| ID | Summary | Flags | Max Score |
|---|---|---|---|
| CVE-2006-7000 | Headstart Solutions DeskPRO allows remote attackers to obtain the full path via direct requests to (... | E | |
| CVE-2006-7001 | Directory traversal vulnerability in avatar.php in PhpMyChat Plus 1.9 and earlier allows remote atta... | E | |
| CVE-2006-7002 | Cross-site scripting (XSS) vulnerability in add_comment.php in Wheatblog (wB) 1.1 allows remote atta... | E | |
| CVE-2006-7003 | PHP remote file inclusion vulnerability in admin/index.php in Fusion Polls allows remote attackers t... | E | |
| CVE-2006-7004 | Cross-site scripting (XSS) vulnerability in email_request.php in PSY Auction allows remote attackers... | E | |
| CVE-2006-7005 | SQL injection vulnerability in item.php in PSY Auction allows remote attackers to execute arbitrary ... | E | |
| CVE-2006-7006 | PHP remote file inclusion vulnerability in upload/admin/team.php in Robin de Graff Somery 0.4.4 allo... | E | |
| CVE-2006-7007 | Buffer overflow in Tiny FTPd 1.4 and earlier allows remote attackers to cause a denial of service (d... | E | |
| CVE-2006-7008 | Unspecified vulnerability in Joomla! before 1.0.10 has unknown impact and attack vectors, related to... | S | |
| CVE-2006-7009 | Joomla! before 1.0.10 allows remote attackers to spoof the frontend submission forms, which has unkn... | S | |
| CVE-2006-7010 | The mosgetparam implementation in Joomla! before 1.0.10, does not set a variable's data type to inte... | S | |
| CVE-2006-7011 | PHP remote file inclusion vulnerability in adminips.php in Develooping Flash Chat allows remote atta... | E S | |
| CVE-2006-7012 | scart.cgi in SCart 2.0 allows remote attackers to execute arbitrary commands via shell metacharacter... | E | |
| CVE-2006-7013 | QueryString.php in Simple Machines Forum (SMF) 1.0.7 and earlier, and 1.1rc2 and earlier, allows rem... | | |
| CVE-2006-7014 | admin.php in BloggIT 1.01 and earlier does not properly establish a user session, which allows remot... | E | |
| CVE-2006-7015 | PHP remote file inclusion vulnerability in admin.jobline.php in Jobline 1.1.1 allows remote attacker... | | |
| CVE-2006-7016 | phpjobboard allows remote attackers to bypass authentication and gain administrator privileges via a... | E | |
| CVE-2006-7017 | Multiple PHP remote file inclusion vulnerabilities in Indexu 5.0.1 allow remote attackers to execute... | E S | |
| CVE-2006-7018 | phpwcms 1.2.5-DEV and earlier, and 1.1 before RC4, allows remote attackers to execute arbitrary code... | | |
| CVE-2006-7019 | phpwcms 1.2.5-DEV and earlier, and 1.1 before RC4, allows remote attackers to execute arbitrary code... | S | |
| CVE-2006-7020 | CRLF injection vulnerability in (1) include/inc_act/act_formmailer.php and possibly (2) sample_ext_p... | S | |
| CVE-2006-7021 | PHP remote file inclusion vulnerability in manager/tools/link/dbinstall.php in Plume CMS 1.1.3 allow... | E | |
| CVE-2006-7022 | The Tools module in fx-APP 0.0.8.1 allows remote attackers to misrepresent the contents of a web pag... | | |
| CVE-2006-7023 | Multiple cross-site scripting (XSS) vulnerabilities in fx-APP 0.0.8.1 allow remote attackers to inje... | | |
| CVE-2006-7024 | Multiple PHP remote file inclusion vulnerabilities in Harpia CMS 1.0.5 and earlier allow remote atta... | E | |
| CVE-2006-7025 | SQL injection vulnerability in admin/config.php in Bookmark4U 2.0 and 2.1 allows remote attackers to... | E | |
| CVE-2006-7026 | PHP remote file inclusion vulnerability in sources/join.php in Aardvark Topsites PHP 4.2.2 and earli... | E | |
| CVE-2006-7027 | Microsoft Internet Security and Acceleration (ISA) Server 2004 logs unusual ASCII characters in the ... | | |
| CVE-2006-7028 | Single CPU Sun systems running Solaris 7, 8, or 9, such as Netra, allows remote attackers to cause a... | | |
| CVE-2006-7029 | Microsoft Internet Explorer 6 SP2 and earlier allows remote attackers to cause a denial of service (... | E | |
| CVE-2006-7030 | Microsoft Internet Explorer 6 SP2 and earlier allows remote attackers to cause a denial of service (... | | |
