	(1) AlstraSoft Web Host Directory 1.2, aka (2) HyperStop WebHost Directory 1.2, allows remote attack...
CVE-2006-2618	Cross-site scripting (XSS) vulnerability in (1) AlstraSoft Web Host Directory 1.2, aka (2) HyperStop...
CVE-2006-2629	Race condition in Linux kernel 2.6.15 to 2.6.17, when running on SMP platforms, allows local users t...
CVE-2006-2630	Stack-based buffer overflow in Symantec Antivirus 10.1 and Client Security 3.1 allows remote attacke...	S
CVE-2006-2631	phpFoX allows remote authenticated users to modify arbitrary accounts via a modified NATIO cookie va...	S
CVE-2006-2632	Cross-site scripting (XSS) vulnerability in Andrew Godwin ByteHoard 2.1 and earlier allows remote au...	S
CVE-2006-2633	Absolute path traversal vulnerability in the copy action in index.php in Andrew Godwin ByteHoard 2.1...	S
CVE-2006-2634	Cross-site scripting (XSS) vulnerability in Neocrome Land Down Under (LDU) in Neocrome Seditio 102 a...	E
CVE-2006-2635	Multiple cross-site scripting (XSS) vulnerabilities in Tikiwiki (aka Tiki CMS/Groupware) 1.9.x allow...	E S
CVE-2006-2636	newsadmin.asp in Katy Whitton NewsCMSLite allows remote attackers to bypass authentication and gain ...	E
CVE-2006-2637	Cross-site scripting (XSS) vulnerability in view.php in TuttoPhp (1) Morris Guestbook 1, (2) Pretty ...
CVE-2006-2638	SQL injection vulnerability in member.asp in qjForum allows remote attackers to execute arbitrary SQ...
CVE-2006-2639	Cross-site scripting (XSS) vulnerability in the input forms in prattmic and Master5006 PHPSimpleChoo...
CVE-2006-2640	Cross-site scripting (XSS) vulnerability in OmegaMw7a.ASP in OMEGA (aka Omegasoft) INterneSErvicesLo...
CVE-2006-2641	UNVERIFIABLE NOTE: this issue does not contain any verifiable or actionable details. Cross-s...
CVE-2006-2642	UNVERIFIABLE NOTE: this issue does not contain any verifiable or actionable details. Cross-s...
CVE-2006-2643	Cross-site scripting (XSS) vulnerability in index.php in Monster Top List (MTL) 1.4 allows remote at...
CVE-2006-2644	AWStats 6.5, and possibly other versions, allows remote authenticated users to execute arbitrary cod...	S
CVE-2006-2645	PHP remote file inclusion vulnerability in manager/frontinc/prepend.php for Plume 1.0.3 allows remot...	E
CVE-2006-2646	Buffer overflow in Alt-N MDaemon, possibly 9.0.1 and earlier, allows remote attackers to execute arb...	E
CVE-2006-2647	Untrusted search path vulnerability in update_flash for IBM AIX 5.1, 5.2 and 5.3 allows local users ...	S
CVE-2006-2648	Cross-site scripting (XSS) vulnerability in perform_search.asp for ASPBB 0.52 and earlier allows rem...
CVE-2006-2649	Multiple cross-site scripting (XSS) vulnerabilities in (a) search.php, (b) search_cat.php, (c) searc...	E
CVE-2006-2650	SQL injection vulnerability in cosmicshop/search.php in CosmicShoppingCart allows remote attackers t...	E
CVE-2006-2651	Cross-site scripting (XSS) vulnerability in index.php in Vacation Rental Script 1.0 allows remote at...
CVE-2006-2652	Cross-site scripting (XSS) vulnerability in WikiNi 0.4.2 and earlier allows remote attackers to inje...
CVE-2006-2653	Cross-site scripting (XSS) vulnerability in login_error.shtml for D-Link DSA-3100 allows remote atta...	E
CVE-2006-2654	Directory traversal vulnerability in smbfs smbfs on FreeBSD 4.10 up to 6.1 allows local users to esc...
CVE-2006-2655	The build process for ypserv in FreeBSD 5.3 up to 6.1 accidentally disables access restrictions when...	S
CVE-2006-2656	Stack-based buffer overflow in the tiffsplit command in libtiff 3.8.2 and earlier might might allow ...	S
CVE-2006-2657	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-3017. Reason: This candida...	R
CVE-2006-2658	Directory traversal vulnerability in the xsp component in mod_mono in Mono/C# web server, as used in...
CVE-2006-2659	libs/comverp.c in Courier MTA before 0.53.2 allows attackers to cause a denial of service (CPU consu...	S
CVE-2006-2660	Buffer consumption vulnerability in the tempnam function in PHP 5.1.4 and 4.x before 4.4.3 allows lo...
CVE-2006-2661	ftutil.c in Freetype before 2.2 allows remote attackers to cause a denial of service (crash) via a c...	S
CVE-2006-2662	VMware Server before RC1 does not clear user credentials from memory after a console connection is m...	S
CVE-2006-2663	Multiple cross-site scripting (XSS) vulnerabilities in iFlance 1.1 allow remote attackers to inject ...
CVE-2006-2664	Cross-site scripting (XSS) vulnerability in iFdate 1.2 allows remote attackers to inject arbitrary w...
CVE-2006-2665	PHP remote file inclusion vulnerability in includes/mailaccess/pop3/core.php in V-Webmail 1.3 allows...	E
CVE-2006-2666	PHP remote file inclusion vulnerability in includes/mailaccess/pop3.php in V-Webmail 1.5 through 1.6...	E
CVE-2006-2667	Direct static code injection vulnerability in WordPress 2.0.2 and earlier allows remote attackers to...	E S
CVE-2006-2668	Multiple PHP remote file inclusion vulnerabilities in Docebo LMS 2.05 allow remote attackers to exec...	E
CVE-2006-2669	Multiple cross-site scripting (XSS) vulnerabilities in Pre Shopping Mall 1.0 allow remote attackers ...	S
CVE-2006-2670	Multiple cross-site scripting (XSS) vulnerabilities in ChatPat 1.0 allow remote attackers to inject ...
CVE-2006-2671	SQL injection vulnerability in ChatPat 1.0 allows remote attackers to execute arbitrary SQL commands...
CVE-2006-2672	Multiple cross-site scripting (XSS) vulnerabilities in Realty Pro One allow remote attackers to inje...
