2006 CVEs

7145 CVEs published in 2006. 19 critical, 30 high. Browse by vendor, severity, or with PoCs.

Top CVEs published in 2006
CVESeverityScorePublishedSummary
CVE-2006-10003Critical9.82026-03-19XML::Parser versions through 2.47 for Perl has an off-by-one heap buffer overflow in st_serial_stack. In the case (stackptr == stacksize - 1), the stack will…
CVE-2006-4243Critical9.82019-11-06linux vserver 2.6 before 2.6.17 suffers from privilege escalation in remount code.
CVE-2006-3100Critical9.82019-11-06termpkg 3.3 suffers from buffer overflow.
CVE-2006-0062Critical9.82019-11-06xlockmore 5.13 allows potential xlock bypass when FVWM switches to the same virtual desktop as a new Gaim window.
CVE-2006-0061Critical9.82019-11-06xlockmore 5.13 and 5.22 segfaults when using libpam-opensc and returns the underlying xsession. This allows unauthorized users access to the X session.
CVE-2006-7105Critical9.82007-03-03PHP remote file inclusion vulnerability in libs/Smarty.class.php in Smarty 2.6.9 allows remote attackers to execute arbitrary PHP code via a URL in the filenam…
CVE-2006-7079Critical9.82007-03-02Variable extraction vulnerability in include/common.php in exV2 2.0.4.3 and earlier allows remote attackers to overwrite arbitrary program variables and conduc…
CVE-2006-6975Critical9.82007-02-08PHP remote file inclusion vulnerability in centipaid_class.php in CentiPaid 1.4.3 allows remote attackers to execute arbitrary code via a URL in the class_pwd…
CVE-2006-6863Critical9.82006-12-31PHP remote file inclusion vulnerability in the Enigma2 plugin (Enigma2.php) in Enigma WordPress Bridge allows remote attackers to execute arbitrary PHP code vi…
CVE-2006-6024Critical9.82006-11-21Multiple buffer overflows in Eudora Worldmail, possibly Worldmail 3 version 6.1.22.0, have unknown impact and attack vectors, as demonstrated by the (1) "Eudor…
CVE-2006-5678Critical9.82006-11-03PHP remote file inclusion vulnerability in common/visiteurs/include/library.inc.php in J-Pierre DEZELUS Les Visiteurs 2.0.1, as used in phpMyConferences (phpMy…
CVE-2006-5610Critical9.82006-10-31PHP remote file inclusion vulnerability in player/includes/common.php in Teake Nutma Foing, as modified in Fully Modded phpBB (phpbbfm) 2021.4.40, allows remot…
CVE-2006-5603Critical9.82006-10-30SQL injection vulnerability in pop_mail.asp in Snitz Forums 2000 3.4.06 allows remote attackers to execute arbitrary SQL commands via the RC parameter. NOTE…
CVE-2006-5024Critical9.82006-09-27Multiple unspecified vulnerabilities in Paisterist Simple HTTP Scanner (sHTTPScanner) before 0.4 have unknown impact and attack vectors.
CVE-2006-5021Critical9.82006-09-27Multiple PHP remote file inclusion vulnerabilities in redgun RedBLoG 0.5 allow remote attackers to execute arbitrary PHP code via a URL in (1) the root paramet…
CVE-2006-4428Critical9.82006-08-29PHP remote file inclusion vulnerability in index.php in Jupiter CMS 1.1.5 allows remote attackers to execute arbitrary PHP code via a URL in the template param…
CVE-2006-4264Critical9.82006-08-21Multiple PHP remote file inclusion vulnerabilities in the lmtg_myhomepage Component (com_lmtg_myhomepage) for Mambo allow remote attackers to execute arbitrary…
CVE-2006-3136Critical9.82006-06-22Multiple PHP remote file inclusion vulnerabilities in Nucleus 3.23 allow remote attackers to execute arbitrary PHP code via a URL the DIR_LIBS parameter in (1)…
CVE-2006-2827Critical9.82006-06-05SQL injection vulnerability in search.php in X-Cart Gold and Pro 4.0.18, and X-Cart 4.1.0 beta 1, allows remote attackers to execute arbitrary SQL commands via…
CVE-2006-5014High8.82006-09-27Unspecified vulnerability in cPanel before 10.9.0 12 Tree allows remote authenticated users to gain privileges via unspecified vectors in (1) mysqladmin and (2…