Author: joeyh Date: 2006-04-21 21:14:40 +0000 (Fri, 21 Apr 2006) New Revision: 3842 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-04-21 20:41:44 UTC (rev 3841) +++ data/CVE/list 2006-04-21 21:14:40 UTC (rev 3842) @@ -1,6 +1,152 @@ +CVE-2006-1976 (Cross-site scripting (XSS) vulnerability in addRequest.php in Prayer ...) + TODO: check +CVE-2006-1975 (Cross-site scripting (XSS) vulnerability in guestbook_newentry.php in ...) + TODO: check +CVE-2006-1974 (SQL injection vulnerability in index.php in MyBB (MyBulletinBoard) ...) + TODO: check +CVE-2006-1973 (Multiple unspecified vulnerabilities in Linksys RT31P2 VoIP router ...) + TODO: check +CVE-2006-1972 (Cross-site scripting (XSS) vulnerability in EasyGallery.php in Wingnut ...) + TODO: check +CVE-2006-1971 (Cross-site scripting (XSS) vulnerability in login.php in KRANKIKOM ...) + TODO: check +CVE-2006-1970 (Cross-site scripting (XSS) vulnerability in classifieds/viewcat.cgi in ...) + TODO: check +CVE-2006-1969 (Cross-site scripting (XSS) vulnerability in search/search.cgi in an ...) + TODO: check +CVE-2006-1968 (Cross-site scripting (XSS) vulnerability in news/NsVisitor.cgi in ...) + TODO: check +CVE-2006-1967 (Cross-site scripting (XSS) vulnerability in calendar/Visitor.cgi in ...) + TODO: check +CVE-2006-1966 (An unspecified Fortinet product, possibly Fortinet28, allows remote ...) + TODO: check +CVE-2006-1965 (Multiple cross-site scripting (XSS) vulnerabilities in aasi media Net ...) + TODO: check +CVE-2006-1964 (SQL injection vulnerability in Haberler.asp in ASPSitem 1.83 and ...) + TODO: check +CVE-2006-1963 (Directory traversal vulnerability in main.php in PCPIN Chat 5.0.4 and ...) + TODO: check +CVE-2006-1962 (SQL injection vulnerability in PCPIN Chat 5.0.4 and earlier allows ...) + TODO: check +CVE-2006-1961 (Cisco CiscoWorks Wireless LAN Solution Engine (WLSE) and WLSE Express ...) + TODO: check +CVE-2006-1960 (Cross-site scripting (XSS) vulnerability in the appliance web user ...) + TODO: check +CVE-2006-1959 (PHP remote file inclusion vulnerability in direct.php in ActualScripts ...) + TODO: check +CVE-2006-1958 (Multiple SQL injection vulnerabilities in WWWThreads RC 3 allow remote ...) + TODO: check +CVE-2006-1957 (The com_rss option (rss.php) in (1) Mambo and (2) Joomla! allows ...) + TODO: check +CVE-2006-1956 (The com_rss option (rss.php) in (1) Mambo and (2) Joomla! allows ...) + TODO: check +CVE-2006-1955 (PHP remote file inclusion vulnerability in authent.php4 in Nicolas ...) + TODO: check +CVE-2006-1954 (SQL injection vulnerability in authent.php4 in Nicolas Fischer (aka ...) + TODO: check +CVE-2006-1953 + RESERVED +CVE-2006-1952 + RESERVED +CVE-2006-1951 + RESERVED +CVE-2006-1950 (Multiple cross-site scripting (XSS) vulnerabilities in banners.cgi in ...) + TODO: check +CVE-2006-1949 (SQL injection vulnerability in plexcart.pl in NicPlex PlexCart X3 and ...) + TODO: check +CVE-2006-1948 (The "Add Sender to Address Book" operation ...) + TODO: check +CVE-2006-1947 (Multiple SQL injection vulnerabilities in plexum.php in NicPlex Plexum ...) + TODO: check +CVE-2006-1946 (Multiple cross-site scripting (XSS) vulnerabilities in Visale 1.0 and ...) + TODO: check +CVE-2006-1945 (Cross-site scripting (XSS) vulnerability in awstats.pl in AWStats 6.5 ...) + TODO: check +CVE-2006-1944 (Multiple cross-site scripting (XSS) vulnerabilities in SibSoft ...) + TODO: check +CVE-2006-1943 (Multiple cross-site scripting (XSS) vulnerabilities in Smarter Scripts ...) + TODO: check +CVE-2006-1942 (Mozilla Firefox 1.5.0.2 allows user-complicit remote attackers to open ...) + TODO: check +CVE-2006-1941 (Neon Responder 5.4 for LANsurveyor allows remote attackers to cause a ...) + TODO: check +CVE-2006-1940 + RESERVED +CVE-2006-1939 + RESERVED +CVE-2006-1938 + RESERVED +CVE-2006-1937 + RESERVED +CVE-2006-1936 + RESERVED +CVE-2006-1935 + RESERVED +CVE-2006-1934 + RESERVED +CVE-2006-1933 + RESERVED +CVE-2006-1932 + RESERVED +CVE-2006-1931 (The HTTP/XMLRPC server in Ruby before 1.8.2 uses blocking sockets, ...) + TODO: check +CVE-2006-1930 (Multiple SQL injection vulnerabilities in userscript.php in Green ...) + TODO: check +CVE-2006-1929 (PHP remote file inclusion vulnerability in include/common.php in ...) + TODO: check +CVE-2006-1928 (Cisco IOS XR, when configured for Multi Protocol Label Switching ...) + TODO: check +CVE-2006-1927 (Cisco IOS XR, when configured for Multi Protocol Label Switching ...) + TODO: check +CVE-2006-1926 (SQL injection vulnerability in showtopic.php in ThWboard 2.84 beta 3 ...) + TODO: check +CVE-2006-1925 (Directory traversal vulnerability in the editnews module ...) + TODO: check +CVE-2006-1924 (SQL injection vulnerability in functions/db_api.php in LinPHA 1.1.1 ...) + TODO: check +CVE-2006-1923 (Multiple cross-site scripting (XSS) vulnerabilities in LinPHA before ...) + TODO: check +CVE-2006-1922 (PHP remote file inclusion vulnerability in (1) about.php or (2) ...) + TODO: check +CVE-2006-1921 (nettools.php in PHP Net Tools 2.7.1 allows remote attackers to execute ...) + TODO: check +CVE-2006-1920 (SQL injection vulnerability in index.php in PMTool 1.2.2 allows remote ...) + TODO: check +CVE-2006-1919 (PHP remote file inclusion vulnerability in index.php in Internet ...) + TODO: check +CVE-2006-1918 (Multiple cross-site scripting (XSS) vulnerabilities in Papoo 2.1.5 ...) + TODO: check +CVE-2006-1917 (SQL injection vulnerability in member.php in Blackorpheus ...) + TODO: check +CVE-2006-1916 (Multiple cross-site scripting (XSS) vulnerabilities in profile.php in ...) + TODO: check +CVE-2006-1915 (SQL injection vulnerability in topics.php in DbbS 2.0-alpha and ...) + TODO: check +CVE-2006-1914 (DbbS 2.0-alpha and earlier allows remote attackers to obtain sensitive ...) + TODO: check +CVE-2006-1913 (Cross-site scripting (XSS) vulnerability in jax_guestbook.php in Jax ...) + TODO: check +CVE-2006-1912 (MyBB (MyBulletinBoard) 1.1.0 does not set the constant KILL_GLOBAL ...) + TODO: check +CVE-2006-1911 (Cross-site scripting (XSS) vulnerability in MyBB (MyBulletinBoard) 1.1 ...) + TODO: check +CVE-2006-1910 (config.php in S9Y Serendipity 1.0 beta 2 allows remote attackers to ...) + TODO: check +CVE-2006-1909 (Directory traversal vulnerability in index.php in Coppermine 1.4.4 ...) + TODO: check +CVE-2006-1908 (Cross-site scripting vulnerability in addevent.php in myEvent 1.x ...) + TODO: check +CVE-2006-1907 (Multiple SQL injection vulnerabilities in myEvent 1.x allow remote ...) + TODO: check +CVE-2005-4787 (** DISPUTED ** ...) + TODO: check +CVE-2004-2657 (** DISPUTED ** ...) + TODO: check +CVE-1999-1588 (Buffer overflow in nlps_server in Sun Solaris x86 2.4, 2.5, and 2.5.1 ...) + TODO: check CVE-2006-XXXX [wiki macro XSS vulnerability] - - trac 0.9.5-1 -CVE-2006-1906 (Cross-site scripting (XSS) vulnerability in index.php in phpLister ...) + - trac 0.9.5-1 +CVE-2006-1906 (Cross-site scripting (XSS) vulnerability in index.php in jjgan852 ...) TODO: check CVE-2006-1905 (Multiple format string vulnerabilities in xiTK (xitk/main.c) in xine ...) TODO: check @@ -463,7 +609,7 @@ NOTE: This is probably: https://bugzilla.mozilla.org/show_bug.cgi?id=320459 CVE-2006-1722 (Cross-site scripting (XSS) vulnerability in suche.htm in ShopXS 4.0 ...) NOT-FOR-US: ShopXS -CVE-2006-1721 (Unspecified vulnerability in the CMU Cyrus Simple Authentication and ...) +CVE-2006-1721 (Unspecified vulnerability in digestmd5.c in the CMU Cyrus Simple ...) - cyrus-sasl2 <unfixed> (bug #361937; low) CVE-2006-1720 (Cross-site scripting (XSS) vulnerability in search.php in SaphpLesson ...) NOT-FOR-US: SaphpLesson @@ -2056,7 +2202,7 @@ CVE-2006-1319 (chpst in runit 1.3.3-1 for Debian GNU/Linux, when compiled on little ...) - runit <unfixed> (bug #356016; medium) [sarge] - runit <not-affected> -CVE-2006-1049 (Multiple SQL injection vulnerabilities in Joomla! 1.0.7 and earlier ...) +CVE-2006-1049 (Multiple SQL injection vulnerabilities in the Admin functionality in ...) NOT-FOR-US: Joomla! CVE-2006-1048 (Joomla! 1.0.7 and earlier allows attackers to bypass intended access ...) NOT-FOR-US: Joomla!