Author: stef-guest Date: 2006-09-24 20:32:21 +0000 (Sun, 24 Sep 2006) New Revision: 4760 Modified: data/CVE/list Log: - CVE-2006-467[459]: new dokuwiki remote code execution issue - CVE-2006-4294 new twiki issue Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-09-24 19:51:14 UTC (rev 4759) +++ data/CVE/list 2006-09-24 20:32:21 UTC (rev 4760) @@ -504,7 +504,7 @@ CVE-2006-4680 (The Remote UI in Canon imageRUNNER includes usernames and passwords ...) NOT-FOR-US: Canon imageRUNNER CVE-2006-4679 (DokuWiki before 2006-03-09c enables the debug feature by default, ...) - TODO: check + - dokuwiki <unfixed> (low; bug #388082) CVE-2006-4678 (PHP remote file inclusion vulnerability in News Evolution 3.0.3 allows ...) NOT-FOR-US: News Evolution CVE-2006-4677 (** DISPUTED ** ...) @@ -512,9 +512,9 @@ CVE-2006-4676 (TIBCO RendezVous 7.4.11 and earlier logs base64-encoded usernames and ...) NOT-FOR-US: TIBCO RendezVous CVE-2006-4675 (Unrestricted file upload vulnerability in lib/exe/media.php in ...) - TODO: check + - dokuwiki <unfixed> (medium; bug #388082) CVE-2006-4674 (Direct static code injection vulnerability in doku.php in DokuWiki ...) - TODO: check + - dokuwiki <unfixed> (medium; bug #388082) CVE-2006-4673 (Global variable overwrite vulnerability in maincore.php in PHP-Fusion ...) NOT-FOR-US: PHP-Fusion CVE-2006-4672 (PHP remote file inclusion vulnerability in profitCode ppalCart 2.5 EE, ...) @@ -1399,7 +1399,7 @@ CVE-2006-4295 (Cross-site scripting (XSS) vulnerability in ascan_6.asp in Panda ...) NOT-FOR-US: Panda ActiveScan CVE-2006-4294 (Directory traversal vulnerability in viewfile in TWiki 4.0.0 through 4.0.4 ...) - TODO: check + - twiki <unfixed> (bug filed) CVE-2006-4293 (Multiple cross-site scripting (XSS) vulnerabilities in cPanel 10 allow ...) NOT-FOR-US: cPanel CVE-2006-4292 (Unspecified vulnerability in Niels Provos Honeyd before 1.5b allows ...)