| CVE-2006-7031 | Microsoft Internet Explorer 6.0.2900 SP2 and earlier allows remote attackers to cause a denial of se... | E | |
| CVE-2006-7032 | PHP remote file inclusion vulnerability in phpbb/getmsg.php in FlashBB 1.1.5 and earlier allows remo... | E | |
| CVE-2006-7033 | Cross-site scripting (XSS) vulnerability in Super Link Exchange Script 1.0 allows remote attackers t... | | |
| CVE-2006-7034 | SQL injection vulnerability in directory.php in Super Link Exchange Script 1.0 might allow remote at... | | |
| CVE-2006-7035 | Directory traversal vulnerability in make_thumbnail.php in Super Link Exchange Script 1.0 allows rem... | | |
| CVE-2006-7036 | PHP remote file inclusion vulnerability in register.php for Andys Chat 4.5 allows remote attackers t... | | |
| CVE-2006-7037 | Mathcad 12 through 13.1 allows local users to bypass the security features by directly accessing or ... | | |
| CVE-2006-7038 | Multiple buffer overflows in MERCUR Messaging 2005 before Service Pack 4 allow remote attackers to c... | S | |
| CVE-2006-7039 | The IMAP4 service in MERCUR Messaging 2005 before Service Pack 4 allows remote attackers to cause a ... | | |
| CVE-2006-7040 | Unspecified vulnerability in MERCUR Messaging 2005 before Service Pack 4 allows remote attackers to ... | S | |
| CVE-2006-7041 | The SMTP service in MERCUR Messaging 2005 before Service Pack 4 allows remote attackers to cause a d... | | |
| CVE-2006-7042 | Cross-site scripting (XSS) vulnerability in directory/index.php in Chipmunk directory allows remote ... | E | |
| CVE-2006-7043 | Multiple cross-site scripting (XSS) vulnerabilities in Chipmunk Blogger allow remote authenticated u... | | |
| CVE-2006-7044 | PHP remote file inclusion vulnerability in comment.core.inc.php in Clan Manager Pro (CMPRO) 1.11 and... | | |
| CVE-2006-7045 | PHP remote file inclusion vulnerability in Clan Manager Pro (CMPRO) 1.1.0 and earlier allows remote ... | | |
| CVE-2006-7046 | PHP remote file inclusion vulnerability in cmpro.intern/login.inc.php for Clan Manager Pro (CMPRO) 1... | E | |
| CVE-2006-7047 | include.php in Shoutpro 1.0 might allow remote attackers to bypass IP ban restrictions via a URL in ... | | |
| CVE-2006-7048 | Multiple PHP remote file inclusion vulnerabilities in Claroline 1.7.5 allow remote attackers to exec... | | |
| CVE-2006-7049 | The Method method in WikkaWiki (Wikka Wiki) before 1.1.6.2 calls the strstr and strrpos functions wi... | S | |
| CVE-2006-7050 | Cross-site scripting (XSS) vulnerability in WikkaWiki (Wikka Wiki) before 1.1.6.2 allows remote atta... | S | |
| CVE-2006-7051 | The sys_timer_create function in posix-timers.c for Linux kernel 2.6.x allows local users to cause a... | E | |
| CVE-2006-7052 | Multiple PHP remote file inclusion vulnerabilities in DotWidget For Articles (dotwidgeta) 0.2 allow ... | E | |
| CVE-2006-7053 | Unspecified vulnerability in Arkoon FAST360 UTM appliances 3.0 through 3.0/29, 3.1, 3.2, and 3.3 all... | S | |
| CVE-2006-7054 | The DNS module in Arkoon FAST360 UTM appliances 3.0 up to 3.0/29, 3.1 through 3.3, and 4.0 allows re... | S | |
| CVE-2006-7055 | PHP remote file inclusion vulnerability in index.php in TotalCalendar 2.30 and earlier allows remote... | E S | |
| CVE-2006-7056 | Multiple PHP remote file inclusion vulnerabilities in DreamCost HostAdmin 3.1 and earlier allow remo... | | |
| CVE-2006-7057 | SQL injection vulnerability in search.php in Sphider before 1.3.1c allows remote attackers to execut... | S | |
| CVE-2006-7058 | Multiple cross-site scripting (XSS) vulnerabilities in Sphider before 1.3.1c allow remote attackers ... | S | |
| CVE-2006-7059 | Multiple cross-site scripting (XSS) vulnerabilities in Scriptsez.net E-Dating System allow remote at... | E | |
| CVE-2006-7060 | cindex.php in Scriptsez.net E-Dating System allows remote attackers to obtain the full path via an i... | E | |
| CVE-2006-7061 | Scriptsez.net E-Dating System stores data files with predictable names under the web document root w... | | |
| CVE-2006-7062 | calendar.php in Kamgaing Email System (kmail) 2.3 and earlier allows remote attackers to obtain the ... | | |