CVE-2006-2673	Cross-site scripting (XSS) vulnerability in search.html in Bulletin Board Elite-Board (E-Board) 1.1 ...	E
CVE-2006-2674	Multiple SQL injection vulnerabilities in Tamber Forum 1.9.13 and earlier allow remote attackers to ...
CVE-2006-2675	PHP remote file inclusion vulnerability in ubbt.inc.php in UBBThreads 5.x and 6.x allows remote atta...
CVE-2006-2676	Dispatch.cgi/_user/uservCard/ in SiteScape Forum 7.2 and possibly earlier generates different respon...
CVE-2006-2677	SiteScape Forum 7.2 and possibly earlier stores the avf.rc configuraiton file under the web document...
CVE-2006-2678	Multiple cross-site scripting (XSS) vulnerabilities in Pre News Manager 1.0 allow remote attackers t...
CVE-2006-2679	Unspecified vulnerability in the VPN Client for Windows Graphical User Interface (GUI) (aka the VPN ...	S
CVE-2006-2680	Cross-site scripting (XSS) vulnerability in index.php in AZ Photo Album Script Pro allows remote att...
CVE-2006-2681	PHP remote file inclusion vulnerability in SocketMail Lite and Pro 2.2.6 and earlier, when register_...
CVE-2006-2682	PHP remote file inclusion vulnerability in BE_config.php in Back-End CMS 0.7.2.1 and earlier allows ...	E
CVE-2006-2683	PHP remote file inclusion vulnerability in 404.php in open-medium.CMS 0.25 allows remote attackers t...	E
CVE-2006-2684	Cross-site scripting (XSS) vulnerability in the search module in CMS Mundo 1.0 allows remote attacke...
CVE-2006-2685	PHP remote file inclusion vulnerability in Basic Analysis and Security Engine (BASE) 1.2.4 and earli...	E S
CVE-2006-2686	PHP remote file inclusion vulnerabilities in ActionApps 2.8.1 allow remote attackers to execute arbi...	E
CVE-2006-2687	Cross-site scripting (XSS) vulnerability in adduser.php in PHP-AGTC Membership System 1.1a and earli...	E
CVE-2006-2688	SQL injection vulnerability in the employees node (class.employee.inc) in Achievo 1.1.0 and earlier ...	S
CVE-2006-2689	Multiple cross-site scripting (XSS) vulnerabilities in EVA-Web 2.1.2 and earlier allow remote attack...	E
CVE-2006-2690	An unspecified script in EVA-Web 2.1.2 and earlier, probably index.php, allows remote attackers to o...
CVE-2006-2691	Unspecified "information leakage" vulnerabilities in aMuleWeb for AMule before 2.1.2 allow remote at...	S
CVE-2006-2692	Multiple unspecified vulnerabilities in aMuleWeb for AMule before 2.1.2 allow remote attackers to re...	S
CVE-2006-2693	Directory traversal vulnerability in admin/admin_hacks_list.php in Nivisec Hacks List 1.20 and earli...	E
CVE-2006-2694	Multiple PHP remote file inclusion vulnerabilities in EzUpload Pro 2.10 allow remote attackers to ex...	E
CVE-2006-2695	admin/upprocess.php in DGNews 1.5 and earlier allows remote attackers to execute arbitrary code by u...
CVE-2006-2696	Cross-site scripting (XSS) vulnerabilities in Easy-Content Forums 1.0 allow remote attackers to inje...
CVE-2006-2697	Multiple SQL injection vulnerabilities in Easy-Content Forums 1.0 allow remote attackers to execute ...
CVE-2006-2698	Geeklog 1.4.0sr2 and earlier allows remote attackers to obtain the full installation path via a dire...	E S
CVE-2006-2699	Cross-site scripting (XSS) vulnerability in getimage.php in Geeklog 1.4.0sr2 and earlier allows remo...	E S
CVE-2006-2700	SQL injection vulnerability in admin/auth.inc.php in Geeklog 1.4.0sr2 and earlier allows remote atta...	E S
CVE-2006-2701	SQL injection vulnerability in Geeklog 1.4.0sr2 and earlier allows remote attackers to execute arbit...	E S
CVE-2006-2702	vars.php in WordPress 2.0.2, possibly when running on Mac OS X, allows remote attackers to spoof the...	E
CVE-2006-2703	The RedCarpet command-line client (rug) does not verify SSL certificates from a server, which allows...
CVE-2006-2704	Secure Elements Class 5 AVR server and client (aka C5 EVM) before 2.8.1 send messages in cleartext, ...
CVE-2006-2705	Secure Elements Class 5 AVR server (aka C5 EVM) before 2.8.1 allows remote attackers to cause an uns...
CVE-2006-2706	Secure Elements Class 5 AVR server (aka C5 EVM) before 2.8.1 allows remote attackers to cause a deni...
CVE-2006-2707	Secure Elements Class 5 AVR server (aka C5 EVM) before 2.8.1 does not validate the peer certificate ...
CVE-2006-2708	Secure Elements Class 5 AVR client (aka C5 EVM) before 2.8.1 allows remote attackers to read portion...
CVE-2006-2709	Secure Elements Class 5 AVR (aka C5 EVM) before 2.8.1 do not validate the source address of a messag...
CVE-2006-2710	Secure Elements Class 5 AVR (aka C5 EVM) before 2.8.1 uses the same invariant RSA key for all instal...
CVE-2006-2711	Secure Elements Class 5 AVR (aka C5 EVM) 2.8.1 and earlier, and possibly later 2.8.x releases, uses ...
CVE-2006-2712	Secure Elements Class 5 AVR (aka C5 EVM) client and server before 2.8.1 do not verify the integrity ...
CVE-2006-2713	Secure Elements Class 5 AVR client (aka C5 EVM) before 2.8.1 generates predictable CEIDs, which allo...	S
CVE-2006-2714	Secure Elements Class 5 AVR client (aka C5 EVM) before 2.8.1 does not validate the CEID of an incomi...	S
CVE-2006-2715	The Administration Console in Secure Elements Class 5 AVR (aka C5 EVM) before 2.8.1 does not enforce...	S
CVE-2006-2716	Secure Elements Class 5 AVR server (aka C5 EVM) before 2.8.1 uses a hard-coded user ID and password,...	S
CVE-2006-2717	Unspecified vulnerability in Secure Elements Class 5 AVR client and server (aka C5 EVM) before 2.8.1...	S
CVE-2006-2718	JIWA Financials 6.4.14 passes a Microsoft SQL Server account's username and password, and the name o...	E S
CVE-2006-2719	JIWA Financials 6.4.14 stores usernames and passwords for all accounts in cleartext in the HR_Staff ...	E
CVE-2006-2720	SQL injection vulnerability in news.php in VARIOMAT allows remote attackers to execute arbitrary SQL...
