Author: joeyh Date: 2006-06-13 09:14:29 +0000 (Tue, 13 Jun 2006) New Revision: 4196 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-06-13 07:14:41 UTC (rev 4195) +++ data/CVE/list 2006-06-13 09:14:29 UTC (rev 4196) @@ -1,3 +1,159 @@ +CVE-2006-3008 (SQL injection vulnerability in index.php in Particle Links 1.2.2 ...) + TODO: check +CVE-2006-3007 (Multiple cross-site scripting (XSS) vulnerabilities in SHOUTcast 1.9.5 ...) + TODO: check +CVE-2006-3006 (Cross-site scripting (XSS) vulnerability in iFoto 0.20, and possibly ...) + TODO: check +CVE-2006-3005 (The JPEG library in media-libs/jpeg before 6b-r7 on Gentoo Linux is ...) + TODO: check +CVE-2006-3004 (Multiple cross-site scripting (XSS) vulnerabilities in Ez Ringtone ...) + TODO: check +CVE-2006-3003 (details.php in Easy Ad-Manager allows remote attackers to obtain the ...) + TODO: check +CVE-2006-3002 (Cross-site scripting (XSS) vulnerability in details.php in Easy ...) + TODO: check +CVE-2006-3001 (Cross-site scripting (XSS) vulnerability in search.php in OkScripts ...) + TODO: check +CVE-2006-3000 (Cross-site scripting (XSS) vulnerability in search.php in OkScripts ...) + TODO: check +CVE-2006-2999 (Cross-site scripting (XSS) vulnerability in search.php in OkScripts ...) + TODO: check +CVE-2006-2998 (PHP remote file inclusion vulnerability in board/post.php in free ...) + TODO: check +CVE-2006-2997 (Cross-site scripting (XSS) vulnerability in ZMS 2.9 and earlier, when ...) + TODO: check +CVE-2006-2996 (PHP remote file inclusion vulnerability in inc/design.inc.php in ...) + TODO: check +CVE-2006-2995 (Multiple PHP remote file inclusion vulnerabilities in WebprojectDB ...) + TODO: check +CVE-2006-2994 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...) + TODO: check +CVE-2006-2993 (Multiple SQL injection vulnerabilities in My Photo Scrapbook 1.0 and ...) + TODO: check +CVE-2006-2992 (Cross-site scripting (XSS) vulnerability in display.asp in My Photo ...) + TODO: check +CVE-2006-2991 (Multiple cross-site scripting (XSS) vulnerabilities in Ringlink 3.2 ...) + TODO: check +CVE-2006-2990 (Cross-site scripting (XSS) vulnerability in default.asp in VanillaSoft ...) + TODO: check +CVE-2006-2989 (Cross-site scripting (XSS) vulnerability in listpics.asp in ASP ...) + TODO: check +CVE-2006-2988 (Cross-site scripting (XSS) vulnerability in dictionary.php in Chemical ...) + TODO: check +CVE-2006-2987 (Multiple SQL injection vulnerabilities in Dominios Europa PICRATE (aka ...) + TODO: check +CVE-2006-2986 (Multiple cross-site scripting (XSS) vulnerabilities in Baby Katie ...) + TODO: check +CVE-2006-2985 (SQL injection vulnerability in index.php in IntegraMOD 1.4.0 and ...) + TODO: check +CVE-2006-2984 (Cross-site scripting (XSS) vulnerability in index.php in IntegraMOD ...) + TODO: check +CVE-2006-2983 (PHP remote file inclusion vulnerability in Enterprise Timesheet and ...) + TODO: check +CVE-2006-2982 (Multiple PHP remote file inclusion vulnerabilities in Enterprise ...) + TODO: check +CVE-2006-2981 (SQL injection vulnerability in vs_search.php in Arantius Vice Stats ...) + TODO: check +CVE-2006-2980 (SQL injection vulnerability in block_forum_topic_new.php in