| CVE-2006-7063 | Directory traversal vulnerability in profile.php in TinyPHPforum 3.6 and earlier allows remote attac... | E | |
| CVE-2006-7064 | Cross-site scripting (XSS) vulnerability in forum/admin.php for Invision Power Board (IPB) 2.1.6 and... | | |
| CVE-2006-7065 | Microsoft Internet Explorer allows remote attackers to cause a denial of service (crash) via an IFRA... | E | |
| CVE-2006-7066 | Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service... | E | |
| CVE-2006-7067 | Oracle 10g R2 and possibly other versions allows remote attackers to trigger internal errors, and po... | E | |
| CVE-2006-7068 | PHP remote file inclusion vulnerability in CliServ Web Community 0.65 and earlier allows remote atta... | E | |
| CVE-2006-7069 | PHP remote file inclusion vulnerability in smarty_config.php in Socketwiz Bookmarks 2.0 and earlier ... | E | |
| CVE-2006-7070 | Unrestricted file upload vulnerability in manager/media/ibrowser/scripts/rfiles.php in Etomite CMS 0... | E S | |
| CVE-2006-7071 | SQL injection vulnerability in classes/class_session.php in Invision Power Board (IPB) 2.1 up to 2.1... | E S | |
| CVE-2006-7072 | Cross-site scripting (XSS) vulnerability in GeoClassifieds Enterprise 2.0.5.2 and earlier allows rem... | E | |
| CVE-2006-7073 | Cross-site scripting (XSS) vulnerability in Opentools Attachment Mod before 2.4.5 allows remote atta... | S | |
| CVE-2006-7074 | admin.php in SmartSiteCMS 1.0 allows remote attackers to bypass authentication and gain administrato... | | |
| CVE-2006-7075 | Buffer overflow in the meta_read_flac function in meta_decoder.c for Aqualung 0.9beta5 and earlier, ... | E S | |
| CVE-2006-7076 | Cross-site scripting (XSS) vulnerability in guestbook.php in Advanced Guestbook 2.4 for phpBB allows... | | |
| CVE-2006-7077 | SQL injection vulnerability in guestbook.php in Advanced Guestbook 2.4 for phpBB allows remote attac... | E S | |
| CVE-2006-7078 | Multiple cross-site scripting (XSS) vulnerabilities in Professional Home Page Tools Login Script, as... | | |
| CVE-2006-7079 | Variable extraction vulnerability in include/common.php in exV2 2.0.4.3 and earlier allows remote at... | E | |
| CVE-2006-7080 | Directory traversal vulnerability in the avatar upload feature in exV2 2.0.4.3 and earlier allows re... | E | |
| CVE-2006-7081 | Multiple PHP remote file inclusion vulnerabilities in PhpNews 1.0 allow remote attackers to execute ... | E | |
| CVE-2006-7082 | Rigter Portal System (RPS) 1.0, 2.0, and 3.0 allows remote attackers to bypass authentication and up... | E | |
| CVE-2006-7083 | Directory traversal vulnerability in index.php in Rigter Portal System (RPS) 1.0, 2.0, and 3.0 allow... | E | |
| CVE-2006-7084 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-7083. Reason: This candida... | R | |
| CVE-2006-7085 | Rigter Portal System (RPS) 1.0, 2.0, and 3.0 allows remote attackers to add arbitrary content and co... | E | |
| CVE-2006-7086 | The (1) dlback.php and (2) dlback.cgi scripts in Hot Links allow remote attackers to obtain sensitiv... | E | |
| CVE-2006-7087 | CRLF injection vulnerability in the mail function in Dotdeb PHP before 5.2.0 Rev 3 allows remote att... | S | |
| CVE-2006-7088 | Multiple SQL injection vulnerabilities in Simple PHP Forum before 0.4 allow remote attackers to exec... | S | |
| CVE-2006-7089 | SQL injection vulnerability in connexion.php in Ban 0.1 allows remote attackers to execute arbitrary... | | |
| CVE-2006-7090 | PHP remote file inclusion vulnerability in phpbb_security.php in phpBB Security 1.0.1 and earlier al... | E | |
| CVE-2006-7091 | PHP remote file inclusion vulnerability in config.php in phpht Topsites FREE 1.022b allows remote at... | E S | |
| CVE-2006-7092 | SQL injection vulnerability in includes/mambo.php in Mambo LaiThai 4.5.4 SP2 and earlier allows remo... | S | |
| CVE-2006-7093 | Cross-site scripting (XSS) vulnerability in Mambo LaiThai 4.5.4 Security Patch 2 and earlier allows ... | S | |
| CVE-2006-7094 | ftpd, as used by Gentoo and Debian Linux, sets the gid to the effective uid instead of the effective... | S | |
