CVE-2006-6xxx

There are 982 CVE in this subgroup.
Last updated: 
← Back to 2006
ID Summary Flags Max Score
CVE-2006-6000 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2006-6001 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2006-6002 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2006-6003 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2006-6004 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2006-6005 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2006-6006 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2006-6007 save_profile.asp in WebEvents (Online Event Registration Template) 2.0 and earlier allows remote att...
CVE-2006-6008 ftpd in Linux Netkit (linux-ftpd) 0.17, and possibly other versions, does not check the return statu...
S
CVE-2006-6009 Unspecified vulnerability in the Java Runtime Environment (JRE) Swing library in JDK and JRE 5.0 Upd...
S
CVE-2006-6010 SAP allows remote attackers to obtain potentially sensitive information such as operating system and...
CVE-2006-6011 Unspecified vulnerability in SAP Web Application Server before 6.40 patch 6 allows remote attackers ...
CVE-2006-6012 Cross-site scripting (XSS) vulnerability in csm/asp/listings.asp in MGinternet Car Site Manager (CSM...
CVE-2006-6013 Integer signedness error in the fw_ioctl (FW_IOCTL) function in the FireWire (IEEE-1394) drivers (de...
CVE-2006-6014 The NetBSD-current kernel before 20061028 does not properly perform bounds checking of an unspecifie...
S
CVE-2006-6015 Buffer overflow in the JavaScript implementation in Safari on Apple Mac OS X 10.4 allows remote atta...
E
CVE-2006-6016 wp-admin/user-edit.php in WordPress before 2.0.5 allows remote authenticated users to read the metad...
S
CVE-2006-6017 WordPress before 2.0.5 does not properly store a profile containing a string representation of a ser...
S
CVE-2006-6018 PHP remote file inclusion vulnerability in mybic_server.php in Jim Plush My-BIC 0.6.5 allows remote ...
E
CVE-2006-6019 Cross-site scripting (XSS) vulnerability in extensions/googiespell/googlespell_proxy.php in Bill Rob...
E
CVE-2006-6020 Cross-site scripting (XSS) vulnerability in announce.php in Blog Torrent Preview 0.92 allows remote ...
CVE-2006-6021 SQL injection vulnerability in the login component in BestWebApp Dating Site allows remote attackers...
E
CVE-2006-6022 Cross-site scripting (XSS) vulnerability in login_form.asp in BestWebApp Dating Site allows remote a...
E
CVE-2006-6023 PHP remote file inclusion vulnerability in phoo.base.php in Bill Roberts Bloo 1.0 allows remote atta...
CVE-2006-6024 Multiple buffer overflows in Eudora Worldmail, possibly Worldmail 3 version 6.1.22.0, have unknown i...
CVE-2006-6025 QUALCOMM Eudora WorldMail 4.0 allows remote attackers to cause a denial of service, as demonstrated ...
CVE-2006-6026 Heap-based buffer overflow in Real Networks Helix Server and Helix Mobile Server before 11.1.3, and ...
E
CVE-2006-6027 Adobe Reader (Adobe Acrobat Reader) 7.0 through 7.0.8 allows remote attackers to cause a denial of s...
E
CVE-2006-6028 Directory traversal vulnerability in textview.php in Anton Vlasov DoSePa 1.0.4 allows remote attacke...
E
CVE-2006-6029 SQL injection vulnerability in vir_Login.asp in Property Pro 1.0 allows remote attackers to execute ...
CVE-2006-6030 Multiple SQL injection vulnerabilities in E-Calendar Pro 3.0 allow remote attackers to execute arbit...
CVE-2006-6031 Multiple SQL injection vulnerabilities in Greater Cincinnati Internet Solutions (GCIS) ASPCart allow...
CVE-2006-6032 Multiple cross-site scripting (XSS) vulnerabilities in Simple PHP Blog (SPHPBlog), probably 0.4.8, a...
CVE-2006-6033 Multiple directory traversal vulnerabilities in Simple PHP Blog (SPHPBlog), probably 0.4.8, allow re...
CVE-2006-6034 Multiple SQL injection vulnerabilities in SitesOutlet E-commerce Kit-1 PayPal Edition allow remote a...
CVE-2006-6035 Cross-site scripting (XSS) vulnerability in list.php in BLOG:CMS 4.1.3 and earlier allows remote att...
E
CVE-2006-6036 SQL injection vulnerability in OpenHuman before 1.0 allows remote attackers to execute arbitrary SQL...
S
CVE-2006-6037 Multiple cross-site scripting (XSS) vulnerabilities in index.php in Dan Jensen Travelsized CMS 0.4.1...
CVE-2006-6038 SQL injection vulnerability in editpoll.php in Powie's PHP Forum (pForum) 1.29a and earlier allows r...
E
CVE-2006-6039 SQL injection vulnerability in matchdetail.php in Powie's PHP MatchMaker 4.05 and earlier allows rem...
E S
CVE-2006-6040 Multiple cross-site scripting (XSS) vulnerabilities in admincp/index.php in Jelsoft vBulletin 3.6.x ...
E S
CVE-2006-6041 Multiple PHP remote file inclusion vulnerabilities in Laurent Van den Reysen WORK system e-commerce ...
E
CVE-2006-6042 PHP remote file inclusion vulnerability in core/editor.php in phpWebThings 1.5.2 and earlier, when r...
E S
CVE-2006-6043 PHP file inclusion vulnerability in loginform-inc.php in Oliver (formerly Webshare) 1.2.2 and earlie...
CVE-2006-6044 PHP remote file inclusion vulnerability in gallery_top.inc.php in PHPQuickGallery 1.9 and earlier al...
E
CVE-2006-6045 Multiple PHP remote file inclusion vulnerabilities in Comdev One Admin Pro 4.1 allow remote attacker...
E
CVE-2006-6046 Multiple cross-site scripting (XSS) vulnerabilities in eggblog 3.1.0 allow remote attackers to injec...
E
CVE-2006-6047 Directory traversal vulnerability in manager/index.php in Etomite 0.6.1.2 allows remote authenticate...
E
CVE-2006-6048 SQL injection vulnerability in index.php in Etomite CMS 0.6.1.2, when magic_quotes_gpc is disabled, ...
E
CVE-2006-6049 PHP remote file inclusion vulnerability in shambo2.php in the Shambo2 (com_shambo2) component for Ma...
E
CVE-2006-6050 Multiple SQL injection vulnerabilities in ClickTech Texas Rank'em allow remote attackers to execute ...
E
CVE-2006-6051 PHP remote file inclusion vulnerability in reporter.logic.php in the MosReporter (com_reporter) comp...
E
CVE-2006-6052 NetEpi Case Manager before 0.98 generates different error messages depending on whether or not a use...
S
CVE-2006-6053 The ext3fs_dirhash function in Linux kernel 2.6.x allows local users to cause a denial of service (c...
E
CVE-2006-6054 The ext2 file system code in Linux kernel 2.6.x allows local users to cause a denial of service (cra...
E
CVE-2006-6055 Stack-based buffer overflow in A5AGU.SYS 1.0.1.41 for the D-Link DWL-G132 wireless adapter allows re...
CVE-2006-6056 Linux kernel 2.6.x up to 2.6.18 and possibly other versions, when SELinux hooks are enabled, allows ...
E
CVE-2006-6057 The Linux kernel 2.6.x up to 2.6.18, and possibly other versions, on Fedora Core 6 and possibly othe...
E
CVE-2006-6058 The minix filesystem code in Linux kernel 2.6.x before 2.6.24, including 2.6.18, allows local users ...
E
CVE-2006-6059 Buffer overflow in MA521nd5.SYS driver 5.148.724.2003 for NetGear MA521 PCMCIA adapter allows remote...
E
CVE-2006-6060 The NTFS filesystem code in Linux kernel 2.6.x up to 2.6.18, and possibly other versions, allows loc...
E
CVE-2006-6061 com.apple.AppleDiskImageController in Apple Mac OS X 10.4.8, and possibly other versions, allows rem...
E
CVE-2006-6062 Unspecified vulnerability in Apple Mac OS X 10.4.8, and possibly other versions, allows remote attac...
E
CVE-2006-6063 Stack-based buffer overflow in Un4seen XMPlay 3.3.0.5 and earlier allows remote attackers to execute...
E
CVE-2006-6064 Multiple buffer overflows in the Message Parsing Interpreter (MPI) in Fuzzball MUCK before 6.07 allo...
S
CVE-2006-6065 PHP remote file inclusion vulnerability in includes/mx_common.php in the CalSnails Module for MxBB P...
E
CVE-2006-6066 Multiple SQL injection vulnerabilities in Dragon Calendar / Events Listing 2.x allow remote attacker...
E
CVE-2006-6067 Multiple SQL injection vulnerabilities in 20/20 DataShed (aka Real Estate Listing System) allow remo...
E
CVE-2006-6068 Directory traversal vulnerability in the cached_album function in functions.php for mAlbum 0.3 and e...
CVE-2006-6069 index.php in mAlbum 0.3 and earlier allows remote attackers to obtain the installation path via an i...
CVE-2006-6070 SQL injection vulnerability in module/account/register/register.asp in ASP Nuke 0.80 and earlier all...
E
CVE-2006-6071 TWiki 4.0.5 and earlier, when running under Apache 1.3 using ApacheLogin with sessions and "ErrorDoc...
CVE-2006-6072 SQL injection vulnerability in bpg/publications_list.asp in BPG-InfoTech Easy Publisher and Smart Pu...
CVE-2006-6073 Multiple SQL injection vulnerabilities in Enthrallweb eShopping Cart allow remote attackers to execu...
CVE-2006-6074 Multiple SQL injection vulnerabilities in Enthrallweb eShopping Cart allow remote attackers to execu...
E
CVE-2006-6075 Cross-site scripting (XSS) vulnerability in addpost1.asp in BaalAsp forum allows remote attackers to...
CVE-2006-6076 Buffer overflow in the Tape Engine (tapeeng.exe) in CA (formerly Computer Associates) BrightStor ARC...
CVE-2006-6077 The (1) Password Manager in Mozilla Firefox 2.0, and 1.5.0.8 and earlier; and the (2) Passcard Manag...
E
CVE-2006-6078 PHP remote file inclusion vulnerability in common.inc.php in a-ConMan 3.2 beta allows remote attacke...
E
CVE-2006-6079 Multiple PHP remote file inclusion vulnerabilities in LoudMouth 2.4 allow remote attackers to execut...
CVE-2006-6080 Multiple SQL injection vulnerabilities in categories.asp in gNews Publisher allow remote attackers t...
E
CVE-2006-6081 PHP remote file inclusion vulnerability in Smarty_Compiler.class.php in Telaen 1.1.0 and earlier all...
CVE-2006-6082 Multiple cross-site scripting (XSS) vulnerabilities in CreaScripts Creadirectory allow remote attack...
E
CVE-2006-6083 SQL injection vulnerability in search.asp in CreaScripts Creadirectory allows remote attackers to ex...
E
CVE-2006-6084 Directory traversal vulnerability in abitwhizzy.php in aBitWhizzy allows remote attackers to read ar...
E
CVE-2006-6085 Kile before 1.9.3 does not assign a backup file the same permissions as the original file, which mig...
S
CVE-2006-6086 PHP remote file inclusion vulnerability in src/ark_inc.php in e-Ark 1.0 allows remote attackers to e...
E
CVE-2006-6087 Cross-site scripting (XSS) vulnerability in weblog.php in my little weblog allows remote attackers t...
CVE-2006-6088 Multiple cross-site scripting (XSS) vulnerabilities in BlueCollar i-Gallery 3.4 allow remote attacke...
E
CVE-2006-6089 Multiple cross-site scripting (XSS) vulnerabilities in addpost1.asp in BaalAsp forum allow remote at...
CVE-2006-6090 Multiple SQL injection vulnerabilities in BaalAsp forum allow remote attackers to execute arbitrary ...
E
CVE-2006-6091 Cross-site scripting (XSS) vulnerability in Grim Pirate GrimBB before 2006_11_21 allows remote attac...
S
CVE-2006-6092 Multiple SQL injection vulnerabilities in vehiclelistings.asp in 20/20 Auto Gallery allow remote att...
E
CVE-2006-6093 Multiple PHP remote file inclusion vulnerabilities in adminprint.php in PicturesPro Photo Cart 3.9 a...
E
CVE-2006-6094 Multiple SQL injection vulnerabilities in ActiveNews Manager allow remote attackers to execute arbit...
E
CVE-2006-6095 Multiple SQL injection vulnerabilities in ActiveNews Manager allow remote attackers to execute arbit...
E
CVE-2006-6096 Cross-site scripting (XSS) vulnerability in activenews_search.asp in ActiveNews Manager allows remot...
E
CVE-2006-6097 GNU tar 1.16 and 1.15.1, and possibly other versions, allows user-assisted attackers to overwrite ar...
E
CVE-2006-6098 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in...
R
CVE-2006-6099 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in...
R
CVE-2006-6100 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in...
R
CVE-2006-6101 Integer overflow in the ProcRenderAddGlyphs function in the Render extension for X.Org 6.8.2, 6.9.0,...
S
CVE-2006-6102 Integer overflow in the ProcDbeGetVisualInfo function in the DBE extension for X.Org 6.8.2, 6.9.0, 7...
S
CVE-2006-6103 Integer overflow in the ProcDbeSwapBuffers function in the DBE extension for X.Org 6.8.2, 6.9.0, 7.0...
S
CVE-2006-6104 The System.Web class in the XSP for ASP.NET server 1.1 through 2.0 in Mono does not properly verify ...
E S
CVE-2006-6105 Format string vulnerability in the host chooser window (gdmchooser) in GNOME Foundation Display Mana...
S
CVE-2006-6106 Multiple buffer overflows in the cmtp_recv_interopmsg function in the Bluetooth driver (net/bluetoot...
S
CVE-2006-6107 Unspecified vulnerability in the match_rule_equal function in bus/signals.c in D-Bus before 1.0.2 al...
S
CVE-2006-6108 Cross-site scripting (XSS) vulnerability in EC-CUBE before 1.0.1a-beta allows remote attackers to in...
S
CVE-2006-6109 Multiple SQL injection vulnerabilities in CandyPress Store 3.5.2.14 allow remote attackers to execut...
E
CVE-2006-6110 Multiple SQL injection vulnerabilities in an unspecified BPG-InfoTech Content Management System prod...
E
CVE-2006-6111 Multiple SQL injection vulnerabilities in Alan Ward A-Cart Pro 2.0 allow remote attackers to execute...
E
CVE-2006-6112 LifeType 1.0.x and 1.1.x have insufficient access control for all of the PHP scripts under (1) class...
E S
CVE-2006-6113 Monkey Boards 0.3.5 allows remote attackers to obtain sensitive information via direct requests to (...
E S
CVE-2006-6114 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-5854. Reason: This candida...
R
CVE-2006-6115 SQL injection vulnerability in index.asp in fipsCMS 4.5 and earlier allows remote attackers to execu...
E
CVE-2006-6116 SQL injection vulnerability in default2.asp in fipsForum 2.6 and earlier allows remote attackers to ...
E
CVE-2006-6117 SQL injection vulnerability in index1.asp in fipsGallery 1.5 and earlier allows remote attackers to ...
E
CVE-2006-6118 Cross-site scripting (XSS) vulnerability in thumbs.php in mmgallery 1.55 allows remote attackers to ...
E
CVE-2006-6119 mmgallery 1.55 allows remote attackers to obtain sensitive information via a direct request for thum...
CVE-2006-6120 Integer overflow in the KPresenter import filter for Microsoft PowerPoint files (filters/olefilters/...
S
CVE-2006-6121 Acer Notebook LunchApp.APlunch ActiveX control allows remote attackers to execute arbitrary commands...
E
CVE-2006-6122 Multiple buffer overflows in TIN before 1.8.2 have unspecified impact and attack vectors, a differen...
CVE-2006-6123 Coppermine Photo Gallery (CPG) 1.4.8 stable, with register_globals enabled, allows remote attackers ...
CVE-2006-6124 Cross-site scripting (XSS) vulnerability in SeleniumServer Web Server 1.0 allows remote attackers to...
CVE-2006-6125 Heap-based buffer overflow in the wireless driver (WG311ND5.SYS) 2.3.1.10 for NetGear WG311v1 wirele...
E
CVE-2006-6126 Apple Mac OS X allows local users to cause a denial of service (memory corruption) via a crafted Mac...
E
CVE-2006-6127 Apple Mac OS X kernel allows local users to cause a denial of service via a process that uses kevent...
