CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In 2006(Gain Information) (CVSS score >= 6)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2006-6889 +Info 2006-12-31 2017-10-19
7.5
None Remote Low Not required Partial Partial Partial
FreeStyle Wiki (fswiki) 3.6.2 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain passwords via a direct request for config/user.dat.
2 CVE-2006-6866 +Info 2006-12-31 2017-10-19
7.8
None Remote Low Not required Complete None None
STphp EasyNews PRO 4.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain usernames, email addresses, and password hashes via a direct request for data/users.txt.
3 CVE-2006-6838 +Info 2006-12-31 2018-10-17
7.5
None Remote Low Not required Partial Partial Partial
Rediff Bol Downloader ActiveX (OCX) control allows remote attackers to execute arbitrary files, and obtain sensitive information (usernames and pathnames), via a URL in the url vbscript parameter.
4 CVE-2006-6829 +Info 2006-12-31 2011-03-08
7.8
None Remote Low Not required Complete None None
Efkan Forum 1.0 and earlier store sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for forum.mdb. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.
5 CVE-2006-6825 +Info 2006-12-29 2011-03-08
7.5
None Remote Low Not required Partial Partial Partial
Calendar MX BASIC 1.0.2 and earlier store sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for calendar.mdb. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.
6 CVE-2006-6757 Dir. Trav. +Info 2006-12-27 2017-10-19
7.8
None Remote Low Not required Complete None None
Directory traversal vulnerability in index.php in cwmExplorer 1.0 allows remote attackers to read arbitrary files and source code, and obtain sensitive information via directory traversal sequences in the show_file parameter.
7 CVE-2006-6617 +Info 2006-12-18 2018-10-17
6.5
None Remote Low ??? Partial Partial Partial
projectserver/logon/pdsrequest.asp in Microsoft Project Server 2003 allows remote authenticated users to obtain the MSProjectUser password for a SQL database via a GetInitializationData request, which includes the information in the UserName and Password tags of the response.
8 CVE-2006-6613 Dir. Trav. +Info 2006-12-18 2017-10-19
6.8
None Remote Medium Not required Partial Partial Partial
Directory traversal vulnerability in language.php in phpAlbum 0.4.1 Beta 6 and earlier, when magic_quotes_gpc is disabled and register_globals is enabled, allows remote attackers to include and execute arbitrary local files or obtain sensitive information via a .. (dot dot) in the pa_lang[include_file] parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by language.php.
9 CVE-2006-6583 +Info 2006-12-15 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
ScriptMate User Manager 2.1 and earlier allow remote attackers to obtain sensitive information via unspecified vectors related to (1) the Logins box and (2) the Search box.
10 CVE-2006-6580 +Info 2006-12-15 2008-09-05
6.4
None Remote Low Not required None Partial Partial
admin/change.php in ProNews 1.5 does not check whether a user is permitted to change news items, which allows remote attackers to add or delete information within an item, and possibly have other impacts. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
11 CVE-2006-6573 +Info 2006-12-15 2017-07-29
6.0
None Remote Medium ??? Partial Partial Partial
Unspecified vulnerability in Citrix Access Gateway 4.5 Advanced Edition, and 4.2 with Advanced Access Control (AAC) 4.2, when deployed on the Access Gateway appliance 4.2 through 4.2.2 allows remote authenticated users to "gain access to data" and obtain sensitive information via unspecified vectors.
12 CVE-2006-6569 +Info 2006-12-15 2018-10-17
7.8
None Remote Low Not required Complete None None
form.php in GenesisTrader 1.0 allows remote attackers to read source code for arbitrary files and obtain sensitive information via the (1) do and (2) chem parameters with a "modfich" floap parameter.
13 CVE-2006-6529 +Info 2006-12-14 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
The Chatroom Module before 4.7.x.-1.0 for Drupal displays private messages in a chatroom's last messages overview, which allows remote attackers to obtain sensitive information by reading the overview.
14 CVE-2006-6460 +Info 2006-12-11 2017-07-29
10.0
None Remote Low Not required Complete Complete Complete
Yourfreeworld.com Short Url & Url Tracker Script allows remote attackers to obtain sensitive information via an invalid id parameter to login.php, which leaks the path in an error message. NOTE: this issue might be resultant from CVE-2006-2509.
