Author: jmm-guest Date: 2005-12-30 03:35:48 +0000 (Fri, 30 Dec 2005) New Revision: 3186 Modified: data/CVE/list Log: processed block, lots of NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2005-12-30 01:50:48 UTC (rev 3185) +++ data/CVE/list 2005-12-30 03:35:48 UTC (rev 3186) @@ -192,58 +192,56 @@ - mediawiki <unfixed> (bug filed) CVE-2005-4500 (SQL injection vulnerability in MusicBox 2.3 allows remote attackers to ...) NOT-FOR-US: MusicBox -begin claimed by jmm CVE-2005-4499 (The Downloadable RADIUS ACLs feature in Cisco PIX and VPN 3000 ...) - TODO: check + NOT-FOR-US: Cisco CVE-2005-4498 (Cross-site scripting (XSS) vulnerability in Text-e 1.6.4 and earlier ...) - TODO: check + NOT-FOR-US: Text-e CVE-2005-4497 (Cross-site scripting (XSS) vulnerability in Tangora Portal CMS 4.0 and ...) - TODO: check + NOT-FOR-US: Tangora Portal CVE-2005-4496 (Cross-site scripting (XSS) vulnerability in search in SyntaxCMS 1.2.1 ...) - TODO: check + NOT-FOR-US: Syntax CMS CVE-2005-4495 (SQL injection vulnerability in index.cfm in SpireMedia mx7 allows ...) - TODO: check + NOT-FOR-US: SpireMedia CVE-2005-4494 (Cross-site scripting (XSS) vulnerability in SPIP 1.8.2 and earlier ...) - TODO: check + NOT-FOR-US: SPIP CVE-2005-4493 (Cross-site scripting (XSS) vulnerability in SpearTek 6.0 and earlier ...) - TODO: check + NOT-FOR-US: SpearTek CVE-2005-4492 (Cross-site scripting (XSS) vulnerability in Starphire SiteSage 5.0.18 ...) - TODO: check + NOT-FOR-US: Starphire SiteSage CVE-2005-4491 (Multiple cross-site scripting (XSS) vulnerabilities in Sitekit CMS 6.6 ...) - TODO: check + NOT-FOR-US: Sitekit CMS CVE-2005-4490 (Multiple cross-site scripting (XSS) vulnerabilities in SCOOP! 2.3 and ...) - TODO: check + NOT-FOR-US: SCOOP! CVE-2005-4489 (Cross-site scripting (XSS) vulnerability in Scoop 1.1 RC1 and earlier ...) - TODO: check + NOT-FOR-US: Scoop CVE-2005-4488 (Multiple cross-site scripting (XSS) vulnerabilities in index.tpl in ...) - TODO: check + NOT-FOR-US: Redakto WCMS CVE-2005-4487 (Cross-site scripting (XSS) vulnerability in RAMSite R|1 CMS 1.0 and ...) - TODO: check + NOT-FOR-US: RAMSite CVE-2005-4486 (SQL injection vulnerability in Quantum Art QP7.Enterprise (formerly ...) - TODO: check + NOT-FOR-US: Quantum Art CVE-2005-4485 (Multiple cross-site scripting (XSS) vulnerabilities in ProjectApp 3.3 ...) - TODO: check + NOT-FOR-US: ProjectApp CVE-2005-4484 (Multiple cross-site scripting (XSS) vulnerabilities in IntranetApp 3.3 ...) - TODO: check + NOT-FOR-US: IntranetApp CVE-2005-4483 (Cross-site scripting (XSS) vulnerability in login.asp in SiteEnable ...) - TODO: check + NOT-FOR-US: SiteEnable CVE-2005-4482 (Cross-site scripting (XSS) vulnerability in login.asp in PortalApp 3.3 ...) - TODO: check + NOT-FOR-US: PortalApp CVE-2005-4481 (Cross-site scripting (XSS) vulnerability in Polopoly 9 and earlier ...) - TODO: check + NOT-FOR-US: Polypoly CVE-2005-4480 (Cross-site scripting (XSS) vulnerability in Plexcor CMS 4.0 and ...) - TODO: check + NOT-FOR-US: Plexcor CMS CVE-2005-4479 (SQL injection vulnerability in article.php in phpSlash 0.8.1 and ...) - TODO: check + NOT-FOR-US: phpSlash CVE-2005-4478 (Multiple SQL injection vulnerabilities in Papoo 2.1.2 and earlier ...) - TODO: check + NOT-FOR-US: Papoo CVE-2005-4477 (Cross-site scripting (XSS) vulnerability in papaya CMS 4.0.4 and ...) - TODO: check + NOT-FOR-US: papaya CMS CVE-2005-4476 (Cross-site scripting (XSS) vulnerability in store/search/results.html ...) - TODO: check + NOT-FOR-US: OpenEdit CVE-2005-4475 (Cross-site scripting (XSS) vulnerability in OpenCms 6.0.3 and earlier ...) - TODO: check -end claimed by jmm + NOT-FOR-US: OpenCms CVE-2005-4534 (The shadow database feature (syncshadowdb) in Bugzilla 2.16.7 through ...) - bugzilla 2.18 (bug #329387; low) NOTE: The vulnerable script has been removed in the 2.18 upstream release