E
CVE-2006-6128 The ReiserFS functionality in Linux kernel 2.6.18, and possibly other versions, allows local users t...
E
CVE-2006-6129 Integer overflow in the fatfile_getarch2 in Apple Mac OS X allows local users to cause a denial of s...
E
CVE-2006-6130 Apple Mac OS X AppleTalk allows local users to cause a denial of service (kernel panic) by calling t...
E
CVE-2006-6131 Untrusted search path vulnerability in (1) WSAdminServer and (2) WSWebServer in Kerio WebSTAR (4D We...
E
CVE-2006-6132 Multiple SQL injection vulnerabilities in Link Exchange Lite allow remote attackers to execute arbit...
E
CVE-2006-6133 Stack-based buffer overflow in Visual Studio Crystal Reports for Microsoft Visual Studio .NET 2002 a...
CVE-2006-6134 Heap-based buffer overflow in the WMCheckURLScheme function in WMVCORE.DLL in Microsoft Windows Medi...
E
CVE-2006-6135 Multiple unspecified vulnerabilities in IBM WebSphere Application Server 6.1.0 before Fix Pack 3 (6....
S
CVE-2006-6136 IBM WebSphere Application Server 6.1.0 before Fix Pack 3 (6.1.0.3) does not perform EAL4 authenticat...
S
CVE-2006-6137 Multiple PHP remote file inclusion vulnerabilities in Sisfo Kampus 0.8 allow remote attackers to exe...
E
CVE-2006-6138 Directory traversal vulnerability in download.php in Sisfo Kampus 0.8 allows remote attackers to lis...
E
CVE-2006-6139 Directory traversal vulnerability in downloadexcel.php in Sisfo Kampus 2006 (Semarang 3) allows remo...
CVE-2006-6140 PHP remote file inclusion vulnerability in Sisfo Kampus 2006 (Semarang 3) allows remote attackers to...
CVE-2006-6141 Buffer overflow in Tftpd32 3.01 allows remote attackers to cause a denial of service via a long GET ...
CVE-2006-6142 Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.4.0 through 1.4.9 allow remote...
CVE-2006-6143 The RPC library in Kerberos 5 1.4 through 1.4.4, and 1.5 through 1.5.1, as used in Kerberos administ...
S
CVE-2006-6144 The "mechglue" abstraction interface of the GSS-API library for Kerberos 5 1.5 through 1.5.1, as use...
S
CVE-2006-6145 CRYPTOCard CRYPTO-Server before 6.4.56 stores LDAP credentials in plaintext in UninstallerData\insta...
CVE-2006-6146 Buffer overflow in the HPDF_Page_Circle function in hpdf_page_operator.c in Takeshi Kanno Haru Free ...
S
CVE-2006-6147 Multiple SQL injection vulnerabilities in JiRos Links Manager allow remote attackers to execute arbi...
E
CVE-2006-6148 Multiple cross-site scripting (XSS) vulnerabilities in submitlink.asp in JiRos Links Manager allow r...
E
CVE-2006-6149 SQL injection vulnerability in index.asp in JiRos FAQ Manager 1.0 allows remote attackers to execute...
E
CVE-2006-6150 PHP remote file inclusion vulnerability in memory/OWLMemoryProperty.php in OWLLib 1.0 allows remote ...
E
CVE-2006-6151 PHP remote file inclusion vulnerability in centre.php in Messagerie Locale as of 20061127 allows rem...
E
CVE-2006-6152 Multiple SQL injection vulnerabilities in vSpin.net Classified System 2004 allow remote attackers to...
E
CVE-2006-6153 Multiple cross-site scripting (XSS) vulnerabilities in vSpin.net Classified System 2004 allow remote...
E
CVE-2006-6154 PHP remote file inclusion vulnerability in addcode.php in HIOX Star Rating System Script (HSRS) 1.0 ...
E
CVE-2006-6155 Multiple SQL injection vulnerabilities in addrating.php in HIOX Star Rating System Script (HSRS) 1.0...
CVE-2006-6156 Cross-site scripting (XSS) vulnerability in auth/message.php in HIOX Star Rating System Script (HSRS...
CVE-2006-6157 SQL injection vulnerability in index.php in ContentNow 1.39 and earlier allows remote attackers to e...
E S
CVE-2006-6158 Multiple cross-site scripting (XSS) vulnerabilities in (a) PMOS Help Desk 2.4, formerly (b) InverseF...
CVE-2006-6159 Multiple cross-site scripting (XSS) vulnerabilities in newticket.php in DeskPRO 2.0.0 and 2.0.1 allo...
CVE-2006-6160 SQL injection vulnerability in details.asp in Doug Luxem Liberum Help Desk 0.97.3 and earlier allows...
E
CVE-2006-6161 Multiple SQL injection vulnerabilities in Doug Luxem Liberum Help Desk 0.97.3 and earlier allow remo...
E
CVE-2006-6162 Cross-site scripting (XSS) vulnerability in tiki-edit_structures.php in TikiWiki 1.9.6 allows remote...
S
CVE-2006-6163 Cross-site scripting (XSS) vulnerability in tiki-setup_base.php in TikiWiki before 1.9.7 allows remo...
CVE-2006-6164 The _dl_unsetenv function in loader.c in the ELF ld.so in OpenBSD 3.9 and 4.0 does not properly remo...
S
CVE-2006-6165 ld.so in FreeBSD, NetBSD, and possibly other BSD distributions does not remove certain harmful envir...
CVE-2006-6166 Cross-site scripting (XSS) vulnerability in jce.php in the JCE Admin Component in Ryan Demmer Joomla...
S
CVE-2006-6167 Multiple PHP remote file inclusion vulnerabilities in L. Brandon Stone and Nathanial P. Hendler Acti...
CVE-2006-6168 tiki-register.php in TikiWiki before 1.9.7 allows remote attackers to trigger "notification-spam" vi...
CVE-2006-6169 Heap-based buffer overflow in the ask_outfile_name function in openfile.c for GnuPG (gpg) 1.4 and 2....
S
CVE-2006-6170 Buffer overflow in the tls_x509_name_oneline function in the mod_tls module, as used in ProFTPD 1.3....
E
CVE-2006-6171 ProFTPD 1.3.0a and earlier does not properly set the buffer size limit when CommandBufferSize is spe...
CVE-2006-6172 Buffer overflow in the asmrp_eval function in the RealMedia RTSP stream handler (asmrp.c) for Real M...
E S
CVE-2006-6173 Buffer overflow in the shared_region_make_private_np function in vm/vm_unix.c in Mac OS X 10.4.6 and...
CVE-2006-6174 Cross-site scripting (XSS) vulnerability in tDiary before 2.0.3 and 2.1.x before 2.1.4.20061126 allo...
S
CVE-2006-6175 Directory traversal vulnerability in lib/FBView.php in Horde Kronolith H3 before 2.0.7 and 2.1.x bef...
S
CVE-2006-6176 Cross-site scripting (XSS) vulnerability in admin.php in Blogn before 1.9.4 allows remote attackers ...
S
CVE-2006-6177 SQL injection vulnerability in system/core/users/users.profile.inc.php in Neocrome Seditio 1.10 and ...
E S
CVE-2006-6178 Buffer overflow in PCCSRV\Web_console\RemoteInstallCGI\Wizard.exe for Trend Micro OfficeScan 7.3 bef...
S
CVE-2006-6179 Buffer overflow in PCCSRV\Web_console\RemoteInstallCGI\CgiRemoteInstall.exe for Trend Micro OfficeSc...
S
CVE-2006-6180 Cross-site scripting (XSS) vulnerability in articles.asp in Expinion.net iNews Publisher (iNP) 2.5 a...
CVE-2006-6181 Multiple SQL injection vulnerabilities in default.asp in ClickTech ClickContact allow remote attacke...
E
CVE-2006-6182 The Gabriele Teotino GNotebook 0.7.0.1 gadget for Google Desktop stores Gmail passwords in plaintext...
CVE-2006-6183 Multiple stack-based buffer overflows in 3Com 3CTftpSvc 2.0.1, and possibly earlier, allow remote at...
E
CVE-2006-6184 Multiple stack-based buffer overflows in Allied Telesyn TFTP Server (AT-TFTP) 1.9, and possibly earl...
E
CVE-2006-6185 Directory traversal vulnerability in script.php in Wabbit PHP Gallery 0.9 allows remote attackers to...
E
CVE-2006-6186 Multiple directory traversal vulnerabilities in enomphp 4.0 allow remote attackers to read arbitrary...
E
CVE-2006-6187 Multiple SQL injection vulnerabilities in ClickTech Click Gallery allow remote attackers to execute ...
E
CVE-2006-6188 Cross-site scripting (XSS) vulnerability in view_search.asp in ClickTech Click Gallery allows remote...
E
CVE-2006-6189 SQL injection vulnerability in displayCalendar.asp in ClickTech Click Blog allows remote attackers t...
E
CVE-2006-6190 SQL injection vulnerability in anna.pl in Anna^ IRC Bot before 0.30 (aka caprice) allows remote atta...
S
CVE-2006-6191 SQL injection vulnerability in admin/edit.asp in 8pixel.net simpleblog 2.3 and earlier allows remote...
E
CVE-2006-6192 Unspecified scripts in the admin directory in 8pixel.net SimpleBlog 3.0 and earlier do not properly ...
CVE-2006-6193 SQL injection vulnerability in edit.asp in BasicForum 1.1 and earlier allows remote attackers to exe...
E
CVE-2006-6194 Multiple SQL injection vulnerabilities in index.asp in Ultimate Survey Pro allow remote attackers to...
E
CVE-2006-6195 Multiple SQL injection vulnerabilities in Fixit iDMS Pro Image Gallery allow remote attackers to exe...
CVE-2006-6196 Cross-site scripting (XSS) vulnerability in the search functionality in Fixit iDMS Pro Image Gallery...
E
CVE-2006-6197 Multiple cross-site scripting (XSS) vulnerabilities in b2evolution 1.8.2 through 1.9 beta allow remo...
E
CVE-2006-6198 Multiple cross-site scripting (XSS) vulnerabilities in cPanel WebHost Manager (WHM) 3.1.0 allow remo...
E
CVE-2006-6199 Stack-based buffer overflow in BlazeVideo BlazeDVD Standard and Professional 5.0, and possibly earli...
E
CVE-2006-6200 Multiple SQL injection vulnerabilities in the (1) rate_article and (2) rate_complete functions in mo...
E S
CVE-2006-6201 Heap-based buffer overflow in Borland idsql32.dll 5.1.0.4, as used by RevilloC MailServer; 5.2.0.2 a...
CVE-2006-6202 PHP remote file inclusion vulnerability in modules/NukeAI/util.php in the NukeAI 0.0.3 Beta module f...
E
CVE-2006-6203 Directory traversal vulnerability in startdown.php in the Flyspray ME 1.0.1 (com_flyspray) component...
E
CVE-2006-6204 Multiple SQL injection vulnerabilities in Enthrallweb eHomes allow remote attackers to execute arbit...
E
CVE-2006-6205 Multiple cross-site scripting (XSS) vulnerabilities in result.asp in Enthrallweb eHomes allow remote...
E
CVE-2006-6206 SQL injection vulnerability in item.asp in WarHound General Shopping Cart allows remote attackers to...
E
CVE-2006-6207 SQL injection vulnerability in products.asp in Evolve shopping cart (aka Evolve Merchant) allows rem...
E
CVE-2006-6208 Multiple SQL injection vulnerabilities in Enthrallweb eClassifieds allow remote attackers to execute...
E
CVE-2006-6209 Multiple SQL injection vulnerabilities in MidiCart ASP Shopping Cart and ASP Plus Shopping Cart allo...
E
CVE-2006-6210 SQL injection vulnerability in listpics.asp in ASP ListPics 5.0 allows remote attackers to execute a...
E
CVE-2006-6211 Multiple cross-site scripting (XSS) vulnerabilities in BirdBlog 1.4.0 allow remote attackers to inje...
E
CVE-2006-6212 PHP remote file inclusion vulnerability in centre.php in Site News (site_news) 2.00, and possibly ea...
E
CVE-2006-6213 index.php in PEGames uses the extract function to overwrite critical variables, which allows remote ...
E
CVE-2006-6214 SQL injection vulnerability in wallpaper.php in Wallpaper Website (Wallpaper Complete Website) 1.0.0...
E
CVE-2006-6215 Multiple SQL injection vulnerabilities in Wallpaper Website (Wallpaper Complete Website) 1.0.09 and ...
CVE-2006-6216 SQL injection vulnerability in admin_hacks_list.php in the Nivisec Hacks List 1.21 and earlier phpBB...
E
CVE-2006-6217 PHP remote file inclusion vulnerability in formdisp.php in the Mermaid 1.2 module for PHP-Nuke allow...
CVE-2006-6218 Multiple SQL injection vulnerabilities in index.php in dev4u CMS allow remote attackers to execute a...
E
CVE-2006-6219 Multiple cross-site scripting (XSS) vulnerabilities in index.php in dev4u CMS allow remote attackers...
CVE-2006-6220 Multiple SQL injection vulnerabilities in Recipes Website (Recipes Complete Website) 1.1.14 allow re...
E
CVE-2006-6221 2X ThinClientServer Enterprise Edition before 4.0.2248 allows remote attackers to create multiple pr...
S
CVE-2006-6222 Stack-based buffer overflow in the NetBackup bpcd daemon (bpcd.exe) in Symantec Veritas NetBackup 5....
S
CVE-2006-6223 Cross-site scripting (XSS) vulnerability in Google Search Appliance and Google Mini allows remote at...
CVE-2006-6224 PHP remote file inclusion vulnerability in the installation scripts in Puntal before 1.8.5 allows re...
S
CVE-2006-6225 Multiple PHP remote file inclusion vulnerabilities in GeekLog 1.4 allow remote attackers to execute ...
E
CVE-2006-6226 Multiple format string vulnerabilities in NeoEngine 0.8.2 and earlier, and CVS 3422, allow remote at...
CVE-2006-6227 The Core::Receive function in neonet/core.cpp for NeoEngine 0.8.2 and earlier, and CVS 3422, allow r...
CVE-2006-6228 Cross-site scripting (XSS) vulnerability in Codewalkers ltwCalendar (aka PHP Event Calendar) before ...
CVE-2006-6229 Codewalkers ltwCalendar (aka PHP Event Calendar) before 4.2.1 logs failed passwords, which might all...
CVE-2006-6230 SQL injection vulnerability in vuBB 0.2.1 and earlier allows remote attackers to execute arbitrary S...
CVE-2006-6231 vuBB 0.2.1 and earlier allows remote attackers to obtain sensitive information via a direct request ...
CVE-2006-6232 PHP remote file inclusion vulnerability in admin/index.php in DreamAccount 3.1 allows remote attacke...
E
CVE-2006-6233 SQL injection vulnerability in the Downloads module for unknown versions of PostNuke allows remote a...
CVE-2006-6234 Multiple SQL injection vulnerabilities in the Content module in PHP-Nuke 6.0, and possibly other ver...
E
CVE-2006-6235 A "stack overwrite" vulnerability in GnuPG (gpg) 1.x before 1.4.6, 2.x before 2.0.2, and 1.9.0 throu...
S
CVE-2006-6236 Adobe Reader (Adobe Acrobat Reader) 7.0 through 7.0.8 allows remote attackers to cause a denial of s...
E S
CVE-2006-6237 SQL injection vulnerability in the decode_cookie function in thread.php in Woltlab Burning Board Lit...
E
CVE-2006-6238 The AutoFill feature in Apple Safari 2.0.4 does not properly verify that all automatically populated...
E
CVE-2006-6239 webadmin in MailEnable NetWebAdmin Professional 2.32 and Enterprise 2.32 allows remote attackers to ...
S
CVE-2006-6240 Directory traversal vulnerability in Sorin Chitu Telnet-FTP Server 1.0 allows remote authenticated u...
CVE-2006-6241 Sorin Chitu Telnet-FTP Server 1.0 allows remote authenticated users to cause a denial of service (cr...
CVE-2006-6242 Multiple directory traversal vulnerabilities in Serendipity 1.0.3 and earlier allow remote attackers...
E
CVE-2006-6243 Multiple SQL injection vulnerabilities in index.asp in FipsSHOP allow remote attackers to execute ar...
E
CVE-2006-6244 Coalescent Systems freePBX (formerly Asterisk Management Portal) before 2.2.0rc1 allows attackers to...