| CVE-2006-7095 | Integer signedness error in the network_receive_packet function in socket.c in dimension 3 engine (d... | E | |
| CVE-2006-7096 | Buffer overflow in the network_host_handle_join function in host.c in dimension 3 engine (dim3) 1.5 ... | E | |
| CVE-2006-7097 | Multiple unspecified vulnerabilities in TaskFreak! before 0.1.4 have unknown impact and attack vecto... | | |
| CVE-2006-7098 | The Debian GNU/Linux 033_-F_NO_SETSID patch for the Apache HTTP Server 1.3.34-4 does not properly di... | | |
| CVE-2006-7099 | Directory traversal vulnerability in index.php in SolarPay allows remote attackers to read certain f... | E | |
| CVE-2006-7100 | PHP remote file inclusion vulnerability in includes/functions_mod_user.php in phpBB Insert User 0.1.... | E | |
| CVE-2006-7101 | SQL injection vulnerability in admin.php in PHPWind 5.0.1 and earlier allows remote attackers to exe... | E | |
| CVE-2006-7102 | Multiple PHP remote file inclusion vulnerabilities in phpBurningPortal quiz-modul 1.0.1, and possibl... | E | |
| CVE-2006-7103 | Multiple directory traversal vulnerabilities in EZOnlineGallery 1.3 and earlier, and possibly other ... | E S | |
| CVE-2006-7104 | PHP remote file inclusion vulnerability in htmltemplate.php in the Chad Auld MOStlyContent Editor (M... | E | |
| CVE-2006-7105 | PHP remote file inclusion vulnerability in libs/Smarty.class.php in Smarty 2.6.9 allows remote attac... | E | |
| CVE-2006-7106 | PHP remote file inclusion vulnerability in config.inc.php3 in Power Phlogger 2.0.9 and earlier allow... | E | |
| CVE-2006-7107 | PHP remote file inclusion vulnerability in upgrade.php in Coalescent Systems freePBX 2.1.3 allows re... | E | |
| CVE-2006-7108 | login in util-linux-2.12a skips pam_acct_mgmt and chauth_tok when authentication is skipped, such as... | | |
| CVE-2006-7109 | Unrestricted file upload vulnerability in IMCE before 1.6, a Drupal module, allows remote authentica... | S | |
| CVE-2006-7110 | Directory traversal vulnerability in the delete function in IMCE before 1.6, a Drupal module, allows... | S | |
| CVE-2006-7111 | Unspecified vulnerability in Futomi's CGI Cafe KMail CGI 1.0.3 and earlier allows remote attackers t... | | |
| CVE-2006-7112 | Directory traversal vulnerability in error.php in MD-Pro 1.0.76 and earlier allows remote authentica... | E | |
| CVE-2006-7113 | Unrestricted file upload vulnerability in P-News 2.0 allows remote attackers to upload and execute a... | | |
| CVE-2006-7114 | P-News 2.0 stores db/user.txt under the web document root with insufficient access control, which al... | | |
| CVE-2006-7115 | SQL injection vulnerability in PHPKit 1.6.1 RC2 allows remote attackers to inject arbitrary SQL comm... | E | |
| CVE-2006-7116 | SQL injection vulnerability in includes/functions.php in Kubix 0.7 and earlier allows remote attacke... | E | |
| CVE-2006-7117 | Multiple directory traversal vulnerabilities in Kubix 0.7 and earlier allow remote attackers to (1) ... | E | |
| CVE-2006-7118 | SQL injection vulnerability in index.asp in DMXReady Site Engine Manager 1.0 allows remote attackers... | E | |
| CVE-2006-7119 | PHP remote file inclusion vulnerability in kernel/system/startup.php in J. He PHPGiggle 12.08 and ea... | E | |
| CVE-2006-7120 | PHP remote file inclusion vulnerability in lib/php/phphtmllib-2.5.4/examples/example6.php for mainta... | E | |
| CVE-2006-7121 | The HTTP server in Linksys SPA-921 VoIP Desktop Phone allows remote attackers to cause a denial of s... | | |
| CVE-2006-7122 | Cross-site scripting (XSS) vulnerability in the IP Address Lookup functionality in BSQ Sitestats (co... | S | |
| CVE-2006-7123 | Multiple SQL injection vulnerabilities in BSQ Sitestats (component for Joomla) 1.8.0, and possibly o... | | |
| CVE-2006-7124 | PHP remote file inclusion vulnerability in external/rssfeeds.php in BSQ Sitestats (component for Joo... | S | |
| CVE-2006-7125 | Cross-site scripting (XSS) vulnerability in Joomla BSQ Sitestats 1.8.0 and 2.2.1 allows remote attac... | S | |
| CVE-2006-7126 | SQL injection vulnerability in Joomla BSQ Sitestats 1.8.0 and 2.2.1 allows remote attackers to execu... | S | |
