Author: nion Date: 2008-04-18 10:56:56 +0000 (Fri, 18 Apr 2008) New Revision: 8568 Modified: data/CVE/list Log: NFUs CVE-2008-1845 fixed in mksh 33.4-1 Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-04-18 09:14:20 UTC (rev 8567) +++ data/CVE/list 2008-04-18 10:56:56 UTC (rev 8568) @@ -1,81 +1,81 @@ CVE-2008-1876 (PHP remote file inclusion vulnerability in index.php in VisualPic ...) - TODO: check + NOT-FOR-US: VisualPic CVE-2008-1875 (SQL injection vulnerability in index.php in Terong PHP Photo Gallery ...) - TODO: check + NOT-FOR-US: Terong PHP Photo Gallery CVE-2008-1874 (SQL injection vulnerability in account/user/mail.html in Xpoze Pro ...) - TODO: check + NOT-FOR-US: Xpoze Pro CVE-2008-1873 (Cross-site scripting (XSS) vulnerability in the private message ...) - TODO: check + NOT-FOR-US: Nuke ET CVE-2008-1872 (SQL injection vulnerability in home.news.php in Comdev News Publisher ...) - TODO: check + NOT-FOR-US: Comdev News Publisher CVE-2008-1871 (SQL injection vulnerability in links.php in Scriptsagent.com Links ...) - TODO: check + NOT-FOR-US: Scriptsagent.com CVE-2008-1870 (SQL injection vulnerability in getdata.php in PIGMy-SQL 1.4.1 and ...) - TODO: check + NOT-FOR-US: PIGMy-SQL CVE-2008-1869 (SQL injection vulnerability in Site Sift Listings allows remote ...) - TODO: check + NOT-FOR-US: Site Sift Listings CVE-2008-1868 (admin/sauvBase.php in Blog Pixel Motion (aka Blog PixelMotion) does ...) - TODO: check + NOT-FOR-US: Blog Pixel Motion CVE-2008-1867 (SQL injection vulnerability in Blog Pixel Motion (aka Blog ...) - TODO: check + NOT-FOR-US: Blog Pixel Motion CVE-2008-1866 (admin/modif_config.php in Blog Pixel Motion (aka PixelMotion) ...) - TODO: check + NOT-FOR-US: Blog Pixel Motion CVE-2008-1865 (Stack-based buffer overflow in the msx_readnode function in libmosix.c ...) - TODO: check + NOT-FOR-US: openmosix-tools CVE-2008-1864 (SQL injection vulnerability in project.php in Prozilla Freelancers ...) - TODO: check + NOT-FOR-US: Prozilla Freelancers CVE-2008-1863 (SQL injection vulnerability in view_reviews.php in Prozilla Cheat ...) - TODO: check + NOT-FOR-US: Prozilla Cheat Script CVE-2008-1862 (ExBB Italia 0.22 and earlier only checks GET requests that use the ...) - TODO: check + NOT-FOR-US: ExBB Italia CVE-2008-1861 (Directory traversal vulnerability in modules/threadstop/threadstop.php ...) - TODO: check + NOT-FOR-US: ExBB Italia CVE-2008-1860 (Static code injection vulnerability in admin.php in LokiCMS 0.3.3 and ...) - TODO: check + NOT-FOR-US: LokiCMS CVE-2008-1859 (SQL injection vulnerability in events.php in iScripts SocialWare ...) - TODO: check + NOT-FOR-US: iScripts SocialWare CVE-2008-1858 (SQL injection vulnerability in index.php in 724Networks 724CMS 4.01 ...) - TODO: check + NOT-FOR-US: 724Networks 724CMS CVE-2008-1857 (Multiple directory traversal vulnerabilities in viewsource.php in Make ...) - TODO: check + NOT-FOR-US: Mole CVE-2008-1856 (plugins/maps/db_handler.php in LinPHA 1.3.3 and earlier does not ...) - TODO: check + NOT-FOR-US: LinPHA CVE-2008-1855 (FrameworkService.exe in McAfee Common Management Agent (CMA) 3.6.0.574 ...) - TODO: check + NOT-FOR-US: McAfee CVE-2008-1854 (Unspecified vulnerability in SmarterMail Web Server (SMWebSvr.exe) in ...) - TODO: check + NOT-FOR-US: SmarterMail Web Server CVE-2008-1853 (The ovtopmd service in HP OpenView Network Node Manager (OV NNM) 7.51, ...) - TODO: check + NOT-FOR-US: HP OpenView CVE-2008-1852 (ovalarmsrv in HP OpenView Network Node Manager (OV NNM) 7.51, 7.53, ...) - TODO: check + NOT-FOR-US: HP OpenView CVE-2008-1851 (ovalarmsrv in HP OpenView Network Node Manager (OV NNM) 7.51, 7.53, ...) - TODO: check + NOT-FOR-US: HP OpenView CVE-2008-1850 (Multiple cross-site scripting (XSS) vulnerabilities in login.php in ...) - TODO: check + NOT-FOR-US: Omnistar Interactive OSI Affiliate CVE-2008-1849 (Directory traversal vulnerability in index.php in the joomlaXplorer ...) - TODO: check + NOT-FOR-US: com_joomlaxplorer Mambo/Joomla! component CVE-2008-1848 (Cross-site scripting (XSS) vulnerability in the joomlaXplorer ...) - TODO: check + NOT-FOR-US: com_joomlaxplorer Mambo/Joomla! CVE-2008-1847 (SQL injection vulnerability in view.php in CoronaMatrix phpAddressBook ...) - TODO: check + NOT-FOR-US: phpAddressBook CVE-2008-1846 (The default configuration of SAP NetWeaver before 7.0 SP15 does not ...) - TODO: check + NOT-FOR-US: SAP CVE-2008-1845 (The Korn shell (aka mksh) before R33d on MirOS (aka MirBSD) does not ...) - TODO: check + - mksh 33.4-1 CVE-2008-1844 (SQL injection vulnerability in cat.php in W2B phpHotResources allows ...) - TODO: check + NOT-FOR-US: W2B phpHotResources CVE-2008-1843 (SQL injection vulnerability in browse.php in W2B DatingClub (aka ...) - TODO: check + NOT-FOR-US: W2B DatingClub CVE-2008-1842 (Integer signedness error in ovspmd.exe in HP OpenView Network Node ...) - TODO: check + NOT-FOR-US: HP OpenView CVE-2008-1841 (SQL injection vulnerability in the session handling functionality in ...) - TODO: check + NOT-FOR-US: Coppermine CVE-2008-1840 (SQL injection vulnerability in upload.php in Coppermine Photo Gallery ...) - TODO: check + NOT-FOR-US: Coppermine CVE-2008-1839 (Multgiple cross-site scripting (XSS) vulnerabilities in ...) - TODO: check + NOT-FOR-US: WORK system e-commerce CVE-2008-1838 (SQL injection vulnerability in BosClassifieds Classified Ads System ...) - TODO: check + NOT-FOR-US: BosClassifieds Classified Ads System CVE-2008-1836 (The rfc2231 function in message.c in libclamav in ClamAV before 0.93 ...) TODO: check CVE-2008-1834 (swfdec_load_object.c in Swfdec before 0.6.4 does not properly restrict ...)