S
CVE-2006-6245 Multiple SQL injection vulnerabilities in Photo Organizer (PO) 2.32b and earlier allow remote attack...
S
CVE-2006-6246 Photo Organizer 2.32b and earlier does not properly check the ownership of certain objects, which al...
S
CVE-2006-6247 Multiple SQL injection vulnerabilities in Uapplication UPhotoGallery 1.1 allow remote attackers to e...
E
CVE-2006-6248 index.php in GPhotos 1.5 allows remote attackers to obtain sensitive information via an invalid rep ...
CVE-2006-6249 Cross-site scripting (XSS) vulnerability in Chama Cargo 4.36 and earlier allows remote attackers to ...
S
CVE-2006-6250 Format string vulnerability in Songbird Media Player 0.2 and earlier allows remote attackers to caus...
E
CVE-2006-6251 Stack-based buffer overflow in VUPlayer 2.44 and earlier allows remote attackers to execute arbitrar...
E
CVE-2006-6252 Microsoft Windows Live Messenger 8.0 and earlier, when gestual emoticons are enabled, allows remote ...
CVE-2006-6253 Cahier de texte 2.0 stores sensitive information under the web root, possibly with insufficient acce...
E
CVE-2006-6254 administration/telecharger.php in Cahier de texte 2.0 allows remote attackers to obtain unparsed con...
E
CVE-2006-6255 Direct static code injection vulnerability in util.php in the NukeAI 0.0.3 Beta module for PHP-Nuke,...
E
CVE-2006-6256 Cross-site scripting (XSS) vulnerability in the file manager in admin/bro_main.php in AlternC 0.9.5 ...
S
CVE-2006-6257 The file manager in AlternC 0.9.5 and earlier, when warnings are enabled in PHP, allows remote attac...
E
CVE-2006-6258 The phpmyadmin subsystem in AlternC 0.9.5 and earlier transmits the SQL password in cleartext in a c...
E
CVE-2006-6259 Multiple directory traversal vulnerabilities in (a) class/functions.php and (b) class/m_bro.php in A...
E S
CVE-2006-6260 SQL injection vulnerability in login.asp in Redbinaria Sistema Integrado de Administracion de Portal...
CVE-2006-6261 Buffer overflow in Quintessential Player 4.50.1.82 and earlier allows remote attackers to cause a de...
E
CVE-2006-6262 Directory traversal vulnerability in mboard.php in PHPJunkYard (aka Klemen Stirn) MBoard 1.22 and ea...
S
CVE-2006-6263 Teredo clients, when source routing is enabled, recognize a Routing header in an encapsulated IPv6 p...
CVE-2006-6264 Teredo creates trusted peer entries for arbitrary incoming source Teredo addresses, even if the low ...
CVE-2006-6265 Teredo clients, when located behind a restricted NAT, allow remote attackers to establish an inbound...
CVE-2006-6266 Teredo clients, when following item 6 of RFC4380 section 5.2.3, start direct IPv6 connectivity tests...
CVE-2006-6267 PostNuke 0.7.5.0, and certain minor versions, allows remote attackers to obtain sensitive informatio...
CVE-2006-6268 SQL injection vulnerability in system/core/profile/profile.inc.php in Neocrome Land Down Under (LDU)...
E
CVE-2006-6269 Multiple SQL injection vulnerabilities in Infinitytechs Restaurants CM allow remote attackers to exe...
CVE-2006-6270 Multiple SQL injection vulnerabilities in ASPMForum allow remote attackers to execute arbitrary SQL ...
CVE-2006-6271 Multiple cross-site scripting (XSS) vulnerabilities in PHPOLL 0.96 allow remote attackers to inject ...
CVE-2006-6272 Cross-site scripting (XSS) vulnerability in sp_index.php in Simple PHP Gallery 1.1 allows remote att...
CVE-2006-6273 sp_index.php in Simple PHP Gallery 1.1 allows remote attackers to obtain sensitive information via a...
CVE-2006-6274 SQL injection vulnerability in articles.asp in Expinion.net iNews (1) Publisher (iNP) 2.5 and earlie...
E
CVE-2006-6275 Race condition in the kernel in Sun Solaris 8 through 10 allows local users to cause a denial of ser...
CVE-2006-6276 HTTP request smuggling vulnerability in Sun Java System Proxy Server before 20061130, when used with...
S
CVE-2006-6277 Directory traversal vulnerability in admin/FileServer.php in ContentServ 4.x allows remote attackers...
E
CVE-2006-6278 Cross-site scripting (XSS) vulnerability in index.php in @lex Guestbook 4.0.1 allows remote attacker...
CVE-2006-6279 index.php in @lex Guestbook 4.0.1 allows remote attackers to obtain sensitive information via a skin...
CVE-2006-6280 SQL injection vulnerability in viewthread.php in Oxygen (O2PHP Bulletin Board) 1.1.3 and earlier all...
E
CVE-2006-6281 PHP remote file inclusion vulnerability in check_status.php in dicshunary 0.1 alpha allows remote at...
CVE-2006-6282 members.php in Vikingboard 0.1.2 allows remote attackers to trigger a forced SQL error via an invali...
CVE-2006-6283 Multiple cross-site scripting (XSS) vulnerabilities in Vikingboard 0.1.2 allow remote attackers to i...
CVE-2006-6284 Directory traversal vulnerability in admin.php in Vikingboard 0.1.2 allows remote authenticated admi...
CVE-2006-6285 PHP remote file inclusion vulnerability in index.php in Kai Blankenhorn Bitfolge simple and nice ind...
E
CVE-2006-6286 Palm Desktop 4.1.4 and earlier stores user data with weak permissions under the application director...
CVE-2006-6287 Stack-based buffer overflow in AtomixMP3 2.3 and earlier allows remote attackers to execute arbitrar...
E
CVE-2006-6288 Multiple buffer overflows in Niek Albers CoolPlayer 216 and earlier allow remote attackers to execut...
E
CVE-2006-6289 Woltlab Burning Board (wBB) Lite 1.0.2 does not properly unset variables when the input data include...
E
CVE-2006-6290 Multiple stack-based buffer overflows in the IMAP module (MEIMAPS.EXE) in MailEnable Professional 1....
S
CVE-2006-6291 Stack overflow in the IMAP module (MEIMAPS.EXE) in MailEnable Professional 1.6 through 1.83 and 2.0 ...
S
CVE-2006-6292 Apple Airport Extreme firmware 0.1.27 in Mac OS X 10.4.8 on Mac mini, MacBook, and MacBook Pro with ...
S
CVE-2006-6293 Heap-based buffer overflow in FRISK Software F-Prot Antivirus before 4.6.7 allows user-assisted remo...
E S
CVE-2006-6294 Multiple unspecified vulnerabilities in FRISK Software F-Prot Antivirus before 4.6.7 have unspecifie...
S
CVE-2006-6295 PHP remote file inclusion vulnerability in includes/mx_common.php in the mx_tinies 1.3.0 Module for ...
E
CVE-2006-6296 The RpcGetPrinterData function in the Print Spooler (spoolsv.exe) service in Microsoft Windows 2000 ...
E
CVE-2006-6297 Stack consumption vulnerability in the KFILE JPEG (kfile_jpeg) plugin in kdegraphics 3, as used by k...
CVE-2006-6298 SQL injection vulnerability in uye_giris_islem.asp in Metyus Okul Yonetim Sistemi 1.0 allows remote ...
E
CVE-2006-6299 Integer overflow in Msg.dll in Novell ZENworks 7 Asset Management (ZAM) before SP1 IR11 and the Coll...
S
CVE-2006-6300 Cross-site scripting (XSS) vulnerability in CuteNews 1.3.6 allows remote attackers to inject arbitra...
E
CVE-2006-6301 DenyHosts 2.5 does not properly parse sshd log files, which allows remote attackers to add arbitrary...
E
CVE-2006-6302 fail2ban 0.7.4 and earlier does not properly parse sshd log files, which allows remote attackers to ...
CVE-2006-6303 The read_multipart function in cgi.rb in Ruby before 1.8.5-p2 does not properly detect boundaries in...
S
CVE-2006-6304 The do_coredump function in fs/exec.c in the Linux kernel 2.6.19 sets the flag variable to O_EXCL bu...
S
CVE-2006-6305 Unspecified vulnerability in Net-SNMP 5.3 before 5.3.0.1, when configured using the rocommunity or r...
S
CVE-2006-6306 Format string vulnerability in Novell Modular Authentication Services (NMAS) in the Novell Client 4....
CVE-2006-6307 srvloc.sys in Novell Client for Windows before 4.91 SP3 allows remote attackers to cause an unspecif...
S
CVE-2006-6308 Symantec LiveState 7.1 Agent for Windows allows local users to gain privileges by stopping the shsta...
CVE-2006-6309 Multiple array index errors in IBM Tivoli Storage Manager (TSM) before 5.2.9 and 5.3.x before 5.3.4 ...
E
CVE-2006-6310 Microsoft Internet Explorer 6.0 SP1 and earlier allows remote attackers to cause a denial of service...
E
CVE-2006-6311 Microsoft Internet Explorer 6.0.2900.2180 allows remote attackers to cause a denial of service via a...
CVE-2006-6318 The show_elog_list function in elogd.c in elog 2.6.2 and earlier allows remote authenticated users t...
E S
CVE-2006-6328 Directory traversal vulnerability in index.php for TorrentFlux 2.2 allows remote attackers to create...
E S
CVE-2006-6329 index.php for TorrentFlux 2.2 allows remote attackers to delete files by specifying the target filen...
E S
CVE-2006-6330 index.php for TorrentFlux 2.2 allows remote registered users to execute arbitrary commands via shell...
E S
CVE-2006-6331 metaInfo.php in TorrentFlux 2.2, when $cfg["enable_file_priority"] is false, allows remote attackers...
CVE-2006-6332 Stack-based buffer overflow in net80211/ieee80211_wireless.c in MadWifi before 0.9.2.1 allows remote...
S
CVE-2006-6333 The tr_rx function in ibmtr.c for Linux kernel 2.6.19 assigns the wrong flag to the ip_summed field,...
CVE-2006-6334 Heap-based buffer overflow in the SendChannelData function in wfica.ocx in Citrix Presentation Serve...
E S
CVE-2006-6335 Multiple buffer overflows in Sophos Anti-Virus scanning engine before 2.40 allow remote attackers to...
S
CVE-2006-6336 Heap-based buffer overflow in the Mail Management Server (MAILMA.exe) in Eudora WorldMail 3.1.x allo...
CVE-2006-6337 Multiple SQL injection vulnerabilities in giris.asp in Aspee and Dogantepe Ziyaretci Defteri allow r...
E
CVE-2006-6338 Unrestricted file upload vulnerability in upload/index.php in deV!L`z Clanportal (DZCP) before 1.3.6...
E S
CVE-2006-6339 SQL injection vulnerability in sites/index.php in deV!L`z Clanportal (DZCP) before 1.3.6.1 allows re...
E S
CVE-2006-6340 keystone.exe in nVIDIA nView allows attackers to cause a denial of service via a long command line a...
CVE-2006-6341 Multiple PHP remote file inclusion vulnerabilities in mg.applanix 1.3.1 and earlier allow remote att...
E
CVE-2006-6342 Multiple SQL injection vulnerabilities in KLF-DESIGN (aka Kim L. Fraser) KLF-REALTY allow remote att...
CVE-2006-6343 SQL injection vulnerability in polls.php in Neocrome Seditio 1.10 and earlier allows remote attacker...
S
CVE-2006-6344 Multiple unspecified vulnerabilities in Neocrome Seditio 1.10 and earlier have unknown impact and at...
CVE-2006-6345 Directory traversal vulnerability in SAP Internet Graphics Service (IGS) 6.40 Patchlevel 16 and earl...
CVE-2006-6346 Unspecified vulnerability in SAP Internet Graphics Service (IGS) 6.40 Patchlevel 15 and earlier, and...
CVE-2006-6347 Unrestricted file upload vulnerability in TFT-Gallery allows remote authenticated administrators to ...
CVE-2006-6348 Cross-site scripting (XSS) vulnerability in board.php in mowdBB RC-6 allows remote attackers to inje...
CVE-2006-6349 Multiple SQL injection vulnerabilities in PWP Technologies The Classified Ad System allow remote att...
E
CVE-2006-6350 listpics 5 stores sensitive data under the web root with insufficient access control, which allows r...
CVE-2006-6351 KhaledMuratList stores sensitive data under the web root with insufficient access control, which all...
CVE-2006-6352 FRISK Software F-Prot Antivirus before 4.6.7 allows user-assisted remote attackers to cause a denial...
E
CVE-2006-6353 Multiple unspecified vulnerabilities in BOMArchiveHelper in Mac OS X allow user-assisted remote atta...
E
CVE-2006-6354 Multiple SQL injection vulnerabilities in detail.asp in DuWare DuNews allow remote attackers to exec...
E S
CVE-2006-6355 SQL injection vulnerability in default.asp in DuWare DuClassmate allows remote attackers to execute ...
E
CVE-2006-6356 Multiple cross-site scripting (XSS) vulnerabilities in templates/link_temp.php in PHPNews 1.3.0 allo...
CVE-2006-6357 Cross-site scripting (XSS) vulnerability in templates/cat_temp.php in PHPNews 1.3.0 and earlier allo...
CVE-2006-6358 SQL injection vulnerability in the login function in auth.inc in Stefan Frech online-bookmarks 0.6.1...
CVE-2006-6359 Cross-site scripting (XSS) vulnerability in Stefan Frech online-bookmarks 0.6.12 allows remote attac...
CVE-2006-6360 PHP remote file inclusion vulnerability in activate.php in PHP Upload Center 2.0 allows remote attac...
E
CVE-2006-6361 Heap-based buffer overflow in the uploadprogress_php_rfc1867_file function in uploadprogress.c in Bi...
S
CVE-2006-6362 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-5873. Reason: This candida...
R
CVE-2006-6363 Cross-site scripting (XSS) vulnerability in admin.pl in BlueSocket Secure Controller (BSC) before 5....
E S
CVE-2006-6364 Cross-site scripting (XSS) vulnerability in error.php in Inside Systems Mail (ISMail) 2.0 and earlie...
S
CVE-2006-6365 SQL injection vulnerability in detail.asp in DUware DUpaypal 3.1, and possibly earlier, allows remot...
E
CVE-2006-6366 Cross-site scripting (XSS) vulnerability in includes/elements/spellcheck/spellwin.php in Cerberus He...
S
CVE-2006-6367 Multiple SQL injection vulnerabilities in detail.asp in DUware DUdownload 1.1, and possibly earlier,...
E
CVE-2006-6368 PHP remote file inclusion vulnerability in login.php.inc in awrate 1.0 allows remote attackers to ex...
E
CVE-2006-6369 SQL injection vulnerability in lib/entry_reply_entry.php in Invision Community Blog Mod 1.2.4 allows...
S
CVE-2006-6370 SQL injection vulnerability in forum/modules/gallery/post.php in Invision Gallery 2.0.7 allows remot...
CVE-2006-6371 Cross-site scripting (XSS) vulnerability in pbguestbook.php in JAB Guest Book allows remote attacker...
CVE-2006-6372 Multiple cross-site scripting (XSS) vulnerabilities in pbguestbook.php in JAB Guest Book 20061205 al...
CVE-2006-6373 PhpMyAdmin 2.7.0-pl2 allows remote attackers to obtain sensitive information via a direct request fo...
CVE-2006-6374 Multiple CRLF injection vulnerabilities in PhpMyAdmin 2.7.0-pl2 allow remote attackers to inject arb...
CVE-2006-6375 Cross-site scripting (XSS) vulnerability in display.php in Simple Machines Forum (SMF) 1.1 Final and...
S
CVE-2006-6376 Multiple directory traversal vulnerabilities in fm.php in Simple File Manager (SFM) 0.24a allow remo...
E
CVE-2006-6377 Uploadscript 1.2 and earlier stores sensitive data under the web root with insufficient access contr...
E S
CVE-2006-6378 BTSaveMySql 1.2 stores sensitive data under the web root with insufficient access control, which all...
CVE-2006-6379 Buffer overflow in the BrightStor Backup Discovery Service in multiple CA products, including ARCser...
CVE-2006-6380 Cross-site scripting (XSS) vulnerability in index.asp in Ultimate HelpDesk allows remote attackers t...
E
CVE-2006-6381 Directory traversal vulnerability in getfile.asp in Ultimate HelpDesk allows remote attackers to rea...
E S
CVE-2006-6382 The control panel for Positive Software H-Sphere before 2.5.0 RC3 creates log files in a user's dire...
