Author: jmm-guest Date: 2006-04-04 15:05:13 +0000 (Tue, 04 Apr 2006) New Revision: 3746 Modified: data/CVE/list Log: NFUs new block Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-04-04 14:58:55 UTC (rev 3745) +++ data/CVE/list 2006-04-04 15:05:13 UTC (rev 3746) @@ -47,36 +47,34 @@ CVE-2006-1564 (Untrusted search path vulnerability in libapache2-svn 1.3.0-4 for ...) - subversion 1.3.0-5 (bug #359234; low) [sarge] - subversion <not-affected> (No rpaths set in Sarge) -begin claimed by jmm CVE-2006-1563 (Direct static code injection vulnerability in config.php in vscripts ...) - TODO: check + NOT-FOR-US: VBook CVE-2006-1562 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...) - TODO: check + NOT-FOR-US: VBook CVE-2006-1561 (SQL injection vulnerability in index.php in vscripts (aka Kuba ...) - TODO: check + NOT-FOR-US: VBook CVE-2006-1560 (Multiple SQL injection vulnerabilities in SkinTech phpNewsManager 1.48 ...) - TODO: check + NOT-FOR-US: SkinTech phpNewsManager CVE-2006-1559 (SQL injection vulnerability in PHP Script Index allows remote ...) - TODO: check + NOT-FOR-US: PHP Script Index CVE-2006-1558 (Cross-site scripting (XSS) vulnerability in search.php in PHP Script ...) - TODO: check + NOT-FOR-US: PHP Script Index CVE-2006-1557 (Multiple SQL injection vulnerabilities in X-Changer 0.2 allow remote ...) - TODO: check + NOT-FOR-US: X-Changer CVE-2006-1556 (Multiple cross-site scripting (XSS) vulnerabilities in ...) - TODO: check + NOT-FOR-US: AL-Caricatier CVE-2006-1555 (VSNS Lemon 3.2.0 allows remote attackers to bypass authentication and ...) - TODO: check + NOT-FOR-US: VSNS Lemon CVE-2006-1554 (Cross-site scripting (XSS) vulnerability in VSNS Lemon 3.2.0 allows ...) - TODO: check + NOT-FOR-US: VSNS Lemon CVE-2006-1553 (SQL injection vulnerability in functions/final_functions.php in VSNS ...) - TODO: check + NOT-FOR-US: VSNS Lemon CVE-2006-1552 (ImageIO in Apple Mac OS X 10.4 up to 10.4.5 allows remote attackers to ...) - TODO: check + NOT-FOR-US: Apple CVE-2006-1551 RESERVED CVE-2006-1549 RESERVED -end claimed by jmm CVE-2005-4767 (BEA WebLogic Server and WebLogic Express 8.1 SP5 and earlier, and 7.0 ...) NOT-FOR-US: BEA WebLogic CVE-2005-4766 (BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, and 7.0 ...) @@ -121,6 +119,7 @@ - libstruts1.2-java <unfixed> (bug #360551) CVE-2006-1546 (Apache Software Foundation (ASF) Struts before 1.2.9 allows remote ...) - libstruts1.2-java <unfixed> (bug #360551) +begin claimed by jmm CVE-2006-1545 (Direct static code injection vulnerability in admin/config.php in ...) TODO: check CVE-2006-1544 (Multiple cross-site scripting (XSS) vulnerabilities in news.php in ...) @@ -149,6 +148,7 @@ TODO: check CVE-2006-1532 (Cross-site scripting (XSS) vulnerability in search.php in PHP ...) TODO: check +end claimed by jmm CVE-2006-1531 RESERVED CVE-2006-1530