15 CVE-2006-6449 +Info 2006-12-10 2017-07-29
6.4
None Remote Low Not required Partial Partial None
Vt-Forum Lite 1.3 and earlier store sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/forum.mdb. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.
16 CVE-2006-6439 +Info 2006-12-10 2008-09-10
7.8
None Remote Low Not required Complete None None
Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 allows remote attackers to download the audit log and obtain potentially sensitive information via unspecified vectors.
17 CVE-2006-6435 +Info 2006-12-10 2008-09-10
7.5
None Remote Low Not required Partial Partial Partial
The SNMP implementation in Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 does not generate authentication failure traps, which allows remote attackers to more easily gain system access and obtain sensitive information via a brute force attack.
18 CVE-2006-6430 +Info 2006-12-10 2017-07-29
7.8
None Remote Low Not required Complete None None
Web services in Xerox WorkCentre and WorkCentre Pro before 12.060.17.000, 13.x before 13.060.17.000, and 14.x before 14.060.17.000 do not require HTTPS, which allows remote attackers to obtain sensitive information by sniffing the unencrypted HTTP traffic.
19 CVE-2006-6392 Dir. Trav. +Info 2006-12-08 2017-07-29
7.5
None Remote Low Not required Partial Partial Partial
Directory traversal vulnerability in index.php in plx Web Studio (aka plxWebDev) plx Pay 3.2 and earlier allows remote attackers to include and execute arbitrary local files, or obtain user credentials and other sensitive information, via a .. (dot dot) in the read parameter. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.
20 CVE-2006-6346 DoS +Info 2006-12-07 2018-10-17
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in SAP Internet Graphics Service (IGS) 6.40 Patchlevel 15 and earlier, and 7.00 Patchlevel 3 and earlier, allows remote attackers to cause a denial of service (service shutdown), obtain sensitive information (configuration files), and conduct certain other unauthorized activities, related to "Undocumented Features." NOTE: it is possible that there are multiple issues. This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended. This is likely a different issue than CVE-2006-4134.
21 CVE-2006-6273 +Info 2006-12-04 2018-10-17
7.5
None Remote Low Not required Partial Partial Partial
sp_index.php in Simple PHP Gallery 1.1 allows remote attackers to obtain sensitive information via an invalid dir parameter, which reveals the path in an error message.
22 CVE-2006-6267 +Info 2006-12-04 2018-10-17
7.8
None Remote Low Not required Complete None None
PostNuke 0.7.5.0, and certain minor versions, allows remote attackers to obtain sensitive information via a non-numeric value of the stop parameter, which reveals the path in an error message.
23 CVE-2006-6257 +Info 2006-12-04 2018-10-17
6.8
None Remote Medium Not required Partial Partial Partial
The file manager in AlternC 0.9.5 and earlier, when warnings are enabled in PHP, allows remote attackers to obtain sensitive information via certain folder names such as ones composed of JavaScript code, which reveal the path in a warning message.
24 CVE-2006-6248 +Info 2006-12-04 2018-10-17
7.8
None Remote Low Not required Complete None None
index.php in GPhotos 1.5 allows remote attackers to obtain sensitive information via an invalid rep parameter, which reveals the full path in an error message.
25 CVE-2006-5867 20 +Info 2006-12-31 2018-10-17
7.8
None Remote Low Not required Complete None None
fetchmail before 6.3.6-rc4 does not properly enforce TLS and may transmit cleartext passwords over unsecured links if certain circumstances occur, which allows remote attackers to obtain sensitive information via man-in-the-middle (MITM) attacks.
26 CVE-2006-5248 +Info 2006-10-12 2008-09-05
7.8
None Remote Low Not required Complete None None
Eazy Cart stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a customer database via a direct request for admin/config/customer.dat. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
27 CVE-2006-4578 +Info 2006-12-31 2017-07-20
7.5
None Remote Low Not required Partial Partial Partial
export.php in The Address Book 1.04e writes username and password hash information into a publicly accessible file when dumping the MySQL database contents, which allows remote attackers to obtain sensitive information.
