Security Vulnerabilities, CVEs, Published In May 2006 (Gain Privilege)

CVE-2006-2636

newsadmin.asp in Katy Whitton NewsCMSLite allows remote attackers to bypass authentication and gain administrative access by setting the loggedIn cookie to "xY1zZoPQ".
Max CVSS
7.5
EPSS Score
17.23%
Published
2006-05-30
Updated
2018-10-18

CVE-2006-2369

Public exploit
RealVNC 4.1.1, and other products that use RealVNC such as AdderLink IP and Cisco CallManager, allows remote attackers to bypass authentication via a request in which the client specifies an insecure security type such as "Type 1 - None", which is accepted even if it is not offered by the server, as originally demonstrated using a long password.
Max CVSS
7.5
EPSS Score
97.20%
Published
2006-05-15
Updated
2022-05-13

CVE-2006-2224

RIPd in Quagga 0.98 and 0.99 before 20060503 does not properly enforce RIPv2 authentication requirements, which allows remote attackers to modify routing state via RIPv1 RESPONSE packets.
Max CVSS
5.0
EPSS Score
12.50%
Published
2006-05-05
Updated
2018-10-18
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close