Author: joeyh Date: 2009-07-09 21:14:35 +0000 (Thu, 09 Jul 2009) New Revision: 12314 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-07-09 17:14:05 UTC (rev 12313) +++ data/CVE/list 2009-07-09 21:14:35 UTC (rev 12314) @@ -1,44 +1,56 @@ -CVE-2009-2385 +CVE-2009-2386 + RESERVED +CVE-2009-2374 (Drupal 5.x before 5.19 and 6.x before 6.13 does not properly sanitize ...) + TODO: check +CVE-2009-2373 (Cross-site scripting (XSS) vulnerability in the Forum module in Drupal ...) + TODO: check +CVE-2009-2372 (Drupal 6.x before 6.13 does not prevent users from modifying user ...) + TODO: check +CVE-2009-2369 (Integer overflow in the wxImage::Create function in ...) + TODO: check +CVE-2009-2360 (Cross-site scripting (XSS) vulnerability in passwd/main.php in the ...) + TODO: check +CVE-2009-2385 (SQL injection vulnerability in the awardsMembers function in ...) NOT-FOR-US: Member Awards component for Simple Machines Forum -CVE-2009-2384 +CVE-2009-2384 (Buffer overflow in amp.exe in Brothersoft PEamp 1.02b allows ...) NOT-FOR-US: Brothersoft PEamp -CVE-2009-2383 +CVE-2009-2383 (SQL injection vulnerability in BTE_RW_webajax.php in the Related Sites ...) NOT-FOR-US: Related Sites plugin for WordPress -CVE-2009-2382 +CVE-2009-2382 (admin.php in phpMyBlockchecker 1.0.0055 allows remote attackers to ...) NOT-FOR-US: phpMyBlockchecker -CVE-2009-2381 +CVE-2009-2381 (Gizmo 3.1.0.79 on Linux does not verify a server''s SSL certificate, ...) NOT-FOR-US: Gizmo -CVE-2009-2380 +CVE-2009-2380 (Cross-site scripting (XSS) vulnerability in includes/functions.php in ...) NOT-FOR-US: 4images -CVE-2009-2379 +CVE-2009-2379 (Directory traversal vulnerability in public/index.php in BIGACE Web ...) NOT-FOR-US: BIGACE Web CMS -CVE-2009-2378 +CVE-2009-2378 (PHP remote file inclusion vulnerability in formmailer.admin.inc.php in ...) NOT-FOR-US: Jax FormMailer -CVE-2009-2377 +CVE-2009-2377 (Buffer overflow in the Avax Vector ActiveX control in avPreview.ocx in ...) NOT-FOR-US: AVAX-software Avax Vector ActiveX -CVE-2009-2376 +CVE-2009-2376 (Cross-site scripting (XSS) vulnerability in the Html::textarea ...) NOT-FOR-US: TangoCMS -CVE-2009-2375 +CVE-2009-2375 (Stack-based buffer overflow in Photo DVD Maker 8.02, and possibly ...) NOT-FOR-US: Photo DVD Maker -CVE-2009-2371 +CVE-2009-2371 (Advanced Forum 6.x before 6.x-1.1, a module for Drupal, does not ...) NOT-FOR-US: Advanced Forum module for Drupal -CVE-2009-2370 +CVE-2009-2370 (Cross-site scripting (XSS) vulnerability in Advanced Forum 5.x before ...) NOT-FOR-US: Advanced Forum module for Drupal -CVE-2009-2368 +CVE-2009-2368 (Unspecified vulnerability in Socks Server 5 before 3.7.8-8 has unknown ...) NOT-FOR-US: Socks Server -CVE-2009-2367 +CVE-2009-2367 (cgi-bin/makecgi-pro in Iomega StorCenter Pro generates predictable ...) NOT-FOR-US: Iomega StorCenter Pro -CVE-2009-2366 +CVE-2009-2366 (SQL injection vulnerability in login.asp in DataCheck Solutions ...) NOT-FOR-US: DataCheck Solutions ForumPal FE -CVE-2009-2365 +CVE-2009-2365 (SQL injection vulnerability in login.asp in DataCheck Solutions ...) NOT-FOR-US: DataCheck Solutions GalleryPal FE -CVE-2009-2364 +CVE-2009-2364 (Stack-based buffer overflow in Mp3-Nator 2.0 allows remote attackers ...) NOT-FOR-US: Mp3-Nator -CVE-2009-2363 +CVE-2009-2363 (Stack-based buffer overflow in KUDRSOFT AudioPLUS 2.00.215 allows ...) NOT-FOR-US: KUDRSOFT AudioPLUS -CVE-2009-2362 +CVE-2009-2362 (Stack-based buffer overflow in KUDRSOFT AudioPLUS 2.0.0.215 allows ...) NOT-FOR-US: KUDRSOFT AudioPLUS -CVE-2009-2361 +CVE-2009-2361 (SQL injection vulnerability in include/class.staff.php in osTicket ...) NOT-FOR-US: osTicket CVE-2009-2359 (Multiple SQL injection vulnerabilities in TekRADIUS 3.0 allow ...) NOT-FOR-US: TekRADIUS