S
CVE-2006-6383 PHP 5.2.0 and 4.4 allows local users to bypass safe_mode and open_basedir restrictions via a malicio...
E
CVE-2006-6384 Absolute path traversal vulnerability in abitwhizzy.php before 20061204 allows remote attackers to r...
CVE-2006-6385 Stack-based buffer overflow in Intel PRO 10/100, PRO/1000, and PRO/10GbE PCI, PCI-X, and PCIe networ...
S
CVE-2006-6386 Cross-site scripting (XSS) vulnerability in the CVS management/tracker 4.7.x-1.0, 4.7.x-2.0, and 4.7...
S
CVE-2006-6387 Multiple SQL injection vulnerabilities in LINK Content Management Server (CMS) allow remote attacker...
E
CVE-2006-6388 Cross-site scripting (XSS) vulnerability in naprednaPretraga.php in LINK Content Management Server (...
S
CVE-2006-6389 Multiple cross-site scripting (XSS) vulnerabilities in ac4p Mobile allow remote attackers to inject ...
E
CVE-2006-6390 Multiple directory traversal vulnerabilities in Open Solution Quick.Cart 2.0, when register_globals ...
E
CVE-2006-6391 Multiple directory traversal vulnerabilities in Open Solution Quick.Cart 2.0, when register_globals ...
E
CVE-2006-6392 Directory traversal vulnerability in index.php in plx Web Studio (aka plxWebDev) plx Pay 3.2 and ear...
S
CVE-2006-6393 Cross-site scripting (XSS) vulnerability in Jonas Gauffin Publicera 1.0-rc2 and earlier allows remot...
S
CVE-2006-6394 SQL injection vulnerability in certain database classes in Jonas Gauffin Publicera 1.0-rc2 and earli...
S
CVE-2006-6395 Multiple memory leaks in Ulrik Petersen Emdros Database Engine before 1.2.0.pre231 allow local users...
S
CVE-2006-6396 Stack-based buffer overflow in BlazeVideo HDTV Player 2.1, and possibly earlier, allows remote attac...
E
CVE-2006-6397 Integer overflow in banner/banner.c in FreeBSD, NetBSD, and OpenBSD might allow local users to modif...
CVE-2006-6398 Multiple SQL injection vulnerabilities in Superfreaker Studios UPublisher 1.0 allow remote attackers...
S
CVE-2006-6399 SQL injection vulnerability in Superfreaker Studios UPublisher 1.0 allows remote attackers to execut...
CVE-2006-6400 Buffer overflow in JustSystems Hanako 2004 through 2006, Hanako viewer 1.x, Ichitaro 2004, Ichitaro ...
S
CVE-2006-6401 Multiple cross-site scripting (XSS) vulnerabilities in mystats.php in MyStats 1.0.8 and earlier allo...
E
CVE-2006-6402 SQL injection vulnerability in mystats.php in MyStats 1.0.8 and earlier allows remote attackers to e...
E
CVE-2006-6403 mystats.php in MyStats 1.0.8 and earlier allows remote attackers to obtain the installation path via...
E
CVE-2006-6404 INNOVATION Data Processing FDR/UPSTREAM 3.3.0 (GA Oct 2003) allows remote attackers to cause a denia...
E
CVE-2006-6405 BitDefender Mail Protection for SMB 2.0 allows remote attackers to bypass virus detection by inserti...
E
CVE-2006-6406 Clam AntiVirus (ClamAV) 0.88.6 allows remote attackers to bypass virus detection by inserting invali...
E
CVE-2006-6407 F-Prot Antivirus for Linux x86 Mail Servers 4.6.6 allows remote attackers to bypass virus detection ...
E
CVE-2006-6408 Kaspersky Anti-Virus for Linux Mail Servers 5.5.10 allows remote attackers to bypass virus detection...
CVE-2006-6409 F-Secure Anti-Virus for Linux Gateways 4.65 allows remote attackers to cause a denial of service (po...
CVE-2006-6410 Buffer overflow in an ActiveX control in VMWare 5.5.1 allows local users to execute arbitrary code v...
E
CVE-2006-6411 PhoneCtrl.exe in Linksys WIP 330 Wireless-G IP Phone 1.00.06A allows remote attackers to cause a den...
CVE-2006-6413 Cross-site scripting (XSS) vulnerability in Amateras sns 3.11 and earlier allows remote attackers to...
CVE-2006-6414 Multiple SQL injection vulnerabilities in dettaglio.asp in dol storye allow remote attackers to exec...
E
CVE-2006-6415 PHP remote file inclusion vulnerability in admin/lib-maintenance.inc.php in phpAdsNew 2.0.4-pr2 allo...
CVE-2006-6416 Multiple PHP remote file inclusion vulnerabilities in PhpLeague - Univert PhpLeague 0.81 allow remot...
E
CVE-2006-6417 PHP remote file inclusion vulnerability in inc/CONTROL/import/import-mt.php in b2evolution 1.8.5 thr...
E
CVE-2006-6418 Buffer overflow in the POSIX Threads library (libpthread) on HP Tru64 UNIX 4.0F PK8, 4.0G PK4, and 5...
CVE-2006-6419 jce.php in the JCE Admin Component in Ryan Demmer Joomla Content Editor (JCE) 1.1.0 beta 2 and earli...
CVE-2006-6420 Multiple cross-site scripting (XSS) vulnerabilities in jce.php in the JCE Admin Component in Ryan De...
CVE-2006-6421 Cross-site scripting (XSS) vulnerability in the private message box implementation (privmsg.php) in ...
CVE-2006-6422 Agileco AgileBill 1.4.x and AgileVoice 1.4.x do not properly handle certain proxy requests, which al...
CVE-2006-6423 Stack-based buffer overflow in the IMAP service for MailEnable Professional and Enterprise Edition 2...
S
CVE-2006-6424 Multiple buffer overflows in Novell NetMail before 3.52e FTF2 allow remote attackers to execute arbi...
S
CVE-2006-6425 Stack-based buffer overflow in the IMAP daemon (IMAPD) in Novell NetMail before 3.52e FTF2 allows re...
S
CVE-2006-6426 PHP remote file inclusion vulnerability in design/thinkedit/render.php in ThinkEdit 1.9.2 and earlie...
E S
CVE-2006-6427 The Web User Interface in Xerox WorkCentre and WorkCentre Pro before 12.060.17.000, 13.x before 13.0...
S
CVE-2006-6428 Xerox WorkCentre and WorkCentre Pro before 12.060.17.000, 13.x before 13.060.17.000, and 14.x before...
S
CVE-2006-6429 Xerox WorkCentre and WorkCentre Pro before 12.060.17.000, 13.x before 13.060.17.000, and 14.x before...
S
CVE-2006-6430 Web services in Xerox WorkCentre and WorkCentre Pro before 12.060.17.000, 13.x before 13.060.17.000,...
CVE-2006-6431 Unspecified vulnerability in Xerox WorkCentre and WorkCentre Pro before 12.060.17.000, 13.x before 1...
S
CVE-2006-6432 Unspecified vulnerability in the Scan-to-mailbox feature in Xerox WorkCentre and WorkCentre Pro befo...
S
CVE-2006-6433 Xerox WorkCentre and WorkCentre Pro before 12.060.17.000, 13.x before 13.060.17.000, and 14.x before...
S
CVE-2006-6434 Unspecified vulnerability in the Web User Interface in Xerox WorkCentre and WorkCentre Pro before 12...
CVE-2006-6435 The SNMP implementation in Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13....
S
CVE-2006-6436 Cross-site scripting (XSS) vulnerability in the Network controller in Xerox WorkCentre and WorkCentr...
CVE-2006-6437 ops3-dmn in Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and...
S
CVE-2006-6438 Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before...
CVE-2006-6439 Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before...
CVE-2006-6440 Multiple unspecified vulnerabilities in Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13...
CVE-2006-6441 Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before...
CVE-2006-6442 Stack-based buffer overflow in the SetClientInfo function in the CDDBControlAOL.CDDBAOLControl Activ...
CVE-2006-6443 Buffer overflow in the Novell Distributed Print Services (NDPS) Print Provider for Windows component...
CVE-2006-6444 Stack-based buffer overflow in Nostra DivX Player 2.1, 2.2.00.0, and possibly earlier, allows remote...
CVE-2006-6445 Directory traversal vulnerability in error.php in Envolution 1.1.0 and earlier allows remote attacke...
E
CVE-2006-6446 SQL injection vulnerability in index.php in iWare Professional 5.0.4, when magic_quotes_gpc is disab...
CVE-2006-6447 Multiple cross-site scripting (XSS) vulnerabilities in Vt-Forum Lite 1.3 and 1.5 allow remote attack...
CVE-2006-6448 Multiple SQL injection vulnerabilities in Vt-Forum Lite 1.3 and earlier allow remote attackers to ex...
CVE-2006-6449 Vt-Forum Lite 1.3 and earlier store sensitive information under the web root with insufficient acces...
CVE-2006-6450 Multiple SQL injection vulnerabilities in dagent/downloadreport.asp in Novell ZENworks Patch Managem...
CVE-2006-6451 Multiple cross-site scripting (XSS) vulnerabilities in SWsoft Plesk 8.0.1 and earlier allow remote a...
E
CVE-2006-6452 Multiple cross-site scripting (XSS) vulnerabilities in the MyArticles module before 0.6 beta 1, for ...
CVE-2006-6453 PHP remote file inclusion vulnerability in JOWAMP_ShowPage.php in J-OWAMP Web Interface 2.1 allows r...
E
CVE-2006-6454 execInBackground.php in J-OWAMP Web Interface 2.1b and earlier allows remote attackers to execute ar...
CVE-2006-6455 Multiple SQL injection vulnerabilities in admin/default.asp in DUware DUdirectory 3.1, and possibly ...
S
CVE-2006-6456 Unspecified vulnerability in Microsoft Word 2000, 2002, and 2003 and Word Viewer 2003 allows remote ...
CVE-2006-6457 tiki-wiki_rss.php in Tikiwiki 1.9.5, 1.9.2, and possibly other versions allows remote attackers to o...
CVE-2006-6458 The Trend Micro scan engine before 8.320 for Windows and before 8.150 on HP-UX and AIX, as used in T...
CVE-2006-6459 Cross-site scripting (XSS) vulnerability in toplist.php in PhpBB Toplist 1.3.7 allows remote attacke...
CVE-2006-6460 Yourfreeworld.com Short Url & Url Tracker Script allows remote attackers to obtain sensitive informa...
E
CVE-2006-6461 tr1.php in Yourfreeworld Stylish Text Ads Script allows remote attackers to obtain the installation ...
E
CVE-2006-6462 PHP remote file inclusion vulnerability in engine/oldnews.inc.php in CM68 News 12.02.06 allows remot...
E
CVE-2006-6463 Unrestricted file upload vulnerability in admin/add.php in Midicart allows remote authenticated user...
CVE-2006-6464 viewcart in Midicart accepts negative numbers in the Qty (quantity) field, which allows remote attac...
E S
CVE-2006-6465 Directory traversal vulnerability in WBmap.php in WikyBlog 1.3.2 and earlier allows remote attackers...
E
CVE-2006-6466 Multiple cross-site scripting (XSS) vulnerabilities in WBmap.php in WikyBlog 1.3.2 and earlier allow...
CVE-2006-6467 Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before...
S
CVE-2006-6468 Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before...
S
CVE-2006-6469 Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before...
S
CVE-2006-6470 The SNMP Agent in Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.00...
S
CVE-2006-6471 Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before...
S
CVE-2006-6472 The httpd.conf file in Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050....
S
CVE-2006-6473 Multiple unspecified vulnerabilities in Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13...
S
CVE-2006-6474 Untrusted search path vulnerability in McAfee VirusScan for Linux 4510e and earlier includes the cur...
CVE-2006-6475 FRAgent.exe in Mandiant First Response (MFR) before 1.1.1, when run in daemon mode with SSL enabled,...
S
CVE-2006-6476 FRAgent.exe in Mandiant First Response (MFR) before 1.1.1, when run in daemon mode and when the agen...
S
CVE-2006-6477 FRAgent.exe in Mandiant First Response (MFR) before 1.1.1, when run in daemon mode and configured to...
S
CVE-2006-6478 Multiple SQL injection vulnerabilities in AnnonceScriptHP 2.0 allow remote attackers to execute arbi...
CVE-2006-6479 Multiple cross-site scripting (XSS) vulnerabilities in AnnonceScriptHP 2.0 allow remote attackers to...
E
CVE-2006-6480 admin/admin_membre/fiche_membre.php in AnnonceScriptHP 2.0 allows remote attackers to obtain sensiti...
CVE-2006-6481 Clam AntiVirus (ClamAV) 0.88.6 allows remote attackers to cause a denial of service (stack overflow ...
CVE-2006-6482 Adobe ColdFusion MX7 allows remote attackers to obtain sensitive information via a URL request (1) f...
CVE-2006-6483 Adobe ColdFusion MX 7.x before 7.0.2 does not properly filter HTML tags when protecting against cros...
CVE-2006-6484 The IMAP service for MailEnable Professional and Enterprise Edition 2.0 through 2.34, Professional E...
S
CVE-2006-6485 Multiple cross-site scripting (XSS) vulnerabilities in ShopSite 8.1 and earlier allow remote attacke...
E
CVE-2006-6486 SQL injection vulnerability in EasyPage allows remote attackers to execute arbitrary SQL commands vi...
CVE-2006-6487 Cross-site scripting (XSS) vulnerability in index.php in DT Guestbook (dt_guestbook) 1.0f, when regi...
E
CVE-2006-6488 Stack-based buffer overflow in the DoModal function in the Dialog Wrapper Module ActiveX control (Dl...
CVE-2006-6489 The SISCO OSI stack, as used in SISCO MMS-EASE, ICCP Toolkit for MMS-EASE, AX-S4 MMS and AX-S4 ICCP,...
CVE-2006-6490 Multiple buffer overflows in the SupportSoft (1) SmartIssue (tgctlsi.dll) and (2) ScriptRunner (tgct...
S
CVE-2006-6491 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in...
R
CVE-2006-6492 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in...
R
CVE-2006-6493 Buffer overflow in the krbv4_ldap_auth function in servers/slapd/kerberos.c in OpenLDAP 2.4.3 and ea...
E
CVE-2006-6494 Directory traversal vulnerability in ld.so.1 in Sun Solaris 8, 9, and 10 allows local users to execu...
S
CVE-2006-6495 Stack-based buffer overflow in ld.so.1 in Sun Solaris 8, 9, and 10 allows local users to execute arb...
S
CVE-2006-6496 The (1) VetMONNT.sys and (2) VetFDDNT.sys drivers in CA Anti-Virus 2007 8.1, Anti-Virus for Vista Be...
CVE-2006-6497 Multiple unspecified vulnerabilities in the layout engine for Mozilla Firefox 2.x before 2.0.0.1, 1....
CVE-2006-6498 Multiple unspecified vulnerabilities in the JavaScript engine for Mozilla Firefox 2.x before 2.0.0.1...
CVE-2006-6499 The js_dtoa function in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before...
CVE-2006-6500 Heap-based buffer overflow in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird ...
CVE-2006-6501 Unspecified vulnerability in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird b...
CVE-2006-6502 Use-after-free vulnerability in the LiveConnect bridge code for Mozilla Firefox 2.x before 2.0.0.1, ...
CVE-2006-6503 Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey ...
CVE-2006-6504 Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote a...
CVE-2006-6505 Multiple heap-based buffer overflows in Mozilla Thunderbird before 1.5.0.9 and SeaMonkey before 1.0....
CVE-2006-6506 The "Feed Preview" feature in Mozilla Firefox 2.0 before 2.0.0.1 sends the URL of the feed when requ...
E
CVE-2006-6507 Mozilla Firefox 2.0 before 2.0.0.1 allows remote attackers to bypass Cross-Site Scripting (XSS) prot...
CVE-2006-6508 Cross-site request forgery (CSRF) vulnerability in phpBB 2.0.21 allows remote authenticated users to...
CVE-2006-6509 Cross-site scripting (XSS) vulnerability in the skinning feature in SiteKiosk before 6.5.150 allows ...
S
CVE-2006-6510 An unspecified ActiveX control in SiteKiosk before 6.5.150 is installed "safe for scripting", which ...
S
CVE-2006-6511 dadaIMC .99.3 uses an insufficiently restrictive FilesMatch directive in the installed .htaccess fil...
CVE-2006-6512 Directory traversal vulnerability in the Browse function (/browse URI) in Winamp Web Interface (Wawi...
