CVE-2006-3xxx

There are 991 CVE in this subgroup.
Last updated: 
← Back to 2006
ID Summary Flags Max Score
CVE-2006-3000 Cross-site scripting (XSS) vulnerability in search.php in OkScripts OkArticles 1.0 allows remote att...
E
CVE-2006-3001 Cross-site scripting (XSS) vulnerability in search.php in OkScripts OkMall 1.0 allow remote attacker...
E
CVE-2006-3002 Cross-site scripting (XSS) vulnerability in details.php in Easy Ad-Manager allows remote attackers t...
E
CVE-2006-3003 details.php in Easy Ad-Manager allows remote attackers to obtain the full installation path via an i...
E
CVE-2006-3004 Multiple cross-site scripting (XSS) vulnerabilities in Ez Ringtone Manager allow remote attackers to...
E
CVE-2006-3005 The JPEG library in media-libs/jpeg before 6b-r7 on Gentoo Linux is built without the -maxmem featur...
S
CVE-2006-3006 Cross-site scripting (XSS) vulnerability in iFoto 0.20, and possibly other versions before 0.50, all...
E S
CVE-2006-3007 Multiple cross-site scripting (XSS) vulnerabilities in SHOUTcast 1.9.5 allow remote attackers to inj...
CVE-2006-3008 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-2904. Reason: This candida...
R
CVE-2006-3009 Multiple cross-site scripting (XSS) vulnerabilities in Open Business Management (OBM) 1.0.3 pl1 allo...
E
CVE-2006-3010 Multiple SQL injection vulnerabilities in Open Business Management (OBM) 1.0.3 pl1 allow remote atta...
E
CVE-2006-3011 The error_log function in basic_functions.c in PHP before 4.4.4 and 5.x before 5.1.5 allows local us...
E S
CVE-2006-3012 SQL injection vulnerability in phpBannerExchange before 2.0 Update 6 allows remote attackers to exec...
E S
CVE-2006-3013 Interpretation conflict in resetpw.php in phpBannerExchange before 2.0 Update 6 allows remote attack...
E S
CVE-2006-3014 Microsoft Excel allows user-assisted attackers to execute arbitrary javascript and redirect users to...
E S
CVE-2006-3015 Argument injection vulnerability in WinSCP 3.8.1 build 328 allows remote attackers to upload or down...
E
CVE-2006-3016 Unspecified vulnerability in session.c in PHP before 5.1.3 has unknown impact and attack vectors, re...
E S
CVE-2006-3017 zend_hash_del_key_or_index in zend_hash.c in PHP before 4.4.3 and 5.x before 5.1.3 can cause zend_ha...
CVE-2006-3018 Unspecified vulnerability in the session extension functionality in PHP before 5.1.3 has unknown imp...
CVE-2006-3019 Multiple PHP remote file inclusion vulnerabilities in phpCMS 1.2.1pl2 allow remote attackers to exec...
CVE-2006-3020 Multiple cross-site scripting (XSS) vulnerabilities in FullPhoto.asp in WS-Album 1.1 and earlier all...
E
CVE-2006-3021 Multiple cross-site scripting (XSS) vulnerabilities in BlueCollar i-Gallery 4.1 PLUS and earlier all...
CVE-2006-3022 Cross-site scripting (XSS) vulnerability in zoom.php in fipsGallery 1.5 and earlier allows remote at...
CVE-2006-3023 Multiple cross-site scripting (XSS) vulnerabilities in thumbnails.asp in Uapplication Uphotogallery ...
CVE-2006-3024 Multiple cross-site scripting (XSS) vulnerabilities in EvGenius Counter 3.4 and earlier allow remote...
CVE-2006-3025 Cross-site scripting (XSS) vulnerability in Cal.PHP3 in Chris Lea Lucid Calendar 0.22 allows remote ...
CVE-2006-3026 Multiple cross-site scripting (XSS) vulnerabilities in ClickGallery 5.0 and earlier allow remote att...
CVE-2006-3027 Multiple SQL injection vulnerabilities in Enthrallwebe ePhotos 2.2 and earlier allow remote attacker...
E
CVE-2006-3028 PHP remote file inclusion vulnerability in stat_modules/users_age/module.php in Minerva 2.0.8a Build...
E
CVE-2006-3029 Cross-site scripting (XSS) vulnerability in default.asp in ClickTech Clickcart 6.0 and earlier allow...
CVE-2006-3030 Multiple cross-site scripting (XSS) vulnerabilities in DwZone Shopping Cart 1.1.9 and earlier allow ...
CVE-2006-3031 Multiple cross-site scripting (XSS) vulnerabilities in index.asp in fipsCMS 4.5 and earlier allow re...
CVE-2006-3032 Multiple cross-site scripting (XSS) vulnerabilities in Xtreme ASP Photo Gallery 1.05 and earlier, an...
CVE-2006-3033 Cross-site scripting (XSS) vulnerability in MyScrapbook 3.1 allows remote attackers to inject arbitr...
E
CVE-2006-3034 MyScrapbook 3.1 allows remote attackers to obtain sensitive information via a direct request to file...
CVE-2006-3035 Multiple cross-site scripting (XSS) vulnerabilities in addwords.php in MyScrapbook 3.1 and earlier a...
CVE-2006-3036 Multiple cross-site scripting (XSS) vulnerabilities in 35mmslidegallery 6.0 allow remote attackers t...
E
CVE-2006-3037 Multiple cross-site scripting (XSS) vulnerabilities in publish.php in ST AdManager Lite allow remote...
CVE-2006-3038 Cross-site scripting (XSS) vulnerability in index.php in Cescripts Realty Room Rent allows remote at...
E
CVE-2006-3039 Cross-site scripting (XSS) vulnerability in index.php in Cescripts Realty Home Rent allows remote at...
E
CVE-2006-3040 PHP remote file inclusion vulnerability in talkbox.php in Amr Talkbox allows remote attackers to exe...
CVE-2006-3041 PHP remote file inclusion vulnerability in Ltwcalendar/calendar.php in Codewalkers Ltwcalendar 4.1.3...
CVE-2006-3042 Multiple PHP remote file inclusion vulnerabilities in ISPConfig 2.2.3 allow remote attackers to exec...
E
CVE-2006-3043 Cross-site scripting (XSS) vulnerability in search.cfm in CreaFrameXe (CFXe) CMS 2.0 and earlier all...
E
CVE-2006-3044 Cross-site scripting (XSS) vulnerability in LogiSphere 1.6.0 allows remote attackers to inject arbit...
E
CVE-2006-3045 PHP remote file inclusion vulnerability in manage_songs.php in Foing 0.7.0e and earlier allows remot...
CVE-2006-3046 Unspecified vulnerability in the admin login feature in Subtext 1.5, in a multiblog setup, allows re...
S
CVE-2006-3047 Cross-site scripting (XSS) vulnerability in TikiWiki 1.9.3.2 and possibly earlier versions allows re...
E S
CVE-2006-3048 SQL injection vulnerability in TikiWiki 1.9.3.2 and possibly earlier versions allows remote attacker...
S
CVE-2006-3049 Multiple cross-site scripting (XSS) vulnerabilities in booking3.php in Mole Group Ticket Booking Scr...
CVE-2006-3050 Directory traversal vulnerability in detail.php in SixCMS 6.0, and other versions before 6.0.6patch2...
E
CVE-2006-3051 Cross-site scripting (XSS) vulnerability in list.php in SixCMS 6.0, and other versions before 6.0.6p...
E
CVE-2006-3052 Cross-site scripting (XSS) vulnerability in Event Registration allows remote attackers to inject arb...
CVE-2006-3053 PHP remote file inclusion vulnerability in common.php in PHORUM 5.1.13 and earlier allows remote att...
E
CVE-2006-3054 Multiple SQL injection vulnerabilities in VBZooM 1.11 allow remote attackers to execute arbitrary SQ...
E
CVE-2006-3055 Multiple SQL injection vulnerabilities in VBZooM 1.02 allow remote attackers to execute arbitrary SQ...
E
CVE-2006-3056 SQL injection vulnerability in language.php in VBZooM 1.01 allows remote attackers to execute arbitr...
E
CVE-2006-3057 Unspecified vulnerability in NetworkManager daemon for DHCP (dhcdbd) allows remote attackers to caus...
CVE-2006-3059 Unspecified vulnerability in Microsoft Excel 2000 through 2004 allows remote user-assisted attackers...
CVE-2006-3060 Cross-site scripting (XSS) vulnerability in P.A.I.D 2.2 allows remote attackers to inject arbitrary ...
CVE-2006-3061 Multiple cross-site scripting (XSS) vulnerabilities in 5 Star Review allow remote attackers to injec...
E
CVE-2006-3062 Cross-site scripting (XSS) vulnerability in index.php in myPHP Guestbook 2.0.4 and earlier allows re...
CVE-2006-3063 Multiple cross-site scripting (XSS) vulnerabilities in myPHP Guestbook 1.x through 2.0.0-r1 and befo...
CVE-2006-3064 SQL injection vulnerability in the add_hit function in include/function.inc.php in Coppermine Photo ...
E
CVE-2006-3065 SQL injection vulnerability in engine/shards/blog.php in blur6ex 0.3.462 allows remote attackers to ...
E
CVE-2006-3066 Buffer overflow in the TCP/IP listener in IBM DB2 Universal Database (UDB) before 8.1 FixPak 12 allo...
S
CVE-2006-3067 Multiple unspecified vulnerabilities in IBM DB2 Universal Database (UDB) before 8.1 FixPak 12 allow ...
S
CVE-2006-3068 IBM DB2 Universal Database (UDB) before 8.2 FixPak 12 allows remote attackers to cause a denial of s...
S
CVE-2006-3069 PHP remote file inclusion vulnerability in DoubleSpeak 0.1, when register_globals is enabled, allows...
E
CVE-2006-3070 write_ok.php in Zeroboard 4.1 pl8, when installed on Apache with mod_mime, allows remote attackers t...
E S
CVE-2006-3071 Cross-site scripting (XSS) vulnerability in index.php in MP3 Search/Archive 1.2 allows remote attack...
CVE-2006-3072 M4 Macro Library in Symantec Security Information Manager before 4.0.2.29 HOTFIX 1 allows local user...
S
CVE-2006-3073 Multiple cross-site scripting (XSS) vulnerabilities in the WebVPN feature in the Cisco VPN 3000 Seri...
E
CVE-2006-3074 klif.sys in Kaspersky Internet Security 6.0 and 7.0, Kaspersky Anti-Virus (KAV) 6.0 and 7.0, KAV 6.0...
CVE-2006-3075 Multiple PHP remote file inclusion vulnerabilities in PictureDis Professional 1.33 Build 234 and ear...
CVE-2006-3076 PHP remote file inclusion vulnerability in software_upload/public_includes/pub_templates/vphptree/te...
E
CVE-2006-3077 Cross-site scripting (XSS) vulnerability in guestbook.cfm in aXentGuestbook 1.1 and earlier allows r...
CVE-2006-3078 Multiple SQL injection vulnerabilities in APBoard 2.2-r3 and earlier allow remote attackers to execu...
CVE-2006-3079 Cross-site scripting (XSS) vulnerability in index.cfm in SSPwiz Plus 1.0.7 and earlier allows remote...
CVE-2006-3080 Cross-site scripting (XSS) vulnerability in viewposts.cfm in aXentForum II and earlier allows remote...
CVE-2006-3081 mysqld in MySQL 4.1.x before 4.1.18, 5.0.x before 5.0.19, and 5.1.x before 5.1.6 allows remote autho...
E
CVE-2006-3082 parse-packet.c in GnuPG (gpg) 1.4.3 and 1.9.20, and earlier versions, allows remote attackers to cau...
CVE-2006-3083 The (1) krshd and (2) v4rcp applications in (a) MIT Kerberos 5 (krb5) up to 1.5, and 1.4.x before 1....
S
CVE-2006-3084 The (1) ftpd and (2) ksu programs in (a) MIT Kerberos 5 (krb5) up to 1.5, and 1.4.x before 1.4.4, an...
CVE-2006-3085 xt_sctp in netfilter for Linux kernel before 2.6.17.1 allows attackers to cause a denial of service ...
S
CVE-2006-3086 Stack-based buffer overflow in the HrShellOpenWithMonikerDisplayName function in Microsoft Hyperlink...
E S
CVE-2006-3087 Multiple cross-site scripting (XSS) vulnerabilities in EZGallery 1.5 and earlier allow remote attack...
CVE-2006-3088 Cross-site scripting (XSS) vulnerability in index.php in Car Classifieds allows remote attackers to ...
CVE-2006-3089 Multiple cross-site scripting (XSS) vulnerabilities in PhpMyFactures 1.0, and possibly 1.2 and earli...
E
CVE-2006-3090 Multiple SQL injection vulnerabilities in PhpMyFactures 1.0, and possibly 1.2 and earlier, with magi...
E
CVE-2006-3091 PhpMyFactures 1.0, and possibly 1.2 and earlier, allows remote attackers to obtain the installation ...
E
CVE-2006-3092 PhpMyFactures 1.2 and earlier allows remote attackers to bypass authentication and modify data via d...
E
CVE-2006-3093 Multiple unspecified vulnerabilities in Adobe Acrobat Reader (acroread) before 7.0.8 have unknown im...
S
CVE-2006-3094 Multiple SQL injection vulnerabilities in Calendarix Basic 0.7.20060401 and earlier, with magic_quot...
CVE-2006-3095 Multiple cross-site scripting (XSS) vulnerabilities in iPostMX 2005 2.0 and earlier allow remote att...
CVE-2006-3096 Multiple SQL injection vulnerabilities in iPostMX 2005 2.0 and earlier allow remote attackers to exe...
CVE-2006-3097 Unspecified vulnerability in Support Tools Manager (xstm, cstm, and stm) on HP-UX B.11.11 and B.11.2...
S
CVE-2006-3100 termpkg 3.3 suffers from buffer overflow....
E S
CVE-2006-3101 Cross-site scripting (XSS) vulnerability in LogonProxy.cgi in Cisco Secure ACS for UNIX 2.3 allows r...
E S
CVE-2006-3102 Race condition in articles/BitArticle.php in Bitweaver 1.3, when run on Apache with the mod_mime ext...
E S
CVE-2006-3103 Cross-site scripting (XSS) vulnerability in Bitweaver 1.3 allows remote attackers to inject arbitrar...
E S
CVE-2006-3104 users/index.php in Bitweaver 1.3 allows remote attackers to obtain sensitive information via an inva...
E
CVE-2006-3105 CRLF injection vulnerability in Bitweaver 1.3 allows remote attackers to conduct HTTP response split...
E
CVE-2006-3106 Cross-site scripting (XSS) vulnerability in index.php in phpMyDesktop|Arcade 1.0 allows remote attac...
E
CVE-2006-3107 Multiple PHP remote file inclusion vulnerabilities in Docebo 3.0.3 and earlier, when register_global...
E
CVE-2006-3108 Cross-site scripting (XSS) vulnerability in EmailArchitect Email Server 6.1 allows remote attackers ...
E
CVE-2006-3109 Cross-site scripting (XSS) vulnerability in Cisco CallManager 3.3 before 3.3(5)SR3, 4.1 before 4.1(3...
E S
CVE-2006-3110 Cross-site scripting (XSS) vulnerability in main.php in Chipmailer 1.09 allows remote attackers to i...
CVE-2006-3111 Multiple SQL injection vulnerabilities in main.php in Chipmailer 1.09 allow remote attackers to exec...
CVE-2006-3112 Chipmailer 1.09 allows remote attackers to obtain sensitive information via a direct request to php....
CVE-2006-3113 Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows re...
S
CVE-2006-3114 PC Tools AntiVirus 2.1.0.51 uses insecure default permissions on the "PC Tools AntiVirus" directory,...
CVE-2006-3115 SQL injection vulnerability in view.php in phpRaid 3.0.4, and possibly other versions, allows remote...
CVE-2006-3116 Multiple PHP remote file inclusion vulnerabilities in phpRaid 3.0.4 and 3.0.5 allow remote attackers...
S
CVE-2006-3117 Heap-based buffer overflow in OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0...
S
CVE-2006-3118 spread uses a temporary file with a static filename based on the port number, which allows local use...
CVE-2006-3119 The fbgs framebuffer Postscript/PDF viewer in fbi before 2.01 has a typo that prevents a filter from...
S
CVE-2006-3120 Format string vulnerability in Brian Wotring Osiris before 4.2.1 allows remote attackers to cause a ...
S
CVE-2006-3121 The peel_netstring function in cl_netstring.c in the heartbeat subsystem in High-Availability Linux ...
S
CVE-2006-3122 The supersede_lease function in memory.c in ISC DHCP (dhcpd) server 2.0pl5 allows remote attackers t...
