joeyh at alioth.debian.org
2008-Dec-27 21:14 UTC
[Secure-testing-commits] r10811 - data/CVE
Author: joeyh
Date: 2008-12-27 21:14:11 +0000 (Sat, 27 Dec 2008)
New Revision: 10811
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2008-12-27 12:44:04 UTC (rev 10810)
+++ data/CVE/list 2008-12-27 21:14:11 UTC (rev 10811)
@@ -242,6 +242,7 @@
CVE-2008-5588 (SQL injection vulnerability in rankup.asp in Katy Whitton RankEm
...)
NOT-FOR-US: Katy Whitton RankEm
CVE-2008-5587 (Directory traversal vulnerability in libraries/lib.inc.php in
...)
+ {DSA-1693-1}
- phppgadmin 4.2.1-1.1 (low; bug #508026)
NOTE: register_globals=on is required
NOTE: http://www.milw0rm.com/exploits/7363
@@ -16147,6 +16148,7 @@
{DSA-1284-1}
- qemu 0.9.0-2 (bug #424070)
CVE-2007-5728 (Cross-site scripting (XSS) vulnerability in phpPgAdmin 3.5 to
4.1.1, ...)
+ {DSA-1693-1}
- phppgadmin 4.1.3-0.1 (bug #449103; low)
CVE-2007-5727 (Incomplete blacklist vulnerability in the stripScripts function
in ...)
NOT-FOR-US: OneOrZero Helpdesk
@@ -23854,6 +23856,7 @@
CVE-2007-2866 (Multiple SQL injection vulnerabilities in ...)
NOT-FOR-US: PHPEcho CMS
CVE-2007-2865 (Cross-site scripting (XSS) vulnerability in sqledit.php in
phpPgAdmin ...)
+ {DSA-1693-1}
- phppgadmin 4.1.2-1 (low; bug #427151)
[sarge] - phppgadmin <not-affected> (Vulnerable code not present)
NOTE:
http://phppgadmin.cvs.sourceforge.net/phppgadmin/webdb/classes/Misc.php?r1=1.156&r2=1.157&pathrev=MAIN
@@ -24174,6 +24177,7 @@
NOTE: This issue was created because of an upstream changelog entry, which
however
NOTE: was meant for the XSS, which is the general issue.
CVE-2007-2739 (Cross-site scripting (XSS) vulnerability in xajax before 0.2.5
allows ...)
+ {DSA-1692-1}
- php-xajax 0.2.5-1 (bug #426103; low)
CVE-2007-2738 (SQL injection vulnerability in glossaire-p-f.php in the
Glossaire 1.7 ...)
NOT-FOR-US: Glossaire for Xoops