CVE-2006-6513 The CControl::Download function (/dl URI) in Winamp Web Interface (Wawi) 7.5.13 and earlier allows r...
E
CVE-2006-6514 Winamp Web Interface (Wawi) 7.5.13 and earlier uses an insufficient comparison to determine whether ...
CVE-2006-6515 Mantis before 1.1.0a2 sets the default value of $g_bug_reminder_threshold to "reporter" instead of a...
S
CVE-2006-6516 Multiple PHP remote file inclusion vulnerabilities in KDPics 1.16 and earlier allow remote attackers...
E
CVE-2006-6517 Multiple cross-site scripting (XSS) vulnerabilities in KDPics 1.16 and earlier allow remote attacker...
E
CVE-2006-6518 Multiple cross-site scripting (XSS) vulnerabilities in ProNews 1.5 allow remote attackers to inject ...
E
CVE-2006-6519 SQL injection vulnerability in lire-avis.php in ProNews 1.5 allows remote attackers to execute arbit...
E
CVE-2006-6520 Multiple cross-site scripting (XSS) vulnerabilities in Messageriescripthp 2.0 allow remote attackers...
E
CVE-2006-6521 SQL injection vulnerability in lire-avis.php in Messageriescripthp 2.0 allows remote attackers to ex...
E
CVE-2006-6522 Multiple cross-site scripting (XSS) vulnerabilities in WikiTimeScale TwoZero before 2.31 allow remot...
CVE-2006-6523 Cross-site scripting (XSS) vulnerability in mail/manage.html in BoxTrapper in cPanel 11 allows remot...
E
CVE-2006-6524 SQL injection vulnerability in vdateUsr.asp in EzHRS HR Assist 1.05 and earlier allows remote attack...
E
CVE-2006-6525 SQL injection vulnerability in vdateUsr.asp in EzHRS HR Assist 1.05 and earlier allows remote attack...
CVE-2006-6526 PHP remote file inclusion vulnerability in index.php in Gizzar 03162002 and earlier allows remote at...
E
CVE-2006-6527 PHP remote file inclusion vulnerability in guest.php in Gizzar 03162002 and earlier allows remote at...
CVE-2006-6528 The Chatroom Module before 4.7.x.-1.0 for Drupal broadcasts Chatroom visitors' session IDs to all pa...
CVE-2006-6529 The Chatroom Module before 4.7.x.-1.0 for Drupal displays private messages in a chatroom's last mess...
S
CVE-2006-6530 SQL injection vulnerability in the Help Tip module before 4.7.x-1.0 for Drupal allows remote attacke...
S
CVE-2006-6531 Cross-site scripting (XSS) vulnerability in the Help Tip module before 4.7.x-1.0 for Drupal allows r...
S
CVE-2006-6532 Multiple cross-site scripting (XSS) vulnerabilities in Vt-Forum Lite 1.3 and earlier allow remote at...
CVE-2006-6533 Directory traversal vulnerability in admin/templates_boxes_layout.php in osCommerce 3.0a3 allows rem...
E
CVE-2006-6534 Multiple cross-site scripting (XSS) vulnerabilities in osCommerce 3.0a3 allow remote attackers to in...
E
CVE-2006-6535 The dev_queue_xmit function in Linux kernel 2.6 can fail before calling the local_bh_disable functio...
CVE-2006-6536 Cross-site scripting (XSS) vulnerability in hata.asp in Cilem Haber Free Edition allows remote attac...
E
CVE-2006-6537 IBM WebSphere Host On-Demand 6.0, 7.0, 8.0, 9.0, and possibly 10, allows remote attackers to bypass ...
CVE-2006-6538 D-LINK DWL-2000AP+ firmware 2.11 allows remote attackers to cause (1) a denial of service (device re...
E
CVE-2006-6539 Multiple buffer overflows in Winamp Web Interface (Wawi) 7.5.13 and earlier (1) allow remote attacke...
CVE-2006-6540 SQL injection vulnerability in bt-trackback.php in Bluetrait before 1.2.0, when trackback is enabled...
S
CVE-2006-6541 PHP remote file inclusion vulnerability in signer/final.php in warez distributions of Animated Smile...
CVE-2006-6542 SQL injection vulnerability in news.php in Fantastic News 2.1.4 and earlier allows remote attackers ...
E
CVE-2006-6543 Multiple SQL injection vulnerabilities in login.asp in AppIntellect SpotLight CRM 1.0 allow remote a...
E
CVE-2006-6544 Cross-site scripting (XSS) vulnerability in CM68 News allows remote attackers to inject arbitrary we...
S
CVE-2006-6545 PHP remote file inclusion vulnerability in includes/common.php in the ErrorDocs 1.0.0 and earlier mo...
E
CVE-2006-6546 PHP remote file inclusion vulnerability in inc/shows.inc.php in cutenews aj-fork (CN:AJ) 167f and ea...
E
CVE-2006-6547 Buffer overflow in the readAA function in read_aa.cpp in Winamp iPod Plugin (ml_ipod) 2.00 p19 and e...
S
CVE-2006-6548 Multiple cross-site scripting (XSS) vulnerabilities in cPanel WebHost Manager (WHM) 3.1.0 allow remo...
CVE-2006-6549 PHP remote file inclusion vulnerability in upload.php in Rad Upload 3.02 allows remote attackers to ...
CVE-2006-6550 PHP remote file inclusion vulnerability in common.php in Phorum 3.2.11 and earlier allows remote att...
E
CVE-2006-6551 PHP remote file inclusion vulnerability in libs/tucows/api/cartridges/crt_TUCOWS_domains/lib/domainu...
E
CVE-2006-6552 PHP remote file inclusion vulnerability in admin/plugins/NP_UserSharing.php in BLOG:CMS 4.1.3 and ea...
E
CVE-2006-6553 PHP remote file inclusion vulnerability in includes/newssuite_constants.php in the NewsSuite 1.03 mo...
E
CVE-2006-6554 Unspecified vulnerability in Kerio MailServer before 6.3.1 allows remote attackers to cause a denial...
S
CVE-2006-6555 Multiple SQL injection vulnerabilities in EasyFill before 0.5.1 allow remote attackers to execute ar...
S
CVE-2006-6556 The eyeHome function in apps/eyeHome.eyeapp/aplic.php in EyeOS before 0.9.3-3 allows remote attacker...
S
CVE-2006-6557 Multiple unspecified vulnerabilities in Skulls! before 0.2.6 have unknown impact and attack vectors,...
S
CVE-2006-6558 Crob FTP Server 3.6.1 b.263 allows remote attackers to cause a denial of service via a long series o...
E
CVE-2006-6559 SQL injection vulnerability in ProductDetails.asp in Lotfian Request For Travel 1.0 allows remote at...
E
CVE-2006-6560 PHP remote file inclusion vulnerability in includes/common.php in the mx_modsdb 1.0.0 module for MxB...
E
CVE-2006-6561 Unspecified vulnerability in Microsoft Word 2000, 2002, and Word Viewer 2003 allows user-assisted re...
E
CVE-2006-6563 Stack-based buffer overflow in the pr_ctrls_recv_request function in ctrls.c in the mod_ctrls module...
E S
CVE-2006-6564 FileZilla Server before 0.9.22 allows remote attackers to cause a denial of service (crash) via a ma...
CVE-2006-6565 FileZilla Server before 0.9.22 allows remote attackers to cause a denial of service (crash) via a wi...
E
CVE-2006-6566 PHP remote file inclusion vulnerability in includes/profilcp_constants.php in the Profile Control Pa...
E
CVE-2006-6567 PHP remote file inclusion vulnerability in includes/kb_constants.php in the Knowledge Base (mx_kb) 2...
E
CVE-2006-6568 Directory traversal vulnerability in includes/kb_constants.php in the Knowledge Base (mx_kb) 2.0.2 m...
E
CVE-2006-6569 form.php in GenesisTrader 1.0 allows remote attackers to read source code for arbitrary files and ob...
CVE-2006-6570 Unrestricted file upload vulnerability in upload.php in GenesisTrader 1.0 allows remote authenticate...
CVE-2006-6571 Multiple cross-site scripting (XSS) vulnerabilities in form.php in GenesisTrader 1.0 allow remote at...
E
CVE-2006-6572 Unspecified vulnerability in Citrix Advanced Access Control (AAC) Option 4.0, and Access Gateway 4.2...
S
CVE-2006-6573 Unspecified vulnerability in Citrix Access Gateway 4.5 Advanced Edition, and 4.2 with Advanced Acces...
S
CVE-2006-6574 Mantis before 1.1.0a2 does not implement per-item access control for Issue History (Bug History), wh...
S
CVE-2006-6575 PHP remote file inclusion vulnerability in ldap.php in Brian Drawert Yet Another PHP LDAP Admin Proj...
E
CVE-2006-6576 Heap-based buffer overflow in Golden FTP Server (goldenftpd) 1.92 allows remote attackers to cause a...
E
CVE-2006-6577 SQL injection vulnerability in polls.php in Neocrome Land Down Under (LDU) 8.x and earlier allows re...
E
CVE-2006-6578 Microsoft Internet Information Services (IIS) 5.1 permits the IUSR_Machine account to execute non-EX...
E
CVE-2006-6579 Microsoft Windows XP has weak permissions (FILE_WRITE_DATA and FILE_READ_DATA for Everyone) for %WIN...
CVE-2006-6580 admin/change.php in ProNews 1.5 does not check whether a user is permitted to change news items, whi...
CVE-2006-6581 PHP remote file inclusion vulnerability in tests/debug_test.php in Vernet Loic PHP_Debug 1.1.0 allow...
E
CVE-2006-6582 Multiple cross-site scripting (XSS) vulnerabilities in ScriptMate User Manager 2.1 and earlier allow...
E
CVE-2006-6583 ScriptMate User Manager 2.1 and earlier allow remote attackers to obtain sensitive information via u...
E
CVE-2006-6584 Multiple buffer overflows in italkplus (Italk+) before 0.92.1 allow remote attackers to cause a deni...
S
CVE-2006-6585 The Extensions manager in Mozilla Firefox 2.0 does not properly populate the list of local extension...
CVE-2006-6586 Multiple PHP remote file inclusion vulnerabilities in Vortex Blog (vBlog, aka C12) a0.1_nonfunc allo...
E
CVE-2006-6587 Cross-site scripting (XSS) vulnerability in the forum implementation in the ecommerce component in t...
E
CVE-2006-6588 The forum implementation in the ecommerce component in the Apache Open For Business Project (OFBiz) ...
E
CVE-2006-6589 Cross-site scripting (XSS) vulnerability in ecommerce/control/keywordsearch in the Apache Open For B...
E
CVE-2006-6590 PHP remote file inclusion vulnerability in usercp_menu.php in AR Memberscript allows remote attacker...
E
CVE-2006-6591 PHP remote file inclusion vulnerability in fonctions/template.php in EXlor 1.0 allows remote attacke...
CVE-2006-6592 Multiple PHP remote file inclusion vulnerabilities in Bloq 0.5.4 allow remote attackers to execute a...
CVE-2006-6593 PHP remote file inclusion vulnerability in zufallscodepart.php in AMAZONIA MOD for phpBB allows remo...
CVE-2006-6594 SQL injection vulnerability in utilities/usermessages.asp in ScriptMate User Manager 2.0 allows remo...
E
CVE-2006-6595 Multiple SQL injection vulnerabilities in ScriptMate User Manager 2.1 and earlier allow remote attac...
E
CVE-2006-6596 HyperAccess 8.4 allows user-assisted remote attackers to execute arbitrary vbscript and commands via...
CVE-2006-6597 Argument injection vulnerability in HyperAccess 8.4 allows user-assisted remote attackers to execute...
CVE-2006-6598 Directory traversal vulnerability in viewnfo.php in (1) TorrentFlux before 2.2 and (2) torrentflux-b...
E
CVE-2006-6599 maketorrent.php in TorrentFlux 2.2 allows remote authenticated users to execute arbitrary commands v...
E
CVE-2006-6600 Cross-site scripting (XSS) vulnerability in dir.php in TorrentFlux 2.2, when allows remote attackers...
E S
CVE-2006-6601 Windows Media Player 10.00.00.4036 in Microsoft Windows XP SP2 allows user-assisted remote attackers...
CVE-2006-6602 explorer.exe in Windows Explorer 6.00.2900.2180 in Microsoft Windows XP SP2 allows user-assisted rem...
CVE-2006-6603 Buffer overflow in the YMMAPI.YMailAttach ActiveX control (ymmapi.dll) before 2005.1.1.4 in Yahoo! M...
S
CVE-2006-6604 Directory traversal vulnerability in downloaddetails.php in TorrentFlux 2.2 allows remote authentica...
E
CVE-2006-6605 Stack-based buffer overflow in the POP service in MailEnable Standard 1.98 and earlier; Professional...
S
CVE-2006-6606 Multiple SQL injection vulnerabilities in Clarens jclarens before 0.6.2 allow remote attackers to ex...
S
CVE-2006-6607 The Java Key Store (JKS) for WebSphere Application Server (WAS) for IBM Tivoli Identity Manager (ITI...
S
CVE-2006-6608 Unspecified vulnerability in SSH key based authentication in HP Integrated Lights Out (iLO) 1.70 thr...
S
CVE-2006-6609 Nexuiz before 2.2.1 allows remote attackers to cause a denial of service (resource exhaustion or cra...
S
CVE-2006-6610 clientcommands in Nexuiz before 2.2.1 has unknown impact and remote attack vectors related to "remot...
S
CVE-2006-6611 PHP remote file inclusion vulnerability in interface.php in Barman 0.0.1r3 allows remote attackers t...
E
CVE-2006-6612 PHP remote file inclusion vulnerability in basic.inc.php in PhpMyCms 0.3 allows remote attackers to ...
E
CVE-2006-6613 Directory traversal vulnerability in language.php in phpAlbum 0.4.1 Beta 6 and earlier, when magic_q...
E
CVE-2006-6614 The save_log_local function in Fully Automatic Installation (FAI) 2.10.1, and possibly 3.1.2, when v...
E
CVE-2006-6615 PHP remote file inclusion vulnerability in includes/act_constants.php in the Activity Games (mx_act)...
E
CVE-2006-6616 index.php in w00t Gallery 1.4.0 allows remote authenticated users with privileges for one installati...
S
CVE-2006-6617 projectserver/logon/pdsrequest.asp in Microsoft Project Server 2003 allows remote authenticated user...
CVE-2006-6618 AntiHook 3.0.0.23 - Desktop relies on the Process Environment Block (PEB) to identify a process, whi...
CVE-2006-6619 AVG Anti-Virus plus Firewall 7.5.431 relies on the Process Environment Block (PEB) to identify a pro...
CVE-2006-6620 Comodo Personal Firewall 2.3.6.81 relies on the Process Environment Block (PEB) to identify a proces...
CVE-2006-6621 Filseclab Personal Firewall 3.0.0.8686 relies on the Process Environment Block (PEB) to identify a p...
CVE-2006-6622 Soft4Ever Look 'n' Stop (LnS) 2.05p2 before 20061215 relies on the Process Environment Block (PEB) t...
CVE-2006-6623 Sygate Personal Firewall 5.6.2808 relies on the Process Environment Block (PEB) to identify a proces...
CVE-2006-6624 The FTP Server in Sambar Server 6.4 allows remote authenticated users to cause a denial of service (...
E
CVE-2006-6625 Cross-site scripting (XSS) vulnerability in mod/forum/discuss.php in Moodle 1.6.1 allows remote atta...
E
CVE-2006-6626 Cross-site scripting (XSS) vulnerability in an unspecified component of Moodle 1.5 allows remote att...
E
CVE-2006-6627 Integer overflow in the packed PE file parsing implementation in BitDefender products before 2006082...
CVE-2006-6628 Integer overflow in OpenOffice.org (OOo) 2.1 allows user-assisted remote attackers to cause a denial...
E
CVE-2006-6629 lib/WeBWorK/PG/Translator.pm in WeBWorK Program Generation (PG) Language before 2.3.1 uses an insuff...
S
CVE-2006-6630 PHP remote file inclusion vulnerability in ListRecords.php in osprey 1.0 allows remote attackers to ...
CVE-2006-6631 PHP remote file inclusion vulnerability in lib/xml/oai/GetRecord.php in osprey 1.0 and earlier allow...
E
CVE-2006-6632 PHP remote file inclusion vulnerability in genepi.php in Genepi 1.6 and earlier allows remote attack...