S
CVE-2006-3123 Multiple integer overflows in the (1) dodecrypt and (2) doencrypt functions in cfs_fh.c in cfsd in M...
S
CVE-2006-3124 Buffer overflow in the HTTP header parsing in Streamripper before 1.61.26 allows remote attackers to...
S
CVE-2006-3125 Array index error in tetrinet.c in gtetrinet 0.7.8 and earlier allows remote attackers to execute ar...
S
CVE-2006-3126 c2faxrecv in capi4hylafax 01.02.03 allows remote attackers to execute arbitrary commands via null (\...
S
CVE-2006-3127 Memory leak in Network Security Services (NSS) 3.11, as used in Sun Java Enterprise System 2003Q4 th...
CVE-2006-3128 choose_file.php in easy-CMS 0.1.2, when mod_mime is installed, does not restrict uploads of filename...
CVE-2006-3129 Multiple cross-site scripting (XSS) vulnerabilities in index.php in NC LinkList 1.2 and earlier allo...
CVE-2006-3130 SQL injection vulnerability in index.php in Clubpage allows remote attackers to execute arbitrary SQ...
CVE-2006-3131 Multiple cross-site scripting (XSS) vulnerabilities in Clubpage allow remote attackers to inject arb...
CVE-2006-3132 Cross-site scripting (XSS) vulnerability in qtofm.php4 in QTOFileManager 1.0 allows remote attackers...
E
CVE-2006-3134 Buffer overflow in GraceNote CDDBControl ActiveX Control, as used by multiple products that use Grac...
CVE-2006-3135 Multiple SQL injection vulnerabilities in CMS Mundo 1.0 build 008, and possibly other versions, allo...
E
CVE-2006-3136 Multiple PHP remote file inclusion vulnerabilities in Nucleus 3.23 allow remote attackers to execute...
E
CVE-2006-3137 Cross-site scripting (XSS) vulnerability in productDetail.asp in Edge eCommerce Shop allows remote a...
CVE-2006-3138 Multiple cross-site scripting (XSS) vulnerabilities in phpMyDirectory 10.4.5 and earlier allow remot...
CVE-2006-3139 Multiple SQL injection vulnerabilities in war.php in Virtual War (VWar) 1.5.0 R14 and earlier allow ...
CVE-2006-3140 SQL injection vulnerability in index.php in openCI 1.0 BETA 0.20.1 and earlier allows remote attacke...
CVE-2006-3141 Cross-site scripting (XSS) vulnerability in details.cfm in Tradingeye Shop R4 and earlier allows rem...
CVE-2006-3142 SQL injection vulnerability in forum.php in VBZooM 1.11 allows remote attackers to execute arbitrary...
E
CVE-2006-3143 Cross-site scripting (XSS) vulnerability in icue_login.asp in Maximus SchoolMAX 4.0.1 and earlier iC...
CVE-2006-3144 PHP remote file inclusion vulnerability in micro_cms_files/microcms-include.php in Implied By Design...
E
CVE-2006-3145 Buffer overflow in pamtofits of NetPBM 10.30 through 10.33 allows remote attackers to cause a denial...
S
CVE-2006-3146 The TOSRFBD.SYS driver for Toshiba Bluetooth Stack 4.00.29 and earlier on Windows allows remote atta...
E S
CVE-2006-3147 Unspecified vulnerability in Hosting Controller before 6.1 (aka Hotfix 3.2) allows remote authentica...
S
CVE-2006-3148 SQL injection vulnerability, possibly in search.inc.php, in Open-Realty 2.3.1 allows remote attacker...
CVE-2006-3149 Cross-site scripting (XSS) vulnerability in topic.php in phpMyForum 4.1.3 and earlier allows remote ...
CVE-2006-3150 SQL injection vulnerability in index.php in CavoxCms 1.0.16 and earlier allows remote attackers to e...
CVE-2006-3151 Cross-site scripting (XSS) vulnerability in index.php in AssoCIateD (aka ACID) 1.2.0 and earlier all...
CVE-2006-3152 Multiple SQL injection vulnerabilities in phpTRADER 4.9 SP5 and earlier allow remote attackers to ex...
CVE-2006-3153 Cross-site scripting (XSS) vulnerability in index.pl in Ultimate Estate 1.0 and earlier allows remot...
CVE-2006-3154 SQL injection vulnerability in index.pl in Ultimate Estate 1.0 and earlier allows remote attackers t...
CVE-2006-3155 Multiple cross-site scripting (XSS) vulnerabilities in Ultimate Auction 1.0 and earlier allow remote...
CVE-2006-3156 Cross-site scripting (XSS) vulnerability in index.cgi in Ultimate eShop 1.0 and earlier allows remot...
CVE-2006-3157 Cross-site scripting (XSS) vulnerability in index.php in Thinkfactory UltimateGoogle 1.00 and earlie...
CVE-2006-3158 index.php in Eduha Meeting does not properly restrict file extensions before permitting a file uploa...
E
CVE-2006-3159 pipe_master in Sun ONE/iPlanet Messaging Server 5.2 HotFix 1.16 (built May 14 2003) allows local use...
CVE-2006-3160 Cross-site scripting (XSS) vulnerability in fm.php in ONEdotOH Simple File Manager (SFM) 0.24a and e...
CVE-2006-3161 SQL injection vulnerability in misc.php in SaphpLesson 1.1 and earlier allows remote attackers to ex...
E
CVE-2006-3162 PHP remote file inclusion vulnerability in include/inc_foot.php in SmartSiteCMS 1.0 and earlier allo...
E
CVE-2006-3163 Multiple SQL injection vulnerabilities in galeria.php in IMGallery 2.4 and earlier allow remote atta...
CVE-2006-3164 SQL injection vulnerability in category.php in TPL Design tplShop 2.0 and earlier allows remote atta...
CVE-2006-3165 SQL injection vulnerability in propview.php in Free Realty 2.9-0.7 and earlier allows remote attacke...
CVE-2006-3166 Cross-site scripting (XSS) vulnerability in propview.php in Free Realty 2.9-0.6 and earlier allows r...
CVE-2006-3167 Free Realty before 2.9 allows remote attackers to obtain the full path and other sensitive informati...
CVE-2006-3168 SQL injection vulnerability in CS-Forum before 0.82 allows remote attackers to execute arbitrary SQL...
CVE-2006-3169 Multiple cross-site scripting (XSS) vulnerabilities in CS-Forum 0.81 and earlier allow remote attack...
CVE-2006-3170 CS-Forum before 0.82 allows remote attackers to obtain sensitive information via unspecified manipul...
E
CVE-2006-3171 CRLF injection vulnerability in CS-Forum before 0.82 allows remote attackers to inject arbitrary ema...
CVE-2006-3172 Multiple PHP remote file inclusion vulnerabilities in Content*Builder 0.7.5 allow remote attackers t...
E
CVE-2006-3173 Multiple PHP remote file inclusion vulnerabilities in Content*Builder 0.7.5 allow remote attackers t...
CVE-2006-3174 Cross-site scripting (XSS) vulnerability in search.php in SquirrelMail 1.5.1 and earlier, when regis...
CVE-2006-3175 Multiple PHP remote file inclusion vulnerabilities in mcGuestbook 1.3 allow remote attackers to exec...
CVE-2006-3176 SQL injection vulnerability in xarancms_haupt.php in xarancms 2.0 allows remote attackers to execute...
CVE-2006-3177 PHP remote file inclusion vulnerability in Admin/rtf_parser.php in The Bible Portal Project 2.12 and...
E
CVE-2006-3178 Directory traversal vulnerability in extract_chmLib example program in CHM Lib (chmlib) before 0.38 ...
S
CVE-2006-3179 Cross-site scripting (XSS) vulnerability in tools_ftp_pwaendern.php in Confixx Pro 3.0 and earlier a...
CVE-2006-3180 Cross-site scripting (XSS) vulnerability in ftp_index.php in Confixx Pro 3.0 allows remote attackers...
CVE-2006-3181 SQL injection vulnerability in index.php in MobeScripts Mobile Space Community 2.0 allows remote att...
CVE-2006-3182 Directory traversal vulnerability in index.php in MobeScripts Mobile Space Community 2.0 allows remo...
CVE-2006-3183 Cross-site scripting (XSS) vulnerability in index.php in MobeScripts Mobile Space Community 2.0 and ...
CVE-2006-3184 Direct static code injection vulnerability in ASP Stats Generator before 2.1.2 allows remote authent...
E
CVE-2006-3185 PHP remote file inclusion vulnerability in data/header.php in CMS Faethon 1.3.2 allows remote attack...
E
CVE-2006-3186 Multiple cross-site scripting (XSS) vulnerabilities in CMS Faethon 1.3.2 allow remote attackers to i...
CVE-2006-3187 Multiple cross-site scripting (XSS) vulnerabilities in Sharky e-shop 3.05 and earlier allow remote a...
CVE-2006-3188 Multiple SQL injection vulnerabilities in Sharky e-shop 3.05 and earlier allow remote attackers to e...
CVE-2006-3189 Cross-site scripting (XSS) vulnerability in administration/tblcontent/login1.php in HotPlug CMS 1.0 ...
CVE-2006-3190 SQL injection vulnerability in administration/includes/login/auth.php in HotPlug CMS 1.0 allows remo...
CVE-2006-3191 Cross-site scripting (XSS) vulnerability in comment.php in MPCS 0.2 allows remote attackers to injec...
E S
CVE-2006-3192 PHP remote file inclusion vulnerability in Ad Manager Pro 2.6 allows remote attackers to execute arb...
E
CVE-2006-3193 Multiple PHP remote file inclusion vulnerabilities in Grayscale BandSite CMS 1.1.1, when register_gl...
E
CVE-2006-3194 Directory traversal vulnerability in index.php in singapore 0.10.0 and earlier allows remote attacke...
E
CVE-2006-3195 Cross-site scripting (XSS) vulnerability in index.php in singapore 0.10.0 and earlier allows remote ...
E
CVE-2006-3196 index.php in singapore 0.10.0 and earlier allows remote attackers to obtain the installation path vi...
CVE-2006-3197 Cross-site scripting (XSS) vulnerability in Invision Power Board (IPB) 2.1.6 and earlier allows remo...
S
CVE-2006-3198 Integer overflow in Opera 8.54 and earlier allows remote attackers to execute arbitrary code via a J...
CVE-2006-3199 Opera 9 allows remote attackers to cause a denial of service (crash) via an A tag with an href attri...
E
CVE-2006-3200 Unspecified versions of Internet Explorer allow remote attackers to cause a denial of service (crash...
E
CVE-2006-3201 Unspecified vulnerability in the kernel in HP-UX B.11.00, B.11.11, and B.11.23 allows local users to...
S
CVE-2006-3202 The ip6_savecontrol function in NetBSD 2.0 through 3.0, under certain configurations, does not check...
CVE-2006-3203 The installation of Ultimate PHP Board (UPB) 1.9.6 and earlier includes a default administrator logi...
E S
CVE-2006-3204 Ultimate PHP Board (UPB) 1.9.6 and earlier uses a cryptographically weak block cipher with a large k...
E
CVE-2006-3205 Ultimate PHP Board (UPB) 1.9.6 and earlier allows remote attackers to gain access via modified user_...
CVE-2006-3206 register.php in Ultimate PHP Board (UPB) 1.9.6 and earlier allows remote attackers to create arbitra...
CVE-2006-3207 Directory traversal vulnerability in newpost.php in Ultimate PHP Board (UPB) 1.9.6 and earlier allow...
CVE-2006-3208 Direct static code injection vulnerability in Ultimate PHP Board (UPB) 1.9.6 and earlier allows remo...
E
CVE-2006-3209 The Task scheduler (at.exe) on Microsoft Windows XP spawns each scheduled process with SYSTEM permis...
CVE-2006-3210 Ralf Image Gallery (RIG) 0.7.4 and other versions before 1.0, when register_globals is enabled, allo...
S
CVE-2006-3211 Cross-site scripting (XSS) vulnerability in sign.php in cjGuestbook 1.3 and earlier allows remote at...
CVE-2006-3212 Cross-site scripting (XSS) vulnerability in sign.php in cjGuestbook 1.3 and earlier allows remote at...
CVE-2006-3213 SQL injection vulnerability in WeBBoA Hosting 1.1 allows remote attackers to execute arbitrary SQL c...
E
CVE-2006-3214 Unspecified vulnerability in Hitachi Groupmax Address Server 7 and earlier, and Groupmax Mail Server...
S
CVE-2006-3215 Clearswift MAILsweeper for SMTP before 4.3.20 and MAILsweeper for Exchange before 4.3.20 allows remo...
S
CVE-2006-3216 Clearswift MAILsweeper for SMTP before 4.3.20 and MAILsweeper for Exchange before 4.3.20 allows remo...
S
CVE-2006-3217 JaguarEditControl (JEdit) ActiveX Control 1.1.0.20 and earlier allows remote attackers to obtain sen...
E
CVE-2006-3218 SQL injection vulnerability in profile.php in Woltlab Burning Board (WBB) 2.1.6 allows remote attack...
CVE-2006-3219 SQL injection vulnerability in thread.php in Woltlab Burning Board (WBB) 2.2.2 allows remote attacke...
CVE-2006-3220 SQL injection vulnerability in studienplatztausch.php in Woltlab Burning Board (WBB) 2.2.1 allows re...
CVE-2006-3221 SQL injection vulnerability in index.php in DataLife Engine 4.1 and earlier allows remote attackers ...
E
CVE-2006-3222 The FTP proxy module in Fortinet FortiOS (FortiGate) before 2.80 MR12 and 3.0 MR2 allows remote atta...
S
CVE-2006-3223 Format string vulnerability in CA Integrated Threat Management (ITM), eTrust Antivirus (eAV), and eT...
S
CVE-2006-3224 Apple Safari 2.0.3 (417.9.3) on Mac OS X 10.4.6 allows remote attackers to cause a denial of service...
CVE-2006-3225 Cross-site scripting (XSS) vulnerability in Sun ONE Application Server 7 before Update 9, Java Syste...
CVE-2006-3226 Cisco Secure Access Control Server (ACS) 4.x for Windows uses the client's IP address and the server...
CVE-2006-3227 Interpretation conflict between Internet Explorer and other web browsers such as Mozilla, Opera, and...
CVE-2006-3228 Buffer overflow in in_midi.dll for WinAmp 2.90 up to 5.23, including 5.21, allows remote attackers t...
E S
CVE-2006-3229 Cross-site scripting (XSS) vulnerability in Open WebMail (OWM) 2.52, and other versions released bef...
S
CVE-2006-3230 Cross-site scripting (XSS) vulnerability in index.tmpl in Azureus Tracker 2.4.0.2 and earlier (Java ...
E
CVE-2006-3231 Unspecified vulnerability in IBM WebSphere Application Server (WAS) before 6.0.2.11, when fileServin...
S
CVE-2006-3232 Unspecified vulnerability in IBM WebSphere Application Server before 6.0.2.11 has unknown impact and...
S
CVE-2006-3233 Cross-site scripting (XSS) vulnerability in openwebmail-read.pl in Open WebMail (OWM) 2.52, and othe...
CVE-2006-3234 Multiple SQL injection vulnerabilities in index.php in FineShop 3.0 and earlier allow remote attacke...
CVE-2006-3235 Multiple cross-site scripting (XSS) vulnerabilities in index.php in FineShop 3.0 and earlier allow r...
CVE-2006-3236 Multiple SQL injection vulnerabilities in thinkWMS 1.0 and earlier allow remote attackers to execute...
CVE-2006-3237 Cross-site scripting (XSS) vulnerability in index.php in Enterprise Groupware System (EGS) 1.2.4 and...
CVE-2006-3238 Multiple SQL injection vulnerabilities in VBZooM 1.00 and earlier allow remote attackers to execute ...
CVE-2006-3239 SQL injection vulnerability in message.php in VBZooM 1.11 and earlier allows remote attackers to exe...
E
CVE-2006-3240 Cross-site scripting (XSS) vulnerability in classes/ui.class.php in dotProject 2.0.3 and earlier all...
S
CVE-2006-3241 Cross-site scripting (XSS) vulnerability in messages.php in XennoBB 1.0.5 and earlier allows remote ...
CVE-2006-3242 Stack-based buffer overflow in the browse_get_namespace function in imap/browse.c of Mutt 1.4.2.1 an...
CVE-2006-3243 SQL injection vulnerability in usercp.php in MyBB (MyBulletinBoard) 1.0 through 1.1.3 allows remote ...
S
CVE-2006-3244 Multiple SQL injection vulnerabilities in Anthill 0.2.6 and earlier allow remote attackers to execut...
CVE-2006-3245 Multiple cross-site scripting (XSS) vulnerabilities in activatemember in mvnForum 1.0 GA and earlier...
