nion at alioth.debian.org
2008-Oct-27 09:01 UTC
[Secure-testing-commits] r10177 - data/CVE
Author: nion Date: 2008-10-27 09:01:25 +0000 (Mon, 27 Oct 2008) New Revision: 10177 Modified: data/CVE/list Log: NFUs CVE-2008-4671 does not affect wordpress Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-10-27 08:50:06 UTC (rev 10176) +++ data/CVE/list 2008-10-27 09:01:25 UTC (rev 10177) @@ -149,14 +149,13 @@ CVE-2008-4672 (Cross-site scripting (XSS) vulnerability in search_results.php in ...) NOT-FOR-US: buymyscripts Lyrics Script CVE-2008-4671 (Cross-site scripting (XSS) vulnerability in wp-admin/wp-blogs.php in ...) - - wordpress <unfixed> (low; bug #503642) - NOTE: http://lists.grok.org.uk/pipermail/full-disclosure/2008-September/064748.html + - wordpress <not-affected> (Vulnerable code only in mulitiuser wordpress) CVE-2008-4670 (Cross-site scripting (XSS) vulnerability in search.php in Ed Pudol ...) NOT-FOR-US: Ed Pudol Clickbank Portal CVE-2008-4669 (Cross-site scripting (XSS) vulnerability in search.php in Dan Fletcher ...) NOT-FOR-US: Dan Fletcher Recipe Script CVE-2008-4668 (Directory traversal vulnerability in the Image Browser ...) - NOT-FOR-US: additional Joomla! module + NOT-FOR-US: com_imagebrowser for Joomla! CVE-2008-4667 (Directory traversal vulnerability in rss.php in ArabCMS 2.0 beta 1 ...) NOT-FOR-US: ArabCMS CVE-2008-4666 (SQL injection vulnerability in webboard.php in Ultimate Webboard 3.00 ...) @@ -170,21 +169,21 @@ CVE-2008-4662 (Directory traversal vulnerability in admin.php in LokiCMS 0.3.4, when ...) NOT-FOR-US: LokiCMS CVE-2008-4661 (Cross-site scripting (XSS) vulnerability in the Page Improvements ...) - NOT-FOR-US: Page Improvements module for typo3 + NOT-FOR-US: sm_pageimprovements for Typo3 CVE-2008-4660 (SQL injection vulnerability in the M1 Intern (m1_intern) 1.0.0 ...) - NOT-FOR-US: M1 Intern module for typo3 + NOT-FOR-US: m1_intern for Typo3 CVE-2008-4659 (SQL injection vulnerability in the Mannschaftsliste ...) - NOT-FOR-US: Mannschaftsliste module for typo3 + NOT-FOR-US: kiddog_playerlist for Typo3 CVE-2008-4658 (SQL injection vulnerability in the JobControl (dmmjobcontrol) 1.15.4 ...) - NOT-FOR-US: JobControl module for typo3 + NOT-FOR-US: dmmjobcontrol for Typo3 CVE-2008-4657 (SQL injection vulnerability in the Econda Plugin (econda) 0.0.2 and ...) - NOT-FOR-US: Econda plugin for typo3 + NOT-FOR-US: econda for Typo3 CVE-2008-4656 (SQL injection vulnerability in the Frontend Users View (feusersview) ...) - NOT-FOR-US: Frontend Users View module for typo3 + NOT-FOR-US: fersview for Typo3 CVE-2008-4655 (SQL injection vulnerability in the Simple survey (simplesurvey) 1.7.0 ...) - NOT-FOR-US: Simple survey module for typo3 + NOT-FOR-US: simplesurvey for Typo3 CVE-2008-4653 (SQL injection vulnerability in makale.php in Makale 0.26 and possibly ...) - NOT-FOR-US: XOOPS module + NOT-FOR-US: Makale module for XOOPS CVE-2008-4652 (Buffer overflow in the ActiveX control (DartFtp.dll) in Dart ...) NOT-FOR-US: Dart Communications PowerTCP FTP CVE-2008-4651 (Multiple SQL injection vulnerabilities in Jetbox CMS 2.1 allow remote ...)