CVE-2006-2721	Cross-site scripting (XSS) vulnerability in news.php in VARIOMAT allows remote attackers to inject a...
CVE-2006-2722	SQL injection vulnerability in view_album.php in SelectaPix 1.4 allows remote attackers to execute a...
CVE-2006-2723	Unspecified versions of Mozilla Firefox allow remote attackers to cause a denial of service (crash) ...	E
CVE-2006-2724	Cross-site scripting (XSS) vulnerability in PunBB 1.2.11 allows remote authenticated administrators ...
CVE-2006-2725	SQL injection vulnerability in rss/posts.php in Eggblog before 3.07 allows remote attackers to execu...
CVE-2006-2726	PHP remote file inclusion vulnerability in Fastpublish CMS 1.6.9.d allows remote attackers to includ...	E
CVE-2006-2727	home/register.php in Eggblog before 3.0 allows remote attackers to change the password of administra...	E
CVE-2006-2728	Cross-site scripting (XSS) vulnerability in superalbum/index.php in Photoalbum B&W 1.3 allows remote...	E
CVE-2006-2729	Cross-site scripting (XSS) vulnerability in superalbum/index.php in Photoalbum B&W 1.3 allows remote...
CVE-2006-2730	PHP remote file inclusion vulnerability in admin/lib_action_step.php in Hot Open Tickets (HOT) 11012...	E
CVE-2006-2731	Multiple SQL injection vulnerabilities in Enigma Haber 4.3 and earlier allow remote attackers to exe...	E
CVE-2006-2732	SQL injection vulnerability in Your_Account.asp in Mini-Nuke 2.3 and earlier allows remote attackers...	E
CVE-2006-2733	membership.asp in Mini-Nuke 2.3 and earlier uses plaintext security codes, which allows remote attac...	E
CVE-2006-2734	enter.asp in Mini-Nuke 2.3 and earlier makes it easier for remote attackers to conduct password gues...	E
CVE-2006-2735	PHP remote file inclusion vulnerability in language/lang_english/lang_activity.php in Activity MOD P...	E S
CVE-2006-2736	PHP remote file inclusion vulnerability in blend_data/blend_common.php in Blend Portal 1.2.0, as use...	E S
CVE-2006-2737	utilities/register.asp in Nukedit 4.9.6 and earlier allows remote attackers to create new users as p...	E
CVE-2006-2738	The open source version of Open-Xchange 0.8.2 and earlier uses a static default username and passwor...	S
CVE-2006-2739	PHP remote file inclusion vulnerability in footers.php in Epicdesigns tinyBB 0.3, when register_glob...	E
CVE-2006-2740	Multiple SQL injection vulnerabilities in Epicdesigns tinyBB 0.3 allow remote attackers to execute a...	E
CVE-2006-2741	Cross-site scripting (XSS) vulnerability in Epicdesigns tinyBB 0.3 allow remote attackers to inject ...	E
CVE-2006-2742	SQL injection vulnerability in Drupal 4.6.x before 4.6.7 and 4.7.0 allows remote attackers to execut...	S
CVE-2006-2743	Drupal 4.6.x before 4.6.7 and 4.7.0, when running on Apache with mod_mime, does not properly handle ...	E S
CVE-2006-2744	PHP remote file inclusion vulnerability in p-popupgallery.php in F@cile Interactive Web 0.8.41 throu...	E
CVE-2006-2745	Multiple PHP remote file inclusion vulnerabilities in F@cile Interactive Web 0.8.5 and earlier, when...	E
CVE-2006-2746	Multiple cross-site scripting (XSS) vulnerabilities in F@cile Interactive Web 0.8.5 and earlier allo...	E
CVE-2006-2747	Directory traversal vulnerability in index.php in PhpMyDesktop\|arcade 1.0 FINAL allows remote attack...	E
CVE-2006-2748	SQL injection vulnerability in the do_mysql_query function in core.php for Open Searchable Image Cat...
CVE-2006-2749	SQL injection vulnerability in search.php in Open Searchable Image Catalogue (OSIC) 0.7.0.1 and earl...
CVE-2006-2750	Cross-site scripting (XSS) vulnerability in the do_mysql_query function in core.php for Open Searcha...
CVE-2006-2751	Cross-site scripting (XSS) vulnerability in Open Searchable Image Catalogue (OSIC) 0.7.0.1 and earli...
CVE-2006-2752	The RedCarpet /etc/ximian/rcd.conf configuration file in Novell Linux Desktop 9 and SUSE SLES 9 has ...
CVE-2006-2753	SQL injection vulnerability in MySQL 4.1.x before 4.1.20 and 5.0.x before 5.0.22 allows context-depe...	S
CVE-2006-2754	Stack-based buffer overflow in st.c in slurpd for OpenLDAP before 2.3.22 might allow attackers to ex...	S
CVE-2006-2755	Cross-site scripting (XSS) vulnerability in index.php in UBBThreads 5.x and earlier allows remote at...	E
CVE-2006-2756	Eitsop My Web Server 1.0 allows remote attackers to cause a denial of service (application crash) vi...	E
CVE-2006-2757	Cross-site scripting (XSS) vulnerability in Chipmunk guestbook allows remote attackers to inject arb...
CVE-2006-2758	Directory traversal vulnerability in jetty 6.0.x (jetty6) beta16 allows remote attackers to read arb...	E
CVE-2006-2759	jetty 6.0.x (jetty6) beta16 allows remote attackers to read arbitrary script source code via a capit...	E
CVE-2006-2760	SQL injection vulnerability in modules.php in 4nNukeWare 4nForum 0.91 allows remote attackers to exe...
CVE-2006-2761	SQL injection vulnerability in Hitachi HITSENSER3 HITSENSER3/PRP, HITSENSER3/PUP, HITSENSER3/STP, an...
CVE-2006-2762	PHP remote file inclusion vulnerability in includes/config.php in WebCalendar 1.0.3 allows remote at...
CVE-2006-2763	SQL injection vulnerability in Pre News Manager 1.0 allows remote attackers to execute arbitrary SQL...	E
CVE-2006-2764	Cross-site scripting (XSS) vulnerability in GuestbookXL 1.3 allows remote attackers to inject arbitr...
