white at alioth.debian.org
2009-Mar-01 09:39 UTC
[Secure-testing-commits] r11291 - data/CVE
Author: white Date: 2009-03-01 09:39:24 +0000 (Sun, 01 Mar 2009) New Revision: 11291 Modified: data/CVE/list Log: NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-03-01 09:14:12 UTC (rev 11290) +++ data/CVE/list 2009-03-01 09:39:24 UTC (rev 11291) @@ -260,89 +260,89 @@ CVE-2008-6255 (Multiple SQL injection vulnerabilities in vBulletin 3.7.4 allow remote ...) NOT-FOR-US: vBulletin CVE-2008-6254 (SQL injection vulnerability in scripts/documents.php in Jadu Galaxies ...) - TODO: check + NOT-FOR-US: Jadu Galaxies CVE-2008-6253 (Directory traversal vulnerability in data/inc/lib/pcltar.lib.php in ...) TODO: check CVE-2008-6252 (Stack-based buffer overflow in the smc program in smcFanControl 2.1.2 ...) - TODO: check + NOT-FOR-US: smcFanControl CVE-2008-6251 (PHP remote file inclusion vulnerability in includes/init.php in phpFan ...) - TODO: check + NOT-FOR-US: phpFan CVE-2008-6250 (SQL injection vulnerability in Comdev Web Blogger 4.1.3 and earlier ...) - TODO: check + NOT-FOR-US: Comdev Web Blogger CVE-2008-6249 (SQL injection vulnerability in plugins/users/index.php in Galatolo ...) - TODO: check + NOT-FOR-US: Galatolo WebManager CVE-2008-6248 (Cross-site scripting (XSS) vulnerability in all.php in Galatolo ...) - TODO: check + NOT-FOR-US: Galatolo WebManager CVE-2008-6247 (SQL injection vulnerability in topsite.php in Scripts For Sites (SFS) ...) - TODO: check + NOT-FOR-US: Scripts For Sites CVE-2008-6246 (SQL injection vulnerability in category.php in Scripts For Sites (SFS) ...) - TODO: check + NOT-FOR-US: Scripts For Sites CVE-2008-6245 (SQL injection vulnerability in track.php in Scripts For Sites (SFS) EZ ...) - TODO: check + NOT-FOR-US: Scripts For Sites CVE-2008-6244 (SQL injection vulnerability in view_reviews.php in Scripts for Sites ...) - TODO: check + NOT-FOR-US: Scripts For Sites CVE-2008-6243 (SQL injection vulnerability in showcategory.php in Scripts For Sites ...) - TODO: check + NOT-FOR-US: Scripts For Sites CVE-2008-6242 (SQL injection vulnerability in SearchResults.php in Scripts For Sites ...) - TODO: check + NOT-FOR-US: Scripts For Sites CVE-2008-6241 (Multiple SQL injection vulnerabilities in admin/usercheck.php in ...) - TODO: check + NOT-FOR-US: FlexPHPSite CVE-2008-6240 (Cross-site scripting (XSS) vulnerability in data/views/index.html in ...) - TODO: check + NOT-FOR-US: OpenEdit Digital Asset Management CVE-2008-6239 (Cross-site request forgery (CSRF) vulnerability in OpenEdit Digital ...) - TODO: check + NOT-FOR-US: OpenEdit Digital Asset Management CVE-2008-6238 (Cross-site scripting (XSS) vulnerability in ...) - TODO: check + NOT-FOR-US: OpenEdit Digital Asset Management CVE-2008-6237 (SQL injection vulnerability in software-description.php in Scripts For ...) - TODO: check + NOT-FOR-US: Scripts For Sites CVE-2008-6236 (SQL injection vulnerability in login.php in Simple Document Management ...) - TODO: check + NOT-FOR-US: Simple Document Management System CVE-2008-6235 (The Netrw plugin (netrw.vim) in Vim 7.0 and 7.1 allows user-assisted ...) TODO: check CVE-2008-6234 (SQL injection vulnerability in the com_musica module in Joomla! and ...) - TODO: check + NOT-FOR-US: Joomla CVE-2008-6233 (SQL injection vulnerability in index.php in Five Dollar Scripts Drinks ...) - TODO: check + NOT-FOR-US: Five Dollar Scripts Drinks script CVE-2008-6232 (Pre Shopping Mall allows remote attackers to bypass authentication and ...) - TODO: check + NOT-FOR-US: Pre Shopping Mall CVE-2008-6231 (Pre Classified Listing PHP allows remote attackers to bypass ...) - TODO: check + NOT-FOR-US: Pre Classified Listing PHP CVE-2008-6230 (SQL injection vulnerability in Tour.php in Pre Projects Pre Podcast ...) - TODO: check + NOT-FOR-US: Pre Projects Pre Podcast Portal CVE-2008-6229 (Cross-site scripting (XSS) vulnerability in the administrative ...) TODO: check CVE-2008-6228 (Pre Multi-Vendor Shopping Malls allows remote attackers to bypass ...) - TODO: check + NOT-FOR-US: Pre Multi-Vendor Shopping Malls CVE-2008-6227 (SQL injection vulnerability in buyer_detail.php in Pre Multi-Vendor ...) - TODO: check + NOT-FOR-US: Pre Multi-Vendor Shopping Malls CVE-2008-6226 (SQL injection vulnerability in moreinfo.php in Pre Projects PHP Auto ...) - TODO: check + NOT-FOR-US: Pre Projects PHP Auto Listings Script CVE-2008-6225 (** DISPUTED ** ...) - TODO: check + NOT-FOR-US: Mole Group Airline Ticket Sale Script CVE-2008-6224 (Directory traversal vulnerability in visualizza.php in Way Of The ...) - TODO: check + NOT-FOR-US: Way Of The Warrior CVE-2008-6223 (PHP remote file inclusion vulnerability in visualizza.php in Way Of ...) - TODO: check + NOT-FOR-US: Way Of The Warrior CVE-2008-6222 (Directory traversal vulnerability in the Pro Desk Support Center ...) - TODO: check + NOT-FOR-US: Joomla CVE-2008-6221 (PHP remote file inclusion vulnerability in config.dadamail.php in the ...) - TODO: check + NOT-FOR-US: Joomla CVE-2008-6220 (SQL injection vulnerability in login.php in Simple Document Management ...) - TODO: check + NOT-FOR-US: Simple Document Management System CVE-2008-6219 (nsrexecd.exe in multiple EMC Networker products including EMC ...) - TODO: check + NOT-FOR-US: EMC Networker products CVE-2008-6218 (Memory leak in the png_handle_tEXt function in pngrutil.c in libpng ...) TODO: check CVE-2008-6217 (Cross-site scripting (XSS) vulnerability in index.php in Extrakt ...) - TODO: check + NOT-FOR-US: Extrakt Framework CVE-2008-6216 (SQL injection vulnerability in cadena_ofertas_ext.php in Venalsur ...) - TODO: check + NOT-FOR-US: Venalsur Booking center Booking System CVE-2008-6215 (Cross-site scripting (XSS) vulnerability in cadena_ofertas_ext.php in ...) - TODO: check + NOT-FOR-US: Venalsur Booking center Booking System CVE-2008-6214 (SQL injection vulnerability in poll_results.php in Harlandscripts Pro ...) - TODO: check + NOT-FOR-US: Harlandscripts Pro Traffic One CVE-2008-6213 (SQL injection vulnerability in mypage.php in Harlandscripts Pro ...) - TODO: check + NOT-FOR-US: Harlandscripts Pro Traffic One CVE-2009-XXXX [thunar: potential exploits via application launchers] - thunar <unfixed> (bug #517020; low) NOTE: CVE needs to be requested