E
CVE-2006-6633 PHP remote file inclusion vulnerability in include/yapbb_session.php in YapBB 1.2 Beta2 and earlier ...
E
CVE-2006-6634 Multiple PHP remote file inclusion vulnerabilities in the ExtCalThai (com_extcalendar) 0.9.1 and ear...
E
CVE-2006-6635 PHP remote file inclusion vulnerability in includes/functions.php in JumbaCMS 0.0.1 allows remote at...
E
CVE-2006-6636 Unspecified vulnerability in the Utility Classes for IBM WebSphere Application Server (WAS) before 5...
S
CVE-2006-6637 The Servlet Engine and Web Container in IBM WebSphere Application Server (WAS) before 6.0.2.17, when...
S
CVE-2006-6638 IBM DB2 8.1 before FixPak 14 allows remote attackers to cause a denial of service via a crafted SQLJ...
S
CVE-2006-6639 Multiple unspecified vulnerabilities in chetcpasswd 2.4.1 allow local users to gain privileges via u...
CVE-2006-6640 Multiple cross-site scripting (XSS) vulnerabilities in Omniture SiteCatalyst allow remote attackers ...
CVE-2006-6641 Unspecified vulnerability in CA CleverPath Portal before maintenance version 4.71.001_179_060830, as...
CVE-2006-6642 SQL injection vulnerability in haber.asp in Contra Haber Sistemi 1.0 allows remote attackers to exec...
E
CVE-2006-6643 Fightersoft Multimedia Star FTP server 1.10 allows remote attackers to cause a denial of service (cr...
E
CVE-2006-6644 PHP remote file inclusion vulnerability in pages/meeting_constants.php in the Meeting (mx_meeting) 1...
E
CVE-2006-6645 PHP remote file inclusion vulnerability in language/lang_english/lang_admin.php in the Web Links (mx...
E
CVE-2006-6646 Multiple cross-site scripting (XSS) vulnerabilities in Drupal (1) Project Issue Tracking 4.7.x-1.0 a...
S
CVE-2006-6647 Cross-site scripting (XSS) vulnerability in the MySite 4.7.x before 4.7.x-3.3 and 5.x before 5.x-1.3...
S
CVE-2006-6648 PHP remote file inclusion vulnerability in main.inc.php in planetluc.com RateMe 1.3.2 and earlier al...
E
CVE-2006-6649 Cross-site scripting (XSS) vulnerability in display.php in HyperVM 1.2 and earlier allows remote att...
E S
CVE-2006-6650 PHP remote file inclusion vulnerability in charts_constants.php in the Charts (mx_charts) 1.0.0 and ...
E
CVE-2006-6651 Race condition in W29N51.SYS in the Intel 2200BG wireless driver 9.0.3.9 allows remote attackers to ...
E
CVE-2006-6652 Buffer overflow in the glob implementation (glob.c) in libc in NetBSD-current before 20050914, NetBS...
S
CVE-2006-6653 The accept function in NetBSD-current before 20061023, NetBSD 3.0 and 3.0.1 before 20061024, and Net...
S
CVE-2006-6654 The sendmsg function in NetBSD-current before 20061023, NetBSD 3.0 and 3.0.1 before 20061024, and Ne...
S
CVE-2006-6655 The procfs implementation in NetBSD-current before 20061023, NetBSD 3.0 and 3.0.1 before 20061024, a...
S
CVE-2006-6656 Unspecified vulnerability in ptrace in NetBSD-current before 20061027, NetBSD 3.0 and 3.0.1 before 2...
S
CVE-2006-6657 The if_clone_list function in NetBSD-current before 20061027, NetBSD 3.0 and 3.0.1 before 20061027, ...
S
CVE-2006-6658 Inktomi Search 4.1.4 allows remote attackers to obtain sensitive information via direct requests wit...
E
CVE-2006-6659 The Microsoft Office Outlook Recipient ActiveX control (ole32.dll) in Windows XP SP2 allows remote a...
E
CVE-2006-6660 The nodeType function in KDE libkhtml 4.2.0 and earlier, as used by Konquerer, KMail, and other prog...
E
CVE-2006-6661 Variable overwrite vulnerability in blog.php in PHP-Update 2.7 and earlier allows remote attackers t...
E
CVE-2006-6662 Unspecified vulnerability in Linux User Management (novell-lum) on SUSE Linux Enterprise Desktop 10 ...
CVE-2006-6663 The server component in Marathon Aleph One before 0.17.1 and 2006-12-17 allows remote attackers to c...
CVE-2006-6664 Format string vulnerability in Marathon Aleph One before 0.17.1 and 2006-12-17 might allow remote at...
CVE-2006-6665 Buffer overflow in Astonsoft DeepBurner Pro and Free 1.8.0 and earlier allows user-assisted remote a...
E
CVE-2006-6666 PHP remote file inclusion vulnerability in index.php in VerliAdmin 0.3 and earlier allows remote aut...
E
CVE-2006-6667 Multiple SQL injection vulnerabilities in VerliAdmin 0.3 and earlier allow remote attackers to execu...
CVE-2006-6668 Cross-site scripting (XSS) vulnerability in VerliAdmin 0.3 and earlier allows remote attackers to in...
CVE-2006-6669 Cross-site scripting (XSS) vulnerability in export_handler.php in WebCalendar 1.0.4 and earlier allo...
CVE-2006-6670 Unspecified vulnerability in Nortel CallPilot 4.x Server has unknown impact and attack vectors, aka ...
S
CVE-2006-6671 SQL injection vulnerability in down.asp in Burak Yylmaz Download Portal allows remote attackers to e...
CVE-2006-6672 Multiple SQL injection vulnerabilities in Burak Yylmaz Download Portal allow remote attackers to exe...
CVE-2006-6673 WinFtp Server 2.0.2 allows remote attackers to cause a denial of service (crash) via long (1) PASV, ...
E
CVE-2006-6674 Ozeki HTTP-SMS Gateway 1.0, and possibly earlier, stores usernames and passwords in plaintext in the...
CVE-2006-6675 Cross-site scripting (XSS) vulnerability in Novell NetWare 6.5 Support Pack 5 and 6 and Novell Apach...
CVE-2006-6676 Integer overflow in the (a) OLE2 and (b) CHM parsers for ESET NOD32 Antivirus before 1.1743 allows r...
S
CVE-2006-6677 ESET NOD32 Antivirus before 1.1743 allows remote attackers to cause a denial of service (crash) via ...
S
CVE-2006-6678 The edit_textarea function in form-file.c in Netrik 1.15.4 and earlier does not properly verify temp...
S
CVE-2006-6679 Pedro Lineu Orso chetcpasswd before 2.4 relies on the X-Forwarded-For HTTP header when verifying a c...
CVE-2006-6680 Pedro Lineu Orso chetcpasswd before 2.3.1 does not document the need for 0400 permissions on /etc/ch...
S
CVE-2006-6681 Pedro Lineu Orso chetcpasswd 2.3.3 does not have a rate limit for client requests, which might allow...
S
CVE-2006-6682 Pedro Lineu Orso chetcpasswd 2.3.3 provides a different error message when a request with a valid us...
CVE-2006-6683 Pedro Lineu Orso chetcpasswd 2.4.1 and earlier verifies and updates user accounts via custom code th...
CVE-2006-6684 Heap-based buffer overflow in Pedro Lineu Orso chetcpasswd before 2.4 allows remote attackers to cau...
CVE-2006-6685 Heap-based buffer overflow in Pedro Lineu Orso chetcpasswd 2.3.3 allows local users to cause a denia...
CVE-2006-6686 PHP remote file inclusion vulnerability in sender.php in Carsen Klock TextSend 1.5 allows remote att...
E
CVE-2006-6687 Cross-site scripting (XSS) vulnerability in Web Automated Perl Portal (WebAPP) 0.9.9.4, and 0.9.9.3....
S
CVE-2006-6688 Web Automated Perl Portal (WebAPP) 0.9.9.4, and 0.9.9.3.4 Network Edition (NE) (aka WebAPP.NET) allo...
CVE-2006-6689 Multiple PHP remote file inclusion vulnerabilities in Paristemi 0.8.3 and earlier allow remote attac...
CVE-2006-6690 rtehtmlarea/pi1/class.tx_rtehtmlarea_pi1.php in Typo3 4.0.0 through 4.0.3, 3.7 and 3.8 with the rteh...
E S
CVE-2006-6691 Multiple PHP remote file inclusion vulnerabilities in Valdersoft Shopping Cart 3.0 and earlier allow...
E
CVE-2006-6692 Multiple format string vulnerabilities in zabbix before 20061006 allow attackers to cause a denial o...
E
CVE-2006-6693 Multiple buffer overflows in zabbix before 20061006 allow attackers to cause a denial of service (ap...
E
CVE-2006-6694 Directory traversal vulnerability in include/config.php in E-Uploader Pro 1.0 and earlier allows rem...
E
CVE-2006-6695 Multiple cross-site scripting (XSS) vulnerabilities in index.php in Carsen Klock TextSend 1.5 allow ...
CVE-2006-6696 Double free vulnerability in Microsoft Windows 2000, XP, 2003, and Vista allows local users to gain ...
CVE-2006-6697 CRLF injection vulnerability in webapp/jsp/calendar.jsp in Oracle Portal 10g and earlier, including ...
CVE-2006-6698 The GConf daemon (gconfd) in GConf 2.14.0 creates temporary files under directories with names based...
E
CVE-2006-6699 Multiple CRLF injection vulnerabilities in Oracle Portal 9.0.2 and possibly other versions allow rem...
CVE-2006-6700 Cross-site scripting (XSS) vulnerability in @Mail WebMail allows remote attackers to inject arbitrar...
CVE-2006-6701 Cross-site request forgery (CSRF) vulnerability in util.pl in @Mail WebMail 4.51, and util.php in 5....
CVE-2006-6702 Cross-site scripting (XSS) vulnerability in Global.pm in @Mail before 4.61 allows remote attackers t...
S
CVE-2006-6703 Multiple cross-site scripting (XSS) vulnerabilities in Oracle Portal 9i and 10g allow remote attacke...
CVE-2006-6704 Cross-site scripting (XSS) vulnerability in the Webadmin in @Mail before 4.6 allows remote attackers...
S
CVE-2006-6705 Multiple unspecified vulnerabilities in the template files in Soumu Workflow for Groupmax 01-00 thro...
CVE-2006-6706 SQL injection vulnerability in Soumu Workflow for Groupmax 01-00 through 01-01, Soumu Workflow 02-00...
CVE-2006-6707 Stack-based buffer overflow in the NeoTraceExplorer.NeoTraceLoader ActiveX control (NeoTraceExplorer...
CVE-2006-6708 Cross-site scripting (XSS) vulnerability in listings.asp in MGinternet Property Site Manager allows ...
E
CVE-2006-6709 Multiple SQL injection vulnerabilities in MGinternet Property Site Manager allow remote attackers to...
E
CVE-2006-6710 Multiple PHP remote file inclusion vulnerabilities in PgmReloaded 0.8.5 and earlier allow remote att...
E
CVE-2006-6711 PHP remote file inclusion vulnerability in compteur/mapage.php in Newxooper 0.9.1 allows remote atta...
E
CVE-2006-6712 Cross-site scripting (XSS) vulnerability in SugarCRM Open Source 4.5.0f and earlier allows remote at...
S
CVE-2006-6713 Buffer overflow in Hitachi Directory Server 2 P-2444-A124 before 02-11-/K on Windows, and P-1B44-A12...
S
CVE-2006-6714 Multiple memory leaks in Hitachi Directory Server 2 P-2444-A124 before 02-11-/K on Windows, and P-1B...
S
CVE-2006-6715 PHP remote file inclusion vulnerability in footer.inc.php in PowerClan 1.14a and earlier, when regis...
E
CVE-2006-6716 SQL injection vulnerability in administration/administre2.php in Eric GUILLAUME uploader&downloader ...
E
CVE-2006-6717 The Allied Telesis AT-9000/24 Ethernet switch accepts management packets from arbitrary VLANs, contr...
CVE-2006-6718 The Allied Telesis AT-9000/24 Ethernet switch has a default password for its admin account, "manager...
CVE-2006-6719 The ftp_syst function in ftp-basic.c in Free Software Foundation (FSF) GNU wget 1.10.2 allows remote...
E
CVE-2006-6720 PHP remote file inclusion vulnerability in admin/index_sitios.php in Azucar CMS 1.3 allows remote at...
E
CVE-2006-6721 Multiple cross-site scripting (XSS) vulnerabilities in shout.php in Knusperleicht ShoutBox 2.6 allow...
E
CVE-2006-6722 Bandwebsite (aka Bandsite portal system) 1.5 allows remote attackers to create administrative accoun...
E
CVE-2006-6723 The Workstation service in Microsoft Windows 2000 SP4 and XP SP2 allows remote attackers to cause a ...
E
CVE-2006-6724 BolinTech Dream FTP Server 1.02 allows remote authenticated users, including anonymous users, to cau...
E
CVE-2006-6725 Multiple directory traversal vulnerabilities in PHPBuilder 0.0.2 and earlier allow remote attackers ...
CVE-2006-6726 PHP remote file inclusion vulnerability in inertianews_main.php in inertianews 0.02 beta allows remo...
E
CVE-2006-6727 PHP remote file inclusion vulnerability in inertianews_class.php in inertianews 0.02 beta and earlie...
CVE-2006-6728 Unspecified vulnerability in the info request mechanism in LAN Messenger before 1.5.1.2 allows remot...
S
CVE-2006-6729 Cross-site scripting (XSS) vulnerability in a-blog 1.51 and earlier allows remote attackers to injec...
S
CVE-2006-6730 OpenBSD and NetBSD permit usermode code to kill the display server and write to the X.Org /dev/xf86 ...
CVE-2006-6731 Multiple buffer overflows in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 U...
S
CVE-2006-6732 PHP remote file inclusion vulnerability in archive.php in cwmVote 1.0 allows remote attackers to exe...
E
CVE-2006-6733 Cross-site scripting (XSS) vulnerability in support/view.php in Support Cards 1 (osTicket) allows re...
E
CVE-2006-6734 Cross-site scripting (XSS) vulnerability in modules/viewcategory.php in Minh Nguyen Duong Obie Websi...
E
CVE-2006-6735 modules/viewcategory.php in Minh Nguyen Duong Obie Website Mini Web Shop 2.1.c allows remote attacke...
E
CVE-2006-6736 Unspecified vulnerability in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 U...
S
CVE-2006-6737 Unspecified vulnerability in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 U...
S
CVE-2006-6738 PHP remote file inclusion vulnerability in statistic.php in cwmCounter 5.1.1 and earlier allows remo...
E
CVE-2006-6739 PHP remote file inclusion vulnerability in buycd.php in Paristemi 0.8.3 allows remote attackers to e...
E S
CVE-2006-6740 Multiple PHP remote file inclusion vulnerabilities in phpProfiles 3.1.2b and earlier allow remote at...
E
CVE-2006-6741 Cross-site request forgery (CSRF) vulnerability in urlobox in MKPortal allows remote attackers to de...
CVE-2006-6742 Multiple buffer overflows in FTP Print Server 2.4 and 2.4.5 in HP LaserJet 5000 Series printers with...
CVE-2006-6743 phpProfiles before 2.1.1 uses world writable permissions for certain profile files and directories, ...
S
CVE-2006-6744 phpProfiles before 2.1.1 does not have an index.php or other index file in the (1) image_data, (2) g...
S
CVE-2006-6745 Multiple unspecified vulnerabilities in Sun Java Development Kit (JDK) and Java Runtime Environment ...
S
CVE-2006-6746 Multiple cross-site scripting (XSS) vulnerabilities in Xt-News 0.1 allow remote attackers to inject ...
E
CVE-2006-6747 SQL injection vulnerability in show_news.php in Xt-News 0.1 allows remote attackers to execute arbit...
E
CVE-2006-6748 PHP remote file inclusion vulnerability in i-accueil.php in Newxooper 0.9 and earlier allows remote ...
CVE-2006-6749 Buffer overflow in the parse_expression function in parse_config in OpenSER 1.1.0 allows attackers t...
S
CVE-2006-6750 Format string vulnerability in XM Easy Personal FTP Server 5.0.1 allows remote attackers to cause a ...
E
CVE-2006-6751 Format string vulnerability in XM Easy Personal FTP Server 5.2.1 allows remote attackers to cause a ...
E
CVE-2006-6752 Buffer overflow in FTPRush 1.0.0.610 might allow attackers to gain privileges via a long Host field....