CVE-2006-3246 Cross-site scripting (XSS) vulnerability in show.php in GL-SH Deaf Forum 6.4.3 and earlier allows re...
CVE-2006-3247 Multiple cross-site scripting (XSS) vulnerabilities in show.php in GL-SH Deaf Forum 6.4.3 and earlie...
CVE-2006-3248 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-4011. Reason: This candida...
R
CVE-2006-3249 SQL injection vulnerability in search.php in Phorum 5.1.14 and earlier allows remote attackers to ex...
CVE-2006-3250 Heap-based buffer overflow in Windows Live Messenger 8.0 allows user-assisted attackers to execute a...
E
CVE-2006-3251 Heap-based buffer overflow in the array_push function in hashcash.c for Hashcash before 1.21 might a...
S
CVE-2006-3252 Buffer overflow in the Online Registration Facility for Algorithmic Research PrivateWire VPN softwar...
E
CVE-2006-3253 Cross-site scripting (XSS) vulnerability in member.php in vBulletin 3.5.x allows remote attackers to...
E
CVE-2006-3254 SQL injection vulnerability in newthread.php in Woltlab Burning Board (WBB) 2.0 RC2 allows remote at...
E
CVE-2006-3255 SQL injection vulnerability in showmods.php in Woltlab Burning Board (WBB) 1.2 allows remote attacke...
E
CVE-2006-3256 SQL injection vulnerability in report.php in Woltlab Burning Board (WBB) 2.3.1 allows remote attacke...
E
CVE-2006-3257 Multiple cross-site scripting (XSS) vulnerabilities in Claroline 1.7.7 allow remote attackers to inj...
S
CVE-2006-3258 Multiple cross-site scripting (XSS) vulnerabilities in index.html in BNBT TrinEdit and EasyTracker 7...
CVE-2006-3259 Multiple cross-site scripting (XSS) vulnerabilities in e107 0.7.5 allow remote attackers to inject a...
E
CVE-2006-3260 Cross-site scripting (XSS) vulnerability in index.php in vlbook 1.02 allows remote attackers to inje...
E
CVE-2006-3261 Cross-site scripting (XSS) vulnerability in Trend Micro Control Manager (TMCM) 3.5 allows remote att...
CVE-2006-3262 SQL injection vulnerability in the Weblinks module (weblinks.php) in Mambo 4.6rc1 and earlier allows...
E S
CVE-2006-3263 SQL injection vulnerability in the Weblinks module (weblinks.php) in Mambo 4.6rc1 and earlier allows...
CVE-2006-3264 Cross-site scripting (XSS) vulnerability in mclient.cgi in Namo DeepSearch 4.5 allows remote attacke...
E
CVE-2006-3265 Multiple cross-site scripting (XSS) vulnerabilities in index.php in Qdig before 1.2.9.3, when regist...
S
CVE-2006-3266 Multiple PHP remote file inclusion vulnerabilities in Bee-hive Lite 1.2 and earlier, when register_g...
E
CVE-2006-3267 SQL injection vulnerability in index.php in Infinite Core Technologies (ICT) 1.0 Gold and earlier al...
CVE-2006-3268 Unspecified vulnerability in the Windows Client API in Novell GroupWise 5.x through 7 might allow us...
S
CVE-2006-3269 PHP remote file inclusion vulnerability in includes/functions_cms.php in THoRCMS 1.3.1 allows remote...
E
CVE-2006-3270 SQL injection vulnerability in cms_admin.php in THoRCMS 1.3.1 allows remote attackers to execute arb...
CVE-2006-3271 Multiple SQL injection vulnerabilities in Softbiz Dating 1.0 allow remote attackers to execute SQL c...
E
CVE-2006-3272 Cross-site request forgery (CSRF) vulnerability in menu.php in Some Chess 1.5 rc2 allows remote atta...
CVE-2006-3273 Cross-site scripting (XSS) vulnerability in menu.php in Some Chess 1.5 rc1 allows remote attackers t...
CVE-2006-3274 Directory traversal vulnerability in Webmin before 1.280, when run on Windows, allows remote attacke...
CVE-2006-3275 SQL injection vulnerability in profile.php in YaBB SE 1.5.5 and earlier allows remote attackers to e...
CVE-2006-3276 Heap-based buffer overflow in RealNetworks Helix DNA Server 10.0 and 11.0 allows remote attackers to...
S
CVE-2006-3277 The SMTP service of MailEnable Standard 1.92 and earlier, Professional 2.0 and earlier, and Enterpri...
S
CVE-2006-3278 Cross-site scripting (XSS) vulnerability in H-Sphere 2.5.1 Beta 1 and earlier allows remote attacker...
CVE-2006-3279 Cross-site scripting (XSS) vulnerability in aeDating 4.1 allows remote attackers to inject arbitrary...
CVE-2006-3280 Cross-domain vulnerability in Microsoft Internet Explorer 6.0 allows remote attackers to access rest...
CVE-2006-3281 Microsoft Internet Explorer 6.0 does not properly handle Drag and Drop events, which allows remote u...
E
CVE-2006-3282 requirements.php in Dating Agent PRO 4.7.1 allows remote attackers to obtain sensitive information v...
CVE-2006-3283 SQL injection vulnerability in Dating Agent PRO 4.7.1 allows remote attackers to execute arbitrary S...
CVE-2006-3284 Cross-site scripting (XSS) vulnerability in Dating Agent PRO 4.7.1 allows remote attackers to inject...
CVE-2006-3285 The internal database in Cisco Wireless Control System (WCS) for Linux and Windows before 3.2(51) us...
S
CVE-2006-3286 The internal database in Cisco Wireless Control System (WCS) for Linux and Windows before 3.2(63) st...
S
CVE-2006-3287 Cisco Wireless Control System (WCS) for Linux and Windows 4.0(1) and earlier uses a default administ...
S
CVE-2006-3288 Unspecified vulnerability in the TFTP server in Cisco Wireless Control System (WCS) for Linux and Wi...
S
CVE-2006-3289 Cross-site scripting (XSS) vulnerability in the login page of the HTTP interface for the Cisco Wirel...
S
CVE-2006-3290 HTTP server in Cisco Wireless Control System (WCS) for Linux and Windows before 3.2(51) stores sensi...
S
CVE-2006-3291 The web interface on Cisco IOS 12.3(8)JA and 12.3(8)JA1, as used on the Cisco Wireless Access Point ...
S
CVE-2006-3292 SQL injection vulnerability in the Search gadget in Jaws 0.6.2 allows remote attackers to execute ar...
E S
CVE-2006-3293 parse_notice (TiCPU) in EnergyMech (emech) before 3.0.2 allows remote attackers to cause a denial of...
S
CVE-2006-3294 PHP remote file inclusion vulnerability in mod_cbsms_messages.php in CBSMS Mambo Module 1.0 and earl...
E
CVE-2006-3295 Cross-site scripting (XSS) vulnerability in header.php in Open Guestbook 0.5 allows remote attackers...
E
CVE-2006-3296 SQL injection vulnerability in view.php in Open Guestbook 0.5 allows remote attackers to execute arb...
E
CVE-2006-3297 Cross-site scripting (XSS) vulnerability in error.php in UebiMiau Webmail 2.7.10 and earlier allows ...
CVE-2006-3298 Yahoo! Messenger 7.5.0.814 and 7.0.438 allows remote attackers to cause a denial of service (crash) ...
E
CVE-2006-3299 Cross-site scripting (XSS) vulnerability in index.php in Usenet Script 0.5 allows remote attackers t...
E
CVE-2006-3300 PHP remote file inclusion vulnerability in sms_config/gateway.php in PhpMySms 2.0 and earlier allows...
E
CVE-2006-3301 Multiple cross-site scripting (XSS) vulnerabilities in phpQLAdmin 2.2.7 and earlier allow remote att...
CVE-2006-3302 PHP remote file inclusion vulnerability in mod_cbsms.php in CBSMS Mambo Module 1.0 and earlier, when...
CVE-2006-3303 Multiple cross-site scripting (XSS) vulnerabilities in pm.php in DeluxeBB 1.07 and earlier allow rem...
S
CVE-2006-3304 SQL injection vulnerability in cp.php in DeluxeBB 1.07 and earlier allows remote attackers to execut...
E S
CVE-2006-3305 Multiple cross-site scripting (XSS) vulnerabilities in UebiMiau Webmail 2.7.10, and 2.7.2 and earlie...
CVE-2006-3306 Cross-site scripting (XSS) vulnerability in the preparestring function in lib/common.php in Project ...
S
CVE-2006-3307 Multiple SQL injection vulnerabilities in Project EROS bbsengine before bbsengine-20060429-1550-jam ...
S
CVE-2006-3308 Unspecified vulnerability in the wpprop code for Project EROS bbsengine before 20060622-0315 has unk...
S
CVE-2006-3309 SQL injection vulnerability in SPT--ForumTopics.php in Scout Portal Toolkit (SPT) 1.4.0 and earlier ...
E
CVE-2006-3311 Buffer overflow in Adobe Flash Player 8.0.24.0 and earlier, Flash Professional 8, Flash MX 2004, and...
E S
CVE-2006-3312 Multiple cross-site scripting (XSS) vulnerabilities in ashmans and Bill Echlin QaTraq 6.5 RC and ear...
E
CVE-2006-3313 Cross-site scripting (XSS) vulnerability in search.jsp in Netsoft smartNet 2.0 allows remote attacke...
E
CVE-2006-3314 PHP remote file inclusion vulnerability in page.php in an unspecified RahnemaCo.com product, possibl...
E
CVE-2006-3315 PHP remote file inclusion vulnerability in page.php in an unspecified RahnemaCo.com product, possibl...
E
CVE-2006-3316 Multiple PHP remote file inclusion vulnerabilities in phpRaid 3.0.5 allow remote attackers to execut...
S
CVE-2006-3317 PHP remote file inclusion vulnerability in phpRaid 3.0.6 allows remote attackers to execute arbitrar...
E
CVE-2006-3318 SQL injection vulnerability in register.php for phpRaid 3.0.6 and possibly other versions, when the ...
CVE-2006-3319 Cross-site scripting (XSS) vulnerability in rss/index.php in PHP iCalendar 2.22 and earlier allows r...
E
CVE-2006-3320 Cross-site scripting (XSS) vulnerability in command.php in SiteBar 3.3.8 and earlier allows remote a...
E
CVE-2006-3321 Multiple cross-site scripting (XSS) vulnerabilities in openforum.asp in OpenForum 1.2 Beta and earli...
CVE-2006-3322 SQL injection vulnerability in includes/functions_logging.php in phpRaid 3.0.5, and possibly other v...
S
CVE-2006-3323 PHP remote file inclusion vulnerability in admin/admin.php in MF Piadas 1.0 allows remote attackers ...
E
CVE-2006-3324 The Automatic Downloading option in the id3 Quake 3 Engine and the Icculus Quake 3 Engine (ioquake3)...
E
CVE-2006-3325 client/cl_parse.c in the id3 Quake 3 Engine 1.32c and the Icculus Quake 3 Engine (ioquake3) revision...
E
CVE-2006-3326 Directory traversal vulnerability in QuickZip 3.06.3 allows remote user-assisted attackers to overwr...
E
CVE-2006-3327 Cross-site scripting (XSS) vulnerability in Custom dating biz dating script 1.0 allows remote attack...
CVE-2006-3328 new_ticket.cgi in Hostflow 2.2.1-15 allows remote attackers to steal and replay authentication crede...
CVE-2006-3329 SQL injection vulnerability in search.php in PHP/MySQL Classifieds (PHP Classifieds) allows remote a...
CVE-2006-3330 Cross-site scripting (XSS) vulnerability in AddAsset1.php in PHP/MySQL Classifieds (PHP Classifieds)...
CVE-2006-3331 Opera before 9.0 does not reset the SSL security bar after displaying a download dialog from an SSL-...
S
CVE-2006-3332 SQL injection vulnerability in index.php in Zorum Forum 3.5 allows remote attackers to execute arbit...
CVE-2006-3333 Cross-site scripting (XSS) vulnerability in index.php in Zorum Forum 3.5 allows remote attackers to ...
CVE-2006-3334 Buffer overflow in the png_decompress_chunk function in pngrutil.c in libpng before 1.2.12 allows co...
CVE-2006-3335 Unspecified vulnerability in mkdir in HP-UX B.11.00, B.11.04, B.11.11, and B.11.23 allows local user...
S
CVE-2006-3336 TWiki 01-Dec-2000 up to 4.0.3 allows remote attackers to bypass the upload filter and execute arbitr...
E S
CVE-2006-3337 Cross-site scripting (XSS) vulnerability in frontend/x/files/select.html in cPanel 10.8.2-CURRENT 11...
CVE-2006-3338 Cross-site scripting (XSS) vulnerability in Atlassian JIRA 3.6.2-#156 allows remote attackers to inj...
CVE-2006-3339 secure/ConfigureReleaseNote.jspa in Atlassian JIRA 3.6.2-#156 allows remote attackers to obtain sens...
CVE-2006-3340 Multiple PHP remote file inclusion vulnerabilities in Pearl For Mambo module 1.6 for Mambo, when reg...
E
CVE-2006-3341 SQL injection vulnerability in annonces-p-f.php in MyAds module 2.04jp for Xoops allows remote attac...
E
CVE-2006-3342 Cross-site scripting (XSS) vulnerability in index.php in Arctic 1.0.2 and earlier allows remote atta...
E S
CVE-2006-3343 PHP remote file inclusion vulnerability in recipe/cookbook.php in CrisoftRicette 1.0pre15b allows re...
CVE-2006-3344 Siemens Speedstream Wireless Router 2624 allows local users to bypass authentication and access prot...
CVE-2006-3345 Cross-site scripting (XSS) vulnerability in AliPAGER, possibly 1.5 and earlier, allows remote attack...
CVE-2006-3346 SQL injection vulnerability in tree.php in MyNewsGroups 0.6 allows remote attackers to execute arbit...
CVE-2006-3347 SQL injection vulnerability in index.php in deV!Lz Clanportal DZCP 1.3.4 allows remote attackers to ...
E
CVE-2006-3348 Multiple SQL injection vulnerabilities in HSPcomplete 3.2.2 and 3.3 Beta and earlier allow remote at...
CVE-2006-3349 Multiple SQL injection vulnerabilities in SmS Script allow remote attackers to execute arbitrary SQL...
CVE-2006-3350 Stack-based buffer overflow in AutoVue SolidModel Professional Desktop Edition 19.1 Build 5993 allow...
CVE-2006-3351 Buffer overflow in Windows Explorer (explorer.exe) on Windows XP and 2003 allows user-assisted attac...
E
CVE-2006-3352 Cross-domain vulnerability in Mozilla Firefox allows remote attackers to access restricted informati...
CVE-2006-3353 Opera 9 allows remote attackers to cause a denial of service (crash) via a crafted web page that tri...
E
CVE-2006-3354 Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (crash) by settin...
E
CVE-2006-3355 Heap-based buffer overflow in httpdget.c in mpg123 before 0.59s-rll allows remote attackers to execu...
S
CVE-2006-3356 The TIFFFetchAnyArray function in ImageIO in Apple OS X 10.4.7 and earlier allows remote user-assist...
CVE-2006-3357 Heap-based buffer overflow in HTML Help ActiveX control (hhctrl.ocx) in Microsoft Internet Explorer ...
E
CVE-2006-3358 Multiple cross-site scripting (XSS) vulnerabilities in index.php in NewsPHP 2006 PRO allow remote at...
CVE-2006-3359 Multiple SQL injection vulnerabilities in index.php in NewsPHP 2006 PRO allow remote attackers to in...
CVE-2006-3360 Directory traversal vulnerability in index.php in phpSysInfo 2.5.1 allows remote attackers to determ...
E
CVE-2006-3361 PHP remote file inclusion vulnerability in Stud.IP 1.3.0-2 and earlier, when register_globals is ena...
E
CVE-2006-3362 Unrestricted file upload vulnerability in connectors/php/connector.php in FCKeditor mcpuk file manag...
E S
CVE-2006-3363 PHP remote file inclusion vulnerability in index.php in the Glossaire module 1.7 for Xoops allows re...
E
CVE-2006-3364 SQL injection vulnerability in index.php in the NP_SEO plugin in BLOG:CMS before 4.1.0 allows remote...
CVE-2006-3365 V3 Chat allows remote attackers to obtain the installation path via (1) an invalid id parameter to m...
E
CVE-2006-3366 Multiple cross-site scripting (XSS) vulnerabilities in V3 Chat allow remote attackers to inject arbi...
E
CVE-2006-3367 Mp3 JudeBox Server (Mp3NetBox) Beta 1 stores config.inc under the web document root with insufficien...
