white at alioth.debian.org
2008-Aug-02 03:54 UTC
[Secure-testing-commits] r9490 - data/CVE
Author: white Date: 2008-08-02 03:54:44 +0000 (Sat, 02 Aug 2008) New Revision: 9490 Modified: data/CVE/list Log: NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-08-01 10:45:05 UTC (rev 9489) +++ data/CVE/list 2008-08-02 03:54:44 UTC (rev 9490) @@ -1,127 +1,127 @@ CVE-2008-3421 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...) - TODO: check + NOT-FOR-US: Blackboard Academic Suite CVE-2008-3420 (Multiple SQL injection vulnerabilities in Mobius Web Publishing ...) - TODO: check + NOT-FOR-US: Mobius Web Publishing Software CVE-2008-3419 (SQL injection vulnerability in ugroups.php in Youtuber Clone allows ...) - TODO: check + NOT-FOR-US: Youtuber Clone CVE-2008-3418 (SQL injection vulnerability in browse.php in TriO 2.1 and earlier ...) - TODO: check + NOT-FOR-US: TriO CVE-2008-3417 (SQL injection vulnerability in home/index.asp in fipsCMS light 2.1 and ...) - TODO: check + NOT-FOR-US: fipsCMS CVE-2008-3416 (SQL injection vulnerability in modules/members.php in IceBB before ...) - TODO: check + NOT-FOR-US: IceBB CVE-2008-3415 (Directory traversal vulnerability in common.php in CMScout 2.05, when ...) - TODO: check + NOT-FOR-US: CMScout CVE-2008-3414 (SQL injection vulnerability in line2.php in SiteAdmin allows remote ...) - TODO: check + NOT-FOR-US: SiteAdmin CVE-2008-3413 (SQL injection vulnerability in category.php in Greatclone GC Auction ...) - TODO: check + NOT-FOR-US: Greatclone GC Auction Platinum CVE-2008-3412 (SQL injection vulnerability in Comsenz EPShop (aka ECShop) before 3.0 ...) - TODO: check + NOT-FOR-US: Comsenz EPShop CVE-2008-3411 (The Axesstel AXW-D800 modem with D2_ETH_109_01_VEBR Jun-14-2006 ...) - TODO: check + NOT-FOR-US: The Axesstel AXW-D800 modem CVE-2008-3410 (Unreal Tournament 3 1.3beta4 and earlier allows remote attackers to ...) - TODO: check + NOT-FOR-US: Unreal Tournament CVE-2008-3409 (Buffer overflow in Unreal Tournament 3 1.3beta4 and earlier allows ...) - TODO: check + NOT-FOR-US: Unreal Tournament CVE-2008-3408 (Stack-based buffer overflow in CoolPlayer allows user-assisted remote ...) - TODO: check + NOT-FOR-US: CoolPlayer CVE-2008-3407 (phpLinkat 0.1 allows remote attackers to bypass authentication and ...) - TODO: check + NOT-FOR-US: phpLinkat CVE-2008-3406 (SQL injection vulnerability in showcat.php in phpLinkat 0.1 allows ...) - TODO: check + NOT-FOR-US: phpLinkat CVE-2008-3405 (Directory traversal vulnerability in index.php in Ricardo Amaral ...) - TODO: check + NOT-FOR-US: Ricardo Amaral nzFotolog CVE-2008-3404 (Cross-site scripting (XSS) vulnerability in guestbook.js.php in ...) - TODO: check + NOT-FOR-US: MJGuest CVE-2008-3403 (SQL injection vulnerability in mojoClassified.cgi in MojoPersonals ...) - TODO: check + NOT-FOR-US: MojoPersonals CVE-2008-3402 (Multiple PHP remote file inclusion vulnerabilities in HIOX Browser ...) - TODO: check + NOT-FOR-US: HIOX Browser Statistics CVE-2008-3401 (PHP remote file inclusion vulnerability in hioxRandomAd.php in HIOX ...) - TODO: check + NOT-FOR-US: HIOX Random Ad CVE-2008-3400 (XRMS CRM 1.99.2 allows remote attackers to obtain configuration ...) - TODO: check + NOT-FOR-US: XRMS CRM CVE-2008-3399 (PHP remote file inclusion vulnerability in ...) - TODO: check + NOT-FOR-US: XRMS CRM CVE-2008-3398 (Multiple cross-site scripting (XSS) vulnerabilities in XRMS CRM 1.99.2 ...) - TODO: check + NOT-FOR-US: XRMS CRM CVE-2008-3397 (Cross-site scripting (XSS) vulnerability in Runesoft Cerberus CMS ...) - TODO: check + NOT-FOR-US: Runesoft Cerberus CMS CVE-2008-3396 (Unreal Tournament 2004 (UT2004) 3369 and earlier allows remote ...) - TODO: check + NOT-FOR-US: Unreal Tournament CVE-2008-3395 (Calacode @Mail 5.41 on Linux uses weak world-readable permissions for ...) - TODO: check + NOT-FOR-US: Calacode CVE-2008-3394 (Multiple cross-site scripting (XSS) vulnerabilities in search.cfm in ...) - TODO: check + NOT-FOR-US: BookMine CVE-2008-3393 (SQL injection vulnerability in events.cfm in BookMine allows remote ...) - TODO: check + NOT-FOR-US: BookMine CVE-2008-3392 (Cross-site request forgery (CSRF) vulnerability in Web Wiz Forum 9.5 ...) - TODO: check + NOT-FOR-US: Web Wiz Forum