Author: djoume-guest Date: 2007-05-12 15:36:09 +0000 (Sat, 12 May 2007) New Revision: 5827 Modified: data/CVE/list Log: NFUs otrs2 XSS Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-05-11 20:08:46 UTC (rev 5826) +++ data/CVE/list 2007-05-12 15:36:09 UTC (rev 5827) @@ -16,7 +16,7 @@ CVE-2007-2581 (Multiple cross-site scripting (XSS) vulnerabilities in Microsoft ...) NOT-FOR-US: Microsoft CVE-2007-2580 (Unspecified vulnerability in Apple Safari allows local users to obtain ...) - TODO: check + NOT-FOR-US: Safari CVE-2007-2579 (Multiple cross-site scripting (XSS) vulnerabilities in ACP3 4.0 beta 3 ...) NOT-FOR-US: ACP3 CVE-2007-2578 (Unspecified vulnerability in search/list/action_search/index.php in ...) @@ -58,83 +58,83 @@ CVE-2007-2560 (Directory traversal vulnerability in theme/acgv.php in ACGVannu 1.3 ...) NOT-FOR-US: ACGVannu CVE-2007-2559 (Multiple PHP remote file inclusion vulnerabilities in american cart ...) - TODO: check + NOT-FOR-US: american cart CVE-2007-2558 (** DISPUTED ** ...) - TODO: check + NOT-FOR-US: pfa CMS CVE-2007-2557 (MOStlyDB Admin in Mambo 4.6.1 does not properly check privileges, ...) - TODO: check + NOT-FOR-US: Mambo CVE-2007-2556 (SQL injection vulnerability in Nuked-klaN 1.7.6 allows remote ...) - TODO: check + NOT-FOR-US: Nuked-klaN CVE-2007-2555 (Unspecified vulnerability in Default.aspx in Podium CMS allows remote ...) - TODO: check + NOT-FOR-US: Podium CMS CVE-2007-2554 (Associated Press (AP) Newspower 4.0.1 and earlier uses a default blank ...) - TODO: check + NOT-FOR-US: Newspower CVE-2007-2553 (Unspecified vulnerability in dop in HP Tru64 UNIX 5.1B-4, 5.1B-3, and ...) - TODO: check + NOT-FOR-US: HP Tru64 UNIX CVE-2007-2552 (The RecentChanges feature in WikkaWiki (Wikka Wiki) before 1.1.6.3 ...) - TODO: check + NOT-FOR-US: WikkaWiki CVE-2007-2551 (Cross-site scripting (XSS) vulnerability in usersettings.php in ...) - TODO: check + NOT-FOR-US: WikkaWiki CVE-2007-2550 (Multiple CRLF injection vulnerabilities in Devellion CubeCart 3.0.15 ...) - TODO: check + NOT-FOR-US: CubeCart CVE-2007-2549 (SQL injection vulnerability in index.php in TurnkeyWebTools SunShop ...) - TODO: check + NOT-FOR-US: TurnkeyWebTools CVE-2007-2548 (Unspecified vulnerability in index.php in TurnkeyWebTools SunShop ...) - TODO: check + NOT-FOR-US: TurnkeyWebTools CVE-2007-2547 (Cross-site scripting (XSS) vulnerability in index.php in ...) - TODO: check + NOT-FOR-US: TurnkeyWebTools CVE-2007-2546 (Session fixation vulnerability in Simple Machines Forum (SMF) 1.1.2 ...) - TODO: check + NOT-FOR-US: SMF CVE-2007-2545 (Multiple PHP remote file inclusion vulnerabilities in Persism CMS ...) - TODO: check + NOT-FOR-US: Persism CVE-2007-2544 (PHP remote file inclusion vulnerability in ...) - TODO: check + NOT-FOR-US: TopTree BBS CVE-2007-2543 (SQL injection vulnerability in game.php in the Flashgames 1.0.1 module ...) - TODO: check + NOT-FOR-US: XOOPS CVE-2007-2542 (PHP remote file inclusion vulnerability in header.php in workbench ...) - TODO: check + NOT-FOR-US: workbench survival guide CVE-2007-2541 (PHP remote file inclusion vulnerability in includes/ajax_listado.php ...) - TODO: check + NOT-FOR-US: Versado CVE-2007-2540 (Multiple PHP remote file inclusion vulnerabilities in PMECMS 1.0 and ...) - TODO: check + NOT-FOR-US: PMECMS CVE-2007-2539 (The show_files function in RunCms 1.5.2 and earlier allows remote ...) - TODO: check + NOT-FOR-US: RunCms CVE-2007-2538 (SQL injection vulnerability in class/debug/debug_show.php in RunCms ...) - TODO: check + NOT-FOR-US: RunCms CVE-2007-2537 (Multiple SQL injection vulnerabilities in mainfile.php in NPDS 5.10 ...) - TODO: check + NOT-FOR-US: NPDS CVE-2007-2536 (PicoZip allows remote attackers to cause a denial of service (infinite ...) - TODO: check + NOT-FOR-US: Picozip CVE-2007-2535 (WinAce allows remote attackers to cause a denial of service (infinite ...) - TODO: check + NOT-FOR-US: WinAce CVE-2007-2534 (** DISPUTED ** ...) - TODO: check + NOT-FOR-US: phpHoo3 CVE-2007-2533 (Multiple buffer overflows in Trend Micro ServerProtect 5.58 before ...) - TODO: check + NOT-FOR-US: Trend Micro ServerProtect CVE-2007-2532 (Multiple cross-site scripting (XSS) vulnerabilities in Minh Nguyen ...) - TODO: check + NOT-FOR-US: Minh Nguyen Duong Obie Website Mini Web Shop CVE-2007-2531 (PHP remote file inclusion vulnerability in berylium-classes.php in ...) - TODO: check + NOT-FOR-US: Berylium2 CVE-2007-2530 (Multiple PHP remote file inclusion vulnerabilities in Tropicalm ...) - TODO: check + NOT-FOR-US: Tropicalm CVE-2007-2529 (Integer signedness error in the acl (facl) system call in Solaris 10 ...) - TODO: check + NOT-FOR-US: Solaris 10 CVE-2007-2528 (Buffer overflow in AgRpcCln.dll for Trend Micro ServerProtect 5.58 for ...) - TODO: check + NOT-FOR-US: Trend Micro ServerProtect CVE-2007-2527 (Multiple PHP remote file inclusion vulnerabilities in DynamicPAD ...) - TODO: check + NOT-FOR-US: DynamicPAD CVE-2007-2526 (Heap-based buffer overflow in the ConnectAsyncEx function in VNC ...) - TODO: check + NOT-FOR-US: VNC Viewer ActiveX control CVE-2007-2525 (Memory leak in the PPPoE socket implementation in the Linux kernel ...) - linux-2.6 <unfixed> CVE-2007-2524 (Cross-site scripting (XSS) vulnerability in index.pl in OTRS (Open ...) - TODO: check + - otrs2 <unfixed> (bug filed) CVE-2007-2523 RESERVED CVE-2007-2522 RESERVED CVE-2007-2521 (PHP remote file inclusion vulnerability in common.php in E-GADS! 2.2.6 ...) - TODO: check + NOT-FOR-US: E-GADS! CVE-2007-2520 RESERVED CVE-2007-2519