atomo64-guest at alioth.debian.org
2008-Nov-25 03:03 UTC
[Secure-testing-commits] r10481 - data/CVE
Author: atomo64-guest Date: 2008-11-25 03:02:59 +0000 (Tue, 25 Nov 2008) New Revision: 10481 Modified: data/CVE/list Log: NFUs and new gallery issue Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-11-24 21:36:53 UTC (rev 10480) +++ data/CVE/list 2008-11-25 03:02:59 UTC (rev 10481) @@ -1,39 +1,42 @@ +CVE-2008-XXXX [gallery: cookie handling security bypass vulnerability] + - gallery <unfixed> (bug #506824) + [etch] - gallery <not-affected> (vulnerable code introduced in 1.5.8-svn-b34) CVE-2008-5207 (Multiple directory traversal vulnerabilities in Jonascms 1.2 allow ...) - TODO: check + NOT-FOR-US: Jonascms CVE-2008-5206 (PHP remote file inclusion vulnerability in modules/mod_mainmenu.php in ...) - TODO: check + NOT-FOR-US: MosXML CVE-2008-5205 (Cross-site scripting (XSS) vulnerability in edit.php in wellyblog ...) - TODO: check + NOT-FOR-US: wellyblog CVE-2008-5204 (Multiple directory traversal vulnerabilities in PowerAward 1.1.0 RC1, ...) - TODO: check + NOT-FOR-US: PowerAward CVE-2008-5203 (Cross-site scripting (XSS) vulnerability in external_vote.php in ...) - TODO: check + NOT-FOR-US: PowerAward CVE-2008-5202 (Cross-site scripting (XSS) vulnerability in index.php in OTManager CMS ...) - TODO: check + NOT-FOR-US: OTManager CMS CVE-2008-5201 (Directory traversal vulnerability in index.php in OTManager CMS 24a ...) - TODO: check + NOT-FOR-US: OTManager CMS CVE-2008-5200 (SQL injection vulnerability in the Xe webtv (com_xewebtv) component ...) - TODO: check + NOT-FOR-US: Xe webtv CVE-2008-5199 (PHP remote file inclusion vulnerability in include.php in ...) - TODO: check + NOT-FOR-US: PHPOutsourcing IdeaBox CVE-2008-5198 (SQL injection vulnerability in memberlist.php in Acmlmboard 1.A2 ...) - TODO: check + NOT-FOR-US: Acmlmboard CVE-2008-5197 (SQL injection vulnerability in classifieds.php in PHP-Fusion allows ...) - TODO: check + NOT-FOR-US: PHP-Fusion CVE-2008-5196 (SQL injection vulnerability in kroax.php in the Kroax (the_kroax) 4.42 ...) - TODO: check + NOT-FOR-US: Kroax CVE-2008-5195 (Multiple SQL injection vulnerabilities in SebracCMS (sbcms) 0.4 allow ...) - TODO: check + NOT-FOR-US: SebracCMS CVE-2008-5194 (SQL injection vulnerability in checkavail.php in SoftVisions Software ...) - TODO: check + NOT-FOR-US: SoftVisions Software Online Booking Manager CVE-2008-5193 (Cross-site scripting (XSS) vulnerability in search.asp in W1L3D4 ...) - TODO: check + NOT-FOR-US: W1L3D4 Philboard CVE-2008-5192 (SQL injection vulnerability in forum.asp in W1L3D4 Philboard 1.14 and ...) - TODO: check + NOT-FOR-US: W1L3D4 Philboard CVE-2008-5191 (Multiple SQL injection vulnerabilities in SePortal 2.4 allow remote ...) - TODO: check + NOT-FOR-US: SePortal CVE-2008-5190 (SQL injection vulnerability in index.php in eSHOP100 allows remote ...) - TODO: check + NOT-FOR-US: eSHOP100 CVE-2008-XXXX [DoS caused by sending a SMTP request with large content] - wireshark <unfixed> (low; bug #506741) NOTE: CVE id requested