Author: jmm-guest Date: 2006-04-04 14:58:55 +0000 (Tue, 04 Apr 2006) New Revision: 3745 Modified: data/CVE/list Log: NFUs mantis sucks Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-04-04 14:46:23 UTC (rev 3744) +++ data/CVE/list 2006-04-04 14:58:55 UTC (rev 3745) @@ -1,45 +1,43 @@ -begin claimed by jmm CVE-2006-1586 (SQL injection vulnerability in admin_login.asp in ISP of Egypt SiteMan ...) - TODO: check + NOT-FOR-US: Egypt SiteMan CVE-2006-1585 (Multiple SQL injection vulnerabilities in MonAlbum 0.8.7 allow remote ...) - TODO: check + NOT-FOR-US: MonAlbum CVE-2006-1584 (Unspecified vulnerability in index.php in Warcraft III Replay Parser ...) - TODO: check + NOT-FOR-US: Warcraft III Replay CVE-2006-1583 (Cross-site scripting (XSS) vulnerability in index.php in Warcraft III ...) - TODO: check + NOT-FOR-US: Warcraft III Replay CVE-2006-1582 (Cross-site scripting (XSS) vulnerability in index.php in Blank''N''Berg ...) - TODO: check + NOT-FOR-US: Blank''N''Berg CVE-2006-1581 (Directory traversal vulnerability in index.php in Blank''N''Berg 0.2 ...) - TODO: check + NOT-FOR-US: Blank''N''Berg CVE-2006-1580 (Multiple cross-site scripting (XSS) vulnerabilities in Bugzero 4.3.1 ...) - TODO: check + NOT-FOR-US: Bugzero CVE-2006-1579 (SQL injection vulnerability in topics.php in Dynamic Bulletin Board ...) - TODO: check + NOT-FOR-US: Dynamic Bulletin Board System CVE-2006-1578 (Multiple SQL injection vulnerabilities in Keystone Digital Library ...) - TODO: check + NOT-FOR-US: Keystone Digital Library Suite CVE-2006-1577 (Multiple cross-site scripting (XSS) vulnerabilities in ...) - TODO: check + - mantis <unfixed> CVE-2006-1576 (Direct static code injection vulnerability in QLnews 1.2 allows remote ...) - TODO: check + NOT-FOR-US: QLnews CVE-2006-1575 (Multiple cross-site scripting (XSS) vulnerabilities in news.php in ...) - TODO: check + NOT-FOR-US: QLnews CVE-2006-1574 (Cross-site scripting (XSS) vulnerability in Groupmax World Wide Web, ...) - TODO: check + NOT-FOR-US: Groupmax World Wide Web et. al. CVE-2006-1573 (PHP remote file inclusion vulnerability in index.php in MediaSlash ...) - TODO: check + NOT-FOR-US: MediaSlash Gallery CVE-2006-1572 (SQL injection vulnerability in post.php in Oxygen 1.1.3 allows remote ...) - TODO: check + NOT-FOR-US: Oxygen CVE-2006-1571 (Multiple SQL injection vulnerabilities in loginprocess.php in ...) - TODO: check + NOT-FOR-US: qliteNews CVE-2006-1570 (Cross-site scripting (XSS) vulnerability in Esqlanelapse 2.0 and 2.2 ...) - TODO: check + NOT-FOR-US: Esqlanelapse CVE-2006-1569 (Multiple SQL injection vulnerabilities in RedCMS 0.1 allow remote ...) - TODO: check + NOT-FOR-US: RedCMS CVE-2006-1568 (Multiple cross-site scripting (XSS) vulnerabilities in register.php in ...) - TODO: check + NOT-FOR-US: RedCMS CVE-2006-1567 (Cross-site scripting (XSS) vulnerability in searchresults.asp in ...) - TODO: check -end claimed by jmm + NOT-FOR-US: SiteSearch Indexer CVE-2006-1566 (Untrusted search path vulnerability in libtunepimp-perl 0.4.2-1 in ...) - libtunepimp 0.4.2-3 (bug #359241; low) [sarge] - libtunepimp <not-affected> (rpath not set to /tmp in Sarge) @@ -49,6 +47,7 @@ CVE-2006-1564 (Untrusted search path vulnerability in libapache2-svn 1.3.0-4 for ...) - subversion 1.3.0-5 (bug #359234; low) [sarge] - subversion <not-affected> (No rpaths set in Sarge) +begin claimed by jmm CVE-2006-1563 (Direct static code injection vulnerability in config.php in vscripts ...) TODO: check CVE-2006-1562 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...) @@ -77,6 +76,7 @@ RESERVED CVE-2006-1549 RESERVED +end claimed by jmm CVE-2005-4767 (BEA WebLogic Server and WebLogic Express 8.1 SP5 and earlier, and 7.0 ...) NOT-FOR-US: BEA WebLogic CVE-2005-4766 (BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, and 7.0 ...)