Author: stef-guest Date: 2006-09-09 09:25:30 +0000 (Sat, 09 Sep 2006) New Revision: 4705 Modified: data/CVE/list Log: some NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-09-09 08:31:55 UTC (rev 4704) +++ data/CVE/list 2006-09-09 09:25:30 UTC (rev 4705) @@ -1,85 +1,85 @@ CVE-2006-4622 (PHP remote file inclusion vulnerability in annonce.php in AnnonceV ...) - TODO: check + NOT-FOR-US: AnnonceV CVE-2006-4621 (PHP remote file inclusion vulnerability in settings.php in Pheap 1.2, ...) - TODO: check + NOT-FOR-US: Pheap CVE-2006-4620 (The useredit_account.wdm module in Alt-N WebAdmin 3.2.5 running with ...) - TODO: check + NOT-FOR-US: Alt-N WebAdmin CVE-2006-4619 (The start update window in Avira AntiVir PersonalEdition Classic ...) - TODO: check + NOT-FOR-US: Avira CVE-2006-4618 (PHP remote file inclusion vulnerability in adodb-postgres7.inc.php in ...) TODO: check CVE-2006-4617 (Unrestricted file upload vulnerability in fileupload.html in vtiger ...) - TODO: check + NOT-FOR-US: vtiger CRM CVE-2006-4616 (SMTP service in MailEnable Standard, Professional, and Enterprise ...) - TODO: check + NOT-FOR-US: MailEnable CVE-2006-4615 (Shape Services IM+ Mobile Instant Messenger for Pocket PC 3.10 stores ...) - TODO: check + NOT-FOR-US: Shape Services CVE-2006-4614 (PDAapps Verichat for Pocket PC 1.30bh stores usernames and passwords ...) - TODO: check + NOT-FOR-US: PDAapps Verichat CVE-2006-4613 (Multiple unspecified vulnerabilities in SnapGear before 3.1.4u1 allow ...) - TODO: check + NOT-FOR-US: SnapGear CVE-2006-4612 (SQL injection vulnerability in ReplyNew.asp in ZIXForum 1.12 allows ...) - TODO: check + NOT-FOR-US: ZIXForum CVE-2006-4611 (Buffer overflow in the _tor_resolve function in dsocks.c in dsocks ...) TODO: check CVE-2006-4610 (PHP remote file inclusion vulnerability in index.php in GrapAgenda ...) - TODO: check + NOT-FOR-US: GrapAgenda CVE-2006-4609 (** DISPUTED ** ...) - TODO: check + NOT-FOR-US: PHProjekt CVE-2006-4608 (Multiple cross-site scripting (XSS) vulnerabilities in Longino Jacome ...) - TODO: check + NOT-FOR-US: php-Revista CVE-2006-4607 (admin/index.php in Longino Jacome php-Revista 1.1.2 allows remote ...) - TODO: check + NOT-FOR-US: php-Revista CVE-2006-4606 (Multiple SQL injection vulnerabilities in Longino Jacome php-Revista ...) - TODO: check + NOT-FOR-US: php-Revista CVE-2006-4605 (PHP remote file inclusion vulnerability in index.php in Longino Jacome ...) - TODO: check + NOT-FOR-US: php-Revista CVE-2006-4604 (PHP remote file inclusion vulnerability in LFXlib/access_manager.php ...) - TODO: check + NOT-FOR-US: Lanifex Database of Managed Objects (DMO) CVE-2006-4603 (NCH Swift Sound Web Dictate 1.02 allows remote attackers to bypass ...) - TODO: check + NOT-FOR-US: Swift Sound Web Dictate CVE-2006-4602 (Unrestricted file upload vulnerability in jhot.php in TikiWiki 1.9.4 ...) TODO: check CVE-2006-4601 (SQL injection vulnerability in index.php in Annuaire 1Two 2.2 allows ...) - TODO: check + NOT-FOR-US: 1Two CVE-2006-4600 (slapd in OpenLDAP before 2.3.25 allows remote authenticated users with ...) - openldap2.3 2.3.25-1 - openldap2.2 <removed> (low) - openldap2 <not-affected> (low) (slapd not built from this version) CVE-2006-4599 (SQL injection vulnerability in aut_verifica.inc.php in Autentificator ...) - TODO: check + NOT-FOR-US: Autentificator CVE-2006-4598 (Multiple SQL injection vulnerabilities in links.php in ssLinks 1.22 ...) - TODO: check + NOT-FOR-US: ssLinks CVE-2006-4597 (SQL injection vulnerability in devam.asp in ICBlogger 2.0 and earlier ...) - TODO: check + NOT-FOR-US: ICBlogger CVE-2006-4596 (PHP remote file inclusion in MyBace Light Skrip, when register_globals ...) - TODO: check + NOT-FOR-US: MyBace Light Skrip CVE-2006-4595 (muforum (µforum) 0.4c stores membres/members.dat under the web ...) - TODO: check + NOT-FOR-US: muforum CVE-2006-4594 (Multiple PHP remote file inclusion vulnerabilities in PHP Advanced ...) - TODO: check + NOT-FOR-US: phpAtm CVE-2006-4593 (Cross-site scripting (XSS) vulnerability in index.php in SoftBB 0.1 ...) - TODO: check + NOT-FOR-US: SoftBB CVE-2006-4592 (Incomplete blacklist vulnerability in default.asp in 8pixel.net Simple ...) - TODO: check + NOT-FOR-US: Simple Blog CVE-2006-4591 (Multiple PHP remote file inclusion vulnerabilities in AlstraSoft ...) - TODO: check + NOT-FOR-US: AltraSoft Template Seller CVE-2006-4590 (SQL injection vulnerability in admin/default.asp in Jetstat.com JS ASP ...) - TODO: check + NOT-FOR-US: Jetstat.com JS ASP Faq Manager CVE-2006-4589 (PHP remote file inclusion vulnerability in ...) - TODO: check + NOT-FOR-US: DynCMS CVE-2006-4588 (vtiger CRM 4.2.4, and possibly earlier, allows remote attackers to ...) - TODO: check + NOT-FOR-US: vtiger CRM CVE-2006-4587 (Multiple cross-site scripting (XSS) vulnerabilities in vtiger CRM ...) - TODO: check + NOT-FOR-US: vtiger CRM CVE-2006-4586 (The admin panel in Tr Forum 2.0 accepts a username and password hash ...) - TODO: check + NOT-FOR-US: Tr Forum CVE-2006-4585 (SQL injection vulnerability in admin/editer.php in Tr Forum 2.0 allows ...) - TODO: check + NOT-FOR-US: Tr Forum CVE-2006-4584 (Tr Forum 2.0 allows remote attackers to bypass authentication and add ...) - TODO: check + NOT-FOR-US: Tr Forum CVE-2006-4583 (Multiple PHP remote file inclusion vulnerabilities in FlashChat before ...) - TODO: check + NOT-FOR-US: FlashChat CVE-2006-4582 RESERVED CVE-2006-4581 @@ -117,15 +117,15 @@ CVE-2006-4565 RESERVED CVE-2006-4564 (SQL injection vulnerability in Sources/ManageBoards.php in Simple ...) - TODO: check + NOT-FOR-US: Simple Machines Forum CVE-2006-4563 (Cross-site scripting (XSS) vulnerability in modules.php in PHP-Nuke ...) - TODO: check + NOT-FOR-US: PHP-Nuke CVE-2006-4562 (** DISPUTED ** ...) - TODO: check + NOT-FOR-US: Symantec CVE-2006-4561 (Mozilla Firefox 1.5.0.6 allows remote attackers to execute arbitrary ...) TODO: check CVE-2006-4560 (Internet Explorer 6 on Windows XP SP2 allows remote attackers to ...) - TODO: check + NOT-FOR-US: Internet Explorer CVE-2006-4559 (Multiple PHP remote file inclusion vulnerabilities in Yet Another ...) TODO: check CVE-2006-4558 (DeluxeBB 1.06 and earlier, when run on the Apache HTTP Server with the ...)