ViArt Shop ...) + TODO: check +CVE-2006-2979 (Multiple cross-site scripting (XSS) vulnerabilities in ViArt Shop Free ...) + TODO: check +CVE-2006-2978 (Mafia Moblog 0.6M1 and earlier allows remote attackers to obtain the ...) + TODO: check +CVE-2006-2977 (SQL injection vulnerability in big.php in Mafia Moblog 0.6M1 and ...) + TODO: check +CVE-2006-2976 (Unspecified vulnerability in usermgr.php in Coppermine Photo Gallery ...) + TODO: check +CVE-2006-2975 (Multiple cross-site scripting (XSS) vulnerabilities in ...) + TODO: check +CVE-2006-2974 (Multiple cross-site scripting (XSS) vulnerabilities in EmailArchitect ...) + TODO: check +CVE-2006-2973 (Multiple SQL injection vulnerabilities in month.php in PHP Lite ...) + TODO: check +CVE-2006-2972 (SQL injection vulnerability in vs_resource.php in Arantius Vice Stats ...) + TODO: check +CVE-2006-2971 (Integer overflow in the recv_packet function in 0verkill 0.16 allows ...) + TODO: check +CVE-2006-2970 (videoPage.php in L0j1k tinyMuw 0.1.0 allows remote attackers to obtain ...) + TODO: check +CVE-2006-2969 (Cross-site scripting (XSS) vulnerability in L0j1k tinyMuw 0.1.0 allow ...) + TODO: check +CVE-2006-2968 (Cross-site scripting (XSS) vulnerability in search.php in PHP Labware ...) + TODO: check +CVE-2006-2967 (Syworks SafeNET allows local users to bypass restrictions on network ...) + TODO: check +CVE-2006-2966 (Cross-site scripting (XSS) vulnerability in Particle Soft Particle ...) + TODO: check +CVE-2006-2965 (Multiple cross-site scripting (XSS) vulnerabilities in Particle Soft ...) + TODO: check +CVE-2006-2964 (Multiple PHP remote file inclusion vulnerabilities in Xtreme Scripts ...) + TODO: check +CVE-2006-2963 (Cross-site scripting (XSS) vulnerability in Suchergebnisse.asp in ...) + TODO: check +CVE-2006-2962 (PHP remote file inclusion vulnerability in sql_fcnsOLD.php in ...) + TODO: check +CVE-2006-2961 (Stack-based buffer overflow in CesarFTP 0.99g and earlier allows ...) + TODO: check +CVE-2006-2960 (PHP remote file inclusion vulnerability in includes/joomla.php in ...) + TODO: check +CVE-2006-2959 (SQL injection vulnerability in inc_header.asp in Snitz Forum 3.4.05 ...) + TODO: check +CVE-2006-2958 (Directory traversal vulnerability in FilZip 3.05 allows remote ...) + TODO: check +CVE-2006-2957 (Cross-site scripting (XSS) vulnerability in i.List 1.5 beta and ...) + TODO: check +CVE-2006-2956 (Multiple cross-site scripting (XSS) vulnerabilities in i.List 1.5 beta ...) + TODO: check +CVE-2006-2955 (Multiple cross-site scripting (XSS) vulnerabilities in KAPhotoservice ...) + TODO: check +CVE-2006-2954 (SQL injection vulnerability in files.asp in OfficeFlow 2.6 and earlier ...) + TODO: check +CVE-2006-2953 (Cross-site scripting (XSS) vulnerability in default.asp in OfficeFlow ...) + TODO: check +CVE-2006-2952 (Directory traversal vulnerability in Net Portal Dynamic System (NPDS) ...) + TODO: check +CVE-2006-2951 (Multiple cross-site scripting (XSS) vulnerabilities in Net Portal ...) + TODO: check +CVE-2006-2950 (Net Portal Dynamic System (NPDS) 5.10 and earlier allows remote ...) + TODO: check +CVE-2006-2949 (Cross-site scripting (XSS) vulnerability in private.php