CVE-2006-3368 Efone 20000723 stores config.inc under the web document root with insufficient access control, which...
E
CVE-2006-3369 Kamikaze-QSCM 0.1 stores config.inc under the web document root with insufficient access control, wh...
CVE-2006-3370 Blueboy 1.0.3 stores bb_news_config.inc under the web document root with insufficient access control...
CVE-2006-3371 Eupla Foros 1.0 stores the inc/config.inc file under the web document root with insufficient access ...
CVE-2006-3372 Apple Safari 2.0.4/419.3 allows remote attackers to cause a denial of service (application crash) vi...
E
CVE-2006-3373 Unspecified vulnerability in the client/bin/logfetch script in Hobbit 4.2-beta allows local users to...
CVE-2006-3374 PHP remote file inclusion vulnerability in index.php in Randshop 1.2 and earlier, including 0.9.3, a...
E
CVE-2006-3375 PHP remote file inclusion vulnerability in includes/header.inc.php in Randshop 1.1.1 allows remote a...
E
CVE-2006-3376 Integer overflow in player.c in libwmf 0.2.8.4, as used in multiple products including (1) wv, (2) a...
CVE-2006-3377 Cross-site scripting (XSS) vulnerability in JMB Software AutoRank PHP 3.02 and earlier, and AutoRank...
CVE-2006-3378 passwd command in shadow in Ubuntu 5.04 through 6.06 LTS, when called with the -f, -g, or -s flag, d...
CVE-2006-3379 Algorithmic complexity vulnerability in Hiki Wiki 0.6.0 through 0.6.5 and 0.8.0 through 0.8.5 allows...
S
CVE-2006-3380 Algorithmic complexity vulnerability in FreeStyle Wiki before 3.6.2 allows remote attackers to cause...
CVE-2006-3381 SturGeoN Upload allows remote attackers to execute arbitrary PHP code by uploading a file with a .ph...
E
CVE-2006-3382 Cross-site scripting (XSS) vulnerability in search.php in mAds 1.0 allows remote attackers to inject...
E
CVE-2006-3383 Cross-site scripting (XSS) vulnerability in index.php in mAds 1.0 allows remote attackers to inject ...
CVE-2006-3384 SQL injection vulnerability in divers.php in Vincent Leclercq News 5.2 allows remote attackers to ex...
E
CVE-2006-3385 Cross-site scripting (XSS) vulnerability in divers.php in Vincent Leclercq News 5.2 allows remote at...
E
CVE-2006-3386 index.php in Vincent Leclercq News 5.2 allows remote attackers to obtain sensitive information, such...
E
CVE-2006-3387 Directory traversal vulnerability in sources/post.php in Fusion News 1.0, when register_globals is e...
E
CVE-2006-3388 Cross-site scripting (XSS) vulnerability in phpMyAdmin before 2.8.2 allows remote attackers to injec...
S
CVE-2006-3389 index.php in WordPress 2.0.3 allows remote attackers to obtain sensitive information, such as SQL ta...
CVE-2006-3390 WordPress 2.0.3 allows remote attackers to obtain the installation path via a direct request to vari...
CVE-2006-3391 The Execute function in iMBCContents ActiveX Control before 2.0.0.59 allows remote attackers to exec...
S
CVE-2006-3392 Webmin before 1.290 and Usermin before 1.220 calls the simplify_path function before decoding HTML, ...
S
CVE-2006-3393 Papyrus NASCAR Racing 4 4.1.3.1.6 and earlier, 2002 Season 1.1.0.2 and earlier, and 2003 Season 1.2....
E
CVE-2006-3394 SQL injection vulnerability in the files mod in index.php in BXCP 0.3.0.4 allows remote attackers to...
E S
CVE-2006-3395 PHP remote file inclusion vulnerability in top.php in SiteBuilder-FX 3.5 allows remote attackers to ...
E
CVE-2006-3396 PHP remote file inclusion vulnerability in galleria.html.php in Galleria Mambo Module 1.0 and earlie...
E
CVE-2006-3397 Multiple cross-site scripting (XSS) vulnerabilities in Taskjitsu before 2.0.1 allow remote attackers...
S
CVE-2006-3398 The "change password forms" in Taskjitsu before 2.0.1 includes password hashes in hidden form fields...
CVE-2006-3399 Cross-site scripting (XSS) vulnerability in wiki.php in MoniWiki before 1.1.2-20060702 allows remote...
E S
CVE-2006-3400 Stack-based buffer overflow in the CG_ServerCommand function in Quake 3 Engine as used by Soldier of...
E
CVE-2006-3401 Stack-based buffer overflow in Quake 3 Engine as used by Quake 3: Arena 1.32b and 1.32c allows remot...
E
CVE-2006-3402 SQL injection vulnerability in VirtuaStore 2.0 allows remote attackers to execute arbitrary SQL comm...
E
CVE-2006-3403 The smdb daemon (smbd/service.c) in Samba 3.0.1 through 3.0.22 allows remote attackers to cause a de...
S
CVE-2006-3404 Buffer overflow in the xcf_load_vector function in app/xcf/xcf-load.c for gimp before 2.2.12 allows ...
S
CVE-2006-3405 Cross-site scripting (XSS) vulnerability in qtofm.php in QTOFileManager 1.0 allows remote attackers ...
E
CVE-2006-3406 Directory traversal vulnerability in qtofm.php in QTOFileManager 1.0 allows remote attackers to modi...
CVE-2006-3407 Tor before 0.1.1.20 allows remote attackers to spoof log entries or possibly execute shell code via ...
S
CVE-2006-3408 Unspecified vulnerability in the directory server (dirserver) in Tor before 0.1.1.20 allows remote a...
S
CVE-2006-3409 Integer overflow in Tor before 0.1.1.20 allows remote attackers to execute arbitrary code via crafte...
S
CVE-2006-3410 Tor before 0.1.1.20 creates "internal circuits" primarily consisting of nodes with "useful exit node...
S
CVE-2006-3411 TLS handshakes in Tor before 0.1.1.20 generate public-private keys based on TLS context rather than ...
S
CVE-2006-3412 Tor before 0.1.1.20 does not sufficiently obey certain firewall options, which allows remote attacke...
S
CVE-2006-3413 The privoxy configuration file in Tor before 0.1.1.20, when run on Apple OS X, logs all data via the...
S
CVE-2006-3414 Tor before 0.1.1.20 supports server descriptors that contain hostnames instead of IP addresses, whic...
S
CVE-2006-3415 Tor before 0.1.1.20 uses improper logic to validate the "OR" destination, which allows remote attack...
S
CVE-2006-3416 Tor before 0.1.1.20 kills the circuit when it receives an unrecognized relay command, which causes n...
S
CVE-2006-3417 Tor client before 0.1.1.20 prefers entry points based on is_fast or is_stable flags, which could all...
S
CVE-2006-3418 Tor before 0.1.1.20 does not validate that a server descriptor's fingerprint line matches its identi...
S
CVE-2006-3419 Tor before 0.1.1.20 uses OpenSSL pseudo-random bytes (RAND_pseudo_bytes) instead of cryptographicall...
S
CVE-2006-3420 Cross-site request forgery (CSRF) vulnerability in editpost.php in MyBulletinBoard (MyBB) before 1.1...
CVE-2006-3421 PHP remote file inclusion vulnerability in SmartSiteCMS 1.0 and earlier, when register_globals is en...
E
CVE-2006-3422 PHP remote file inclusion vulnerability in WonderEdit Pro CMS allows remote attackers to execute arb...
E
CVE-2006-3423 WebEx Downloader ActiveX Control and WebEx Downloader Java before 2.1.0.0 do not validate downloaded...
S
CVE-2006-3424 Multiple buffer overflows in WebEx Downloader ActiveX Control, possibly in versions before November ...
CVE-2006-3425 FastPatch for (a) PatchLink Update Server (PLUS) before 6.1 P1 and 6.2.x before 6.2 SR1 P1, and (b) ...
S
CVE-2006-3426 Directory traversal vulnerability in (a) PatchLink Update Server (PLUS) before 6.1 P1 and 6.2.x befo...
CVE-2006-3427 Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (crash) by declar...
E
CVE-2006-3428 Cross-site scripting (XSS) vulnerability in TigerTom TTCalc 1.0 allows remote attackers to inject ar...
CVE-2006-3429 Cross-site scripting (XSS) vulnerability in TigerTom TTCalc 1.0 allows remote attackers to inject ar...
CVE-2006-3430 SQL injection vulnerability in checkprofile.asp in (1) PatchLink Update Server (PLUS) before 6.1 P1 ...
CVE-2006-3431 Buffer overflow in certain Asian language versions of Microsoft Excel might allow user-assisted atta...
E
CVE-2006-3432 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-0028. Reason: This candida...
R
CVE-2006-3433 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2006-3434 Unspecified vulnerability in Microsoft Office 2000, XP, 2003, 2004 for Mac, and v.X for Mac allows r...
CVE-2006-3435 PowerPoint in Microsoft Office 2000, XP, 2003, 2004 for Mac, and v.X for Mac does not properly parse...
CVE-2006-3436 Cross-site scripting (XSS) vulnerability in Microsoft .NET Framework 2.0 allows remote attackers to ...
CVE-2006-3437 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2006-3438 Unspecified vulnerability in Microsoft Hyperlink Object Library (hlink.dll), possibly a buffer overf...
S
CVE-2006-3439 Buffer overflow in the Server Service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003...
S
CVE-2006-3440 Buffer overflow in the Winsock API in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP...
S
CVE-2006-3441 Buffer overflow in the DNS Client service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server ...
S
CVE-2006-3442 Unspecified vulnerability in Pragmatic General Multicast (PGM) in Microsoft Windows XP SP2 and earli...
S
CVE-2006-3443 Untrusted search path vulnerability in Winlogon in Microsoft Windows 2000 SP4, when SafeDllSearchMod...
S
CVE-2006-3444 Unspecified vulnerability in the kernel in Microsoft Windows 2000 SP4, probably a buffer overflow, a...
CVE-2006-3445 Integer overflow in the ReadWideString function in agentdpv.dll in Microsoft Agent on Microsoft Wind...
CVE-2006-3446 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2006-3447 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2006-3448 Buffer overflow in the Step-by-Step Interactive Training in Microsoft Windows 2000 SP4, XP SP2 and P...
CVE-2006-3449 Unspecified vulnerability in Microsoft PowerPoint 2000 through 2003, possibly a buffer overflow, all...
S
CVE-2006-3450 Microsoft Internet Explorer 6 allows remote attackers to execute arbitrary code by using the documen...
S
CVE-2006-3451 Microsoft Internet Explorer 5 SP4 and 6 do not properly garbage collect when "multiple imports are u...
S
CVE-2006-3452 Adobe Reader and Acrobat 6.0.4 and earlier, on Mac OSX, has insecure file and directory permissions,...
S
CVE-2006-3453 Buffer overflow in Adobe Acrobat 6.0 to 6.0.4 allows remote attackers to execute arbitrary code via ...
CVE-2006-3454 Multiple format string vulnerabilities in Symantec AntiVirus Corporate Edition 8.1 up to 10.0, and C...
S
CVE-2006-3455 The SAVRT.SYS device driver, as used in Symantec AntiVirus Corporate Edition 8.1 and 9.0.x up to 9.0...
S
CVE-2006-3456 The Symantec NAVOPTS.DLL ActiveX control (aka Symantec.Norton.AntiVirus.NAVOptions) 12.2.0.13, as us...
CVE-2006-3457 Symantec On-Demand Agent (SODA) before 2.5 MR2 Build 2157, and the Virtual Desktop module in Symante...
CVE-2006-3458 Zope 2.7.0 to 2.7.8, 2.8.0 to 2.8.7, and 2.9.0 to 2.9.3 (Zope2) does not disable the "raw" command w...
CVE-2006-3459 Multiple stack-based buffer overflows in the TIFF library (libtiff) before 3.8.2, as used in Adobe R...
S
CVE-2006-3460 Heap-based buffer overflow in the JPEG decoder in the TIFF library (libtiff) before 3.8.2 allows con...
S
CVE-2006-3461 Heap-based buffer overflow in the PixarLog decoder in the TIFF library (libtiff) before 3.8.2 might ...
S
CVE-2006-3462 Heap-based buffer overflow in the NeXT RLE decoder in the TIFF library (libtiff) before 3.8.2 might ...
S
CVE-2006-3463 The EstimateStripByteCounts function in TIFF library (libtiff) before 3.8.2 uses a 16-bit unsigned s...
S
CVE-2006-3464 TIFF library (libtiff) before 3.8.2 allows context-dependent attackers to pass numeric range checks ...
S
CVE-2006-3465 Unspecified vulnerability in the custom tag support for the TIFF library (libtiff) before 3.8.2 allo...
S
CVE-2006-3466 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-3600. Reason: This candida...
R
CVE-2006-3467 Integer overflow in FreeType before 2.2 allows remote attackers to cause a denial of service (crash)...
S
CVE-2006-3468 Linux kernel 2.6.x, when using both NFS and EXT3, allows remote attackers to cause a denial of servi...
CVE-2006-3469 Format string vulnerability in time.cc in MySQL Server 4.1 before 4.1.21 and 5.0 before 1 April 2006...
S
CVE-2006-3470 The Dell Openmanage CD launches X11 and SSH daemons that do not require authentication, which allows...
CVE-2006-3471 Microsoft Internet Explorer 6 on Windows XP allows remote attackers to cause a denial of service (cr...
CVE-2006-3472 Microsoft Internet Explorer 6.0 and 6.0 SP1 allows remote attackers to cause a denial of service via...
E
CVE-2006-3473 CRLF injection vulnerability in form_mail Drupal Module before 1.8.2.2 allows remote attackers to in...
S
CVE-2006-3474 Multiple SQL injection vulnerabilities in Belchior Foundry vCard PRO allow remote attackers to execu...
E
CVE-2006-3475 Multiple PHP remote file inclusion vulnerabilities in free QBoard 1.1 allow remote attackers to exec...
E
CVE-2006-3476 Cross-site scripting (XSS) vulnerability in comments.php in PhpWebGallery 1.5.2 and earlier, and pos...
E
CVE-2006-3477 Unspecified vulnerability in the POP service in Stalker CommuniGate Pro 5.1c1 and earlier allows rem...
S
CVE-2006-3478 PHP remote file inclusion vulnerability in styles/default/global_header.php in MyPHP CMS 0.3 and ear...
E
CVE-2006-3479 Cross-site request forgery (CSRF) vulnerability in the del_block function in modules/Admin/block.php...
CVE-2006-3480 Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.0.10 allow remote attackers ...
S
CVE-2006-3481 Multiple SQL injection vulnerabilities in Joomla! before 1.0.10 allow remote attackers to execute ar...
S
CVE-2006-3482 Cross-site scripting (XSS) vulnerability in maillist.php in PHPMailList 1.8.0 and earlier allows rem...
CVE-2006-3483 PHPMailList 1.8.0 stores sensitive information under the web document root iwth insufficient access ...
CVE-2006-3484 Multiple cross-site scripting (XSS) vulnerabilities in ATutor before 1.5.3 allow remote attackers to...
E S
CVE-2006-3485 Multiple SQL injection vulnerabilities in AstroDog Press Some Chess 1.5-RC2 and earlier allow remote...
E S
CVE-2006-3486 Off-by-one buffer overflow in the Instance_options::complete_initialization function in instance_opt...
CVE-2006-3487 VirtuaStore 2.0 stores sensitive files under the web root with insufficient access control, which al...
CVE-2006-3488 Absolute path traversal vulnerability in administrador.asp in VirtuaStore 2.0 allows remote attacker...
CVE-2006-3489 F-Secure Anti-Virus 2003 through 2006 and other versions, Internet Security 2003 through 2006, and S...
S
CVE-2006-3490 F-Secure Anti-Virus 2003 through 2006 and other versions, Internet Security 2003 through 2006, and S...
S
CVE-2006-3491 Stack-based buffer overflow in Kaillera Server 0.86 and earlier allows remote attackers to execute a...
E
CVE-2006-3492 The CORBA::ORBInvokeRec::set_answer_invoke function in orb.cc in MICO (Mico Is CORBA) 2.3.12 and ear...
S
CVE-2006-3493 Buffer overflow in LsCreateLine function (mso_203) in mso.dll and mso9.dll, as used by Microsoft Wor...
E
CVE-2006-3494 Multiple cross-site scripting (XSS) vulnerabilities in Buddy Zone 1.0.1 allow remote attackers to in...
E
CVE-2006-3495 AFP Server in Apple Mac OS X 10.3.9 and 10.4.7 stores reconnect keys in a world-readable file, which...
CVE-2006-3496 AFP Server in Apple Mac OS X 10.3.9 and 10.4.7 allows remote attackers to cause denial of service (c...