CVE-2006-6753 Event Viewer (eventvwr.exe) in Microsoft Windows does not properly display log data that contains '%...
CVE-2006-6754 Multiple SQL injection vulnerabilities in Ixprim 1.2 allow remote attackers to execute arbitrary SQL...
E
CVE-2006-6755 Ixprim 1.2 allows remote attackers to obtain sensitive information via a direct request for kernel/p...
E
CVE-2006-6756 The code function in install.fct.php in Ixprim 1.2 produces a guessable value of the confidential IX...
E
CVE-2006-6757 Directory traversal vulnerability in index.php in cwmExplorer 1.0 allows remote attackers to read ar...
E
CVE-2006-6758 Directory traversal vulnerability in Http explorer 1.02 allows remote attackers to read arbitrary fi...
E
CVE-2006-6759 A certain ActiveX control in rpau3260.dll in RealNetworks RealPlayer 10.5 allows remote attackers to...
E
CVE-2006-6760 Multiple PHP remote file inclusion vulnerabilities in template.php in Phpmymanga 0.8.1 and earlier a...
E S
CVE-2006-6761 Stack-based buffer overflow in the IMAP daemon (IMAPD) in Novell NetMail before 3.52e FTF2 allows re...
E S
CVE-2006-6762 The IMAP daemon (IMAPD) in Novell NetMail before 3.52e FTF2 allows remote authenticated users to cau...
S
CVE-2006-6763 Multiple PHP remote file inclusion vulnerabilities in the Keep It Simple Guest Book (KISGB) allow re...
E
CVE-2006-6764 PHP remote file inclusion vulnerability in authenticate.php in Keep It Simple Guest Book (KISGB), wh...
E
CVE-2006-6765 Multiple PHP file inclusion vulnerabilities in src/admin/pt_upload.php in Pagetool 1.07 allow remote...
E
CVE-2006-6766 Multiple SQL injection vulnerabilities in cwmExplorer 1.1.0 and earlier allow remote attackers to ex...
CVE-2006-6767 oftpd before 0.3.7 allows remote attackers to cause a denial of service (daemon abort) via a (1) LPR...
CVE-2006-6768 Multiple cross-site scripting (XSS) vulnerabilities in default.asp in PWP Technologies The Classifie...
CVE-2006-6769 Multiple cross-site scripting (XSS) vulnerabilities in PHP Live! 3.2.2 and earlier allow remote atta...
E
CVE-2006-6770 Multiple PHP remote file inclusion vulnerabilities in Jinzora Media Jukebox 2.7 and earlier, when re...
E
CVE-2006-6771 Multiple PHP remote file inclusion vulnerabilities in Irokez CMS 0.7.1 and earlier, when register_gl...
E
CVE-2006-6772 Format string vulnerability in the inputAnswer function in file.c in w3m before 0.5.2, when run with...
CVE-2006-6773 pages/register/register.php in Fishyshoop 0.930 beta allows remote attackers to create arbitrary adm...
E
CVE-2006-6774 PHP remote file inclusion vulnerability in socios/maquetacion_socio.php (members/maquetacion_member....
E
CVE-2006-6775 acFTP 1.5 allows remote authenticated users to cause a denial of service via a crafted argument to t...
E
CVE-2006-6776 Multiple SQL injection vulnerabilities in Future Internet allow remote attackers to execute arbitrar...
E
CVE-2006-6777 Cross-site scripting (XSS) vulnerability in index.cfm in Future Internet allows remote attackers to ...
E
CVE-2006-6778 Cross-site scripting (XSS) vulnerability in shownews.php in TimberWolf 1.2.2 allows remote attackers...
E
CVE-2006-6779 Cross-site scripting (XSS) vulnerability in Jelsoft vBulletin allows remote attackers to inject arbi...
E
CVE-2006-6780 SQL injection vulnerability in the login form in HLstats 1.20 through 1.34 allows remote attackers t...
E
CVE-2006-6781 HLstats 1.20 through 1.34 allows remote attackers to obtain sensitive information via playinfo mode,...
E
CVE-2006-6782 Cross-site scripting (XSS) vulnerability in pnamazu 2006.02.28 and earlier allows remote attackers t...
S
CVE-2006-6783 logahead UNU 1.0 before 20061226 allows remote attackers to upload arbitrary files via unspecified v...
CVE-2006-6784 SQL injection vulnerability in Netbula Anyboard allows remote attackers to execute arbitrary SQL com...
CVE-2006-6785 The (1) settings.php and (2) subscribers.php scripts in Open Newsletter 2.5 and earlier do not exit ...
E
CVE-2006-6786 Open Newsletter 2.5 and earlier allows remote authenticated administrators to execute arbitrary PHP ...
E
CVE-2006-6787 SQL injection vulnerability in admin/admin_mail_adressee.asp in Newsletter MX 1.0.2 and earlier allo...
E S
CVE-2006-6788 Multiple PHP remote file inclusion vulnerabilities in LuckyBot 3 allow remote attackers to execute a...
E
CVE-2006-6789 PHP remote file inclusion vulnerability in includes/archive/archive_topic.php in Phpbbxtra 2.0 allow...
E
CVE-2006-6790 Direct static code injection vulnerability in chat/login.php in Ultimate PHP Board (UPB) 2.0b1 and e...
CVE-2006-6791 SQL injection vulnerability in SelGruFra.asp in chatwm 1.0 allows remote attackers to execute arbitr...
E
CVE-2006-6792 SQL injection vulnerability in calendar_detail.asp in Calendar MX BASIC 1.0.2 and earlier allows rem...
E
CVE-2006-6793 PHP remote file inclusion vulnerability in ataturk.php in Okul Merkezi Portal 1.0 allows remote atta...
E
CVE-2006-6794 SQL injection vulnerability in default.asp in Efkan Forum 1.0 allows remote attackers to execute arb...
CVE-2006-6795 PHP remote file inclusion vulnerability in gallery/displayCategory.php in the My_eGallery 2.5.6 modu...
E
CVE-2006-6796 PHP remote file inclusion vulnerability in admin/admin_settings.php in MTCMS 2.0 and earlier allows ...
E
CVE-2006-6797 The Client Server Run-Time Subsystem (CSRSS) in Microsoft Windows allows local users to cause a deni...
CVE-2006-6799 SQL injection vulnerability in Cacti 0.8.6i and earlier, when register_argc_argv is enabled, allows ...
E
CVE-2006-6800 PHP remote file inclusion in eventcal/mod_eventcal.php in the event module 1.0 for Limbo CMS allows ...
E
CVE-2006-6801 PHP remote file inclusion vulnerability in misc.php in SH-News 0.93, when register_globals is enable...
E
CVE-2006-6802 SQL injection vulnerability in actualpic.asp in Enthrallweb ePages allows remote attackers to execut...
E
CVE-2006-6803 SQL injection vulnerability in Types.asp in Enthrallweb eCars 1.0 allows remote attackers to execute...
E
CVE-2006-6804 SQL injection vulnerability in bus_details.asp in Dragon Business Directory - Pro (aka Dragon Intern...
E
CVE-2006-6805 SQL injection vulnerability in newsdetail.asp in Enthrallweb eJobs allows remote attackers to execut...
E
CVE-2006-6806 SQL injection vulnerability in newsdetail.asp in Enthrallweb eMates 1.0 allows remote attackers to e...
E
CVE-2006-6807 SQL injection vulnerability in list.asp in Softwebs Nepal (aka Ananda Raj Pandey) Ananda Real Estate...
E
CVE-2006-6808 Cross-site scripting (XSS) vulnerability in wp-admin/templates.php in WordPress 2.0.5 allows remote ...
E S
CVE-2006-6809 Multiple PHP remote file inclusion vulnerabilities in process.php in Vladimir Menshakov buratinable ...
E
CVE-2006-6810 Unspecified vulnerability in the clear_user_list function in src/main.c in DB Hub 0.3 allows remote ...
E
CVE-2006-6811 KsIRC 1.3.12 allows remote attackers to cause a denial of service (crash) via a long PRIVMSG string ...
E
CVE-2006-6812 Multiple PHP remote file inclusion vulnerabilities in myPHPCalendar 10.1 allow remote attackers to e...
E
CVE-2006-6813 SQL injection vulnerability in detail.asp in Mxmania File Upload Manager (FUM) 1.0.6 and earlier all...
E
CVE-2006-6814 Directory traversal vulnerability in FolderManager/FolderManager.aspx in Hosting Controller 7c allow...
E
CVE-2006-6815 Multiple cross-site scripting (XSS) vulnerabilities in DMXReady Secure Login Manager 1.0 allow remot...
CVE-2006-6816 Multiple SQL injection vulnerabilities in DMXReady Secure Login Manager 1.0 allow remote attackers t...
E
CVE-2006-6817 AlstraSoft Web Host Directory allows remote attackers to obtain sensitive information by requesting ...
CVE-2006-6818 AlstraSoft Web Host Directory allows remote attackers to bypass authentication and change the admin ...
CVE-2006-6819 AlstraSoft Web Host Directory stores sensitive information under the web root with insufficient acce...
CVE-2006-6820 myprofile.asp in Enthrallweb eCoupons does not properly validate the MM_recordId parameter during pr...
E
CVE-2006-6821 myprofile.asp in Enthrallweb eNews does not properly validate the MM_recordId parameter during profi...
E
CVE-2006-6822 myprofile.asp in Enthrallweb eClassifieds does not properly validate the MM_recordId parameter durin...
E
CVE-2006-6823 PHP remote file inclusion vulnerability in plugins/metasearch/plug.inc.php in Yrch! 1.0 allows remot...
E
CVE-2006-6824 Multiple cross-site scripting (XSS) vulnerabilities in Jim Hu and Chad Little PHP iCalendar 2.23 rc1...
E
CVE-2006-6825 Calendar MX BASIC 1.0.2 and earlier store sensitive information under the web root with insufficient...
CVE-2006-6826 Unspecified vulnerability in the tab editor for Personal .NET Portal before 2.0.0 has unknown impact...
S
CVE-2006-6827 Flash8b.ocx in Macromedia Flash 8 allows remote attackers to cause a denial of service (Internet Exp...
E
CVE-2006-6828 Multiple SQL injection vulnerabilities in Efkan Forum 1.0 and earlier allow remote attackers to exec...
CVE-2006-6829 Efkan Forum 1.0 and earlier store sensitive information under the web root with insufficient access ...
CVE-2006-6830 PHP remote file inclusion vulnerability in b2verifauth.php in b2 Blog 0.5 and earlier allows remote ...
E
CVE-2006-6831 SQL injection vulnerability in faqDsp.asp in aFAQ 1.0 allows remote attackers to execute arbitrary S...
E
CVE-2006-6832 Cross-site scripting (XSS) vulnerability in Joomla! before 1.0.12 allows remote attackers to inject ...
S
CVE-2006-6833 com_categories in Joomla! before 1.0.12 does not validate input, which has unknown impact and remote...
S
CVE-2006-6834 Multiple unspecified vulnerabilities in Joomla! before 1.0.12 have unknown impact and attack vectors...
S
CVE-2006-6835 SQL injection vulnerability in Journal.inc.php in Neocrome Land Down Under (LDU) 8.x and earlier all...
CVE-2006-6836 Multiple unspecified vulnerabilities in osp-cert in IBM OS/400 V5R3M0 have unspecified impact and at...
CVE-2006-6837 Multiple stack-based buffer overflows in the (1) LoadTree, (2) ReadHeader, and (3) LoadXBOXTree func...
E
CVE-2006-6838 Rediff Bol Downloader ActiveX (OCX) control allows remote attackers to execute arbitrary files, and ...
E
CVE-2006-6839 Unspecified vulnerability in phpBB before 2.0.22 has unknown impact and remote attack vectors relate...
S
CVE-2006-6840 Unspecified vulnerability in phpBB before 2.0.22 has unknown impact and remote attack vectors relate...
S
CVE-2006-6841 Certain forms in phpBB before 2.0.22 lack session checks, which has unknown impact and remote attack...
S
CVE-2006-6842 SQL injection vulnerability in admin/admin_acronyms.php in the Acronym Mod 0.9.5 for phpBB2 Plus 1.5...
E
CVE-2006-6843 PHP remote file inclusion vulnerability in the BE IT EasyPartner 0.0.9 beta component for Joomla! al...
CVE-2006-6844 Cross-site scripting (XSS) vulnerability in the optional user comment module in CMS Made Simple 1.0....
E
CVE-2006-6845 Cross-site scripting (XSS) vulnerability in index.php in CMS Made Simple 1.0.2 allows remote attacke...
CVE-2006-6846 Multiple SQL injection vulnerabilities in While You Were Out (WYWO) InOut Board 1.0 allow remote att...
E
CVE-2006-6847 An ActiveX control in ierpplug.dll for RealNetworks RealPlayer 10.5 allows remote attackers to cause...
E
CVE-2006-6848 SQL injection vulnerability in admin.asp in ASPTicker 1.0 allows remote attackers to execute arbitra...
E
CVE-2006-6849 administration/index.php in Cahier de texte (CDT) 2.2 does not properly exit when authentication fai...
E
CVE-2006-6850 PHP remote file inclusion vulnerability in include.php in the Roster Module (character_roster) in Sh...
E
CVE-2006-6851 Multiple cross-site scripting (XSS) vulnerabilities in contact_us.php in ac4p Mobilelib gold 2 allow...
CVE-2006-6852 Eval injection vulnerability in tDiary 2.0.3 and 2.1.4.200 61127 allows remote authenticated users t...
CVE-2006-6853 Buffer overflow in Durian Web Application Server 3.02 freeware on Windows allows remote attackers to...
E
CVE-2006-6854 The qcamvc_video_init function in qcamvc.c in De Marchi Daniele QuickCam VC Linux device driver (aka...
CVE-2006-6855 AIDeX Mini-WebServer 1.1 early release 3 allows remote attackers to cause a denial of service (daemo...
E
CVE-2006-6856 Direct static code injection vulnerability in WebText CMS 0.4.5.2 and earlier allows remote attacker...
E
CVE-2006-6857 Cross-site scripting (XSS) vulnerability in modules/credits/credits.php in Docebo LMS allows remote ...
CVE-2006-6858 Miredo 0.9.8 through 1.0.5 does not properly authenticate a Teredo bubble during UDP hole punching w...
S
CVE-2006-6859 SQL injection vulnerability in coupon_detail.asp in Website Designs For Less Click N' Print Coupons ...
E
CVE-2006-6860 Buffer overflow in the sendToMythTV function in MythControlServer.c in MythControl 1.0 and earlier a...
CVE-2006-6861 Multiple SQL injection vulnerabilities in Outfront Spooky Login 2.7 allow remote attackers to execut...
CVE-2006-6862 Multiple cross-site scripting (XSS) vulnerabilities in Outfront Spooky Login 2.7 allow remote attack...
E
CVE-2006-6863 PHP remote file inclusion vulnerability in the Enigma2 plugin (Enigma2.php) in Enigma WordPress Brid...
E
CVE-2006-6864 PHP remote file inclusion vulnerability in E2_header.inc.php in Enigma2 Coppermine Bridge 1.0 allows...
E
CVE-2006-6865 Directory traversal vulnerability in SAFileUpSamples/util/viewsrc.asp in SoftArtisans FileUp (SAFile...
E
CVE-2006-6866 STphp EasyNews PRO 4.0 stores sensitive information under the web root with insufficient access cont...
E
CVE-2006-6867 Multiple PHP remote file inclusion vulnerabilities in Vladimir Menshakov buratinable templator (aka ...
E
CVE-2006-6868 Multiple cross-site scripting (XSS) vulnerabilities in Zen Cart Web Shopping Cart before 1.3.7 allow...
CVE-2006-6869 Directory traversal vulnerability in includes/search/search_mdforum.php in MAXdev MDForum 2.0.1 and ...
E
CVE-2006-6870 The consume_labels function in avahi-core/dns.c in Avahi before 0.6.16 allows remote attackers to ca...
S
CVE-2006-6871 Multiple cross-site scripting (XSS) vulnerabilities in eNdonesia 8.4 allow remote attackers to injec...
E
CVE-2006-6872 Directory traversal vulnerability in mod.php in eNdonesia 8.4 allows remote attackers to read arbitr...
E
CVE-2006-6873 Multiple SQL injection vulnerabilities in mod.php in eNdonesia 8.4 allow remote attackers to execute...
E
CVE-2006-6874 Multiple cross-site scripting (XSS) vulnerabilities in friend.php in eNdonesia 8.4 allow remote atta...
