atomo64-guest at alioth.debian.org
2008-Nov-05 03:16 UTC
[Secure-testing-commits] r10281 - data/CVE
Author: atomo64-guest Date: 2008-11-05 03:16:58 +0000 (Wed, 05 Nov 2008) New Revision: 10281 Modified: data/CVE/list Log: Just one java web start issue left Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-11-05 02:45:59 UTC (rev 10280) +++ data/CVE/list 2008-11-05 03:16:58 UTC (rev 10281) @@ -6,32 +6,31 @@ RESERVED CVE-2008-4914 RESERVED -begin claimed by atomo64-guest CVE-2008-4913 (Directory traversal vulnerability in admin.php in LokiCMS 0.3.3 and ...) - TODO: check + NOT-FOR-US: LokiCMS CVE-2008-4912 (SQL injection vulnerability in popup_img.php in the fotogalerie module ...) - TODO: check + NOT-FOR-US: RS MAXSOFT CVE-2008-4911 (PHP remote file inclusion vulnerability in read.php in Chattaitaliano ...) - TODO: check + NOT-FOR-US: Chattaitaliano Istant-Replay CVE-2008-4910 (The BasicService in Sun Java Web Start allows remote attackers to ...) TODO: check CVE-2008-4909 (Cross-site request forgery (CSRF) vulnerability in CompactCMS 1.1 and ...) - TODO: check + NOT-FOR-US: CompactCMS CVE-2008-4908 (maps/Info/combine.pl in CrossFire crossfire-maps 1.11.0 allows local ...) - TODO: check + [etch] - crossfire-maps <unfixed> (low; bug #504561) + - crossfire-maps <not-affected> (The file doesn''t exist in the package as shipped in lenny) CVE-2008-4906 (SQL injection vulnerability in lyrics_song.php in the Lyrics ...) - TODO: check + NOT-FOR-US: Lyrics (lyrics_menu) plugin for e107 CVE-2008-4905 (Typo 5.1.3 and earlier uses a hard-coded salt for calculating password ...) - TODO: check + NOT-FOR-US: Typo (blog engine) CVE-2008-4904 (SQL injection vulnerability in the "Manage pages" feature ...) - TODO: check + NOT-FOR-US: Typo (blog engine) CVE-2008-4903 (Cross-site scripting (XSS) vulnerability in the leave comment ...) - TODO: check + NOT-FOR-US: Typo (blog engine) CVE-2008-4902 (SQL injection vulnerability in contact_author.php in Article Publisher ...) - TODO: check + NOT-FOR-US: Article Publisher CVE-2008-4901 (SQL injection vulnerability in admin/admin.php in Article Publisher ...) - TODO: check -end claimed by atomo64-guest + NOT-FOR-US: Article Publisher CVE-2008-4900 (SQL injection vulnerability in tr.php in YourFreeWorld Classifieds ...) NOT-FOR-US: YourFreeWorld Classifieds CVE-2008-4899 (Cross-site request forgery (CSRF) vulnerability in Planetluc RateMe ...)