CVE-2006-3497 Unspecified vulnerability in the "compression state handling" in Bom for Apple Mac OS X 10.3.9 and 1...
E S
CVE-2006-3498 Stack-based buffer overflow in bootpd in the DHCP component for Apple Mac OS X 10.3.9 and 10.4.7 all...
CVE-2006-3499 The dynamic linker (dyld) in Apple Mac OS X 10.3.9 allows local users to obtain sensitive informatio...
CVE-2006-3500 The dynamic linker (dyld) in Apple Mac OS X 10.4.7 allows local users to execute arbitrary code via ...
CVE-2006-3501 Integer overflow in ImageIO for Apple Mac OS X 10.4.7 allows user-assisted attackers to cause a deni...
CVE-2006-3502 Unspecified vulnerability in ImageIO in Apple Mac OS X 10.4.7 allows user-assisted attackers to caus...
CVE-2006-3503 Integer overflow in ImageIO in Apple Mac OS X 10.4.7 allows user-assisted attackers to cause a denia...
CVE-2006-3504 The Download Validation in LaunchServices for Apple Mac OS X 10.4.7 can identify certain HTML as "sa...
CVE-2006-3505 WebKit in Apple Mac OS X 10.3.9 and 10.4.7 allows remote attackers to cause a denial of service (cra...
CVE-2006-3506 Buffer overflow in the Xsan Filesystem driver on Mac OS X 10.4.7 and OS X Server 10.4.7 allows local...
S
CVE-2006-3507 Multiple stack-based buffer overflows in the AirPort wireless driver on Apple Mac OS X 10.3.9 and 10...
CVE-2006-3508 Heap-based buffer overflow in the AirPort wireless driver on Apple Mac OS X 10.4.7 allows physically...
CVE-2006-3509 Integer overflow in the API for the AirPort wireless driver on Apple Mac OS X 10.4.7 might allow phy...
CVE-2006-3510 The Remote Data Service Object (RDS.DataControl) in Microsoft Internet Explorer 6 on Windows 2000 al...
E
CVE-2006-3511 Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) b...
E
CVE-2006-3512 Internet Explorer 6 on Windows XP allows remote attackers to cause a denial of service (crash) by se...
E
CVE-2006-3513 danim.dll in Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (app...
E
CVE-2006-3514 Multiple cross-site scripting (XSS) vulnerabilities in admin/actions.php in PHP-Blogger 2.2.5, and p...
CVE-2006-3515 SQL injection vulnerability in the loginADP function in ajaxp.php in AjaxPortal 3.0 allows remote at...
CVE-2006-3516 Multiple SQL injection vulnerabilities in FreeHost allow remote attackers to execute arbitrary SQL c...
CVE-2006-3517 PHP remote file inclusion vulnerability in stats.php in RW::Download, when register_globals is enabl...
CVE-2006-3518 SQL injection vulnerability in SayfalaAltList.asp in Webvizyon Portal 2006 allows remote attackers t...
E
CVE-2006-3519 Multiple cross-site scripting (XSS) vulnerabilities in The Banner Engine (tbe) 4.0 allow remote atta...
E
CVE-2006-3520 PHP remote file inclusion vulnerability in skins/advanced/advanced1.php in Sabdrimer Pro 2.2.4, when...
E
CVE-2006-3521 Multiple cross-site scripting (XSS) vulnerabilities in index/siteforge-bugs-action/proj.siteforge in...
CVE-2006-3522 Cross-site scripting (XSS) vulnerability in Clearswift MIMEsweeper for Web before 5.1.15 Hotfix allo...
S
CVE-2006-3523 Clearswift MIMEsweeper for Web before 5.1.15 Hotfix allows remote attackers to cause a denial of ser...
S
CVE-2006-3524 Buffer overflow in SIPfoundry sipXtapi released before 20060324 allows remote attackers to execute a...
E
CVE-2006-3525 SQL injection vulnerability in category.php in PHCDownload 1.0.0 Final and 1.0.0 Release Candidate 6...
CVE-2006-3526 Multiple cross-site scripting (XSS) vulnerabilities in guestbook.php in Sport-slo Advanced Guestbook...
CVE-2006-3527 Multiple PHP remote file inclusion vulnerabilities in BosClassifieds Classified Ads allow remote att...
E
CVE-2006-3528 Multiple PHP remote file inclusion vulnerabilities in Simpleboard Mambo module 1.1.0 and earlier all...
E
CVE-2006-3529 Memory leak in Juniper JUNOS 6.4 through 8.0, built before May 10, 2006, allows remote attackers to ...
CVE-2006-3530 PHP remote file inclusion vulnerability in com_pccookbook/pccookbook.php in the PccookBook Component...
E
CVE-2006-3531 includes/editor/insert_image.php in Pivot 1.30 RC2 and earlier creates the authentication credential...
E
CVE-2006-3532 PHP file inclusion vulnerability in includes/edit_new.php in Pivot 1.30 RC2 and earlier, when regist...
E
CVE-2006-3533 Multiple cross-site scripting (XSS) vulnerabilities in Pivot 1.30 RC2 and earlier, when register_glo...
E
CVE-2006-3534 Directory traversal vulnerability in Nullsoft SHOUTcast DSP before 1.9.6 filters directory traversal...
E S
CVE-2006-3535 Directory traversal vulnerability in Nullsoft SHOUTcast DSP before 1.9.7 allows remote attackers to ...
E S
CVE-2006-3536 Direct static code injection vulnerability in code/class_db_text.php in EJ3 TOPo 2.2.178 and earlier...
CVE-2006-3537 PHP remote file inclusion vulnerability in index.php in Randshop before 1.2 allows remote attackers ...
E
CVE-2006-3538 Multiple cross-site scripting (XSS) vulnerabilities in demo.php in BeatificFaith Eprayer Alpha allow...
E
CVE-2006-3539 Multiple cross-site scripting (XSS) vulnerabilities in DKScript.com Dragon's Kingdom Script 1.0 allo...
CVE-2006-3540 Check Point Zone Labs ZoneAlarm Internet Security Suite 6.5.722.000, 6.1.737.000, and possibly other...
CVE-2006-3541 SQL injection vulnerability in Meine Links (aka My Links) in Kyberna ky2help allows remote authentic...
CVE-2006-3542 Multiple cross-site scripting (XSS) vulnerabilities in Garry Glendown Shopping Cart 0.9 allow remote...
CVE-2006-3543 Multiple SQL injection vulnerabilities in Invision Power Board (IPB) 1.x and 2.x allow remote attack...
E
CVE-2006-3544 Multiple SQL injection vulnerabilities in Invision Power Board (IPB) 1.3 Final allow remote attacker...
E
CVE-2006-3545 Microsoft Internet Explorer 7.0 Beta allows remote attackers to cause a denial of service (applicati...
CVE-2006-3546 Patrice Freydiere ImgSvr (aka ADA Image Server) allows remote attackers to cause a denial of service...
E
CVE-2006-3547 EMC VMware Player allows user-assisted attackers to cause a denial of service (unrecoverable applica...
CVE-2006-3548 Multiple cross-site scripting (XSS) vulnerabilities in Horde Application Framework 3.0.0 through 3.0...
E S
CVE-2006-3549 services/go.php in Horde Application Framework 3.0.0 through 3.0.10 and 3.1.0 through 3.1.1 does not...
E S
CVE-2006-3550 Multiple cross-site scripting (XSS) vulnerabilities in F5 Networks FirePass 4100 5.x allow remote at...
CVE-2006-3551 NCP Secure Enterprise Client (aka VPN/PKI client) 8.30 Build 59, and possibly earlier versions, when...
CVE-2006-3552 Premium Anti-Spam in Ipswitch IMail Secure Server 2006 and Collaboration Suite 2006 Premium, when us...
CVE-2006-3553 PlaNet Concept planetNews allows remote attackers to bypass authentication and execute arbitrary cod...
E
CVE-2006-3554 Directory traversal vulnerability in index.php in MKPortal 1.0.1 Final allows remote attackers to in...
E S
CVE-2006-3555 Multiple cross-site scripting (XSS) vulnerabilities in submit.php in PHP-Fusion before 6.01.3 allow ...
S
CVE-2006-3556 PHP remote file inclusion vulnerability in extcalendar.php in Mohamed Moujami ExtCalendar 2.0 allows...
E
CVE-2006-3557 MT Orumcek Toplist 2.2 stores DB/orumcektoplist.mdb under the web root with insufficient access cont...
CVE-2006-3558 Multiple cross-site scripting (XSS) vulnerabilities in Arif Supriyanto auraCMS 1.62 allow remote att...
E
CVE-2006-3559 Multiple SQL injection vulnerabilities in Arif Supriyanto auraCMS 1.62 allow remote attackers to exe...
E
CVE-2006-3560 SQL injection vulnerability in topics.php in Blue Dojo Graffiti Forums 1.0 allows remote attackers t...
E
CVE-2006-3561 BT Voyager 2091 Wireless firmware 2.21.05.08m_A2pB018c1.d16d and earlier, and 3.01m and earlier, all...
E
CVE-2006-3562 PHP remote file inclusion vulnerabilities in plume cms 1.0.4 allow remote attackers to execute arbit...
E
CVE-2006-3563 Cross-site scripting (XSS) vulnerability in gallery/thumb.php in Winged Gallery 1.0 allows remote at...
E
CVE-2006-3564 Multiple cross-site scripting (XSS) vulnerabilities in HiveMail 1.3 and earlier allow remote attacke...
CVE-2006-3565 SQL injection vulnerability in search.results.php in HiveMail 1.3 and earlier allows remote attacker...
CVE-2006-3566 search.results.php in HiveMail 3.1 and earlier allows remote attackers to obtain the installation pa...
CVE-2006-3567 Cross-site scripting (XSS) vulnerability in the web administration interface logging feature in Juni...
CVE-2006-3568 Multiple cross-site scripting (XSS) vulnerabilities in guestbook.php in Fantastic Guestbook 2.0.1, a...
E
CVE-2006-3569 Unspecified vulnerability in NetApp Data ONTAP 7.0x through 7.0.4P8D9, 7.1x, 7.1.0.1x, and 7.2RC1, R...
CVE-2006-3570 Cross-site scripting (XSS) vulnerability in the webform module in Drupal 4.6 before July 8, 2006 and...
S
CVE-2006-3571 Multiple cross-site scripting (XSS) vulnerabilities in interna/hilfe.php in Papoo 3 RC3 and earlier ...
E
CVE-2006-3572 SQL injection vulnerability in forumthread.php in Papoo 3 RC3 and earlier allows remote attackers to...
E
CVE-2006-3573 Format string vulnerability in the WriteText function in agl_text.cpp in Milan Mimica Sparklet 0.9.4...
CVE-2006-3574 Multiple cross-site scripting (XSS) vulnerabilities in Hitachi Groupmax Collaboration Portal and Web...
S
CVE-2006-3575 Unknown vulnerability in the Buffer Overflow Protection in McAfee VirusScan Enterprise 8.0.0 allows ...
CVE-2006-3576 SQL injection vulnerability in search.php in SenseSites CommonSense CMS 5.0 allows remote attackers ...
CVE-2006-3577 SQL injection vulnerability in index.php in LifeType 1.0.5 allows remote attackers to execute arbitr...
E S
CVE-2006-3578 Directory traversal vulnerability in Fujitsu ServerView 2.50 up to 3.60L98 and 4.10L11 up to 4.11L81...
S
CVE-2006-3579 Cross-site scripting (XSS) vulnerability in Fujitsu ServerView 2.50 up to 3.60L98 and 4.10L11 up to ...
S
CVE-2006-3580 SQL injection vulnerability in pages.asp in ASP Stats Generator before 2.1.2 allows remote attackers...
E
CVE-2006-3581 Multiple stack-based buffer overflows in Audacious AdPlug 2.0 and earlier allow remote user-assisted...
E S
CVE-2006-3582 Multiple heap-based buffer overflows in Audacious AdPlug 2.0 and earlier allow remote user-assisted ...
E S
CVE-2006-3583 Session fixation vulnerability in Jetbox CMS 2.1 SR1 allows remote attackers to hijack web sessions ...
CVE-2006-3584 Dynamic variable evaluation vulnerability in index.php in Jetbox CMS 2.1 SR1 allows remote attackers...
CVE-2006-3585 Multiple cross-site scripting (XSS) vulnerabilities in Jetbox CMS 2.1 SR1 allow remote attackers to ...
CVE-2006-3586 SQL injection vulnerability in Jetbox CMS 2.1 SR1 allows remote attackers to execute arbitrary SQL c...
CVE-2006-3587 Unspecified vulnerability in Adobe (Macromedia) Flash Player 8.0.24.0 allows remote attackers to exe...
S
CVE-2006-3588 Unspecified vulnerability in Adobe (Macromedia) Flash Player 8.0.24.0 allows remote attackers to cau...
CVE-2006-3589 vmware-config.pl in VMware for Linux, ESX Server 2.x, and Infrastructure 3 does not check the return...
CVE-2006-3590 mso.dll, as used by Microsoft PowerPoint 2000 through 2003, allows user-assisted attackers to execut...
CVE-2006-3591 Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (application cras...
E
CVE-2006-3592 Unspecified vulnerability in the command line interface (CLI) in Cisco Unified CallManager (CUCM) 5....
CVE-2006-3593 The command line interface (CLI) in Cisco Unified CallManager (CUCM) 5.0(1) through 5.0(3a) allows l...
CVE-2006-3594 Buffer overflow in Cisco Unified CallManager (CUCM) 5.0(1) through 5.0(3a) allows remote attackers t...
S
CVE-2006-3595 The default configuration of IOS HTTP server in Cisco Router Web Setup (CRWS) before 3.3.0 build 31 ...
S
CVE-2006-3596 The device driver for Intel-based gigabit network adapters in Cisco Intrusion Prevention System (IPS...
S
CVE-2006-3597 passwd before 1:4.0.13 on Ubuntu 6.06 LTS leaves the root password blank instead of locking it when ...
E S
CVE-2006-3598 SQL injection vulnerability in the Sections module for PHP-Nuke allows remote attackers to execute a...
E
CVE-2006-3599 SQL injection vulnerability in the Nuke Advanced Classifieds module for PHP-Nuke allows remote attac...
CVE-2006-3600 Multiple stack-based buffer overflows in the LookupTRM::lookup function in libtunepimp (TunePimp) 0....
S
CVE-2006-3601 ** UNVERIFIABLE ** Unspecified vulnerability in an unspecified DNN Modules module for DotNetNuke (....
CVE-2006-3602 Directory traversal vulnerability in jscripts/tiny_mce/tiny_mce_gzip.php in FarsiNews 3.0 BETA 1 all...
E
CVE-2006-3603 Cross-site scripting (XSS) vulnerability in index.php in FlexWATCH Network Camera 3.0 and earlier al...
E
CVE-2006-3604 Directory traversal vulnerability in FlexWATCH Network Camera 3.0 and earlier allows remote attacker...
E
CVE-2006-3605 Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (crash) by settin...
E
CVE-2006-3606 Unspecified vulnerability in Sun Solaris X Inter Client Exchange library (libICE) on Solaris 8 and 9...
S
CVE-2006-3607 Multiple cross-site scripting (XSS) vulnerabilities in Softbiz Banner Exchange Script (aka Banner Ex...
E
CVE-2006-3608 The Gallery module in Simone Vellei Flatnuke 2.5.7 and earlier, when Gallery uploads are enabled, do...
E
CVE-2006-3609 Cross-site scripting (XSS) vulnerability in index.php in Orbitcoders OrbitMATRIX 1.0 allows remote a...
CVE-2006-3610 index.php in Orbitcoders OrbitMATRIX 1.0 allows remote attackers to obtain sensitive information (pa...
CVE-2006-3611 Directory traversal vulnerability in pm.php in Phorum 5 allows remote authenticated users to include...
E
CVE-2006-3612 Cross-site scripting (XSS) vulnerability in Phorum 5.1.14 allows remote attackers to inject arbitrar...
CVE-2006-3613 Multiple cross-site scripting (XSS) vulnerabilities in Chamberland Technology ezWaiter 3.0 Online an...
CVE-2006-3614 index.php in Orbitcoders OrbitMATRIX 1.0 allows remote attackers to trigger a SQL error via the page...
CVE-2006-3615 Multiple PHP remote file inclusion vulnerabilities in Phorum 5.1.14, when register_globals is enable...
CVE-2006-3616 Multiple cross-site scripting (XSS) vulnerabilities in Carbonize Lazarus Guestbook 1.6 and earlier a...
E
CVE-2006-3617 Cross-site scripting (XSS) vulnerability in pblguestbook.php in Pixelated By Lev (PBL) Guestbook 1.3...
E
CVE-2006-3618 SQL injection vulnerability in pblguestbook.php in Pixelated By Lev (PBL) Guestbook 1.32 and earlier...
