Author: alec-guest Date: 2006-06-13 02:55:36 +0000 (Tue, 13 Jun 2006) New Revision: 4193 Modified: data/CVE/list Log: NOT-FOR-US Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-06-13 02:34:46 UTC (rev 4192) +++ data/CVE/list 2006-06-13 02:55:36 UTC (rev 4193) @@ -443,114 +443,114 @@ CVE-2006-2758 (Directory traversal vulnerability in jetty 6.0.x (jetty6) beta16 ...) TODO: check CVE-2006-2757 (Cross-site scripting (XSS) vulnerability in Chipmunk guestbook allows ...) - TODO: check + NOT-FOR-US: Chipmunk guestbook CVE-2006-2756 (Eitsop My Web Server 1.0 allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Eitsop CVE-2006-2755 (Cross-site scripting (XSS) vulnerability in index.php in UBBThreads ...) - TODO: check + NOT-FOR-US: UBBThreads CVE-2006-2754 (Stack-based buffer overflow in st.c in slurpd for OpenLDAP before ...) - openldap2.3 <unfixed> (unimportant) NOTE: File is only written and read by slurpd, only editable by root CVE-2006-2752 (The RedCarpet /etc/ximian/rcd.conf configuration file in Novell Linux ...) - TODO: check + NOT-FOR-US: RedCarpet CVE-2006-2751 (Cross-site scripting (XSS) vulnerability in Open Searchable Image ...) - TODO: check + NOT-FOR-US: OSIC CVE-2006-2750 (Cross-site scripting (XSS) vulnerability in the do_mysql_query ...) - TODO: check + NOT-FOR-US: OSIC CVE-2006-2749 (SQL injection vulnerability in search.php in Open Searchable Image ...) - TODO: check + NOT-FOR-US: OSIC CVE-2006-2748 (SQL injection vulnerability in the do_mysql_query function in core.php ...) - TODO: check + NOT-FOR-US: OSIC CVE-2006-2747 (Directory traversal vulnerability in index.php in PhpMyDesktop|arcade ...) - TODO: check + NOT-FOR-US: PhpMyDesktop CVE-2006-2746 (Multiple cross-site scripting (XSS) vulnerabilities in F@cile ...) - TODO: check + NOT-FOR-US: F@cile CVE-2006-2745 (Multiple PHP remote file inclusion vulnerabilities in F@cile ...) - TODO: check + NOT-FOR-US: F@cile CVE-2006-2744 (PHP remote file inclusion vulnerability in p-popupgallery.php in ...) - TODO: check + NOT-FOR-US: F@cile CVE-2006-2743 (Drupal 4.6.x before 4.6.7 and 4.7.0, when running on Apache with ...) - drupal 4.5.8-1.1 (bug #368835; medium) CVE-2006-2742 (SQL injection vulnerability in Drupal 4.6.x before 4.6.7 and 4.7.0 ...) - drupal 4.5.8-1.1 (medium) CVE-2006-2741 (Cross-site scripting (XSS) vulnerability in Epicdesigns tinyBB 0.3 ...) - TODO: check + NOT-FOR-US: tinyBB CVE-2006-2740 (Multiple SQL injection vulnerabilities in Epicdesigns tinyBB 0.3 allow ...) - TODO: check + NOT-FOR-US: tinyBB CVE-2006-2739 (PHP remote file inclusion vulnerability in footers.php in Epicdesigns ...) - TODO: check + NOT-FOR-US: tinyBB CVE-2006-2738 (The open source version of Open-Xchange 0.8.2 and earlier uses a ...) - TODO: check + NOT-FOR-US: Open-Xchange CVE-2006-2737 (utilities/register.asp in Nukedit 4.9.6 and earlier allows remote ...) - TODO: check + NOT-FOR-US: Nukedit CVE-2006-2736 (PHP remote file inclusion vulnerability in blend_data/blend_common.php ...) - TODO: check + NOT-FOR-US: Blend Portal CVE-2006-2735 (PHP remote file inclusion vulnerability in ...) - TODO: check + NOT-FOR-US: Amod CVE-2006-2734 (enter.asp in Mini-Nuke 2.3 and earlier makes it easier for remote ...) - TODO: check + NOT-FOR-US: Mini-Nuke CVE-2006-2733 (membership.asp in Mini-Nuke 2.3 and earlier uses plaintext security ...) - TODO: check + NOT-FOR-US: Mini-Nuke CVE-2006-2732 (SQL injection vulnerability in Your_Account.asp in Mini-Nuke 2.3 and ...) - TODO: check + NOT-FOR-US: Mini-Nuke CVE-2006-2731 (Multiple SQL injection vulnerabilities in Enigma Haber 4.3 and earlier ...) - TODO: check + NOT-FOR-US: Enigma Haber