jamie-guest at alioth.debian.org
2009-Feb-20 22:40 UTC
[Secure-testing-commits] r11245 - data/CVE
Author: jamie-guest Date: 2009-02-20 22:40:20 +0000 (Fri, 20 Feb 2009) New Revision: 11245 Modified: data/CVE/list Log: NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-02-20 21:14:11 UTC (rev 11244) +++ data/CVE/list 2009-02-20 22:40:20 UTC (rev 11245) @@ -1,53 +1,53 @@ CVE-2009-0648 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...) - TODO: check + NOT-FOR-US: Falt4 CMS CVE-2009-0647 (msnmsgr.exe in Windows Live Messenger (WLM) 2009 build 14.0.8064.206, ...) - TODO: check + NOT-FOR-US: Windows Live Messenger CVE-2008-6212 (Cross-site scripting (XSS) vulnerability in admin.php in Php-Stats ...) - TODO: check + NOT-FOR-US: Php-Stats CVE-2008-6211 (Multiple cross-site scripting (XSS) vulnerabilities in PhpForums.net ...) - TODO: check + NOT-FOR-US: PhpForums.net mcGallery CVE-2008-6210 (SQL injection vulnerability in index.php in dream4 Koobi 4.4 and 5.4 ...) - TODO: check + NOT-FOR-US: dream4 Koobi CVE-2008-6209 (SQL injection vulnerability in view_product.php in Vastal I-Tech ...) - TODO: check + NOT-FOR-US: Vastal I-Tech Software Zone CVE-2008-6208 (Cross-site scripting (XSS) vulnerability in submitnews.php in e107 CMS ...) - TODO: check + NOT-FOR-US: e107 CMS CVE-2008-6207 (Unrestricted file upload vulnerability in form_upload.php in PHPG ...) - TODO: check + NOT-FOR-US: PHPG Upload CVE-2008-6206 (Multiple PHP remote file inclusion vulnerabilities in RobotStats 0.1 ...) - TODO: check + NOT-FOR-US: RobotStats CVE-2008-6205 (Cross-site scripting (XSS) vulnerability in seeurl.php in Xavier ...) - TODO: check + NOT-FOR-US: Xavier Flahaut URLStreet CVE-2008-6204 (Multiple SQL injection vulnerabilities in SuperNET Shop 1.0 and ...) - TODO: check + NOT-FOR-US: SuperNET Shop CVE-2008-6203 (SQL injection vulnerability in adminler.asp in CoBaLT 2.0 allows ...) - TODO: check + NOT-FOR-US: CoBaLT CVE-2008-6202 (SQL injection vulnerability in CoBaLT 1.0 allows remote attackers to ...) - TODO: check + NOT-FOR-US: CoBaLT CVE-2008-6201 (Directory traversal vulnerability in help.php in the eskuel module in ...) - TODO: check + NOT-FOR-US: KwsPHP CVE-2008-6200 (Multiple cross-site scripting (XSS) vulnerabilities in Swiki 1.5 allow ...) - TODO: check + NOT-FOR-US: Swiki CVE-2008-6199 (2532designs 2532|Gigs 1.2.2 and earlier allows remote attackers to ...) - TODO: check + NOT-FOR-US: 2532designs 2532|Gigs CVE-2008-6198 (SQL injection vulnerability in pages.php in Custom Pages 1.0 plugin ...) - TODO: check + NOT-FOR-US: Custom Pages 1.0 plugin for MyBulletinBoard CVE-2008-6197 (SQL injection vulnerability in index.php in the galerie module for ...) - TODO: check + NOT-FOR-US: KwsPHP CVE-2008-6196 (Multiple PHP remote file inclusion vulnerabilities in Philippe CROCHAT ...) - TODO: check + NOT-FOR-US: Philippe CROCHAT EasySite CVE-2008-6195 (Directory traversal vulnerability in the PXE TFTP Service ...) - TODO: check + NOT-FOR-US: LANDesk Management Suite CVE-2008-6194 (Memory leak in the DNS server in Microsoft Windows allows remote ...) - TODO: check + NOT-FOR-US: Microsoft Windows CVE-2008-6193 (Sam Crew MyBlog stores passwords in cleartext in a MySQL database, ...) - TODO: check + NOT-FOR-US: Sam Crew MyBlog CVE-2008-6192 (Multiple cross-site scripting (XSS) vulnerabilities in unspecified ...) - TODO: check + NOT-FOR-US: Sun Java System Portal Server CVE-2008-6191 (Conductor.exe in Intrinsic Swimage Encore before 5.0.1.21 contains a ...) - TODO: check + NOT-FOR-US: Intrinsic Swimage Encore CVE-2008-6190 (Cross-site scripting (XSS) vulnerability in index.php in EEBCMS 0.95 ...) - TODO: check + NOT-FOR-US: EEBCMS CVE-2008-6189 (SQL injection vulnerability in GForge 4.5.19 allows remote attackers ...) TODO: check CVE-2008-6188 (SQL injection vulnerability in people/editprofile.php in Gforge 4.6 ...) @@ -55,45 +55,45 @@ CVE-2008-6187 (SQL injection vulnerability in frs/shownotes.php in Gforge 4.5.19 and ...) TODO: check CVE-2008-6186 (Stack-based buffer overflow in RaidenFTPD 2.4 build 3620 allows remote ...) - TODO: check + NOT-FOR-US: RaidenFTPD CVE-2008-6185 (NoticeWare Email Server NG 5.1.2.2 allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: NoticeWare Email Server NG CVE-2008-6184 (SQL injection vulnerability in the OwnBiblio (com_ownbiblio) component ...) - TODO: check + NOT-FOR-US: Joomla! CVE-2008-6183 (Multiple directory traversal vulnerabilities in index.php in My PHP ...) - TODO: check + NOT-FOR-US: My PHP Indexer CVE-2008-6182 (SQL injection vulnerability in the Ignite Gallery (com_ignitegallery) ...) - TODO: check + NOT-FOR-US: Joomla! CVE-2008-6181 (SQL injection vulnerability in the Mad4Joomla Mailforms ...) - TODO: check + NOT-FOR-US: Joomla! CVE-2008-6180 (SQL injection vulnerability in system/nlb_user.class.php in NewLife ...) - TODO: check + NOT-FOR-US: NewLife Blogger CVE-2008-6179 (SQL injection vulnerability in sug_cat.php in IndexScript 3.0 allows ...) - TODO: check + NOT-FOR-US: IndexScript CVE-2008-6178 (Unrestricted file upload vulnerability in ...) TODO: check CVE-2008-6177 (Multiple directory traversal vulnerabilities in LightBlog 9.8, when ...) - TODO: check + NOT-FOR-US: LightBlog CVE-2008-6176 (bootstrap.inc in Drupal 5.x before 5.12 and 6.x before 6.6, when the ...) TODO: check CVE-2008-6175 (SilverSHielD 1.0.2.34 allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: SilverSHielD CVE-2008-6174 (Cross-site scripting (XSS) vulnerability in admin/postlister/index.php ...) - TODO: check + NOT-FOR-US: Jetbox CMS CVE-2008-6173 (Cross-site scripting (XSS) vulnerability in fullscreen.php in ...) - TODO: check + NOT-FOR-US: ClipShare Pro CVE-2008-6172 (Directory traversal vulnerability in captcha/captcha_image.php in the ...) - TODO: check + NOT-FOR-US: Joomla! CVE-2008-6171 (Drupal 5.x before 5.12 and 6.x before 6.6, when the server is ...) TODO: check CVE-2008-6170 (Cross-site scripting (XSS) vulnerability in Drupal 5.x before 5.12 and ...) TODO: check CVE-2008-6169 (Cross-site request forgery (CSRF) vulnerability in the Localization ...) - TODO: check + NOT-FOR-US: Localization modules for Drupal CVE-2008-6168 (Cross-site scripting (XSS) vulnerability in search.php in miniPortail ...) - TODO: check + NOT-FOR-US: miniPortail CVE-2008-6167 (Directory traversal vulnerability in search.php in miniPortail 2.2 and ...) - TODO: check + NOT-FOR-US: miniPortail CVE-2009-0646 (Multiple SQL injection vulnerabilities in 4Site CMS 2.6 and earlier ...) NOT-FOR-US: 4Site CMS CVE-2009-0645 (Directory traversal vulnerability in index.php in Jaws 0.8.8 allows ...) @@ -101,13 +101,13 @@ CVE-2009-0644 (The HTTP interface in Swann DVR4-SecuraNet has a certain default ...) NOT-FOR-US: Swann DVR4-SecuraNet CVE-2009-0643 (Static code injection vulnerability in post.php in Simple PHP News 1.0 ...) - TODO: check + NOT-FOR-US: Simple PHP News CVE-2009-0642 (ext/openssl/ossl_ocsp.c in Ruby 1.8 and 1.9 does not properly check ...) TODO: check CVE-2009-0641 (sys_term.c in telnetd in FreeBSD 7.0-RELEASE and other 7.x versions ...) TODO: check CVE-2009-0640 (Directory traversal vulnerability in the administrative web server in ...) - TODO: check + NOT-FOR-US: Swann DVR4-SecuraNet CVE-2009-0639 (PHP remote file inclusion vulnerability in moduli/libri/index.php in ...) NOT-FOR-US: phpyabs CVE-2008-6166 (SQL injection vulnerability in the KBase (com_kbase) 1.2 component for ...) @@ -115,11 +115,11 @@ CVE-2008-6165 (SQL injection vulnerability in gestion.php in CSPartner 0.1, when ...) NOT-FOR-US: CSPartner CVE-2008-6164 (Cross-site scripting (XSS) vulnerability in index.php in DreamCost ...) - TODO: check + NOT-FOR-US: DreamCost HostAdmin CVE-2008-6163 (SQL injection vulnerability in www/delivery/ac.php in OpenX 2.6.1 ...) - TODO: check + NOT-FOR-US: OpenX CVE-2008-6162 (Bux.to Clone script allows remote attackers to bypass authentication ...) - TODO: check + NOT-FOR-US: Bux.to Clone script CVE-2008-6161 (Cross-site scripting (XSS) vulnerability in WOW Raid Manager (WRM) ...) NOT-FOR-US: WOW Raid Manager CVE-2008-6160 (Semantically-Interconnected Online Communities (SIOC) 5.x before ...)