thr3ads.net - Secure testing commits - [Secure-testing-commits] r10173

If this information is useful, please help other people find it:
Share via:

white at alioth.debian.org

2008-Oct-27 08:37 UTC

[Secure-testing-commits] r10173 - data/CVE

Author: white
Date: 2008-10-27 08:37:18 +0000 (Mon, 27 Oct 2008)
New Revision: 10173

Modified:
   data/CVE/list
Log:
new wordpress issue; joomla module NFU

Modified: data/CVE/list
==================================================================---
data/CVE/list	2008-10-27 08:27:59 UTC (rev 10172)
+++ data/CVE/list	2008-10-27 08:37:18 UTC (rev 10173)
@@ -148,13 +148,14 @@
 CVE-2008-4672 (Cross-site scripting (XSS) vulnerability in search_results.php
in ...)
 	NOT-FOR-US: buymyscripts Lyrics Script
 CVE-2008-4671 (Cross-site scripting (XSS) vulnerability in
wp-admin/wp-blogs.php in ...)
-	TODO: check
+	- wordpress <unfixed> (low; bug #503642)
+	NOTE:
http://lists.grok.org.uk/pipermail/full-disclosure/2008-September/064748.html
 CVE-2008-4670 (Cross-site scripting (XSS) vulnerability in search.php in Ed
Pudol ...)
 	NOT-FOR-US: Ed Pudol Clickbank Portal 
 CVE-2008-4669 (Cross-site scripting (XSS) vulnerability in search.php in Dan
Fletcher ...)
 	NOT-FOR-US: Dan Fletcher Recipe Script
 CVE-2008-4668 (Directory traversal vulnerability in the Image Browser ...)
-	TODO: check
+	NOT-FOR-US: additional Joomla! module
 CVE-2008-4667 (Directory traversal vulnerability in rss.php in ArabCMS 2.0 beta
1 ...)
 	NOT-FOR-US: ArabCMS
 CVE-2008-4666 (SQL injection vulnerability in webboard.php in Ultimate Webboard
3.00 ...)

Secure testing commits - Oct 2008 - r10173 - data/CVE

[Secure-testing-commits] r10173 - data/CVE