CVE-2006-2765	Cross-site scripting (XSS) vulnerability in news_information.php in Interlink Advantage allows remot...	E
CVE-2006-2766	Buffer overflow in INETCOMM.DLL, as used in Microsoft Internet Explorer 6.0 through 6.0 SP2, Windows...	E
CVE-2006-2767	PHP remote file inclusion vulnerability in Ottoman 1.1.2, when register_globals is enabled, allows r...	E
CVE-2006-2768	PHP remote file inclusion vulnerability in METAjour 2.1, when register_globals is enabled, allows re...	E
CVE-2006-2769	The HTTP Inspect preprocessor (http_inspect) in Snort 2.4.0 through 2.4.4 allows remote attackers to...	E S
CVE-2006-2770	Directory traversal vulnerability in randompic.php in pppBLOG 0.3.8 and earlier, when register_globa...	E
CVE-2006-2771	admin/radera/tabort.asp in Hogstorps hogstorp guestbook 2.0 does not verify user credentials, which ...	E
CVE-2006-2772	Cross-site scripting (XSS) vulnerability in add.asp in Hogstorps hogstorp guestbook 2.0 allows remot...	E
CVE-2006-2773	admin/redigera/redigera2.asp in Hogstorps hogstorp Guestbook 2.0 does not verify user credentials, w...	E
CVE-2006-2774	Cross-site scripting (XSS) vulnerability in search.php in QontentOne CMS allows remote attackers to ...
CVE-2006-2775	Mozilla Firefox and Thunderbird before 1.5.0.4 associates XUL attributes with the wrong URL under ce...	S
CVE-2006-2776	Certain privileged UI code in Mozilla Firefox and Thunderbird before 1.5.0.4 calls content-defined s...	S
CVE-2006-2777	Unspecified vulnerability in Mozilla Firefox before 1.5.0.4 and SeaMonkey before 1.0.2 allows remote...	S
CVE-2006-2778	The crypto.signText function in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attacke...
CVE-2006-2779	Mozilla Firefox and Thunderbird before 1.5.0.4 allow remote attackers to cause a denial of service (...	S
CVE-2006-2780	Integer overflow in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to cause ...
CVE-2006-2781	Double free vulnerability in nsVCard.cpp in Mozilla Thunderbird before 1.5.0.4 and SeaMonkey before ...
CVE-2006-2782	Firefox 1.5.0.2 does not fix all test cases associated with CVE-2006-1729, which allows remote attac...
CVE-2006-2783	Mozilla Firefox and Thunderbird before 1.5.0.4 strip the Unicode Byte-order-Mark (BOM) from a UTF-8 ...
CVE-2006-2784	The PLUGINSPAGE functionality in Mozilla Firefox before 1.5.0.4 allows remote user-assisted attacker...
CVE-2006-2785	Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 1.5.0.4 allows user-assisted remo...
CVE-2006-2786	HTTP response smuggling vulnerability in Mozilla Firefox and Thunderbird before 1.5.0.4, when used w...
CVE-2006-2787	EvalInSandbox in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to gain priv...
CVE-2006-2788	Double free vulnerability in the getRawDER function for nsIX509Cert in Firefox allows remote attacke...	E S
CVE-2006-2789	Evolution 2.2.x and 2.3.x in GNOME 2.7 and 2.8, when "load images if sender in addressbook" is enabl...
CVE-2006-2790	A package component in Sun Storage Automated Diagnostic Environment (StorADE) 2.4 uses world-writabl...	S
CVE-2006-2791	Directory traversal vulnerability in index.php in iBoutique.MALL and possibly iBoutique allows remot...
CVE-2006-2792	SQL injection vulnerability in misc.php in Woltlab Burning Board (WBB) 2.3.4 allows remote attackers...
CVE-2006-2793	SQL injection vulnerability in Anket.asp in ASPSitem 2.0 and earlier allows remote attackers to exec...	E S
CVE-2006-2794	Hesabim.asp in ASPSitem 2.0 and earlier allows remote attackers to read private messages of other us...	E S
CVE-2006-2795	Multiple cross-site scripting (XSS) vulnerabilities in XiTi Tracking Script 6 and 7 RC allow remote ...	E
CVE-2006-2796	Cross-site scripting (XSS) vulnerability in gallery.php in Captivate 1.0 allows remote attackers to ...	E
CVE-2006-2797	Multiple SQL injection vulnerabilities in phpCommunityCalendar 4.0.3 allow remote attackers to execu...	E
CVE-2006-2798	Multiple cross-site scripting (XSS) vulnerabilities in phpCommunityCalendar 4.0.3 allow remote attac...	E
CVE-2006-2799	Cross-site scripting (XSS) vulnerability in content_footer.php in toendaCMS 0.7.0 allows remote atta...
CVE-2006-2800	Multiple cross-site scripting (XSS) vulnerabilities in Unak CMS 1.5 RC2 and earlier allow remote att...
CVE-2006-2801	Multiple SQL injection vulnerabilities in Unak CMS 1.5 RC2 and earlier allow remote attackers to exe...
CVE-2006-2802	Buffer overflow in the HTTP Plugin (xineplug_inp_http.so) for xine-lib 1.1.1 allows remote attackers...	E
CVE-2006-2803	Multiple cross-site scripting (XSS) vulnerabilities in PHP ManualMaker 1.0 allows remote attackers t...	E
CVE-2006-2804	Cross-site scripting (XSS) vulnerability in index.cfm in Goss Intelligent Content Management (iCM) 7...
CVE-2006-2805	SQL injection vulnerability in VBulletin 3.0.10 allows remote attackers to execute arbitrary SQL com...	E
CVE-2006-2806	The SMTP server in Apache Java Mail Enterprise Server (aka Apache James) 2.2.0 allows remote attacke...	E
CVE-2006-2807	ASPwebSoft Speedy Asp Discussion Forum allows remote attackers to change the password of any account...	E
CVE-2006-2808	Cross-site scripting (XSS) vulnerability in Lycos Tripod htmlGEAR guestGEAR (aka Guest Gear) allows ...
CVE-2006-2809	Multiple cross-site scripting (XSS) vulnerabilities in index.php in ar-blog 5.2 allow remote attacke...
CVE-2006-2810	Multiple cross-site scripting (XSS) vulnerabilities in Belchior Foundry vCard 2.9 allow remote attac...	E
CVE-2006-2811	Multiple PHP remote file inclusion vulnerabilities in Cantico Ovidentia 5.8.0 allow remote attackers...
CVE-2006-2812	Multiple cross-site scripting (XSS) vulnerabilities in index.php in Dominios Europa PICRATE (aka TAL...