| CVE-2006-7127 | Multiple PHP remote file inclusion vulnerabilities in JAF CMS 4.0 and 4.0 RC2 allow remote attackers... | E | |
| CVE-2006-7128 | PHP remote file inclusion vulnerability in forum/forum.php JAF CMS 4.0 RC1 allows remote attackers t... | E | |
| CVE-2006-7129 | ISS BlackICE PC Protection 3.6 cpj and cpu, and possibly earlier versions, allows local users to byp... | | |
| CVE-2006-7130 | PHP remote file inclusion vulnerability in backend/primitives/cache/media.php in Jinzora 2.1 and ear... | E | |
| CVE-2006-7131 | PHP remote file inclusion vulnerability in extras/mt.php in Jinzora 2.6 allows remote attackers to e... | E | |
| CVE-2006-7132 | Directory traversal vulnerability in pmd-config.php in PHPMyDesk 1.0beta allows remote attackers to ... | E | |
| CVE-2006-7133 | Directory traversal vulnerability in upload/bin/download.php in Upload Tool for PHP 1.0 allows remot... | E | |
| CVE-2006-7134 | Unrestricted file upload vulnerability in main_user.php in Upload Tool for PHP 1.0 allows remote att... | | |
| CVE-2006-7135 | PHP remote file inclusion vulnerability in lib/functions.inc.php in PHP Poll Creator (phpPC) 1.04 al... | | |
| CVE-2006-7136 | Multiple PHP remote file inclusion vulnerabilities in PHP Poll Creator (phpPC) 1.04 and earlier allo... | E | |
| CVE-2006-7137 | Cross-site scripting (XSS) vulnerability in TinyPortal before 0.8.6 allows remote attackers to injec... | | |
| CVE-2006-7138 | SQL injection vulnerability in wwv_flow_utilities.gen_popup_list in the WWV_FLOW_UTILITIES package f... | E S | |
| CVE-2006-7139 | Kmail 1.9.1 on KDE 3.5.2, with "Prefer HTML to Plain Text" enabled, allows remote attackers to cause... | E | |
| CVE-2006-7140 | The libike library, as used by in.iked, elfsign, and kcfd in Sun Solaris 9 and 10, when using an RSA... | S | |
| CVE-2006-7141 | Absolute path traversal vulnerability in Oracle Database Server, when utl_file_dir is set to a wildc... | E | |
| CVE-2006-7142 | The centralized management feature for Utimaco Safeguard stores hard-coded cryptographic keys in exe... | | |
| CVE-2006-7143 | Cross-site scripting (XSS) vulnerability in Call Center Software 0.93 and earlier allows remote atta... | E | |
| CVE-2006-7144 | SQL injection vulnerability in Call Center Software 0.93 and earlier allows remote attackers to exec... | E | |
| CVE-2006-7145 | edit_user.php in Call Center Software 0.93 and earlier allows remote attackers to obtain sensitive i... | E | |
| CVE-2006-7146 | PHP remote file inclusion vulnerability in bug.php in Leicestershire communityPortals 1.0 build 2005... | E | |
| CVE-2006-7147 | PHP remote file inclusion vulnerability in includes/functions_mod_user.php in phpBB Import Tools Mod... | E | |
| CVE-2006-7148 | PHP remote file inclusion vulnerability in includes/bb_usage_stats.php in maluinfo 206.2.38 for Braz... | | |
| CVE-2006-7149 | Multiple cross-site scripting (XSS) vulnerabilities in Mambo 4.6.x allow remote attackers to inject ... | E | |
| CVE-2006-7150 | Multiple SQL injection vulnerabilities in Mambo 4.6.x allow remote attackers to execute arbitrary SQ... | E | |
| CVE-2006-7151 | Untrusted search path vulnerability in the libtool-ltdl library (libltdl.so) 1.5.22-2.3 in Fedora Co... | | |
| CVE-2006-7152 | default.asp in ASP-Nuke Community 1.5 and earlier allows remote attackers to gain privileges by sett... | E | |
| CVE-2006-7153 | PHP remote file inclusion vulnerability in index.php in MiniBB Forum 2 allows remote attackers to ex... | | |
| CVE-2006-7154 | Iono allows remote attackers to obtain the full server path via certain requests to (1) templates/io... | | |
| CVE-2006-7155 | Novell BorderManager 3.8 SP4 generates the same ISAKMP cookies for the same source IP and port numbe... | S | |
| CVE-2006-7156 | PHP remote file inclusion vulnerability in addon_keywords.php in Keyword Replacer (keyword_replacer)... | E S | |
| CVE-2006-7157 | Buffer overflow in Google Earth v4.0.2091 (beta) allows remote user-assisted attackers to cause a de... | | |
