Author: stef-guest Date: 2006-04-04 17:57:07 +0000 (Tue, 04 Apr 2006) New Revision: 3750 Modified: data/CVE/list Log: some NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-04-04 16:30:26 UTC (rev 3749) +++ data/CVE/list 2006-04-04 17:57:07 UTC (rev 3750) @@ -367,84 +367,82 @@ RESERVED CVE-2006-1433 RESERVED - -begin claimed by stef-guest - CVE-2006-1432 (fusionZONE couponZONE 4.2 allows remote attackers to obtain the full ...) - TODO: check + NOT-FOR-US: fusionZONE couponZONE CVE-2006-1431 (Cross-site scripting (XSS) vulnerability in local.cfm in fusionZONE ...) - TODO: check + NOT-FOR-US: fusionZONE couponZONE CVE-2006-1430 (Multiple cross-site scripting (XSS) vulnerabilities in CONTROLzx HMS ...) - TODO: check + NOT-FOR-US: CONTROLzx HMS CVE-2006-1429 (Cross-site scripting (XSS) vulnerability in accountlogon.cfm in ...) - TODO: check + NOT-FOR-US: classifiedZONE CVE-2006-1428 (Multiple cross-site scripting (XSS) vulnerabilities in phpCOIN 1.2.2 ...) - TODO: check + NOT-FOR-US: phpCOIN CVE-2006-1427 (Multiple cross-site scripting (XSS) vulnerabilities in WebAPP ...) - TODO: check + NOT-FOR-US: WebAPP CVE-2006-1426 (Multiple SQL injection vulnerabilities in Pixel Motion Blog allow ...) - TODO: check + NOT-FOR-US: Blog Pixel Motion CVE-2006-1425 (Cross-site scripting (XSS) vulnerability in track.php in phpmyfamily ...) - TODO: check + NOT-FOR-US: phpmyfamily CVE-2006-1424 (Cross-site scripting (XSS) vulnerability in index.php in ConfTool 1.1 ...) - TODO: check + NOT-FOR-US: ConfTool CVE-2006-1423 (SQL injection vulnerability in showflat.php in UBB.threads 5.5.1, 6.0 ...) - TODO: check + NOT-FOR-US: UBB.threads CVE-2006-1422 (SQL injection vulnerability in details_view.php in PHP Booking Calendar ...) - TODO: check + NOT-FOR-US: PHP Booking Calendar CVE-2006-1421 (Multiple SQL injection vulnerabilities in akocomment.php in AkoComment ...) - TODO: check + NOT-FOR-US: AkoComment CVE-2006-1420 (SQL injection vulnerability in print.php in SaphpLesson 2.0 allows ...) - TODO: check + NOT-FOR-US: SaphpLesson CVE-2006-1419 (SQL injection vulnerability in the Calendar module in nuked-klan 1.7.5 ...) - TODO: check + NOT-FOR-US: nuked-klan CVE-2006-1418 (Cross-site scripting (XSS) vulnerability in default.asp in Caloris ...) - TODO: check + NOT-FOR-US: Caloris Planitia E-School Management CVE-2006-1417 (Multiple cross-site scripting (XSS) vulnerabilities in Caloris ...) - TODO: check + NOT-FOR-US: Caloris Planitia Online Quiz System CVE-2006-1416 (Cross-site scripting (XSS) vulnerability in afmsearch.aspx in Absolute ...) - TODO: check + NOT-FOR-US: Absolute FAQ Manager .NET CVE-2006-1415 (Cross-site scripting (XSS) vulnerability in iforget.aspx in dotNetBB ...) - TODO: check + NOT-FOR-US: dotNetBB CVE-2006-1414 (Multiple cross-site scripting (XSS) vulnerabilities in toast.asp in ...) - TODO: check + NOT-FOR-US: Toast Forums CVE-2006-1413 (Multiple cross-site scripting (XSS) vulnerabilities in EZHomepagePro ...) - TODO: check + NOT-FOR-US: EZHomepagePro CVE-2006-1412 (TFT Gallery 0.10 stores sensitive information under the web root with ...) - TODO: check + NOT-FOR-US: TFT Gallery CVE-2006-1411 (Cross-site scripting (XSS) vulnerability in Absolute Image Gallery XE ...) - TODO: check + NOT-FOR-US: Absolute Image Gallery CVE-2006-1410 (Multiple cross-site scripting (XSS) vulnerabilities in XIGLA Absolute ...) - TODO: check + NOT-FOR-US: XIGLA Absolute Live Support CVE-2006-1409 (Buffer overflow in Vavoom 1.19.1 and earlier allows remote attackers ...) - TODO: check + NOT-FOR-US: Vavoom + NOTE: code in prboom and lxdoom looks completely different CVE-2006-1408 (Vavoom 1.19.1 and earlier allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Vavoom + NOTE: code in prboom and lxdoom looks completely different CVE-2006-1407 (Multiple cross-site scripting (XSS) vulnerabilities in Helm Web ...) - TODO: check + NOT-FOR-US: Helm Web Hosting Control Panel CVE-2006-1406 (Multiple cross-site scripting (XSS) vulnerabilities in wbadmlog.aspx ...) - TODO: check + NOT-FOR-US: uniForum CVE-2006-1405 (Cross-site scripting (XSS) vulnerability in search.aspx in ...) - TODO: check + NOT-FOR-US: SweetSuite.NET Content Management System CVE-2006-1404 (Multiple cross-site scripting (XSS) vulnerabilities in bol.cgi in ...) - TODO: check + NOT-FOR-US: BlankOL CVE-2006-1403 (Format string vulnerability in the PrintString function in ...) - TODO: check - -end claimed by stef-guest - + NOT-FOR-US: csDoom + NOTE: prboom, lxdoom not affected CVE-2006-1402 (Buffer overflow in client/server Doom (csDoom) 0.7 and earlier allows ...) - TODO: check + NOT-FOR-US: csDoom + NOTE: prboom, lxdoom not affected CVE-2006-1401 (Multiple cross-site scripting (XSS) vulnerabilities in search.php in ...) - TODO: check + NOT-FOR-US: Calendar Express CVE-2006-1400 (Cross-site scripting (XSS) vulnerability in ...) - TODO: check + NOT-FOR-US: Metisware Instructor CVE-2006-1399 (Cross-site scripting (XSS) vulnerability in searchresult.php in ...) - TODO: check + NOT-FOR-US: Meeting Reserve CVE-2006-1398 (Cross-site scripting (XSS) vulnerability in guestbook.php in G-Book ...) - TODO: check + NOT-FOR-US: G-Book CVE-2006-1397 (Multiple cross-site scripting (XSS) vulnerabilities in (a) phpAdsNew ...) - TODO: check + NOT-FOR-US: phpAdsNew CVE-2005-4747 (Cross-site scripting (XSS) vulnerability in WebHost Automation Ltd ...) TODO: check CVE-2005-4746 (Multiple buffer overflows in FreeRADIUS 1.0.3 and 1.0.4 allow remote ...) @@ -29696,15 +29694,15 @@ CVE-2000-0693 (pgxconfig in the Raptor GFX configuration tool uses a relative path ...) TODO: check CVE-2000-0685 (BEA WebLogic 5.1.x does not properly restrict access to the ...) - TODO: check + NOT-FOR-US: BEA WebLogic CVE-2000-0684 (BEA WebLogic 5.1.x does not properly restrict access to the ...) - TODO: check + NOT-FOR-US: BEA WebLogic CVE-2000-0683 (BEA WebLogic 5.1.x allows remote attackers to read source code for ...) - TODO: check + NOT-FOR-US: BEA WebLogic CVE-2000-0682 (BEA WebLogic 5.1.x allows remote attackers to read source code for ...) - TODO: check + NOT-FOR-US: BEA WebLogic CVE-2000-0681 (Buffer overflow in BEA WebLogic server proxy plugin allows remote ...) - TODO: check + NOT-FOR-US: BEA WebLogic CVE-2000-0679 (The CVS 1.10.8 client trusts pathnames that are provided by the CVS ...) TODO: check CVE-2000-0678 (PGP 5.5.x through 6.5.3 does not properly check if an Additional ...) @@ -29966,9 +29964,9 @@ CVE-2000-0501 (Race condition in MDaemon 2.8.5.0 POP server allows local users to ...) TODO: check CVE-2000-0500 (The default configuration of BEA WebLogic 5.1.0 allows a remote ...) - TODO: check + NOT-FOR-US: BEA WebLogic CVE-2000-0499 (The default configuration of BEA WebLogic 3.1.8 through 4.5.1 allows a ...) - TODO: check + NOT-FOR-US: BEA WebLogic CVE-2000-0498 (Unify eWave ServletExec allows a remote attacker to view source code ...) TODO: check CVE-2000-0497 (IBM WebSphere server 3.0.2 allows a remote attacker to view source ...) @@ -33021,7 +33019,7 @@ CVE-2002-0108 (Allaire Forums 2.0.4 and 2.0.5 and Forums! 3.0 and 3.1 allows remote ...) TODO: check CVE-2002-0106 (BEA Systems Weblogic Server 6.1 allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: BEA WebLogic CVE-2002-0105 (CDE dtlogin in Caldera UnixWare 7.1.0, and possibly other operating ...) TODO: check CVE-2002-0104 (AFTPD 5.4.4 allows remote attackers to gain sensitive information via ...)