28 CVE-2006-4547 Sql +Info 2006-09-06 2018-10-17
6.5
None Remote Low ??? Partial Partial Partial
Lyris ListManager 8.95 allows remote authenticated users to obtain sensitive information by attempting to add a user with a ' (single quote) character in the name, which reveals the details of the underlying SQL query, possibly because of a forced SQL error or SQL injection.
29 CVE-2006-4539 Bypass +Info 2006-09-05 2011-03-08
7.5
None Remote Low Not required Partial Partial Partial
(1) includes/widgets/module_company_tickets.php and (2) includes/widgets/module_track_tickets.php Client Support Center in Cerberus Helpdesk 3.2 Build 317, and possibly earlier, allows remote attackers to bypass security restrictions and obtain sensitive information via the ticket parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
30 CVE-2006-4304 DoS Exec Code Overflow +Info 2006-08-24 2017-07-20
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in the sppp driver in FreeBSD 4.11 through 6.1, NetBSD 2.0 through 4.0 beta before 20060823, and OpenBSD 3.8 and 3.9 before 20060902 allows remote attackers to cause a denial of service (panic), obtain sensitive information, and possibly execute arbitrary code via crafted Link Control Protocol (LCP) packets with an option length that exceeds the overall length, which triggers the overflow in (1) pppoe and (2) ippp. NOTE: this issue was originally incorrectly reported for the ppp driver.
31 CVE-2006-2250 +Info 2006-05-09 2018-10-18
6.4
None Remote Low Not required Partial Partial None
CuteNews 1.4.1 allows remote attackers to obtain sensitive information via a direct request to (1) /inc/show.inc.php or (2) /inc/functions.inc.php, which reveal the path in an error message.
32 CVE-2006-2020 +Info 2006-04-25 2018-10-18
7.8
None Remote Low Not required Complete None None
Asterisk Recording Interface (ARI) in Asterisk@Home before 2.8 stores recordings/includes/main.conf under the web document root with insufficient access control, which allows remote attackers to obtain password information.
33 CVE-2006-1812 +Info 2006-04-18 2018-10-18
6.4
None Remote Low Not required Partial Partial None
phpWebFTP 3.2 and earlier stores script.js under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information.
34 CVE-2006-1764 +Info 2006-04-13 2011-03-08
7.8
None Remote Low Not required Complete None None
Hosting Controller 6.1 stores forum/db/forum.mdb under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as user name and password credentials. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
35 CVE-2006-1677 200 +Info 2006-04-11 2018-10-18
6.4
None Remote Low Not required Partial Partial None
MAXdev MDPro 1.0.73 and 1.0.72, and possibly other versions before 1.076, allows remote attackers to obtain the full path of the server via a direct request to includes/legacy.php.
36 CVE-2006-1367 200 +Info 2006-03-23 2018-10-18
6.8
None Remote Medium Not required Partial Partial Partial
The Motorola PEBL U6 08.83.76R, the Motorola V600, and possibly the Motorola E398 and other Motorola P2K-based phones does not require pairing for a connection related to the Headset Audio Gateway service, which allows user-assisted remote attackers to obtain AT level access and view phonebook entries and saved SMS messages by connecting on Bluetooth channel 3 and tricking the user into pressing Grant, aka a "Blueline" attack. NOTE: while user-assisted, the attack is made more feasible because of a GUI misrepresentation issue that allows a default message to be replaced by an attacker-specified one.
37 CVE-2006-1332 +Info 2006-03-21 2017-07-20
6.4
None Remote Low Not required Partial None Partial
Noah's Classifieds 1.3 and earlier allows remote attackers to obtain sensitive information via an invalid list parameter in the showdetails method to index.php, which reveals the path in an error message.
38 CVE-2006-1280 +Info 2006-03-19 2017-07-20
7.5
None Remote Low Not required Partial Partial Partial
CGI::Session 4.03-1 does not set proper permissions on temporary files created in (1) Driver::File and (2) Driver::db_file, which allows local users to obtain privileged information, such as session keys, by viewing the files.