CVE-2006-2730 (PHP remote file inclusion vulnerability in admin/lib_action_step.php ...) - TODO: check + NOT-FOR-US: Hot Open Tickets CVE-2006-2729 (Cross-site scripting (XSS) vulnerability in superalbum/index.php in ...) - TODO: check + NOT-FOR-US: Photoalbum CVE-2006-2728 (Cross-site scripting (XSS) vulnerability in superalbum/index.php in ...) - TODO: check + NOT-FOR-US: Photoalbum CVE-2006-2727 (home/register.php in Eggblog before 3.0 allows remote attackers to ...) - TODO: check + NOT-FOR-US: Eggblog CVE-2006-2726 (PHP remote file inclusion vulnerability in Fastpublish CMS 1.6.9.d ...) - TODO: check + NOT-FOR-US: Fastpublish CVE-2006-2725 (SQL injection vulnerability in rss/posts.php in Eggblog before 3.07 ...) - TODO: check + NOT-FOR-US: Eggblog CVE-2006-2724 (Cross-site scripting (XSS) vulnerability in PunBB 1.2.11 allows remote ...) - TODO: check + NOT-FOR-US: PunBB CVE-2006-2723 (Unspecified versions of Mozilla Firefox allow remote attackers to ...) TODO: check CVE-2006-2722 (SQL injection vulnerability in view_album.php in SelectaPix 1.4 allows ...) - TODO: check + NOT-FOR-US: SelectaPix CVE-2006-2721 (Cross-site scripting (XSS) vulnerability in news.php in VARIOMAT ...) - TODO: check + NOT-FOR-US: VARIOMAT CVE-2006-2720 (SQL injection vulnerability in news.php in VARIOMAT allows remote ...) - TODO: check + NOT-FOR-US: VARIOMAT CVE-2006-2719 (JIWA Financials 6.4.14 stores usernames and passwords for all accounts ...) - TODO: check + NOT-FOR-US: JIWA CVE-2006-2718 (JIWA Financials 6.4.14 passes a Microsoft SQL Server account''s ...) - TODO: check + NOT-FOR-US: JIWA CVE-2006-2717 (Unspecified vulnerability in Secure Elements Class 5 AVR client and ...) - TODO: check + NOT-FOR-US: C5 EVM CVE-2006-2716 (Secure Elements Class 5 AVR server (aka C5 EVM) before 2.8.1 uses a ...) - TODO: check + NOT-FOR-US: C5 EVM CVE-2006-2715 (The Administration Console in Secure Elements Class 5 AVR (aka C5 EVM) ...) - TODO: check + NOT-FOR-US: C5 EVM CVE-2006-2714 (Secure Elements Class 5 AVR client (aka C5 EVM) before 2.8.1 does not ...) - TODO: check + NOT-FOR-US: C5 EVM CVE-2006-2713 (Secure Elements Class 5 AVR client (aka C5 EVM) before 2.8.1 generates ...) - TODO: check + NOT-FOR-US: C5 EVM CVE-2006-2712 (Secure Elements Class 5 AVR (aka C5 EVM) client and server before ...) - TODO: check + NOT-FOR-US: C5 EVM CVE-2006-2711 (Secure Elements Class 5 AVR (aka C5 EVM) 2.8.1 and earlier, and ...) - TODO: check + NOT-FOR-US: C5 EVM CVE-2006-2710 (Secure Elements Class 5 AVR (aka C5 EVM) before 2.8.1 uses the same ...) - TODO: check + NOT-FOR-US: C5 EVM CVE-2006-2709 (Secure Elements Class 5 AVR (aka C5 EVM) before 2.8.1 do not validate ...) - TODO: check + NOT-FOR-US: C5 EVM CVE-2006-2708 (Secure Elements Class 5 AVR client (aka C5 EVM) before 2.8.1 allows ...) - TODO: check + NOT-FOR-US: C5 EVM CVE-2006-2707 (Secure Elements Class 5 AVR server (aka C5 EVM) before 2.8.1 does not ...) - TODO: check + NOT-FOR-US: C5 EVM CVE-2006-2706 (Secure Elements Class 5 AVR server (aka C5 EVM) before 2.8.1 allows ...) - TODO: check + NOT-FOR-US: C5 EVM CVE-2006-2705 (Secure Elements Class 5 AVR server (aka C5 EVM) before 2.8.1 allows ...) - TODO: check + NOT-FOR-US: C5 EVM CVE-2006-2704 (Secure Elements Class 5 AVR server and client (aka C5 EVM) before ...) - TODO: check + NOT-FOR-US: C5 EVM CVE-2006-2703 (The RedCarpet command-line client (rug) does not verify SSL ...) - TODO: check + NOT-FOR-US: RedCarpet CVE-2006-2702 (vars.php in WordPress 2.0.2, possibly when running on Mac OS X, allows ...) TODO: check CVE-2006-2701 (SQL injection vulnerability in Geeklog 1.4.0sr2 and earlier allows ...)