Author: fw Date: 2012-04-24 09:17:01 +0000 (Tue, 24 Apr 2012) New Revision: 19047 Modified: data/CVE/list Log: CVE-2011-5083: dotclear bug filed Modified: data/CVE/list ==================================================================--- data/CVE/list 2012-04-24 09:09:07 UTC (rev 19046) +++ data/CVE/list 2012-04-24 09:17:01 UTC (rev 19047) @@ -1376,8 +1376,8 @@ - vlc <unfixed> TODO: check CVE-2011-5083 (Unrestricted file upload vulnerability in inc/swf/swfupload.swf in ...) - - dotclear <unfixed> - TODO: check + - dotclear <unfixed> (low; bug #670227) + NOTE: Post-authentication; vulnerability is actually in admin/media.php. CVE-2012-1790 (Absolute path traversal vulnerability in Webgrind 1.0 and 1.0.2 allows ...) NOT-FOR-US: Webgrind CVE-2012-1789 (Multiple cross-site scripting (XSS) vulnerabilities in Kongreg8 1.7.3 ...)