39 CVE-2006-1111 Sql +Info 2006-03-09 2018-10-18
7.5
None Remote Low Not required Partial Partial Partial
Aztek Forum 4.0 allows remote attackers to obtain sensitive information via a "*/*" in the msg parameter to index.php, which reveals usernames and passwords in a MySQL error message, possibly due to a forced SQL error or SQL injection.
40 CVE-2006-1093 +Info 2006-03-09 2011-03-08
6.4
None Remote Low Not required Partial Partial None
Unspecified vulnerability in IBM WebSphere 5.0.2.10 through 5.0.2.15 and 5.1.1.4 through 5.1.1.9 allows remote attackers to obtain sensitive information via unknown attack vectors, which causes JSP source code to be revealed.
41 CVE-2006-1039 94 +Info 2006-03-07 2018-10-18
6.4
None Remote Low Not required Partial Partial None
SAP Web Application Server (WebAS) Kernel before 7.0 allows remote attackers to inject arbitrary bytes into the HTTP response and obtain sensitive authentication information, or have other impacts, via a ";%20" followed by encoded HTTP headers.
42 CVE-2006-1005 +Info 2006-03-06 2008-09-05
6.4
None Remote Low Not required None Partial Partial
agencyprofile.asp in Parodia 6.2 and earlier might allow remote attackers to obtain sensitive information by triggering an SQL error via an invalid AG_ID parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
43 CVE-2006-0884 20 Bypass +Info 2006-02-24 2018-10-18
9.3
None Remote Medium Not required Complete Complete Complete
The WYSIWYG rendering engine ("rich mail" editor) in Mozilla Thunderbird 1.0.7 and earlier allows user-assisted attackers to bypass javascript security settings and obtain sensitive information or cause a crash via an e-mail containing a javascript URI in the SRC attribute of an IFRAME tag, which is executed when the user edits the e-mail.
44 CVE-2006-0834 +Info 2006-02-22 2018-10-18
7.5
None Remote Low Not required Partial Partial Partial
Uniden UIP1868P VoIP Telephone and Router has a default password of admin for the web-based configuration utility, which allows remote attackers to obtain sensitive information on the device such as telephone numbers called, and possibly connect to other hosts. NOTE: it is possible that this password was configured by a reseller, not the original vendor; if so, then this is not a vulnerability in the product.
45 CVE-2006-0808 DoS +Info 2006-02-21 2017-07-20
6.4
None Remote Low Not required Partial None Partial
MUTE 0.4 allows remote attackers to cause a denial of service (messages not forwarded) and obtain sensitive information about a target by filling a client's mWebCache cache with malicious "zombie" nodes.
46 CVE-2006-0652 +Info 2006-02-13 2017-07-20
6.5
None Remote Low ??? Partial Partial Partial
WHMCompleteSolution (WHMCS) before 2.3 assigns incorrect permissions to "resellers", which allows remote authenticated users to perform privileged actions or obtain sensitive information. NOTE: this report is based on a vendor bug report that identified "incorrect permissions." However, the vendor did not label it a security issue, and there was no statement regarding whether or not the permissions were actually more permissive than intended. If in fact the permissions were more restrictive than intended, then this would be a functional problem but not a vulnerability.
47 CVE-2006-0374 287 +Info 2006-01-22 2017-07-20
7.5
None Remote Low Not required Partial Partial Partial
Advantage Century Telecommunication (ACT) P202S IP Phone 1.01.21 running firmware 1.1.21 has multiple undocumented ports available, which (1) might allow remote attackers to obtain sensitive information, such as memory contents and internal operating-system data, by directly accessing the VxWorks WDB remote debugging ONCRPC (aka wdbrpc) on UDP 17185, (2) reflect network data using echo (TCP 7), or (3) gain access without authentication using rlogin (TCP 513).
48 CVE-2006-0360 DoS +Info 2006-01-22 2017-07-20
6.4
None Remote Low Not required Partial None Partial
MPM SIP HP-180W Wireless IP Phone WE.00.17 allows remote attackers to obtain sensitive information and possibly cause a denial of service via a direct connection to UDP port 9090, which is undocumented and does not require authentication.
Total number of vulnerabilities : 48   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.