E
CVE-2006-3619 Directory traversal vulnerability in FastJar 0.93, as used in Gnu GCC 4.1.1 and earlier, and 3.4.6 a...
CVE-2006-3620 Cross-site scripting (XSS) vulnerability in the showtopic module in Koobi Pro CMS 5.6 allows remote ...
E
CVE-2006-3621 SQL injection vulnerability in the showtopic module in Koobi Pro CMS 5.6 allows remote attackers to ...
E
CVE-2006-3622 The showtopic module in Koobi Pro CMS 5.6 allows remote attackers to obtain sensitive information vi...
E
CVE-2006-3623 Directory traversal vulnerability in Framework Service component in McAfee ePolicy Orchestrator agen...
E
CVE-2006-3624 Multiple cross-site scripting (XSS) vulnerabilities in FLV Players 8 allow remote attackers to injec...
E
CVE-2006-3625 FLV Players 8 allows remote attackers to obtain sensitive information via (1) a direct request to pa...
CVE-2006-3626 Race condition in Linux kernel 2.6.17.4 and earlier allows local users to gain root privileges by us...
CVE-2006-3627 Unspecified vulnerability in the GSM BSSMAP dissector in Wireshark (aka Ethereal) 0.10.11 to 0.99.0 ...
S
CVE-2006-3628 Multiple format string vulnerabilities in Wireshark (aka Ethereal) 0.10.x to 0.99.0 allow remote att...
S
CVE-2006-3629 Unspecified vulnerability in the MOUNT dissector in Wireshark (aka Ethereal) 0.9.4 to 0.99.0 allows ...
S
CVE-2006-3630 Multiple off-by-one errors in Wireshark (aka Ethereal) 0.9.7 to 0.99.0 have unknown impact and remot...
S
CVE-2006-3631 Unspecified vulnerability in the SSH dissector in Wireshark (aka Ethereal) 0.9.10 to 0.99.0 allows r...
S
CVE-2006-3632 Buffer overflow in Wireshark (aka Ethereal) 0.8.16 to 0.99.0 allows remote attackers to cause a deni...
S
CVE-2006-3633 OSSP shiela 1.1.5 and earlier allows remote authenticated users to execute arbitrary commands on the...
S
CVE-2006-3634 The (1) __futex_atomic_op and (2) futex_atomic_cmpxchg_inatomic functions in Linux kernel 2.6.17-rc4...
CVE-2006-3635 The ia64 subsystem in the Linux kernel before 2.6.26 allows local users to cause a denial of service...
S
CVE-2006-3636 Multiple cross-site scripting (XSS) vulnerabilities in Mailman before 2.1.9rc1 allow remote attacker...
S
CVE-2006-3637 Microsoft Internet Explorer 5.01 SP4 and 6 does not properly handle various HTML layout component co...
S
CVE-2006-3638 Microsoft Internet Explorer 5.01 and 6 does not properly handle uninitialized COM objects, which all...
CVE-2006-3639 Microsoft Internet Explorer 5.01 and 6 does not properly identify the originating domain zone when h...
S
CVE-2006-3640 Microsoft Internet Explorer 5.01 and 6 allows certain script to persist across navigations between p...
CVE-2006-3641 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2006-3642 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2006-3643 Cross-site scripting (XSS) vulnerability in Internet Explorer 5.01 and 6 in Microsoft Windows 2000 S...
S
CVE-2006-3644 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2006-3645 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2006-3646 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2006-3647 Integer overflow in Microsoft Word 2000, 2002, 2003, 2004 for Mac, and v.X for Mac allows remote use...
CVE-2006-3648 Unspecified vulnerability in Microsoft Windows 2000 SP4, XP SP1 and SP2, Server 2003 and 2003 SP1, a...
S
CVE-2006-3649 Buffer overflow in Microsoft Visual Basic for Applications (VBA) SDK 6.0 through 6.4, as used by Mic...
S
CVE-2006-3650 Microsoft Office 2000, XP, 2003, 2004 for Mac, and v.X for Mac do not properly parse the length of a...
CVE-2006-3651 Unspecified vulnerability in Microsoft Word 2000, 2002, and Office 2003 allows remote user-assisted ...
CVE-2006-3652 Microsoft Internet Security and Acceleration (ISA) Server 2004 allows remote attackers to bypass fil...
CVE-2006-3653 wksss.exe 8.4.702.0 in Microsoft Works Spreadsheet 8.0 allows remote attackers to cause a denial of ...
E
CVE-2006-3654 Buffer overflow in wksss.exe 8.4.702.0 in Microsoft Works Spreadsheet 8.0 allows remote attackers to...
E
CVE-2006-3655 Unspecified vulnerability in mso.dll in Microsoft PowerPoint 2003 allows user-assisted attackers to ...
E
CVE-2006-3656 Unspecified vulnerability in Microsoft PowerPoint 2003 allows user-assisted attackers to cause memor...
E
CVE-2006-3657 Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (stack overflow e...
CVE-2006-3658 Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (crash) by access...
E
CVE-2006-3659 Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (crash) by settin...
CVE-2006-3660 Unspecified vulnerability in Microsoft PowerPoint 2003 has unknown impact and user-assisted attack v...
E
CVE-2006-3661 Cross-site scripting (XSS) vulnerability in Index.PHP in CuteNews 1.4.5 allows remote attackers to i...
CVE-2006-3662 SQL injection vulnerability in index.php in ATutor 1.5.3 allows remote attackers to execute arbitrar...
E
CVE-2006-3663 Finjan Vital Security Appliance 5100/8100 NG 8.3.5 stores passwords in plaintext in a backup file, w...
E
CVE-2006-3664 Unspecified vulnerability in NIS server on Sun Solaris 8, 9, and 10 allows local and remote attacker...
S
CVE-2006-3665 SquirrelMail 1.4.6 and earlier, with register_globals enabled, allows remote attackers to hijack coo...
CVE-2006-3666 SQL injection vulnerability in AjaxPortal 3.0, with magic_quotes_gpc disabled, allows remote attacke...
E
CVE-2006-3667 Unspecified vulnerability in Sybase/Financial Fusion Consumer Banking Suite versions before 20060706...
CVE-2006-3668 Heap-based buffer overflow in the it_read_envelope function in Dynamic Universal Music Bibliotheque ...
E
CVE-2006-3669 Mercury Messenger, possibly 1.7.1.1 and other versions, when running on a multi-user Mac OS X platfo...
CVE-2006-3670 Stack-based buffer overflow in Winlpd 1.26 allows remote attackers to execute arbitrary code via a l...
E
CVE-2006-3671 Cross-site request forgery (CSRF) vulnerability in the communicate function in estmaster.c for Hyper...
S
CVE-2006-3672 KDE Konqueror 3.5.1 and earlier allows remote attackers to cause a denial of service (application cr...
E
CVE-2006-3673 nNetObject.cpp in Armagetron Advanced 2.8.2 and earlier allows remote attackers to cause a denial of...
E
CVE-2006-3674 nNetObject.cpp in Armagetron Advanced 2.8.2 and earlier allows remote attackers to cause a denial of...
E
CVE-2006-3675 Password Safe 2.11, 2.16 and 3.0BETA1 does not respect the configuration settings for locking the pa...
E
CVE-2006-3676 admin/gallery_admin.php in planetGallery before 14.07.2006 allows remote attackers to execute arbitr...
E S
CVE-2006-3677 Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote attackers to execute arb...
S
CVE-2006-3678 TippingPoint IPS running the TippingPoint Operating System (TOS) before 2.2.4.6519 allows remote att...
S
CVE-2006-3679 FatWire Content Server 5.5.0 allows remote attackers to bypass access restrictions and obtain admini...
S
CVE-2006-3680 Cross-site scripting (XSS) vulnerability in photocycle in Photocycle 1.0 allows remote attackers to ...
E S
CVE-2006-3681 Multiple cross-site scripting (XSS) vulnerabilities in awstats.pl in AWStats 6.5 build 1.857 and ear...
E
CVE-2006-3682 awstats.pl in AWStats 6.5 build 1.857 and earlier allows remote attackers to obtain the installation...
E
CVE-2006-3683 PHP remote file inclusion vulnerability in poll.php in Flipper Poll 1.1 and earlier allows remote at...
E
CVE-2006-3684 PHP remote file inclusion vulnerability in calendar.php in SoftComplex PHP Event Calendar 1.4 allows...
E S
CVE-2006-3685 PHP remote file inclusion vulnerability in CzarNews 1.12 through 1.14 allows remote attackers to exe...
E
CVE-2006-3686 Unspecified vulnerability in [SYSEXE]SMPUTIL.EXE in HP OpenVMS 7.3-2 allows local users and "remote ...
CVE-2006-3687 Stack-based buffer overflow in the Universal Plug and Play (UPnP) service in D-Link DI-524, DI-604 B...
CVE-2006-3688 SQL injection vulnerability in Room.php in Francisco Charrua Photo-Gallery 1.0 allows remote attacke...
CVE-2006-3689 PHP remote file inclusion vulnerability in user-func.php in Codeworks Gnomedia SubberZ[Lite] allows ...
E
CVE-2006-3690 Multiple PHP remote file inclusion vulnerabilities in MiniBB Forum 1.5a and earlier allow remote att...
E
CVE-2006-3691 Multiple SQL injection vulnerabilities in VBZooM 1.11 and earlier allow remote attackers to execute ...
CVE-2006-3692 PHP remote file inclusion vulnerability in enduser/listmessenger.php in ListMessenger 0.9.3 allows r...
E
CVE-2006-3693 Rocks Clusters 4.1 and earlier allows local users to gain privileges via commands enclosed with esca...
E S
CVE-2006-3694 Multiple unspecified vulnerabilities in Ruby before 1.8.5 allow remote attackers to bypass "safe lev...
S
CVE-2006-3695 Trac before 0.9.6 does not disable the "raw" or "include" commands when providing untrusted users wi...
CVE-2006-3696 filtnt.sys in Outpost Firewall Pro before 3.51.759.6511 (462) allows local users to cause a denial o...
S
CVE-2006-3697 Agnitum Outpost Firewall Pro 3.51.759.6511 (462), as used in (1) Lavasoft Personal Firewall 1.0.543....
CVE-2006-3698 Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 have unknown impact and attack vect...
S
CVE-2006-3699 Unspecified vulnerability in the Core RDBMS component in Oracle Database 9.0.1.5 and 9.2.0.6 has unk...
S
CVE-2006-3700 Multiple unspecified vulnerabilities in Oracle Database 9.2.0.6 and 10.1.0.4 have unknown impact and...
S
CVE-2006-3701 Unspecified vulnerability in the Dictionary component in Oracle Database 8.1.7.4, 9.0.1.5, and 9.2.0...
S
CVE-2006-3702 Multiple unspecified vulnerabilities in Oracle Database 8.1.7.4, 9.0.1.5, 9.2.0.7, 10.1.0.5, and 10....
S
CVE-2006-3703 Unspecified vulnerability in InterMedia for Oracle Database 9.0.1.5, 9.2.0.6, and 10.1.0.4 has unkno...
S
CVE-2006-3704 Unspecified vulnerability in the Oracle ODBC Driver for Oracle Database 10.1.0.4 has unknown impact ...
S
CVE-2006-3705 Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 have unknown impact and attack vect...
S
CVE-2006-3706 Unspecified vulnerability in OC4J for Oracle Application Server 9.0.2.3 has unknown impact and attac...
S
CVE-2006-3707 Unspecified vulnerability in OC4J for Oracle Application Server 9.0.2.3 and 9.0.3.1 has unknown impa...
S
CVE-2006-3708 Unspecified vulnerability in OC4J for Oracle Application Server 9.0.2.3, 9.0.3.1, 9.0.4.2, 10.1.2.0....
S
CVE-2006-3709 Unspecified vulnerability in OC4J for Oracle Application Server 9.0.2.3, 9.0.3.1, and 10.1.2.0.0 has...
S
CVE-2006-3710 Unspecified vulnerability in OC4J for Oracle Application Server 9.0.2.3, 9.0.3.1, 9.0.4.2, and 10.1....
S
CVE-2006-3711 Unspecified vulnerability in OC4J for Oracle Application Server 9.0.2.3, 9.0.3.1, and 9.0.4.1 has un...
S
CVE-2006-3712 Unspecified vulnerability in OC4J for Oracle Application Server 9.0.4.2 and 10.1.2.0.0 has unknown i...
S
CVE-2006-3713 Unspecified vulnerability in OC4J for Oracle Application Server 10.1.3.0 has unknown impact and atta...
S
CVE-2006-3714 Unspecified vulnerability in OC4J for Oracle Application Server 10.1.2.0.2 and 10.1.2.1 has unknown ...
S
CVE-2006-3715 Unspecified vulnerability in Calendar for Oracle Collaboration Suite 10.1.2 has unknown impact and a...
S
CVE-2006-3716 Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5.10CU2 have unk...
S
CVE-2006-3717 Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5.9 have unknown...
S
CVE-2006-3718 Multiple unspecified vulnerabilities in Oracle Exchange for Oracle E-Business Suite and Applications...
S
CVE-2006-3719 Unspecified vulnerability in CORE: Repository for Oracle Enterprise Manager 9.0.1.0 and 9.2.0.1 has ...
S
CVE-2006-3720 Unspecified vulnerability in Enterprise Config Management for Oracle Enterprise Manager 10.1.0.3 has...
S
CVE-2006-3721 Multiple unspecified vulnerabilities in Oracle Management Service for Oracle Enterprise Manager 10.1...
S
CVE-2006-3722 Unspecified vulnerability in PeopleSoft Enterprise Portal for Oracle PeopleSoft Enterprise Portal 8....
S
CVE-2006-3723 Unspecified vulnerability in PeopleSoft Enterprise Portal for Oracle PeopleSoft Enterprise Portal 8....
S
CVE-2006-3724 Unspecified vulnerability in JD Edwards HTML Server for Oracle OneWorld Tools EnterpriseOne Tools 8....
S
CVE-2006-3725 Norton Personal Firewall 2006 9.1.0.33 allows local users to cause a denial of service (crash) via c...
CVE-2006-3726 Buffer overflow in FileCOPA FTP Server before 1.01 released on 18th July 2006, allows remote authent...
E S
CVE-2006-3727 Multiple SQL injection vulnerabilities in Eskolar CMS 0.9.0.0 allow remote attackers to execute arbi...
E
CVE-2006-3728 Unspecified vulnerability in the kernel in Solaris 10 with patch 118822-29 (118844-29 on x86) and wi...
S
CVE-2006-3729 DataSourceControl in Internet Explorer 6 on Windows XP SP2 with Office installed allows remote attac...
E
CVE-2006-3730 Integer overflow in Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause...
E
CVE-2006-3731 Mozilla Firefox 1.5.0.4 and earlier allows remote user-assisted attackers to cause a denial of servi...
CVE-2006-3732 Cisco Security Monitoring, Analysis and Response System (CS-MARS) before 4.2.1 ships with an Oracle ...
S
CVE-2006-3733 jmx-console/HtmlAdaptor in the jmx-console in the JBoss web application server, as shipped with Cisc...
S
CVE-2006-3734 Multiple unspecified vulnerabilities in the Command Line Interface (CLI) for Cisco Security Monitori...
S
CVE-2006-3735 Multiple PHP remote file inclusion vulnerabilities in Mail2Forum (module for phpBB) 1.2 and earlier ...
E
CVE-2006-3736 PHP remote file inclusion vulnerability in core/videodb.class.xml.php in the VideoDB component for M...
E
CVE-2006-3737 Cross-site scripting (XSS) vulnerability in filemanager/filemanager.php in the control panel in SWso...
E
CVE-2006-3738 Buffer overflow in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before ...
S
CVE-2006-3739 Integer overflow in the CIDAFM function in X.Org 6.8.2 and XFree86 X server allows local users to ex...
S
CVE-2006-3740 Integer overflow in the scan_cidfont function in X.Org 6.8.2 and XFree86 X server allows local users...
S
CVE-2006-3741 The perfmonctl system call (sys_perfmonctl) in Linux kernel 2.4.x and 2.6 before 2.6.18, when runnin...
S
CVE-2006-3742 The KDE PAM configuration shipped with Fedora Core 5 causes KDM passwords to be cached, which allows...
S
CVE-2006-3743 Multiple buffer overflows in ImageMagick before 6.2.9 allow user-assisted attackers to execute arbit...
S
CVE-2006-3744 Multiple integer overflows in ImageMagick before 6.2.9 allows user-assisted attackers to execute arb...
S
CVE-2006-3745 Unspecified vulnerability in the sctp_make_abort_user function in the SCTP implementation in Linux 2...
S
CVE-2006-3746 Integer overflow in parse_comment in GnuPG (gpg) 1.4.4 allows remote attackers to cause a denial of ...
