Author: enerv-guest Date: 2007-01-11 18:36:24 +0100 (Thu, 11 Jan 2007) New Revision: 5239 Modified: data/CVE/list Log: Update cves entries Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-01-11 17:26:04 UTC (rev 5238) +++ data/CVE/list 2007-01-11 17:36:24 UTC (rev 5239) @@ -1,3 +1,78 @@ +CVE-2007-0204 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin ...) + - phpmyadmin <unfixed> (bug #406486; high) +CVE-2007-0203 (Multiple unspecified vulnerabilities in phpMyAdmin before 2.9.2-rc1 ...) + - phpmyadmin <unfixed> (bug #406332; high) +CVE-2007-0202 (SQL injection vulnerability in index.php in @lex Guestbook 4.0.2 ...) + NOT-FOR-US: @lex +CVE-2007-0201 (Buffer overflow in the cmd_usr function in ftp-gw in TIS Internet ...) + NOT-FOR-US: TIS +CVE-2007-0200 (PHP remote file inclusion vulnerability in template.php in Geoffrey ...) + NOT-FOR-US: Geoffrey Golliher Axiom Photo/News Gallery +CVE-2007-0199 (The Data-link Switching (DLSw) feature in Cisco IOS 11.0 through 12.4 ...) + NOT-FOR-US: Cisco +CVE-2007-0198 (The JTapi Gateway process in Cisco Unified Contact Center Enterprise ...) + NOT-FOR-US: Cisco +CVE-2007-0197 (Finder 10.4.6 on Apple Mac OS X 10.4.8 allows user-assisted ...) + NOT-FOR-US: Apple Mac OS +CVE-2007-0196 (SQL injection vulnerability in admin_check_user.asp in Motionborg Web ...) + NOT-FOR-US: Motionborg Web Real Estate +CVE-2007-0195 + RESERVED +CVE-2007-0194 + RESERVED +CVE-2007-0193 + RESERVED +CVE-2007-0192 + RESERVED +CVE-2007-0191 + RESERVED +CVE-2007-0190 + RESERVED +CVE-2007-0189 + RESERVED +CVE-2007-0188 + RESERVED +CVE-2007-0187 + RESERVED +CVE-2007-0186 + RESERVED +CVE-2007-0185 + RESERVED +CVE-2007-0184 + RESERVED +CVE-2007-0183 + RESERVED +CVE-2007-0182 + RESERVED +CVE-2007-0181 (PHP remote vulnerability in include/common_function.php in magic photo ...) + NOT-FOR-US: Magic Photo Storage website +CVE-2007-0180 (Stack-based buffer overflow in EF Commander 5.75 allows user-assisted ...) + NOT-FOR-US: EF Commander +CVE-2007-0179 (SQL injection vulnerability in comment.php in PHPKIT 1.6.1 R2 allows ...) + NOT-FOR-US: PHPKIT +CVE-2007-0178 (PHP remote file inclusion vulnerability in info.php in Easy Banner Pro ...) + NOT-FOR-US: Easy Banner Pro +CVE-2007-0177 (Cross-site scripting (XSS) vulnerability in the AJAX module in MediaWiki ...) + - mediawiki <unfixed> (bug #406238; medium) + NOTE: vendor advisory: http://sourceforge.net/forum/forum.php?forum_id=652721 +CVE-2007-0176 (Cross-site scripting (XSS) vulnerability in search/advanced_search.php in Gforge ...) + TODO: check +CVE-2007-0175 (Cross-site scripting (XSS) vulnerability in htsrv/login.php in b2evolution ...) + - b2evolution <not-affected> +CVE-2007-0174 (Multiple stack-based multiple buffer overflows in the BRWOSSRE2UC.dll ...) + NOT-FOR-US: Sina UC2006 +CVE-2007-0173 (Directory traversal vulnerability in index.php in L2J Statistik Script ...) + NOT-FOR-US: L2J Statistik Script +CVE-2007-0172 (Multiple PHP remote file inclusion vulnerabilities in AllMyGuests ...) + NOT-FOR-US: AllMyGuest +CVE-2007-0171 (PHP remote file inclusion vulnerability in index.php in AllMyLinks ...) + NOT-FOR-US: AllMyLinks +CVE-2007-0170 (PHP remote file inclusion vulnerability in index.php in AllMyVisitors ...) + NOT-FOR-US: AllmyVisitors +CVE-2007-0169 + RESERVED +CVE-2007-0168 + RESERVED CVE-2007-0167 (Multiple PHP file inclusion vulnerabilities in WGS-PPC (aka PPC Search ...) TODO: check CVE-2007-0166