| CVE-2006-7158 | Cross-site scripting (XSS) vulnerability in Oracle Application Express (APEX) before 2.2.1, aka Orac... | S | |
| CVE-2006-7159 | Directory traversal vulnerability in include/prune_torrents.php in BTI-Tracker 1.3.2 (aka btitracker... | S | |
| CVE-2006-7160 | The Sandbox.sys driver in Outpost Firewall PRO 4.0, and possibly earlier versions, does not validate... | | |
| CVE-2006-7161 | SQL injection vulnerability in giris_yap.asp in Hazir Site 2.0 allows remote attackers to bypass aut... | | |
| CVE-2006-7162 | PuTTY 0.59 and earlier uses weak file permissions for (1) ppk files containing private keys generate... | S | |
| CVE-2006-7163 | DreameeSoft Password Master 1.0 stores the database in an unencrypted format when the master passwor... | | |
| CVE-2006-7164 | SimpleFileServlet in IBM WebSphere Application Server 5.0.1 through 5.0.2.7 on Linux and UNIX does n... | S | |
| CVE-2006-7165 | IBM WebSphere Application Server (WAS) 5.0 through 5.1.1.0 allows remote attackers to obtain JSP sou... | S | |
| CVE-2006-7166 | IBM WebSphere Application Server (WAS) 5.1.1.9 and earlier allows remote attackers to obtain JSP sou... | S | |
| CVE-2006-7167 | Unspecified vulnerability in ProRat Server 1.9 Fix2 allows remote attackers to bypass the authentica... | | |
| CVE-2006-7168 | PHP remote file inclusion vulnerability in includes/not_mem.php in the Add Name module for PHP allow... | E | |
| CVE-2006-7169 | PHP remote file inclusion vulnerability in includes/header_simple.php in Ultimate PHP Board (UPB) 2.... | E | |
| CVE-2006-7170 | Multiple SQL injection vulnerabilities in Koan Software Mega Mall allow remote attackers to execute ... | | |
| CVE-2006-7171 | product_review.php in Koan Software Mega Mall allows remote attackers to obtain the installation pat... | | |
| CVE-2006-7172 | Multiple SQL injection vulnerabilities in php-stats.recphp.php in PHP-Stats 0.1.9.1b and earlier all... | E | |
| CVE-2006-7173 | Direct static code injection vulnerability in admin.php in PHP-Stats 0.1.9.1b and earlier allows rem... | E | |
| CVE-2006-7174 | PHP remote file inclusion vulnerability in includes/functions.php in the Dimension module of phpBB a... | | |
| CVE-2006-7175 | The version of Sendmail 8.13.1-2 on Red Hat Enterprise Linux 4 Update 4 and earlier does not allow t... | | |
| CVE-2006-7176 | The version of Sendmail 8.13.1-2 on Red Hat Enterprise Linux 4 Update 4 and earlier does not reject ... | | |
| CVE-2006-7177 | MadWifi, when Ad-Hoc mode is used, allows remote attackers to cause a denial of service (system cras... | | |
| CVE-2006-7178 | MadWifi before 0.9.3 does not properly handle reception of an AUTH frame by an IBSS node, which allo... | S | |
| CVE-2006-7179 | ieee80211_input.c in MadWifi before 0.9.3 does not properly process Channel Switch Announcement Info... | | |
| CVE-2006-7180 | ieee80211_output.c in MadWifi before 0.9.3 sends unencrypted packets before WPA authentication succe... | | |
| CVE-2006-7181 | Multiple PHP remote file inclusion vulnerabilities in Morcego CMS 0.9.6 and earlier allow remote att... | | |
| CVE-2006-7182 | PHP remote file inclusion vulnerability in noticias.php in MNews 2.0 and earlier allows remote attac... | | |
| CVE-2006-7183 | PHP remote file inclusion vulnerability in styles.php in Exhibit Engine (EE) 1.22 and earlier allows... | E | |
| CVE-2006-7184 | Multiple PHP remote file inclusion vulnerabilities in Exhibit Engine (EE) 1.22, and possibly earlier... | E | |
| CVE-2006-7185 | PHP remote file inclusion vulnerability in includes/user_standard.php in CMSmelborp Beta allows remo... | E | |
| CVE-2006-7186 | cgi-lib/subs.pl in web-app.net WebAPP before 0.9.9.3.5 allows attackers to open list files in "profi... | | |
| CVE-2006-7187 | Cross-site scripting (XSS) vulnerability in the show_recent_searches function in cgi-lib/user-lib/se... | | |
| CVE-2006-7188 | The search function in cgi-lib/user-lib/search.pl in web-app.net WebAPP before 20060909 allows remot... | S | |
| CVE-2006-7189 | Cross-site scripting (XSS) vulnerability in cgi-bin/admin/logs.cgi in web-app.net WebAPP before 2006... | S | |