CVE-2008-3391 (Multiple cross-site scripting (XSS) vulnerabilities in Web Wiz Forum ...) - TODO: check + NOT-FOR-US: Web Wiz Forum CVE-2008-3390 (Directory traversal vulnerability in libraries/general.init.php in ...) - TODO: check + NOT-FOR-US: Minishowcase Image Gallery CVE-2008-3389 RESERVED CVE-2008-3388 (Multiple SQL injection vulnerabilities in Def-Blog 1.0.3 allow remote ...) - TODO: check + NOT-FOR-US: Def-Blog CVE-2008-3387 (SQL injection vulnerability in show.php in PHPFootball 1.6 allows ...) - TODO: check + NOT-FOR-US: PHPFootball CVE-2008-3386 (SQL injection vulnerability in album.php in AlstraSoft Video Share ...) - TODO: check + NOT-FOR-US: AlstraSoft Video Share Enterprise CVE-2008-3385 (Directory traversal vulnerability in include/head_chat.inc.php in php ...) - TODO: check + NOT-FOR-US: Help Agent CVE-2008-3384 (Multiple directory traversal vulnerabilities in help/help.php in ...) - TODO: check + NOT-FOR-US: Interact Learning Community Environment Interact CVE-2008-3383 (SQL injection vulnerability in mojoAuto.cgi in MojoAuto allows remote ...) - TODO: check + NOT-FOR-US: MojoAuto CVE-2008-3382 (SQL injection vulnerability in mojoClassified.cgi in MojoClassifieds ...) - TODO: check + NOT-FOR-US: MojoClassifieds CVE-2008-3381 (Multiple cross-site scripting (XSS) vulnerabilities in ...) TODO: check CVE-2008-3380 (Cross-site scripting (XSS) vulnerability in ajaxp_backend.php in ...) - TODO: check + NOT-FOR-US: MyioSoft EasyBookMarker CVE-2008-3379 (Cross-site scripting (XSS) vulnerability in Snark VisualPic 0.3.1 ...) - TODO: check + NOT-FOR-US: Snark VisualPic CVE-2008-3378 (SQL injection vulnerability in comment.php in Fizzmedia 1.51.2 allows ...) - TODO: check + NOT-FOR-US: Fizzmedia CVE-2008-3377 (SQL injection vulnerability in picture.php in phpTest 0.6.3 allows ...) - TODO: check + NOT-FOR-US: phpTest CVE-2008-3376 (Multiple unspecified vulnerabilities in JamRoom before 3.4.0 have ...) - TODO: check + NOT-FOR-US: JamRoom CVE-2008-3375 (The jrCookie function in includes/jamroom-misc.inc.php in JamRoom ...) - TODO: check + NOT-FOR-US: JamRoom CVE-2008-3374 (SQL injection vulnerability in ajax.php in Gregarius 0.5.4 and earlier ...) - TODO: check + NOT-FOR-US: Gregarius CVE-2008-3373 (The files parsing engine in Grisoft AVG Anti-Virus before 8.0.156 ...) - TODO: check + NOT-FOR-US: Grisoft AVG Anti-Virus CVE-2008-3372 (SQL injection vulnerability in search_form.php in Getacoder Clone ...) - TODO: check + NOT-FOR-US: Getacoder Clone CVE-2008-3371 (Directory traversal vulnerability in install/help.php in TalkBack ...) - TODO: check + NOT-FOR-US: TalkBack CVE-2008-3370 (SQL injection vulnerability in the CUA Login Module in EMC Centera ...) - TODO: check + NOT-FOR-US: CUA Login Module in EMC Centera Universal Access CVE-2008-3369 (SQL injection vulnerability in products_rss.php in ViArt Shop 3.5 and ...) - TODO: check + NOT-FOR-US: ViArt Shop CVE-2008-3368 (PHP remote file inclusion vulnerability in tools/packages/import.php ...) - TODO: check + NOT-FOR-US: ATutor CVE-2008-3367 (Cross-site scripting (XSS) vulnerability in RTE_popup_link.asp in Web ...) - TODO: check + NOT-FOR-US: Web Wiz Rich Text Editor CVE-2008-3366 (SQL injection vulnerability in story.php in Pligg CMS Beta 9.9.0 ...) - TODO: check + NOT-FOR-US: Pligg CMS CVE-2008-3365 (Directory traversal vulnerability in index.php in Pixelpost 1.7.1 on ...) TODO: check CVE-2008-3364 (Buffer overflow in the ObjRemoveCtrl Class ActiveX control in ...) - TODO: check + NOT-FOR-US: Trend Micro OfficeScan Corp Edition Web-Deployment CVE-2008-3363 (Directory traversal vulnerability in user_portal.php in the Dokeos ...) - TODO: check + NOT-FOR-US: Dokeos E-Learning System CVE-2008-3362 (Unrestricted file upload vulnerability in upload.php in the Giulio ...) - TODO: check + NOT-FOR-US: Giulio Ganci Wp Downloads Manager module CVE-2008-3361 (Stack-based buffer overflow in IntelliTamper 2.07 allows remote web ...) - TODO: check + NOT-FOR-US: IntelliTamper CVE-2008-3360 (Stack-based buffer overflow in the HTML parser in IntelliTamper 2.0.7 ...) - TODO: check + NOT-FOR-US: IntelliTamper CVE-2008-3359 (SQL injection vulnerability in register.php in Steve Bourgeois and ...) TODO: check CVE-2008-3358