CVE-2006-6875 Buffer overflow in the validateospheader function in the Open Settlement Protocol (OSP) module in Op...
CVE-2006-6876 Buffer overflow in the fetchsms function in the SMS handling module (libsms_getsms.c) in OpenSER 1.2...
CVE-2006-6877 Directory traversal vulnerability in index.php in Matteo Lucarelli 3editor CMS 0.42 and earlier, whe...
E
CVE-2006-6878 admin/uploads.php in PHP-Update 2.7 and earlier allows remote attackers to gain privileges by settin...
E
CVE-2006-6879 Unrestricted file upload vulnerability in admin/uploads.php in PHP-Update 2.7 and earlier allows rem...
E
CVE-2006-6880 Multiple SQL injection vulnerabilities in code/guestadd.php in PHP-Update 2.7 and earlier allow remo...
E
CVE-2006-6881 Buffer overflow in the Get_Wep function in cofvnet.c for ATMEL Linux PCI PCMCIA USB Drivers drivers ...
CVE-2006-6882 Cross-site scripting (XSS) vulnerability in golden book allows remote attackers to inject arbitrary ...
E
CVE-2006-6883 PHP remote file inclusion vulnerability in php4you.php in PHPIrc_bot 0.2 allows remote attackers to ...
E
CVE-2006-6884 Buffer overflow in the WZFILEVIEW.FileViewCtrl.61 ActiveX control (aka Sky Software "FileView" Activ...
CVE-2006-6885 An ActiveX control in SwDir.dll in Macromedia Shockwave 10 allows remote attackers to cause a denial...
E
CVE-2006-6886 phpwcms 1.2.5-DEV allows remote attackers to obtain sensitive information via a direct request for (...
E
CVE-2006-6887 Unrestricted file upload vulnerability in logahead UNU 1.0 allows remote attackers to upload and exe...
CVE-2006-6888 P-News 1.16 and 1.17 store sensitive information under the web root with insufficient access control...
E
CVE-2006-6889 FreeStyle Wiki (fswiki) 3.6.2 and earlier stores sensitive information under the web root with insuf...
E
CVE-2006-6890 Voodoo chat 1.0RC1b stores sensitive information under the web root with insufficient access control...
E
CVE-2006-6891 Vz (Adp) Forum 2.0.3 stores sensitive information under the web root with insufficient access contro...
E
CVE-2006-6892 Cross-site scripting (XSS) vulnerability in the GetLocation function in online.php in Jonathon J. Fr...
S
CVE-2006-6893 Tor allows remote attackers to discover the IP address of a hidden service by accessing this service...
E
CVE-2006-6894 Multiple unspecified vulnerabilities in SPINE before 1.2 have unknown impact and attack vectors, rel...
S
CVE-2006-6895 The Bluetooth stack in the Sony Ericsson T60 does not properly implement "Limited discoverable" mode...
CVE-2006-6896 The Bluetooth stack in the Plantronic Headset does not properly implement Non-pairable mode, which a...
CVE-2006-6897 Directory traversal vulnerability in Widcomm Bluetooth for Windows (BTW) 3.0.1.905 allows remote att...
CVE-2006-6898 Widcomm Bluetooth for Windows (BTW) before 4.0.1.1500 allows remote attackers to listen to and recor...
CVE-2006-6899 hidd in BlueZ (bluez-utils) before 2.25 allows remote attackers to obtain control of the (1) Mouse a...
CVE-2006-6900 Unspecified vulnerability in the Bluetooth stack in Apple Mac OS 10.4 has unknown impact and attack ...
CVE-2006-6901 Unspecified vulnerability in the Bluetooth stack in Microsoft Windows allows remote attackers to gai...
CVE-2006-6902 Unspecified vulnerability in the Bluetooth stack in Microsoft Windows Mobile Pocket PC edition allow...
CVE-2006-6903 Unspecified vulnerability in the Toshiba Bluetooth stack allows remote attackers to gain administrat...
CVE-2006-6904 Unspecified vulnerability in the Broadcom Bluetooth stack allows remote attackers to gain administra...
CVE-2006-6905 Unspecified vulnerability in the Widcomm Bluetooth stack allows remote attackers to gain administrat...
CVE-2006-6906 Unspecified vulnerability in the Bluetooth stack on Mac OS 10.4.7 and earlier has unknown impact and...
CVE-2006-6907 Unspecified vulnerability in the Bluesoil Bluetooth stack has unknown impact and attack vectors....
CVE-2006-6908 Buffer overflow in the Bluetooth Stack COM Server in the Widcomm Bluetooth stack, as packaged as Wid...
CVE-2006-6909 Stack-based buffer overflow in http.c in Karl Dahlke Edbrowse (aka Command line editor browser) 3.1....
CVE-2006-6910 formbankcgi.exe in Fersch Formbankserver 1.9, when the PATH_INFO begins with Abfrage, allows remote ...
E
CVE-2006-6911 SQL injection vulnerability in search.asp in Digitizing Quote And Ordering System 1.0 allows remote ...
E
CVE-2006-6912 SQL injection vulnerability in phpMyFAQ 1.6.7 and earlier allows remote attackers to execute arbitra...
CVE-2006-6913 Unspecified vulnerability in phpMyFAQ 1.6.7 and earlier allows remote attackers to upload arbitrary ...
CVE-2006-6914 Unspecified vulnerability in ftpd in IBM AIX 5.2.0 and 5.3.0 allows remote attackers to obtain sensi...
S
CVE-2006-6915 ftpd in IBM AIX 5.2.0 and 5.3.0 allows remote authenticated users to cause a denial of service (port...
S
CVE-2006-6916 Getahead Direct Web Remoting (DWR) before 1.1.3 allows attackers to cause a denial of service (infin...
S
CVE-2006-6917 Multiple buffer overflows in Computer Associates (CA) BrightStor ARCserve Backup R11.5 Server before...
E
CVE-2006-6918 Unspecified vulnerability in the Admin login for Georgian discussion board (GeoBB) before 1.0 has un...
CVE-2006-6919 Firefox Sage extension 1.3.8 and earlier allows remote attackers to execute arbitrary Javascript in ...
E S
CVE-2006-6920 Cross-site scripting (XSS) vulnerability in Nucleus before 3.24 allows remote attackers to inject ar...
S
CVE-2006-6921 Unspecified versions of the Linux kernel allow local users to cause a denial of service (unrecoverab...
E
CVE-2006-6922 SQL injection vulnerability in Deadlock User Management System (phpdeadlock) 0.64 and earlier allows...
CVE-2006-6923 SQL injection vulnerability in newsletters/edition.php in bitweaver 1.3.1 and earlier allows remote ...
E
CVE-2006-6924 bitweaver 1.3.1 and earlier allows remote attackers to obtain sensitive information via a sort_mode=...
E
CVE-2006-6925 Multiple cross-site scripting (XSS) vulnerabilities in bitweaver 1.3.1 and earlier allow remote atta...
E
CVE-2006-6926 Buffer overflow in eXtremail 2.1 has unknown impact and attack vectors, as demonstrated by VulnDisco...
CVE-2006-6927 Multiple SQL injection vulnerabilities in Rialto 1.6 allow remote attackers to execute arbitrary SQL...
E
CVE-2006-6928 Multiple cross-site scripting (XSS) vulnerabilities in Rialto 1.6 allow remote attackers to inject a...
E
CVE-2006-6929 Multiple cross-site scripting (XSS) vulnerabilities in Rapid Classified 3.1 allow remote attackers t...
E
CVE-2006-6930 SQL injection vulnerability in viewad.asp in Rapid Classified 3.1 allows remote attackers to execute...
E
CVE-2006-6931 Algorithmic complexity vulnerability in Snort before 2.6.1, during predicate evaluation in rule matc...
CVE-2006-6932 Multiple SQL injection vulnerabilities in Image Gallery with Access Database allow remote attackers ...
CVE-2006-6933 Easy Chat Server 2.1 stores sensitive information under the web root with insufficient access contro...
E
CVE-2006-6934 Multiple cross-site scripting (XSS) vulnerabilities in Portix-PHP 0.4.2 allow remote attackers to in...
CVE-2006-6935 SQL injection vulnerability in the login component in Portix-PHP 0.4.2 allows remote attackers to ex...
CVE-2006-6936 Cross-site scripting (XSS) vulnerability in Xtreme ASP Photo Gallery allows remote attackers to inje...
E
CVE-2006-6937 SQL injection vulnerability in displaypic.asp in Xtreme ASP Photo Gallery allows remote attackers to...
E
CVE-2006-6938 Directory traversal vulnerability in includes/common.php in NitroTech 0.0.3a, as distributed before ...
E
CVE-2006-6939 GNU ed before 0.3 allows local users to overwrite arbitrary files via a symlink attack on temporary ...
CVE-2006-6940 Buffer overflow in the ParseHeader function in clsOWA.cls in POP3/SMTP to OWA (pop2owa) 1.1.3 allows...
S
CVE-2006-6941 index.php in FreeWebshop 2.2.2 and earlier allows remote attackers to obtain sensitive information v...
E S
CVE-2006-6942 Multiple cross-site scripting (XSS) vulnerabilities in PhpMyAdmin before 2.9.1.1 allow remote attack...
S
CVE-2006-6943 PhpMyAdmin before 2.9.1.1 allows remote attackers to obtain the full server path via direct requests...
S
CVE-2006-6944 phpMyAdmin before 2.9.1.1 allows remote attackers to bypass Allow/Deny access rules that use IP addr...
S
CVE-2006-6945 SQL injection vulnerability in Virtuemart 1.0.7 allows remote attackers to execute arbitrary SQL com...
CVE-2006-6946 The web server in the NEC MultiWriter 1700C allows remote attackers to modify the device configurati...
CVE-2006-6947 The FTP server in the NEC MultiWriter 1700C allows remote attackers to redirect traffic to other sit...
CVE-2006-6948 MyODBC Japanese conversion edition 3.51.06, 2.50.29, and 2.50.25 allows remote attackers to cause a ...
CVE-2006-6949 Conti FTPServer 1.0 Build 2.8 stores user passwords in cleartext in MyServerSettings.ini, which allo...
CVE-2006-6950 Directory traversal vulnerability in Conti FTPServer 1.0 Build 2.8 allows remote attackers to read a...
CVE-2006-6951 Cross-site scripting (XSS) vulnerability in blog.php in OdysseusBlog allows remote attackers to inje...
E
CVE-2006-6952 Computer Associates Host Intrusion Prevention System (HIPS) drivers (1) Core kmxstart.sys 6.5.4.31 a...
E
CVE-2006-6953 The virtual keyboard implementation in GlobeTrotter Mobility Manager changes the color of a key as i...
CVE-2006-6954 Flock beta 1 0.7 allows remote attackers to cause a denial of service (application crash) via a web ...
E
CVE-2006-6955 Opera allows remote attackers to cause a denial of service (application crash) via a web page that c...
E
CVE-2006-6956 Microsoft Internet Explorer allows remote attackers to cause a denial of service (crash) via a web p...
E
CVE-2006-6957 PHP remote file inclusion vulnerability in addons/mod_media/body.php in Docebo 3.0.3 and earlier, wh...
E
CVE-2006-6958 Multiple PHP remote file inclusion vulnerabilities in phpBlueDragon 2.9.1 allow remote attackers to ...
E
CVE-2006-6959 WebRoot Spy Sweeper 4.5.9 and earlier allows local users to bypass the "Startup-Shield" security res...
E
CVE-2006-6960 The Compression Sweep feature in WebRoot Spy Sweeper 4.5.9 and earlier does not handle non-ZIP archi...
CVE-2006-6961 WebRoot Spy Sweeper 4.5.9 and earlier does not detect malware based on file contents, which allows r...
CVE-2006-6962 PHP remote file inclusion vulnerability in rsgallery2.html.php in the RS Gallery2 component (com_rsg...
E
CVE-2006-6963 Multiple PHP remote file inclusion vulnerabilities in Docebo LMS 3.0.3 allow remote attackers to exe...
S
CVE-2006-6964 MailEnable Professional before 1.78 provides a cleartext user password when an administrator edits t...
CVE-2006-6965 CRLF injection vulnerability in lib/exe/fetch.php in DokuWiki 2006-03-09e, and possibly earlier, all...
CVE-2006-6966 phpGraphy before 0.9.13a does not properly unset variables when the input data includes a numeric pa...
E S
CVE-2006-6967 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is sol...
R
CVE-2006-6968 Cross-site scripting (XSS) vulnerability in the group moderation control center page in Phorum befor...
CVE-2006-6969 Jetty before 4.2.27, 5.1 before 5.1.12, 6.0 before 6.0.2, and 6.1 before 6.1.0pre3 generates predict...
CVE-2006-6970 Opera 9.10 Final allows remote attackers to bypass the Fraud Protection mechanism by adding certain ...
E
CVE-2006-6971 Mozilla Firefox 2.0, possibly only when running on Windows, allows remote attackers to bypass the Ph...
E
CVE-2006-6972 SQL injection in torrents.php in BtitTracker 1.3.2 and earlier allows remote attackers to execute ar...
E
CVE-2006-6973 Headstart Solutions DeskPRO does not require authentication for certain files and directories associ...
E
CVE-2006-6974 Headstart Solutions DeskPRO stores sensitive information under the web root with insufficient access...
E
CVE-2006-6975 PHP remote file inclusion vulnerability in centipaid_class.php in CentiPaid 1.4.3 allows remote atta...
CVE-2006-6976 PHP remote file inclusion vulnerability in centipaid_class.php in CentiPaid 1.4.2 and earlier allows...
E
CVE-2006-6977 Cross-site scripting (XSS) vulnerability in the "Basic Toolbar Selection" in FreeTextBox allows remo...
E
CVE-2006-6978 Cross-site scripting (XSS) vulnerability in the "Basic Toolbar Selection" in FCKEditor allows remote...
E
CVE-2006-6979 The ruby handlers in the Magnatune component in Amarok do not properly quote text in certain context...
CVE-2006-6980 The magnatune.com album browser in Amarok allows attackers to cause a denial of service (application...
CVE-2006-6981 3proxy 0.5 to 0.5.2, when NT-encoded passwords are being used, allows remote attackers to cause a de...
CVE-2006-6982 3proxy 0.5 to 0.5.2 does not offer NTLM authentication before basic authentication, which might caus...
CVE-2006-6983 Cross-domain vulnerability in MYweb4net Browser 3.8.8.0 allows remote attackers to access restricted...
CVE-2006-6984 Cross-domain vulnerability in GreenBrowser 3.4.0622 allows remote attackers to access restricted inf...
CVE-2006-6985 Cross-domain vulnerability in Maxthon 1.5.6 build 42 allows remote attackers to access restricted in...
CVE-2006-6986 Cross-domain vulnerability in PhaseOut 5.4.4 allows remote attackers to access restricted informatio...
CVE-2006-6987 Cross-domain vulnerability in FineBrowser Freeware 3.2.2 allows remote attackers to access restricte...
CVE-2006-6988 Cross-domain vulnerability in Slim Browser 4.07 build 100 allows remote attackers to access restrict...
CVE-2006-6989 Cross-domain vulnerability in NetCaptor 4.5.7 Personal Edition allows remote attackers to access res...
CVE-2006-6990 Cross-domain vulnerability in Enigma Browser 3.8.8 allows remote attackers to access restricted info...
CVE-2006-6991 Cross-domain vulnerability in Fast Browser Pro 8.1 allows remote attackers to access restricted info...
CVE-2006-6992 Cross-domain vulnerability in GoSuRF Browser 2.62 allows remote attackers to access restricted infor...
CVE-2006-6993 Multiple SQL injection vulnerabilities in pages/addcomment2.php in Neuron Blog 1.1 allow remote atta...
CVE-2006-6994 Unrestricted file upload vulnerability in add.asp in OzzyWork Gallery, possibly 2.0 and earlier, all...
CVE-2006-6995 mycontacts.php in V3 Chat allows remote authenticated users to gain privileges as other users via a ...
CVE-2006-6996 Multiple cross-site scripting (XSS) vulnerabilities in warforge.NEWS 1.0 allow remote attackers to i...
CVE-2006-6997 Unspecified vulnerability in a cryptographic feature in MailEnable Standard Edition before 1.93, Pro...
CVE-2006-6998 install/loader_help.php in Headstart Solutions DeskPRO allows remote attackers to obtain configurati...
CVE-2006-6999 attachment.php in Headstart Solutions DeskPRO allows remote attackers to read all uploaded files by ...
E
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.