E
CVE-2006-3747 Off-by-one error in the ldap scheme handling in the Rewrite module (mod_rewrite) in Apache 1.3 from ...
S
CVE-2006-3748 PHP remote file inclusion vulnerability in includes/abbc/abbc.class.php in the LoudMouth Component f...
E
CVE-2006-3749 PHP remote file inclusion vulnerability in sitemap.xml.php in Sitemap component (com_sitemap) 2.0.0 ...
E
CVE-2006-3750 PHP remote file inclusion vulnerability in server.php in the Hashcash Component (com_hashcash) 1.2.1...
E
CVE-2006-3751 PHP remote file inclusion vulnerability in popups/ImageManager/config.inc.php in the HTMLArea3 Addon...
E
CVE-2006-3752 Multiple SQL injection vulnerabilities in class.php in Professional Home Page Tools Guestbook allow ...
E S
CVE-2006-3753 setcookie.php for the administration login in Professional Home Page Tools Guestbook records the has...
S
CVE-2006-3754 PHP remote file inclusion vulnerability in Include/editor/rich_files/class.rich.php in FlushCMS 1.0....
E
CVE-2006-3755 PHP remote file inclusion vulnerability in Include/editor/class.rich.php in FlushCMS 1.0.0-pre2 and ...
CVE-2006-3756 Cross-site scripting (XSS) vulnerability in Geeklog 1.4.0sr4 and earlier, and 1.3.11sr6 and earlier,...
S
CVE-2006-3757 index.php in Zen Cart 1.3.0.2 allows remote attackers to obtain sensitive information via empty (1) ...
CVE-2006-3758 inc/init.php in Archive Mode (Light) in MyBB (aka MyBulletinBoard) 1.1.4 calls the extract function ...
S
CVE-2006-3759 Unspecified vulnerability in MyBB (aka MyBulletinBoard) 1.1.4, related has unspecified impact and at...
S
CVE-2006-3760 Multiple SQL injection vulnerabilities in MyBB (aka MyBulletinBoard) 1.1.4 allow remote attackers to...
S
CVE-2006-3761 Cross-site scripting (XSS) vulnerability in inc/functions_post.php in MyBB (aka MyBulletinBoard) 1.0...
E S
CVE-2006-3762 The Touch Control ActiveX control 2.0.0.55 allows remote attackers to read and possibly execute arbi...
CVE-2006-3763 SQL injection vulnerability in category.php in Diesel Joke Site allows remote attackers to execute a...
E
CVE-2006-3764 Till Gerken phpPolls 1.0.3 allows remote attackers to create a new poll via a direct request to phpP...
CVE-2006-3765 Multiple cross-site scripting (XSS) vulnerabilities in Huttenlocher Webdesign hwdeGUEST 2.1.1 and ea...
CVE-2006-3766 Darren's $5 Script Archive osDate 1.1.7 and earlier allows users to boost their own ratings via a tx...
CVE-2006-3767 Cross-site scripting (XSS) vulnerability in showprofile.php in Darren's $5 Script Archive osDate 1.1...
E
CVE-2006-3768 Integer underflow in filecpnt.exe in FileCOPA FTP Server 1.01 before 2006-07-21 allow remote authent...
S
CVE-2006-3769 Multiple cross-site scripting (XSS) vulnerabilities in Top XL 1.1 and earlier allow remote attackers...
E
CVE-2006-3770 Multiple SQL injection vulnerabilities in index.php in phpFaber TopSites 2.0.9 and earlier allow rem...
CVE-2006-3771 Multiple PHP remote file inclusion vulnerabilities in component.php in iManage CMS 4.0.12 and earlie...
E
CVE-2006-3772 PHP-Post 0.21 and 1.0, and possibly earlier versions, when auto-login is enabled, allows remote atta...
E
CVE-2006-3773 PHP remote file inclusion vulnerability in smf.php in the SMF-Forum 1.3.1.3 Bridge Component (com_sm...
E
CVE-2006-3774 PHP remote file inclusion vulnerability in performs.php in the perForms component (com_performs) 1.0...
E
CVE-2006-3775 SQL injection vulnerability in the init function in class_session.php in MyBB (aka MyBulletinBoard) ...
E
CVE-2006-3776 PHP remote file inclusion vulnerability in order/index.php in IDevSpot (1) PhpHostBot 1.0 and (2) Au...
E
CVE-2006-3777 PHP remote file inclusion vulnerability in index.php in IDevSpot PhpLinkExchange 1.0 allows remote a...
CVE-2006-3778 IBM Lotus Notes 6.0, 6.5, and 7.0 does not properly handle replies to e-mail messages with alternate...
E
CVE-2006-3779 Citrix MetaFrame up to XP 1.0 Feature 1, except when running on Windows Server 2003, installs a regi...
S
CVE-2006-3780 Keyifweb Keyif Portal 2.0 stores sensitive information under the web root with insufficient access c...
CVE-2006-3781 Unspecified vulnerability in Sun Solaris 10 allows context-dependent attackers to cause a denial of ...
CVE-2006-3782 Unspecified vulnerability in the kernel debugger (kmdb) in Sun Solaris 10, when running on x86, allo...
S
CVE-2006-3783 Sun Solaris 10 allows local users to cause a denial of service (panic) via unspecified vectors invol...
S
CVE-2006-3784 Symantec pcAnywhere 12.5 uses weak default permissions for the "Symantec\pcAnywhere\Hosts" folder, w...
CVE-2006-3785 Symantec pcAnywhere 12.5 obfuscates the passwords in a GUI textbox with asterisks but does not encry...
CVE-2006-3786 Symantec pcAnywhere 12.5 uses weak integrity protection for .cif (aka caller or CallerID) files, whi...
CVE-2006-3787 kpf4ss.exe in Sunbelt Kerio Personal Firewall 4.3.x before 4.3.268 does not properly hook the Create...
CVE-2006-3788 Multiple buffer overflows in multiplay.cpp in UFO2000 svn 1057 allow remote attackers to execute arb...
CVE-2006-3789 Multiple array index errors in the (1) recv_rules, (2) recv_select_unit, (3) recv_options, and (4) r...
CVE-2006-3790 The decode_stringmap function in server_transport.cpp for UFO2000 svn 1057 allows remote attackers t...
CVE-2006-3791 The decode_stringmap function in server_transport.cpp for UFO2000 svn 1057 allows remote attackers t...
CVE-2006-3792 SQL injection vulnerability in ServerClientUfo::recv_packet in server_protocol.cpp in UFO2000 svn 10...
CVE-2006-3793 PHP remote file inclusion vulnerability in constants.php in SiteDepth CMS 3.01 and earlier allows re...
CVE-2006-3794 SQL injection vulnerability in Amazing Flash AFCommerce Shopping Cart allows remote attackers to exe...
CVE-2006-3795 Multiple cross-site scripting (XSS) vulnerabilities in DeluxeBB before 1.08 allow remote attackers t...
CVE-2006-3796 DeluxeBB 1.07 and earlier does not properly handle a username composed of a single space character, ...
CVE-2006-3797 SQL injection vulnerability in DeluxeBB 1.07 and earlier allows remote attackers to bypass authentic...
CVE-2006-3798 DeluxeBB 1.07 and earlier allows remote attackers to overwrite the (1) _GET, (2) _POST, (3) _ENV, an...
CVE-2006-3799 DeluxeBB 1.07 and earlier allows remote attackers to bypass SQL injection protection mechanisms via ...
E S
CVE-2006-3800 Cross-site scripting (XSS) vulnerability in Amazing Flash AFCommerce Shopping Cart allows remote att...
E
CVE-2006-3801 Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 does not properly clear a JavaScript r...
S
CVE-2006-3802 Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote...
S
CVE-2006-3803 Race condition in the JavaScript garbage collection in Mozilla Firefox 1.5 before 1.5.0.5, Thunderbi...
S
CVE-2006-3804 Heap-based buffer overflow in Mozilla Thunderbird before 1.5.0.5 and SeaMonkey before 1.0.3 allows r...
S
CVE-2006-3805 The Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey b...
S
CVE-2006-3806 Multiple integer overflows in the Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderbird b...
S
CVE-2006-3807 Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote...
S
CVE-2006-3808 Mozilla Firefox before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote Proxy AutoConfig (PAC) serve...
S
CVE-2006-3809 Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows script...
S
CVE-2006-3810 Cross-site scripting (XSS) vulnerability in Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1...
S
CVE-2006-3811 Multiple vulnerabilities in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonke...
S
CVE-2006-3812 Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote...
S
CVE-2006-3813 A regression error in the Perl package for Red Hat Enterprise Linux 4 omits the patch for CVE-2005-0...
S
CVE-2006-3814 Buffer overflow in the Loader_XM::load_instrument_internal function in loader_xm.cpp for Cheese Trac...
E
CVE-2006-3815 heartbeat.c in heartbeat before 2.0.6 sets insecure permissions in a shmget call for shared memory, ...
S
CVE-2006-3816 Krusader 1.50-beta1 up to 1.70.0 stores passwords for remote connections in cleartext in the bookmar...
S
CVE-2006-3817 Cross-site scripting (XSS) vulnerability in Novell GroupWise WebAccess 6.5 and 7 before 20060727 all...
E S
CVE-2006-3818 Cross-site scripting (XSS) vulnerability in the login page in Novell GroupWise WebAccess 6.5 before ...
CVE-2006-3819 Eval injection vulnerability in the configure script in TWiki 4.0.0 through 4.0.4 allows remote atta...
E S
CVE-2006-3820 Cross-site scripting (XSS) vulnerability in loudblog/index.php in Loudblog before 0.5 allows remote ...
S
CVE-2006-3821 Multiple cross-site scripting (XSS) vulnerabilities in ATutor 1.5.3 allow remote attackers to inject...
E
CVE-2006-3822 SQL injection vulnerability in index.php in GeodesicSolutions GeoAuctions Enterprise 1.0.6 allows re...
E
CVE-2006-3823 SQL injection vulnerability in index.php in GeodesicSolutions (1) GeoAuctions Premier 2.0.3 and (2) ...
E
CVE-2006-3824 systeminfo.c for Sun Solaris allows local users to read kernel memory via a 0 variable count argumen...
E S
CVE-2006-3825 The IPv4 implementation in Sun Solaris 10 before 20060721 allows local users to select routes that d...
S
CVE-2006-3826 Multiple cross-site scripting (XSS) vulnerabilities in Kailash Nadh boastMachine (formerly bMachine)...
E
CVE-2006-3827 SQL injection vulnerability in bmc/Inc/core/admin/search.inc.php in Kailash Nadh boastMachine (forme...
E
CVE-2006-3828 Incomplete blacklist vulnerability in Kailash Nadh boastMachine (formerly bMachine) 3.1 and earlier ...
E
CVE-2006-3829 Cross-site request forgery (CSRF) vulnerability in bmc/admin.php in Kailash Nadh boastMachine (forme...
E
CVE-2006-3830 The Languages selection in the admin interface in Kailash Nadh boastMachine (formerly bMachine) 3.1 ...
E
CVE-2006-3831 The Backup selection in Kailash Nadh boastMachine (formerly bMachine) 3.1 and earlier uses predicabl...
CVE-2006-3832 SQL injection vulnerability in index.php in Gerrit van Aaken Loudblog 0.5 and earlier allows remote ...
E
CVE-2006-3833 index.php in EJ3 TOPo 2.2.178 allows remote attackers to overwrite existing entries and establish ne...
CVE-2006-3834 EJ3 TOPo 2.2.178 includes the password in cleartext in the ID field to index.php, which allows conte...
CVE-2006-3835 Apache Tomcat 5 before 5.5.17 allows remote attackers to list directories via a semicolon (;) preced...
E S
CVE-2006-3836 Directory traversal vulnerability in index.php in UNIDOmedia Chameleon LE 1.203 and earlier, and pos...
E
CVE-2006-3837 delcookie.php in Professional Home Page Tools Guestbook changes the expiration date of a cookie inst...
CVE-2006-3838 Multiple stack-based buffer overflows in eIQnetworks Enterprise Security Analyzer (ESA) before 2.5.0...
CVE-2006-3840 The SMB Mailslot parsing functionality in PAM in multiple ISS products with XPU (24.39/1.78/epj/x.x....
CVE-2006-3841 Cross-site scripting (XSS) vulnerability in WebScarab before 20060718-1904, when used with Microsoft...
S
CVE-2006-3842 Cross-site scripting (XSS) vulnerability in Zoho Virtual Office 3.2 Build 3210 allows remote attacke...
E
CVE-2006-3843 PHP remote file inclusion vulnerability in com_calendar.php in Calendar Mambo Module 1.5.7 and earli...
E
CVE-2006-3844 Buffer overflow in Quick 'n Easy FTP Server 3.0 allows remote authenticated users to execute arbitra...
E
CVE-2006-3845 Stack-based buffer overflow in lzh.fmt in WinRAR 3.00 through 3.60 beta 6 allows remote attackers to...
E S
CVE-2006-3846 PHP remote file inclusion vulnerability in extadminmenus.class.php in the MultiBanners 1.0.1 for Mam...
E
CVE-2006-3847 PHP remote file inclusion vulnerability in (1) admin.php, and possibly (2) details.php, (3) modify.p...
E
CVE-2006-3848 Cross-site scripting (XSS) vulnerability in CGI wrapper for IP Calculator (IPCalc) 0.40 allows remot...
CVE-2006-3849 Stack-based buffer overflow in Warzone 2100 and Warzone Resurrection 2.0.3 and earlier allows remote...
CVE-2006-3850 PHP remote file inclusion vulnerability in upgrader.php in Vanilla CMS 1.0.1 and earlier, when /conf...
E
CVE-2006-3851 SQL injection vulnerability in upgradev1.php in X7 Chat 2.0.4 and earlier allows remote attackers to...
E
CVE-2006-3852 Cross-site scripting (XSS) vulnerability in index.php in Micro GuestBook allows remote attackers to ...
CVE-2006-3853 Buffer overflow in IBM Informix Dynamic Server (IDS) before 9.40.TC7 and 10.00 before 10.00.TC3, whe...
S
CVE-2006-3854 Buffer overflow in IBM Informix Dynamic Server (IDS) 9.40.TC7, 9.40.TC8, 10.00.TC4, and 10.00.TC5, w...
E
CVE-2006-3855 The ifx_load_internal function in IBM Informix Dynamic Server (IDS) allows remote authenticated user...
S
CVE-2006-3856 IBM Informix Dynamic Server (IDS) before 9.40.xC7 and 10.00 before 10.00.xC3 allows local users to c...
S
CVE-2006-3857 Multiple buffer overflows in IBM Informix Dynamic Server (IDS) before 9.40.TC6 and 10.00 before 10.0...
S
CVE-2006-3858 IBM Informix Dynamic Server (IDS) before 9.40.xC8 and 10.00 before 10.00.xC4 stores passwords in pla...
S
CVE-2006-3859 IBM Informix Dynamic Server (IDS) allows remote authenticated users to create and overwrite arbitrar...
E
CVE-2006-3860 IBM Informix Dynamic Server (IDS) before 9.40.xC7 and 10.00 before 10.00.xC3 allows allows remote au...
CVE-2006-3861 IBM Informix Dynamic Server (IDS) before 9.40.xC7 and 10.00 before 10.00.xC3 does not use database c...
S
CVE-2006-3862 Buffer overflow in IBM Informix Dynamic Server (IDS) 9.40.TC5 through 9.40.xC7 and 10.00.TC1 through...
S
CVE-2006-3863 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2006-3864 Unspecified vulnerability in mso.dll in Microsoft Office 2000, XP, and 2003, and Microsoft PowerPoin...
CVE-2006-3865 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2006-3866 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-4868. Reason: This candida...
R
CVE-2006-3867 Unspecified vulnerability in Microsoft Excel 2000, 2002, 2003, 2004 for Mac, v.X for Mac, and Excel ...
CVE-2006-3868 Unspecified vulnerability in Microsoft Office XP and 2003 allows remote user-assisted attackers to e...
CVE-2006-3869 Heap-based buffer overflow in URLMON.DLL in Microsoft Internet Explorer 6 SP1 on Windows 2000 and XP...
S
CVE-2006-3870 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2006-3871 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2006-3872 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2006-3873 Heap-based buffer overflow in URLMON.DLL in Microsoft Internet Explorer 6 SP1 on Windows 2000 and XP...
S
CVE-2006-3874 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2006-3875 Unspecified vulnerability in Microsoft Excel 2000, 2002, 2003, 2004 for Mac, v.X for Mac, and Excel ...
CVE-2006-3876 Unspecified vulnerability in PowerPoint in Microsoft Office 2000, Office 2002, Office 2003, Office 2...