CVE-2006-2813	Directory traversal vulnerability in easy-scart.cgi in iShopCart allows remote attackers to read arb...	E
CVE-2006-2814	Multiple buffer overflows in the (1) vGetPost and (2) main functions in easy-scart.c through easy-sc...	E
CVE-2006-2815	Multiple cross-site scripting (XSS) vulnerabilities in Two Shoes M-Factory (TSMF) SimpleBoard 1.1.0 ...
CVE-2006-2816	Multiple cross-site scripting (XSS) vulnerabilities in index.php in coolphp magazine allow remote at...
CVE-2006-2817	SQL injection vulnerability in bolum.php in tekno.Portal allows remote attackers to execute arbitrar...	E
CVE-2006-2818	PHP remote file inclusion vulnerability in common-menu.php in Cameron McKay Informium 0.12.0 allows ...	E
CVE-2006-2819	PHP remote file inclusion vulnerability in Wiki.php in Barnraiser Igloo 0.1.9 and earlier allows rem...	E
CVE-2006-2820	Cross-site scripting (XSS) vulnerability in HotWebScripts.com Weblog Oggi 1.0 allows remote attacker...
CVE-2006-2821	Multiple cross-site scripting (XSS) vulnerabilities in DeltaScripts Pro Publish allow remote attacke...	E
CVE-2006-2822	SQL injection vulnerability in admin/default.asp in Dusan Drobac CodeAvalanche FreeForum (aka CAForu...	S
CVE-2006-2823	Katrien De Graeve a.shopKart 2.0 (aka ashopKart20) stores sensitive information under the web root w...
CVE-2006-2824	Logicalware MailManager before 2.0.10 does not remove 0xc8 0x27 (0xc8 followed by a single-quote cha...	S
CVE-2006-2825	cPanel does not automatically synchronize the PHP open_basedir configuration directive between the m...	E
CVE-2006-2826	SQL injection vulnerability in sessions.inc in PHP Base Library (PHPLib) before 7.4a allows remote a...	S
CVE-2006-2827	SQL injection vulnerability in search.php in X-Cart Gold and Pro 4.0.18, and X-Cart 4.1.0 beta 1, al...
CVE-2006-2828	Global variable overwrite vulnerability in PHP-Nuke allows remote attackers to conduct remote PHP fi...
CVE-2006-2829	Buffer overflow in Hawk Monitoring Agent (HMA) for TIBCO Hawk before 4.6.1 and TIBCO Runtime Agent (...	S
CVE-2006-2830	Buffer overflow in TIBCO Rendezvous before 7.5.1, TIBCO Runtime Agent (TRA) before 5.4, and Hawk bef...	S
CVE-2006-2831	Drupal 4.6.x before 4.6.8 and 4.7.x before 4.7.2, when running under certain Apache configurations s...	S
CVE-2006-2832	Cross-site scripting (XSS) vulnerability in the upload module (upload.module) in Drupal 4.6.x before...	S
CVE-2006-2833	Cross-site scripting (XSS) vulnerability in the taxonomy module in Drupal 4.6.8 and 4.7.2 allows rem...	S
CVE-2006-2834	PHP remote file inclusion vulnerability in includes/common.php in gnopaste 0.5.3 and earlier allows ...	E
CVE-2006-2835	SQL injection vulnerability in saphplesson 2.0 allows remote attackers to execute arbitrary SQL comm...
CVE-2006-2836	SQL injection vulnerability in comment.php in Pineapple Technologies Lore 1.5.6 and earlier allows r...
CVE-2006-2837	Cross-site scripting (XSS) vulnerability in Techno Dreams Guest Book allows remote attackers to inje...
CVE-2006-2838	Buffer overflow in the web console in F-Secure Anti-Virus for Microsoft Exchange 6.40, and Internet ...	S
CVE-2006-2839	Directory traversal vulnerability in PG Problem Editor module (PGProblemEditor.pm) in WeBWorK Online...	S
CVE-2006-2840	Cross-site scripting (XSS) vulnerability in (1) uploads.php and (2) "url links" in PmWiki 2.1.6 and ...	S
CVE-2006-2841	Multiple PHP remote file inclusion vulnerabilities in AssoCIateD (aka ACID) CMS 1.1.3 allow remote a...	E
CVE-2006-2842	PHP remote file inclusion vulnerability in functions/plugin.php in SquirrelMail 1.4.6 and earlier, i...	E S
CVE-2006-2843	PHP remote file inclusion vulnerability in Redaxo 2.7.4 allows remote attackers to execute arbitrary...	E
CVE-2006-2844	Multiple PHP remote file inclusion vulnerabilities in Redaxo 3.0 allow remote attackers to execute a...	E
CVE-2006-2845	PHP remote file inclusion vulnerability in Redaxo 3.0 up to 3.2 allows remote attackers to execute a...	E
CVE-2006-2846	Cross-site scripting (XSS) vulnerability in Print.PHP in VisionGate Portal System allows remote atta...
CVE-2006-2847	SQL injection vulnerability in links.asp in aspWebLinks 2.0 allows remote attackers to execute arbit...	E
CVE-2006-2848	links.asp in aspWebLinks 2.0 allows remote attackers to change the administrative password, possibly...	E
CVE-2006-2849	PHP remote file inclusion vulnerability in includes/webdav/server.php in Bytehoard 2.1 Epsilon/Delta...	E
CVE-2006-2850	Cross-site scripting (XSS) vulnerability in recentchanges.php in PHP Labware LabWiki 1.0 and earlier...	E
CVE-2006-2851	Cross-site scripting (XSS) vulnerability in index.php in dotProject 2.0.2 and earlier allows remote ...	E S
CVE-2006-2852	PHP remote file inclusion vulnerability in dotWidget CMS 1.0.6 and earlier, when register_globals is...	E
CVE-2006-2853	SQL injection vulnerability in content.php in abarcar Realty Portal 5.1.5 allows remote attackers to...	E
CVE-2006-2854	SQL injection vulnerability in index.php in iBWd Guestbook 1.0 allows remote attackers to execute ar...	E
CVE-2006-2855	SQL injection vulnerability in index.php in xueBook 1.0 allows remote attackers to execute arbitrary...	E
CVE-2006-2856	ActiveState ActivePerl 5.8.8.817 for Windows configures the site/lib directory with "Users" group pe...