| CVE-2006-7190 | Cross-site scripting (XSS) vulnerability in cgi-bin/user-lib/topics.pl in web-app.net WebAPP before ... | S | |
| CVE-2006-7191 | Untrusted search path vulnerability in lamdaemon.pl in LDAP Account Manager (LAM) before 1.0.0 allow... | | |
| CVE-2006-7192 | Microsoft ASP .NET Framework 2.0.50727.42 does not properly handle comment (/* */) enclosures, which... | S | |
| CVE-2006-7193 | PHP remote file inclusion vulnerability in unit_test/test_cases.php in Smarty 2.6.1 allows remote at... | E | |
| CVE-2006-7194 | PHP remote file inclusion vulnerability in modules/Mysqlfinder/MysqlfinderAdmin.php in Agora 1.4 RC1... | E | |
| CVE-2006-7195 | Cross-site scripting (XSS) vulnerability in implicit-objects.jsp in Apache Tomcat 5.0.0 through 5.0.... | | |
| CVE-2006-7196 | Cross-site scripting (XSS) vulnerability in the calendar application example in Apache Tomcat 4.0.0 ... | | |
| CVE-2006-7197 | The AJP connector in Apache Tomcat 5.5.15 uses an incorrect length for chunks, which can cause a buf... | S | |
| CVE-2006-7198 | Unspecified vulnerability in IBM WebSphere Application Server (WAS) before 5.1.1.14, and WAS for z/O... | S | |
| CVE-2006-7199 | EMC RSA Security SiteKey allows remote attackers to display the correct image via a man-in-the-middl... | | |
| CVE-2006-7200 | EMC RSA Security SiteKey issues challenge-bypass tokens that persist forever without a cancellation ... | | |
| CVE-2006-7201 | EMC RSA Security SiteKey does not set the secure qualifier on the SiteKey Flash token (aka the PassM... | | |
| CVE-2006-7202 | The dofreePDF function in includes/pdf.php in Mambo 4.6.1 does not properly check access rights for ... | S | |
| CVE-2006-7203 | The compat_sys_mount function in fs/compat.c in Linux kernel 2.6.20 and earlier allows local users t... | | |
| CVE-2006-7204 | The imap_body function in PHP before 4.4.4 does not implement safemode or open_basedir checks, which... | S | |
| CVE-2006-7205 | The array_fill function in ext/standard/array.c in PHP 4.4.2 and 5.1.2 allows context-dependent atta... | E | |
| CVE-2006-7206 | Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service... | | |
| CVE-2006-7207 | Buffer overflow in ageet AGEphone before 1.4.0 might allow remote attackers to have an unknown impac... | | |
| CVE-2006-7208 | PHP remote file inclusion vulnerability in download.php in the Adam van Dongen Forum (com_forum) com... | E | |
| CVE-2006-7209 | Multiple cross-site scripting (XSS) vulnerabilities in phpTrafficA before 1.2beta2 allow remote atta... | S | |
| CVE-2006-7210 | Microsoft Windows 2000, XP, and Server 2003 allows remote attackers to cause a denial of service (cp... | E | |
| CVE-2006-7211 | fb_lock_mgr in Firebird 1.5 uses weak permissions (0666) for the semaphore array, which allows local... | S | |
| CVE-2006-7212 | Multiple buffer overflows in Firebird 1.5, one of which affects WNET, have unknown impact and attack... | S | |
| CVE-2006-7213 | Firebird 1.5 allows remote authenticated users without SYSDBA and owner permissions to overwrite a d... | S | |
| CVE-2006-7214 | Multiple unspecified vulnerabilities in Firebird 1.5 allow remote attackers to (1) cause a denial of... | S | |
| CVE-2006-7215 | The Intel Core 2 Extreme processor X6800 and Core 2 Duo desktop processor E6000 and E4000 incorrectl... | S | |
| CVE-2006-7216 | Apache Derby before 10.2.1.6 does not determine privilege requirements for lock table statements at ... | S | |
| CVE-2006-7217 | Apache Derby before 10.2.1.6 does not determine schema privilege requirements during the DropSchemaN... | S | |
| CVE-2006-7218 | eZ publish before 3.8.1 does not properly enforce permissions for "content edit Language" when there... | S | |
| CVE-2006-7219 | eZ publish before 3.8.5 does not properly enforce permissions for editing in a specific language, wh... | S | |
| CVE-2006-7220 | Unspecified vulnerability in SAP SAPLPD and SAPSPRINT allows remote attackers to cause a denial of s... | | |
| CVE-2006-7221 | Multiple off-by-one errors in fsplib.c in fsplib before 0.8 allow attackers to cause a denial of ser... | | |