CVE-2006-3877 Unspecified vulnerability in PowerPoint in Microsoft Office 2000, Office 2002, Office 2003, Office 2...
CVE-2006-3878 Opsware Network Automation System (NAS) 6.0 installs /etc/init.d/mysql with insecure permissions, wh...
CVE-2006-3879 Integer overflow in the loadChunk function in loaders/load_gt2.c in libmikmod in Mikmod Sound System...
E
CVE-2006-3880 Microsoft Windows NT 4.0, Windows 2000, Windows XP, and Windows Small Business Server 2003 allow rem...
E
CVE-2006-3881 Cross-site scripting (XSS) vulnerability in Shalwan MusicBox 2.3.4 and earlier allows remote attacke...
CVE-2006-3882 Shalwan MusicBox 2.3.4 and earlier allows remote attackers to obtain configuration information via a...
CVE-2006-3883 Multiple cross-site scripting (XSS) vulnerabilities in Gonafish LinksCaffe 3.0 allow remote attacker...
E
CVE-2006-3884 Multiple SQL injection vulnerabilities in links.php in Gonafish LinksCaffe 3.0 allow remote attacker...
E
CVE-2006-3885 Directory traversal vulnerability in Check Point Firewall-1 R55W before HFA03 allows remote attacker...
E S
CVE-2006-3886 SQL injection vulnerability in Shalwan MusicBox 2.3.4 and earlier allows remote attackers to execute...
E
CVE-2006-3887 Buffer overflow in AOL You've Got Pictures (YGP) Screensaver ActiveX control allows remote attackers...
CVE-2006-3888 Buffer overflow in AOL You've Got Pictures (YGP) Pic Downloader YGPPDownload ActiveX control (AOL.Pi...
CVE-2006-3890 Stack-based buffer overflow in the Sky Software FileView ActiveX control, as used in WinZip 10 befor...
E S
CVE-2006-3892 The Management Console server in EMC NetWorker (formerly Legato NetWorker) 7.3.2 before Jumbo Update...
S
CVE-2006-3893 Multiple buffer overflows in the ActiveX controls in Newtone ImageKit 5 before Fix 30 and 6 before F...
S
CVE-2006-3894 The RSA Crypto-C before 6.3.1 and Cert-C before 2.8 libraries, as used by RSA BSAFE, multiple Cisco ...
CVE-2006-3896 The NeoScale Systems CryptoStor 700 series appliance before 2.6 relies on client-side ActiveX code f...
S
CVE-2006-3897 Stack overflow in Microsoft Internet Explorer 6 on Windows 2000 allows remote attackers to cause a d...
E
CVE-2006-3898 Microsoft Internet Explorer 6.0 on Windows XP SP2 allows remote attackers to cause a denial of servi...
E
CVE-2006-3899 Microsoft Internet Explorer 6.0 on Windows XP SP2 allows remote attackers to cause a denial of servi...
E
CVE-2006-3900 Cross-site scripting (XSS) vulnerability in guestbook.php in TP-Book 1.00 and earlier allows remote ...
CVE-2006-3901 Multiple stack-based buffer overflows in Tumbleweed Email Firewall (EMF) allow remote attackers to e...
CVE-2006-3902 Cross-site scripting (XSS) vulnerability in index.php in phpFaber TopSites 2.0.9 allows remote attac...
CVE-2006-3903 CRLF injection vulnerability in (1) index.php and (2) admin.php in myWebland MyBloggie 2.1.3 allows ...
E
CVE-2006-3904 SQL injection vulnerability in manager/index.php in Etomite CMS 0.6.1 and earlier, with magic_quotes...
E S
CVE-2006-3905 SQL injection vulnerability in Webland MyBloggie 2.1.3 allows remote attackers to execute arbitrary ...
E
CVE-2006-3906 Internet Key Exchange (IKE) version 1 protocol, as implemented on Cisco IOS, VPN 3000 Concentrators,...
CVE-2006-3907 Siemens SpeedStream 2624 allows remote attackers to cause a denial of service (device hang) by sendi...
CVE-2006-3908 Format string vulnerability in the flush_output function in ConsoleStreambuf.cpp in Game Network Eng...
S
CVE-2006-3909 Cross-site scripting (XSS) vulnerability in calendar.php in WWWthreads allows remote attackers to in...
E
CVE-2006-3910 Internet Explorer 6 on Windows XP SP2, when Outlook is installed, allows remote attackers to cause a...
E
CVE-2006-3911 PHP remote file inclusion vulnerability in OSI Codes PHP Live! 3.2.1 and earlier allows remote attac...
E
CVE-2006-3912 Stack-based buffer overflow in the SFX module in WinRAR before 3.60 beta 8 has unspecified vectors a...
E
CVE-2006-3913 Buffer overflow in Freeciv 2.1.0-beta1 and earlier, and SVN 15 Jul 2006 and earlier, allows remote a...
E S
CVE-2006-3914 Cross-site scripting (XSS) vulnerability in Blackboard Academic Suite 6.2.3.23 allows remote authent...
CVE-2006-3915 Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service...
E
CVE-2006-3916 Cross-site scripting (XSS) vulnerability in snews.php in sNews (aka Solucija News) 1.4 allows remote...
CVE-2006-3917 PHP remote file inclusion vulnerability in inc/gabarits.php in R. Corson PHP Forge 3 beta 2 and earl...
E
CVE-2006-3918 http_protocol.c in (1) IBM HTTP Server 6.0 before 6.0.2.13 and 6.1 before 6.1.0.1, and (2) Apache HT...
E S
CVE-2006-3919 SQL injection vulnerability in index.php in SD Studio CMS allows remote attackers to execute arbitra...
E
CVE-2006-3920 The TCP implementation in Sun Solaris 8, 9, and 10 before 20060726 allows remote attackers to cause ...
S
CVE-2006-3921 Sun Java System Application Server (SJSAS) 7 through 8.1 and Web Server (SJSWS) 6.0 and 6.1 allows r...
S
CVE-2006-3922 PHP remote file inclusion vulnerability in mod_membre/inscription.php in PortailPHP 1.7 allows remot...
E
CVE-2006-3923 Cross-site scripting (XSS) vulnerability in add.php in Fire-Mouse Toplist 1.1 and earlier, when regi...
E
CVE-2006-3924 Multiple cross-site scripting (XSS) vulnerabilities in Dokeos before 1.6.5 allow remote attackers to...
S
CVE-2006-3925 Stack-based buffer overflow in ITIRecorder.MicRecorder ActiveX control in iarecord.dll in InterActua...
S
CVE-2006-3926 Multiple SQL injection vulnerabilities in PhpProBid 5.24 allow remote attackers to execute arbitrary...
E
CVE-2006-3927 Cross-site scripting (XSS) vulnerability in auctionsearch.php in PhpProBid 5.24 allows remote attack...
E
CVE-2006-3928 PHP remote file inclusion vulnerability in index.php in WMNews 0.2a and earlier allows remote attack...
E
CVE-2006-3929 Cross-site scripting (XSS) vulnerability in the Forms/rpSysAdmin script on the Zyxel Prestige 660H-6...
E
CVE-2006-3930 PHP remote file inclusion vulnerability in admin.a6mambohelpdesk.php in a6mambohelpdesk Mambo Compon...
E
CVE-2006-3931 Buffer overflow in the daemon function in midirecord.cc in Tuomas Airaksinen Midirecord 2.0 allows l...
E
CVE-2006-3932 SQL injection vulnerability in links.php in Gonafish LinksCaffe 3.0 allows remote attackers to execu...
CVE-2006-3933 Cross-site scripting (XSS) vulnerability in Alkacon OpenCms before 6.2.2 allows remote authenticated...
E S
CVE-2006-3934 Absolute path traversal vulnerability in downloadTrigger.jsp in Alkacon OpenCms before 6.2.2 allows ...
E S
CVE-2006-3935 system/workplace/views/admin/admin-main.jsp in Alkacon OpenCms before 6.2.2 does not restrict access...
S
CVE-2006-3936 system/workplace/editors/editor.jsp in Alkacon OpenCms before 6.2.2 allows remote authenticated user...
E S
CVE-2006-3937 post.php in x_atrix xGuestBook 1.02 allows remote attackers to obtain sensitive information via a re...
CVE-2006-3938 DotClear allows remote attackers to obtain sensitive information via a direct request for (1) edit_c...
CVE-2006-3939 ScriptsCenter ezUpload Pro 2.2.0 allows remote attackers to perform administrative activities withou...
CVE-2006-3940 Multiple SQL injection vulnerabilities in phpbb-Auction allow remote attackers to execute arbitrary ...
E
CVE-2006-3941 Unspecified vulnerability in the daemons for Sun N1 Grid Engine 5.3 and N1 Grid Engine 6.0 allows lo...
S
CVE-2006-3942 The server driver (srv.sys) in Microsoft Windows NT 4.0, 2000, XP, and Server 2003 allows remote att...
CVE-2006-3943 Stack-based buffer overflow in NDFXArtEffects in Microsoft Internet Explorer 6 on Windows XP SP2 all...
E
CVE-2006-3944 Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service...
E
CVE-2006-3945 The CSS functionality in Opera 9 on Windows XP SP2 allows remote attackers to cause a denial of serv...
E
CVE-2006-3946 WebCore in Apple Mac OS X 10.3.9 and 10.4 through 10.4.7 allows remote attackers to cause a denial o...
E
CVE-2006-3947 PHP remote file inclusion vulnerability in components/com_mambatstaff/mambatstaff.php in the Mambats...
E
CVE-2006-3948 Cross-site scripting (XSS) vulnerability in modules.php in PHP-Nuke INP allows remote attackers to i...
E
CVE-2006-3949 PHP remote file inclusion vulnerability in artlinks.dispnew.php in the Artlinks component (com_artli...
E
CVE-2006-3950 SQL injection vulnerability in x-statistics.php in X-Scripts X-Statistics 1.20 allows remote attacke...
E
CVE-2006-3951 PHP remote file inclusion vulnerability in moodle.php in Mam-moodle alpha component (com_moodle) for...
E
CVE-2006-3952 Stack-based buffer overflow in EFS Software Easy File Sharing FTP Server 2.0 allows remote attackers...
CVE-2006-3953 Cross-site scripting (XSS) vulnerability in usercp.php in MyBB (aka MyBulletinBoard) 1.x allows remo...
E
CVE-2006-3954 Directory traversal vulnerability in usercp.php in MyBB (aka MyBulletinBoard) 1.x allows remote atta...
E
CVE-2006-3955 Multiple PHP remote file inclusion vulnerabilities in MiniBB Forum 1.5a allow remote attackers to ex...
E
CVE-2006-3956 Multiple cross-site scripting (XSS) vulnerabilities in contact.php in Advanced Webhost Billing Syste...
CVE-2006-3957 PHP remote file inclusion vulnerability in payment.php in BosDev BosDates allows remote attackers to...
E
CVE-2006-3958 Multiple unspecified cross-site scripting (XSS) vulnerabilities in Taskjitsu 2.0.3 allow remote atta...
S
CVE-2006-3959 SQL injection vulnerability in protect.php in X-Scripts X-Protection 1.10, with magic_quotes_gpc dis...
E
CVE-2006-3960 SQL injection vulnerability in top.php in X-Scripts X-Poll, probably 2.30, allows remote attackers t...
E
CVE-2006-3961 Buffer overflow in McSubMgr ActiveX control (mcsubmgr.dll) in McAfee Security Center 6.0.23 for Inte...
S
CVE-2006-3962 PHP remote file inclusion vulnerability in administrator/components/com_bayesiannaivefilter/lang.php...
E
CVE-2006-3963 Multiple SQL injection vulnerabilities in Banex PHP MySQL Banner Exchange 2.21 allow remote attacker...
E
CVE-2006-3964 PHP remote file inclusion vulnerability in members.php in Banex PHP MySQL Banner Exchange 2.21 allow...
E
CVE-2006-3965 Banex PHP MySQL Banner Exchange 2.21 stores lib.inc under the web document root with insufficient ac...
CVE-2006-3966 PHP remote file inclusion vulnerability in /lib/tree/layersmenu.inc.php in the PHP Layers Menu 2.3.5...
E
CVE-2006-3967 PHP remote file inclusion vulnerability in component/option,com_moskool/Itemid,34/admin.moskool.php ...
E
CVE-2006-3968 The crypto provider in Sun Solaris 10 3/05 HW2 without patch 121236-01, when running on Sun Fire T20...
S
CVE-2006-3969 PHP remote file inclusion vulnerability in administrator/components/com_colophon/admin.colophon.php ...
E
CVE-2006-3970 PHP remote file inclusion vulnerability in lmo.php in the LMO Component (com_lmo) 1.0b2 and earlier ...
E
CVE-2006-3971 Cross-site scripting (XSS) vulnerability in visitor/livesupport/chat.php in Scott Weedon Ajax Chat, ...
E
CVE-2006-3972 Directory traversal vulnerability in includes/operator_chattranscript.php in Scott Weedon Ajax Chat,...
E
CVE-2006-3973 My Firewall Plus 5.0 Build 1119 does not verify if explorer.exe is running before launching iexplore...
CVE-2006-3974 Cross-site scripting (XSS) vulnerability in cgi-bin/admin in 3Com OfficeConnect Secure Router with f...
E
CVE-2006-3975 Unspecified vulnerability in CA eTrust Antivirus WebScan allows remote attackers to execute arbitrar...
S
CVE-2006-3976 Unspecified vulnerability in CA eTrust Antivirus WebScan before 1.1.0.1048 allows remote attackers t...
S
CVE-2006-3977 Unspecified vulnerability in CA eTrust Antivirus WebScan before 1.1.0.1048 has unknown impact and re...
S
CVE-2006-3978 Unspecified vulnerability in a Verity third party library, as used on Adobe ColdFusion MX 7 through ...
S
CVE-2006-3979 The AdminAPI of ColdFusion MX 7 allows attackers to bypass authentication by using "programmatic acc...
S
CVE-2006-3980 PHP remote file inclusion vulnerability in administrator/components/com_mgm/help.mgm.php in Mambo Ga...
E
CVE-2006-3981 PHP remote file inclusion vulnerability in about.mgm.php in Mambo Gallery Manager (MGM) 0.95r2 and e...
CVE-2006-3982 PHP remote file inclusion vulnerability in quickie.php in Knusperleicht Quickie, probably 0.2, allow...
E
CVE-2006-3983 PHP remote file inclusion vulnerability in editprofile.php in php(Reactor) 1.27pl1 allows remote att...
E
CVE-2006-3984 PHP remote file inclusion vulnerability in phpAdsNew/view.inc.php in Albasoftware Phpauction 2.1 and...
E
CVE-2006-3985 Stack-based buffer overflow in DZIPS32.DLL 6.0.0.4 in ConeXware PowerArchiver 9.62.03 allows user-as...
E S
CVE-2006-3986 PHP remote file inclusion vulnerability in index.php in Knusperleicht Newsletter 3.5 and earlier all...
E
CVE-2006-3987 Multiple PHP remote file inclusion vulnerabilities in index.php in Knusperleicht FileManager 1.2 and...
E
CVE-2006-3988 PHP remote file inclusion vulnerability in index.php in Knusperleicht newsReporter 1.1 and earlier a...
E
CVE-2006-3989 PHP remote file inclusion vulnerability in index.php in Knusperleicht Shoutbox 4.4 and earlier allow...
E
CVE-2006-3990 Multiple PHP remote file inclusion vulnerabilities in Paul M. Jones Savant2, possibly when used with...
E
CVE-2006-3991 PHP remote file inclusion vulnerability in index.php in Vlad Vostrykh Voodoo chat 1.0RC1b and earlie...
E
CVE-2006-3992 Unspecified vulnerability in the Centrino (1) w22n50.sys, (2) w22n51.sys, (3) w29n50.sys, and (4) w2...
E S
CVE-2006-3993 PHP remote file inclusion vulnerability in copyright.php in Olaf Noehring The Search Engine Project ...
E
CVE-2006-3994 SQL injection vulnerability in the u2u_send_recp function in u2u.inc.php in XMB (aka extreme message...
E
CVE-2006-3995 Multiple PHP remote file inclusion vulnerabilities in (1) uhp_config.php, and possibly (2) footer.ph...
E S
CVE-2006-3996 SQL injection vulnerability in links/index.php in ATutor 1.5.3.1 and earlier allows remote authentic...
E S
CVE-2006-3997 PHP remote file inclusion vulnerability in hsList.php in WoWRoster (aka World of Warcraft Roster) 1....
E
CVE-2006-3998 PHP remote file inclusion vulnerability in conf.php in WoWRoster (aka World of Warcraft Roster) 1.5....
E
CVE-2006-3999 ISS BlackICE PC Protection 3.6.cpj, 3.6.cpiE, and possibly earlier versions do not properly monitor ...
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.