CVE-2006-2857	SQL injection vulnerability in index.php in LifeType 1.0.4 allows remote attackers to execute arbitr...	E S
CVE-2006-2858	SQL injection vulnerability in viewmsg.asp in LocazoList Classifieds 1.05e allows remote attackers t...	E
CVE-2006-2859	PHP remote file inclusion vulnerability in MyBloggie 2.1.1 and earlier allows remote attackers to ex...	E
CVE-2006-2860	PHP remote file inclusion vulnerability in Webspotblogging 3.0.1 allows remote attackers to execute ...	E
CVE-2006-2861	SQL injection vulnerability in index.php in Particle Wiki 1.0.2 and earlier allows remote attackers ...
CVE-2006-2862	SQL injection vulnerability in viewimage.php in Particle Gallery 1.0.0 and earlier allows remote att...
CVE-2006-2863	PHP remote file inclusion vulnerability in class.cs_phpmailer.php in CS-Cart 1.3.3 allows remote att...	E
CVE-2006-2864	Multiple PHP remote file inclusion vulnerabilities in BlueShoes Framework 4.6 allow remote attackers...	E
CVE-2006-2865	PHP remote file inclusion vulnerability in template.php in phpBB 2 allows remote attackers to execut...	E
CVE-2006-2866	PHP remote file inclusion vulnerability in layout/prepend.php in DotClear 1.2.4 and earlier allows r...	E
CVE-2006-2867	SQL injection vulnerability in editpost.php in CoolForum 0.8.3 beta and earlier allows remote attack...	E
CVE-2006-2868	Multiple PHP remote file inclusion vulnerabilities in Claroline 1.7.6 allow remote attackers to exec...	E
CVE-2006-2869	Unspecified vulnerability in the CHM unpacker in avast! before 4.7.844 has unknown impact and remote...	S
CVE-2006-2870	Cross-site scripting (XSS) vulnerability in forum_search.asp in Intelligent Solutions Inc. ASP Discu...	E
CVE-2006-2871	PHP remote file inclusion vulnerability in include/common.php in CyBoards PHP Lite 1.25 allows remot...	E
CVE-2006-2872	PHP remote file inclusion vulnerability in config.php in Rumble 1.02 allows remote attackers to exec...
CVE-2006-2873	Cross-site scripting (XSS) vulnerability in hava.asp in Enigma Haber 4.2 allows remote attackers to ...	E
CVE-2006-2874	Unspecified vulnerability in OSADS Alliance Database before 1.4 has unknown impact and attack vector...	S
CVE-2006-2875	Stack-based buffer overflow in the CL_ParseDownload function of Quake 3 Engine 1.32c and earlier, as...
CVE-2006-2876	Cross-site scripting (XSS) vulnerability in cat.php in PHP Pro Publish 2.0 allows remote attackers t...	E
CVE-2006-2877	PHP remote file inclusion vulnerability in Bookmark4U 2.0.0 and earlier allows remote attackers to i...
CVE-2006-2878	The spellchecker (spellcheck.php) in DokuWiki 2006/06/04 and earlier allows remote attackers to inse...	S
CVE-2006-2879	SQL injection vulnerability in newscomments.php in Alex News-Engine 1.5.0 and earlier allows remote ...
CVE-2006-2880	Cross-site scripting (XSS) vulnerability in the Contributed Packages for PyBlosxom 1.2.2 and earlier...	S
CVE-2006-2881	Multiple PHP remote file inclusion vulnerabilities in DreamAccount 3.1 and earlier, when register_gl...	E
CVE-2006-2882	Multiple cross-site scripting (XSS) vulnerabilities submit.asp in ASPScriptz Guest Book 2.0 and earl...	E
CVE-2006-2883	Cross-site scripting (XSS) vulnerability in search.php in Kmita FAQ 1.0 allows remote attackers to i...	E
CVE-2006-2884	SQL injection vulnerability in index.php in Kmita FAQ 1.0 allows remote attackers to execute arbitra...	E
CVE-2006-2885	Multiple cross-site scripting (XSS) vulnerabilities in KnowledgeTree Open Source 3.0.3 and earlier a...
CVE-2006-2886	view.php in KnowledgeTree Open Source 3.0.3 and earlier allows remote attackers to obtain the full i...
CVE-2006-2887	Multiple SQL injection vulnerabilities in myNewsletter 1.1.2 and earlier allow remote attackers to e...	E
CVE-2006-2888	PHP remote file inclusion vulnerability in _wk/wk_lang.php in Wikiwig 4.1 and earlier allows remote ...	E
CVE-2006-2889	Multiple SQL injection vulnerabilities in index.php in Pixelpost 1-5rc1-2 and earlier allow remote a...	E
CVE-2006-2890	Pixelpost 1-5rc1-2 and earlier, when register_globals is enabled, allows remote attackers to gain ad...	E
CVE-2006-2891	Cross-site scripting (XSS) vulnerability in admin/index.php for Pixelpost 1-5rc1-2 and earlier allow...	E
CVE-2006-2892	Cross-site scripting (XSS) vulnerability in index.php in GANTTy 1.0.3 allows remote attackers to inj...	E
CVE-2006-2893	index.php in GANTTy 1.0.3 allows remote attackers to obtain the full path of the web server via an i...	E
CVE-2006-2894	Mozilla Firefox 1.5.0.4, 2.0.x before 2.0.0.8, Mozilla Suite 1.7.13, Mozilla SeaMonkey 1.0.2 and oth...	E
CVE-2006-2895	Cross-site scripting (XSS) vulnerability in MediaWiki 1.6.0 up to versions before 1.6.7 allows remot...	S
CVE-2006-2896	profile.php in FunkBoard CF0.71 allows remote attackers to change arbitrary passwords via a modified...	E S
CVE-2006-2897	Cross-site scripting (XSS) vulnerability in FunkBoard 0.71 allows remote attackers to inject arbitra...	E S
CVE-2006-2898	The IAX2 channel driver (chan_iax2) for Asterisk 1.2.x before 1.2.9 and 1.0.x before 1.0.11 allows r...	S
CVE-2006-2899	Unspecified vulnerability in ESTsoft InternetDISK versions before 2006/04/20 allows remote authentic...	E S
CVE-2006-2900	Internet Explorer 6 allows user-assisted remote attackers to read arbitrary files by tricking a user...
CVE-2006-2901	The web server for D-Link Wireless Access-Point (DWL-2100ap) firmware 2.10na and earlier allows remo...	E S
CVE-2006-2902	Directory traversal vulnerability in Particle Links 1.2.2 might allow remote attackers to access arb...
CVE-2006-2903	Cross-site scripting (XSS) vulnerability in admin.php in Particle Links 1.2.2 allows remote attacker...
CVE-2006-2904	SQL injection vulnerability in index.php in Partial Links 1.2.2 allows remote attackers to execute a...