| CVE-2006-7222 | Buffer overflow in the CFLICStream::_deltachunk function in FLICSource.cpp in Media Player Classic (... | E | |
| CVE-2006-7223 | PreviewAction in XWiki 0.9.543 through 0.9.1252 does not set the Author field to the identity of the... | | |
| CVE-2006-7224 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-7227, CVE-2005-4872, CVE-20... | R | |
| CVE-2006-7225 | Perl-Compatible Regular Expression (PCRE) library before 6.7 allows context-dependent attackers to c... | S | |
| CVE-2006-7226 | Perl-Compatible Regular Expression (PCRE) library before 6.7 does not properly calculate the compile... | | |
| CVE-2006-7227 | Integer overflow in Perl-Compatible Regular Expression (PCRE) library before 6.7 allows context-depe... | S | |
| CVE-2006-7228 | Integer overflow in Perl-Compatible Regular Expression (PCRE) library before 6.7 might allow context... | S | |
| CVE-2006-7229 | The skge driver 1.5 in Linux kernel 2.6.15 on Ubuntu does not properly use the spin_lock and spin_un... | | |
| CVE-2006-7230 | Perl-Compatible Regular Expression (PCRE) library before 7.0 does not properly calculate the amount ... | | |
| CVE-2006-7231 | SQL injection vulnerability in display.asp in Civica Software Civica allows remote attackers to exec... | E | |
| CVE-2006-7232 | sql_select.cc in MySQL 5.0.x before 5.0.32 and 5.1.x before 5.1.14 allows remote authenticated users... | S | |
| CVE-2006-7233 | Cross-site scripting (XSS) vulnerability in the login form (login.jsp) of the admin console in Openf... | | |
| CVE-2006-7234 | Untrusted search path vulnerability in Lynx before 2.8.6rel.4 allows local users to execute arbitrar... | | |
| CVE-2006-7235 | Teamtek Universal FTP Server 1.0.50 allows remote attackers to cause a denial of service (daemon cra... | | |
| CVE-2006-7236 | The default configuration of xterm on Debian GNU/Linux sid and possibly Ubuntu enables the allowWind... | | |
| CVE-2006-7237 | PHP remote file inclusion vulnerability in mod/nc_phpmyadmin/core/libraries/Theme_Manager.class.php ... | E | |
| CVE-2006-7238 | Cross-site scripting (XSS) vulnerability in MyShoutPro before 1.2 allows remote attackers to inject ... | S | |
| CVE-2006-7239 | The _gnutls_x509_oid2mac_algorithm function in lib/gnutls_algorithms.c in GnuTLS before 1.4.2 allows... | S | |
| CVE-2006-7240 | gnome-power-manager 2.14.0 does not properly implement the lock_on_suspend and lock_on_hibernate set... | | |
| CVE-2006-7241 | The Image Viewer component in IBM FileNet P8 Application Engine (P8AE) 3.5.1 before 3.5.1-002 remove... | | |
| CVE-2006-7242 | The Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 3.5.1 before 3.5.1-001 ... | | |
| CVE-2006-7243 | PHP before 5.3.4 accepts the \0 character in a pathname, which might allow context-dependent attacke... | E S | |
| CVE-2006-7244 | Memory leak in pngwutil.c in libpng 1.2.13beta1, and other versions before 1.2.15beta3, allows conte... | S | |
| CVE-2006-7245 | Monkey's Audio before 4.01b2 allows remote attackers to cause a denial of service (application crash... | | |
| CVE-2006-7246 | NetworkManager 0.9.x does not pin a certificate's subject to an ESSID when 802.11X authentication is... | E S | |
| CVE-2006-7247 | SQL injection vulnerability in the Weblinks (com_weblinks) component for Joomla! and Mambo 1.0.9 and... | E | |
| CVE-2006-7248 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-7250, CVE-2012-1410. Reaso... | R | |
| CVE-2006-7249 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-7250, CVE-2012-1410. Reaso... | R | |
| CVE-2006-7250 | The mime_hdr_cmp function in crypto/asn1/asn_mime.c in OpenSSL 0.9.8t and earlier allows remote atta... | S | |
| CVE-2006-7251 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2006-7252 | Integer overflow in the calloc function in libc/stdlib/malloc.c in jemalloc in libc for FreeBSD 6.4 ... | S | |
| CVE-2006-7253 | GE Healthcare Infinia II has a default password of (1) infinia for the infinia user, (2) #bigguy1 fo... | | |
| CVE-2006-7254 | The nscd daemon in the GNU C Library (glibc) before version 2.5 does not close incoming client socke... | S |