in MyBB 1.1.2 ...) + TODO: check +CVE-2006-2948 (A-CART 2.0 stores the acart2_0.mdb file under the web document root ...) + TODO: check +CVE-2006-2947 (Dmx Forum 2.1a allows remote attackers to obtain username and password ...) + TODO: check +CVE-2006-2946 (Dmx Forum 2.1a stores _includes/bd.inc under the web root with ...) + TODO: check +CVE-2006-2945 (Unspecified vulnerability the user profile change functionality in ...) + TODO: check +CVE-2006-2944 (Unspecified vulnerability in CGI-RESCUE FORM2MAIL 1.21 and earlier ...) + TODO: check +CVE-2006-2943 (Unspecified vulnerability in CGI-RESCUE WebFORM 4.1 and earlier allows ...) + TODO: check +CVE-2006-2942 + RESERVED +CVE-2006-2941 + RESERVED +CVE-2006-2940 + RESERVED +CVE-2006-2939 + RESERVED +CVE-2006-2938 + RESERVED +CVE-2006-2937 + RESERVED +CVE-2006-2936 + RESERVED +CVE-2006-2935 + RESERVED +CVE-2006-2934 + RESERVED +CVE-2006-2933 + RESERVED +CVE-2006-2932 + RESERVED +CVE-2006-2931 + RESERVED CVE-2006-2930 (Unspecified vulnerability in Sun Grid Engine 5.3 and Sun N1 Grid ...) NOT-FOR-US: Sun CVE-2006-2929 (PHP remote file inclusion vulnerability in ...) @@ -12,13 +168,13 @@ NOT-FOR-US: Ingate CVE-2006-2924 (Ingate Firewall in the SIP module before 4.4.1 and SIParator before ...) NOT-FOR-US: Ingate -CVE-2006-2923 (Unspecified vulnerability in the iaxclient library LoudHush 1.3.6 has ...) +CVE-2006-2923 (The iax_net_read function in the iaxclient open source library, as ...) NOT-FOR-US: LoudHush CVE-2006-2922 (Multiple PHP remote file inclusion vulnerabilities in MiraksGalerie ...) NOT-FOR-US: MiraksGalerie CVE-2006-2921 (PHP remote file inclusion vulnerability in cmpro_header.inc.php in ...) NOT-FOR-US: CMPro -CVE-2006-2920 (Sylpheed-Claws before 2.2.2 allows remote attackers to bypass the URI ...) +CVE-2006-2920 (Sylpheed-Claws before 2.2.2 and Sylpheed before 2.2.6 allow remote ...) - sylpheed-claws <unfixed> (bug #372891; low) - sylpheed-claws-gtk2 <unfixed> (bug #372889; low) CVE-2006-2919 (Unspecified vulnerability in Microsoft NetMeeting 3.01 allows remote ...) @@ -43,8 +199,8 @@ RESERVED CVE-2006-2909 RESERVED -CVE-2006-2908 - RESERVED +CVE-2006-2908 (The domecode function in inc/functions_post.php in MyBulletinBoard ...) + TODO: check CVE-2006-2907 RESERVED CVE-2006-2906 (The LZW decoding in the gdImageCreateFromGifPtr function in the Thomas ...) @@ -63,7 +219,7 @@ NOT-FOR-US: Microsoft CVE-2006-2899 (Unspecified vulnerability in ESTsoft InternetDISK versions before ...) NOT-FOR-US: ESTsoft InternetDISK -CVE-2006-2898 (Unspecified vulnerability in the IAX2 channel driver (chan_iax2) for ...) +CVE-2006-2898 (The IAX2 channel driver (chan_iax2) for Asterisk 1.2.x before 1.2.9 ...) - asterisk <unfixed> - iax 0.2.2-5 - iaxmodem 0.1.8.dfsg-2 @@ -617,7 +773,7 @@ TODO: check CVE-2006-2671 (SQL injection vulnerability in ChatPat 1.0 allows remote attackers to ...) TODO: check -CVE-2006-2670 (Cross-site scripting (XSS) vulnerability in ChatPat 1.0 allows remote ...) +CVE-2006-2670 (Multiple cross-site scripting (XSS) vulnerabilities in ChatPat 1.0 ...) TODO: check CVE-2006-2669 (Multiple cross-site scripting (XSS) vulnerabilities in Pre Shopping ...) TODO: check