CVE-2006-2905	Partial Links 1.2.2 allows remote attackers to obtain sensitive information via a direct request to ...
CVE-2006-2906	The LZW decoding in the gdImageCreateFromGifPtr function in the Thomas Boutell graphics draw (GD) li...	E
CVE-2006-2908	The domecode function in inc/functions_post.php in MyBulletinBoard (MyBB) 1.1.2, and possibly other ...	S
CVE-2006-2909	Stack-based buffer overflow in the info tip shell extension (zipinfo.dll) in PicoZip 4.01 allows rem...	S
CVE-2006-2910	Buffer overflow in jetAudio 6.2.6.8330 (Basic), and possibly other versions, allows user-assisted at...
CVE-2006-2911	SQL injection vulnerability in controlpanel/index.php in CMS Mundo before 1.0 build 008 allows remot...	S
CVE-2006-2912	Multiple SQL injection vulnerabilities in SelectaPix 1.31 allow remote attackers to execute arbitrar...	E S
CVE-2006-2913	Cross-site scripting (XSS) vulnerability in SelectaPix 1.31 allows remote attackers to inject arbitr...	E S
CVE-2006-2914	PHP remote file inclusion vulnerability in DeluxeBB 1.06 allows remote attackers to execute arbitrar...	E
CVE-2006-2915	Multiple SQL injection vulnerabilities in DeluxeBB 1.06 allow remote attackers to execute arbitrary ...
CVE-2006-2916	artswrapper in aRts, when running setuid root on Linux 2.6.0 or later versions, does not check the r...	S
CVE-2006-2917	Directory traversal vulnerability in the IMAP server in WinGate 6.1.2.1094 and 6.1.3.1096, and possi...	S
CVE-2006-2918	The Lanap BotDetect APS.NET CAPTCHA component before 1.5.4.0 stores the UUID and hash for a CAPTCHA ...	S
CVE-2006-2919	Unspecified vulnerability in Microsoft NetMeeting 3.01 allows remote attackers to cause a denial of ...
CVE-2006-2920	Sylpheed-Claws before 2.2.2 and Sylpheed before 2.2.6 allow remote attackers to bypass the URI check...	S
CVE-2006-2921	PHP remote file inclusion vulnerability in cmpro_header.inc.php in Clan Manager Pro (CMPRO) 1.1 and ...	E S
CVE-2006-2922	Multiple PHP remote file inclusion vulnerabilities in MiraksGalerie 2.62 allow remote attackers to e...
CVE-2006-2923	The iax_net_read function in the iaxclient open source library, as used in multiple products includi...	S
CVE-2006-2924	Ingate Firewall in the SIP module before 4.4.1 and SIParator before 4.4.1, when TLS is enabled or wh...	S
CVE-2006-2925	Cross-site scripting (XSS) vulnerability in the web interface in Ingate Firewall before 4.4.1 and SI...	S
CVE-2006-2926	Stack-based buffer overflow in the WWW Proxy Server of Qbik WinGate 6.1.1.1077 allows remote attacke...	E
CVE-2006-2927	Multiple cross-site scripting (XSS) vulnerabilities in post.asp in CodeAvalanche FreeForum (aka CAFo...
CVE-2006-2928	Multiple PHP remote file inclusion vulnerabilities in CMS-Bandits 2.5 and earlier, when register_glo...
CVE-2006-2929	PHP remote file inclusion vulnerability in contrib/forms/evaluation/C_FormEvaluation.class.php in Op...	E
CVE-2006-2930	Unspecified vulnerability in Sun Grid Engine 5.3 and Sun N1 Grid Engine 6.0, when configured in Cert...	S
CVE-2006-2931	CMS Mundo before 1.0 build 008 does not properly verify uploaded image files, which allows remote at...
CVE-2006-2932	A regression error in the restore_all code path of the 4/4GB split support for non-hugemem Linux ker...	S
CVE-2006-2933	kdesktop_lock in kdebase before 3.1.3-5.11 for KDE in Red Hat Enterprise Linux (RHEL) 3 does not pro...	S
CVE-2006-2934	SCTP conntrack (ip_conntrack_proto_sctp.c) in netfilter for Linux kernel 2.6.17 before 2.6.17.3 and ...	S
CVE-2006-2935	The dvd_read_bca function in the DVD handling code in drivers/cdrom/cdrom.c in Linux kernel 2.2.16, ...
CVE-2006-2936	The ftdi_sio driver (usb/serial/ftdi_sio.c) in Linux kernel 2.6.x up to 2.6.17, and possibly later v...
CVE-2006-2937	OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote attackers to cause a denial of ser...	S
CVE-2006-2938	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-2937. Reason: This candida...	R
CVE-2006-2939	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was wi...	R
CVE-2006-2940	OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows attackers to cause a d...
CVE-2006-2941	Mailman before 2.1.9rc1 allows remote attackers to cause a denial of service via unspecified vectors...	S
CVE-2006-2942	TWiki 4.0.0, 4.0.1, and 4.0.2 allows remote attackers to gain Twiki administrator privileges via a T...	S
CVE-2006-2943	Unspecified vulnerability in CGI-RESCUE WebFORM 4.1 and earlier allows remote attackers to inject em...	S
CVE-2006-2944	Unspecified vulnerability in CGI-RESCUE FORM2MAIL 1.21 and earlier allows remote attackers to inject...	S
CVE-2006-2945	Unspecified vulnerability in the user profile change functionality in DokuWiki, when Access Control ...	S
CVE-2006-2946	Dmx Forum 2.1a stores _includes/bd.inc under the web root with insufficient access control, which al...
CVE-2006-2947	Dmx Forum 2.1a allows remote attackers to obtain username and password information via a direct requ...
CVE-2006-2948	A-CART 2.0 stores the acart2_0.mdb file under the web document root with insufficient access control...
CVE-2006-2949	Cross-site scripting (XSS) vulnerability in private.php in MyBB 1.1.2 allows remote attackers to inj...	S
CVE-2006-2950	Net Portal Dynamic System (NPDS) 5.10 and earlier allows remote attackers to obtain sensitive inform...	E
CVE-2006-2951	Multiple cross-site scripting (XSS) vulnerabilities in Net Portal Dynamic System (NPDS) 5.10 and ear...	E
CVE-2006-2952	Directory traversal vulnerability in Net Portal Dynamic System (NPDS) 5.10 and earlier allows remote...	E
CVE-2006-2953	Cross-site scripting (XSS) vulnerability in default.asp in OfficeFlow 2.6 and earlier allows remote ...
