Author: nion Date: 2007-10-10 23:35:36 +0000 (Wed, 10 Oct 2007) New Revision: 6904 Modified: data/CVE/list Log: NFUs new issue: CVE-2007-5300 wzdftpd Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-10-10 23:08:24 UTC (rev 6903) +++ data/CVE/list 2007-10-10 23:35:36 UTC (rev 6904) @@ -69,69 +69,69 @@ CVE-2007-5323 RESERVED CVE-2007-5322 (The FPOLE.OCX 6.0.8450.0 ActiveX control in Microsoft Visual FoxPro ...) - TODO: check + NOT-FOR-US: Microsoft Visual FoxPro CVE-2007-5321 (Directory traversal vulnerability in index.php in Verlihub Control ...) - TODO: check + NOT-FOR-US: Verlihub Control Panel CVE-2007-5320 (Multiple absolute path traversal vulnerabilities in Pegasus Imaging ...) - TODO: check + NOT-FOR-US: Imaging ImagXpress CVE-2007-5319 (Unspecified vulnerability in the vuidmice STREAMS modules in Sun ...) - TODO: check + NOT-FOR-US: Solaris CVE-2007-5318 (Unspecified vulnerability in preview.php in TYPOlight webCMS 2.4.6 ...) - TODO: check + NOT-FOR-US: Typolight webCMS CVE-2007-5317 (Cross-site scripting (XSS) vulnerability in photos.cfm in Directory ...) - TODO: check + NOT-FOR-US: Directory Image Gallery CVE-2007-5316 (SQL injection vulnerability in browsecats.php in Softbiz Jobs and ...) - TODO: check + NOT-FOR-US: Softbiz Jobs CVE-2007-5315 (PHP remote file inclusion vulnerability in common.php in LiveAlbum ...) - TODO: check + NOT-FOR-US: LiveAlbum CVE-2007-5314 (PHP remote file inclusion vulnerability in system/funcs/xkurl.php in ...) - TODO: check + NOT-FOR-US: xKiosk WEB CVE-2007-5313 (PHP remote file inclusion vulnerability in install/config.php in ...) - TODO: check + NOT-FOR-US: Picturesolution CVE-2007-5312 (Cross-site scripting (XSS) vulnerability in TorrentTrader Classic 1.07 ...) - TODO: check + NOT-FOR-US: TorrentTrader Classic CVE-2007-5311 (Directory traversal vulnerability in backend/admin-functions.php in ...) - TODO: check + NOT-FOR-US: TorrentTrader Classic CVE-2007-5310 (PHP remote file inclusion vulnerability in admin.wmtportfolio.php in ...) - TODO: check + NOT-FOR-US: TorrentTrader Classic CVE-2007-5309 (PHP remote file inclusion vulnerability in admin.wmtgallery.php in the ...) - TODO: check + NOT-FOR-US: Joomla! extension CVE-2007-5308 (SQL injection vulnerability in galerie.php in PHP Homepage M (phpHPm) ...) - TODO: check + NOT-FOR-US: phpHPm) CVE-2007-5307 (ELSEIF CMS Beta 0.6 does not properly unset variables when the input ...) - TODO: check + NOT-FOR-US: ELSEIF CMS CVE-2007-5306 (ELSEIF CMS Beta 0.6 allows remote attackers to obtain sensitive ...) - TODO: check + NOT-FOR-US: ELSEIF CMS CVE-2007-5305 (Multiple PHP remote file inclusion vulnerabilities in ELSEIF CMS Beta ...) - TODO: check + NOT-FOR-US: ELSEIF CMS CVE-2007-5304 (Multiple cross-site scripting (XSS) vulnerabilities in ELSEIF CMS Beta ...) - TODO: check + NOT-FOR-US: ELSEIF CMS CVE-2007-5303 (Cross-site scripting (XSS) vulnerability in news_page.php in SnewsCMS ...) - TODO: check + NOT-FOR-US: SnewsCMS CVE-2007-5302 (Multiple cross-site scripting (XSS) vulnerabilities in HP System ...) - TODO: check + NOT-FOR-US: HP System Management Homepage CVE-2007-5300 (Off-by-one error in the do_login_loop function in ...) - TODO: check + - wzdftpd <unfixed> (medium; bug #446192) CVE-2007-5299 (Multiple directory traversal vulnerabilities in SkaDate 5.0 and 6.0, ...) - TODO: check + NOT-FOR-US: SkaDate CVE-2007-5298 (Multiple PHP remote file inclusion vulnerabilities in CMS Creamotion ...) - TODO: check + NOT-FOR-US: CMS Creamotion CVE-2007-5297 (Cross-site scripting (XSS) vulnerability in index.php in Minki 1.30 ...) - TODO: check + NOT-FOR-US: Minki CVE-2007-5296 (Multiple cross-site scripting (XSS) vulnerabilities in dblisttest.asp ...) - TODO: check + NOT-FOR-US: dbList CVE-2007-5295 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...) - TODO: check + NOT-FOR-US: Wikepage Opus CVE-2007-5294 (PHP remote file inclusion vulnerability in core/aural.php in IDMOS ...) - TODO: check + NOT-FOR-US: IDMOS CVE-2007-5293 (Multiple cross-site scripting (XSS) vulnerabilities in IDMOS 1.0-beta ...) - TODO: check + NOT-FOR-US: IDMOS CVE-2007-5292 (Cross-site scripting (XSS) vulnerability in photos.cfm in Directory ...) - TODO: check + NOT-FOR-US: Directory Image Gallery CVE-2007-5291 (Cross-site scripting (XSS) vulnerability in Edit.asp in DB Manager 2.0 ...) - TODO: check + NOT-FOR-US: DB Manager CVE-2007-5290 (Multiple cross-site scripting (XSS) vulnerabilities in MailBee WebMail ...) - TODO: check + NOT-FOR-US: MailBee WebMail Pro CVE-2007-5289 RESERVED CVE-2007-5301 (Buffer overflow in the vorbis_stream_info function in ...)