CVE-2006-2954	SQL injection vulnerability in files.asp in OfficeFlow 2.6 and earlier allows remote attackers to ex...
CVE-2006-2955	Multiple cross-site scripting (XSS) vulnerabilities in KAPhotoservice 7.5 and earlier allow remote a...
CVE-2006-2956	Multiple cross-site scripting (XSS) vulnerabilities in i.List 1.5 beta and earlier allow remote atta...
CVE-2006-2957	Cross-site scripting (XSS) vulnerability in i.List 1.5 beta and earlier allows remote attackers to i...
CVE-2006-2958	Directory traversal vulnerability in FilZip 3.05 allows remote attackers to write arbitrary files vi...
CVE-2006-2959	SQL injection vulnerability in inc_header.asp in Snitz Forum 3.4.05 and earlier allows remote attack...	E
CVE-2006-2960	PHP remote file inclusion vulnerability in includes/joomla.php in Joomla! 1.0 allows remote attacker...
CVE-2006-2961	Stack-based buffer overflow in CesarFTP 0.99g and earlier allows remote attackers to cause a denial ...
CVE-2006-2962	PHP remote file inclusion vulnerability in sql_fcnsOLD.php in Emergenices Personnel Information Syst...	E
CVE-2006-2963	Cross-site scripting (XSS) vulnerability in Suchergebnisse.asp in Cabacos Web CMS 3.8.498 and earlie...
CVE-2006-2964	Multiple PHP remote file inclusion vulnerabilities in Xtreme Scripts Download Manager (aka Xtreme Do...	E
CVE-2006-2965	Multiple cross-site scripting (XSS) vulnerabilities in Particle Soft Particle Whois 1.0.3 allow remo...
CVE-2006-2966	Cross-site scripting (XSS) vulnerability in Particle Soft Particle Wiki 1.0.2 allows remote attacker...
CVE-2006-2967	Syworks SafeNET allows local users to bypass restrictions on network resource consumption by editing...
CVE-2006-2968	Cross-site scripting (XSS) vulnerability in search.php in PHP Labware LabWiki 1.0 allows remote atta...
CVE-2006-2969	Cross-site scripting (XSS) vulnerability in L0j1k tinyMuw 0.1.0 allow remote attackers to inject arb...
CVE-2006-2970	videoPage.php in L0j1k tinyMuw 0.1.0 allows remote attackers to obtain sensitive information via a c...
CVE-2006-2971	Integer overflow in the recv_packet function in 0verkill 0.16 allows remote attackers to cause a den...	E
CVE-2006-2972	SQL injection vulnerability in vs_resource.php in Arantius Vice Stats 0.5b and 1.0 allows remote att...	S
CVE-2006-2973	Multiple SQL injection vulnerabilities in month.php in PHP Lite Calendar Express 2.2 allow remote at...	E
CVE-2006-2974	Multiple cross-site scripting (XSS) vulnerabilities in EmailArchitect Email Server 6.1.0.5 and earli...	E
CVE-2006-2975	Multiple cross-site scripting (XSS) vulnerabilities in pblguestbook.php in PBL Guestbook 1.31 allow ...
CVE-2006-2976	Unspecified vulnerability in usermgr.php in Coppermine Photo Gallery before 1.4.7 has unknown impact...	S
CVE-2006-2977	SQL injection vulnerability in big.php in Mafia Moblog 0.6M1 and earlier allows remote attackers to ...
CVE-2006-2978	Mafia Moblog 0.6M1 and earlier allows remote attackers to obtain the installation path in an error m...
CVE-2006-2979	Multiple cross-site scripting (XSS) vulnerabilities in ViArt Shop Free 2.5.5, and possibly other dis...	S
CVE-2006-2980	SQL injection vulnerability in block_forum_topic_new.php in ViArt Shop Free 2.5.5, and possibly othe...
CVE-2006-2981	SQL injection vulnerability in vs_search.php in Arantius Vice Stats before 1.0.1 allows remote attac...
CVE-2006-2982	Multiple PHP remote file inclusion vulnerabilities in Enterprise Timesheet and Payroll Systems (EPS)...	E
CVE-2006-2983	PHP remote file inclusion vulnerability in Enterprise Timesheet and Payroll Systems (EPS) 1.1 and ea...
CVE-2006-2984	Cross-site scripting (XSS) vulnerability in index.php in IntegraMOD 1.4.0 and earlier allows remote ...
CVE-2006-2985	SQL injection vulnerability in index.php in IntegraMOD 1.4.0 and earlier allows remote attackers to ...	E
CVE-2006-2986	Multiple cross-site scripting (XSS) vulnerabilities in Baby Katie Media (a) very Simple Car Lister (...
CVE-2006-2987	Multiple SQL injection vulnerabilities in Dominios Europa PICRATE (aka TAL RateMyPic) 1.0 allow remo...
CVE-2006-2988	Cross-site scripting (XSS) vulnerability in dictionary.php in Chemical Dictionary allows remote atta...
CVE-2006-2989	Cross-site scripting (XSS) vulnerability in listpics.asp in ASP ListPics 4.3 and earlier allows remo...
CVE-2006-2990	Cross-site scripting (XSS) vulnerability in default.asp in VanillaSoft Helpdesk 2005 and earlier all...
CVE-2006-2991	Multiple cross-site scripting (XSS) vulnerabilities in Ringlink 3.2 allow remote attackers to inject...
CVE-2006-2992	Cross-site scripting (XSS) vulnerability in display.asp in My Photo Scrapbook 1.0 and earlier allows...
CVE-2006-2993	Multiple SQL injection vulnerabilities in My Photo Scrapbook 1.0 and earlier allow remote attackers ...
CVE-2006-2994	Multiple cross-site scripting (XSS) vulnerabilities in index.php in phazizGuestbook 2.0 allow remote...
CVE-2006-2995	Multiple PHP remote file inclusion vulnerabilities in WebprojectDB 0.1.3 and earlier allow remote at...	E
CVE-2006-2996	PHP remote file inclusion vulnerability in inc/design.inc.php in LoveCompass aePartner 0.8.3 and ear...	E
CVE-2006-2997	Cross-site scripting (XSS) vulnerability in ZMS 2.9 and earlier, when register_globals is enabled, a...
CVE-2006-2998	PHP remote file inclusion vulnerability in board/post.php in free QBoard 1.1 and earlier allows remo...	E
CVE-2006-2999	Cross-site scripting (XSS) vulnerability in search.php in OkScripts QuickLinks 1.1 allows remote att...	E