Author: joeyh Date: 2009-07-27 21:14:25 +0000 (Mon, 27 Jul 2009) New Revision: 12425 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-07-27 16:28:53 UTC (rev 12424) +++ data/CVE/list 2009-07-27 21:14:25 UTC (rev 12425) @@ -1,3 +1,31 @@ +CVE-2009-2595 (Cross-site scripting (XSS) vulnerability in productSearch.html in ...) + TODO: check +CVE-2009-2594 (Cross-site scripting (XSS) vulnerability in censura.php in Censura ...) + TODO: check +CVE-2009-2593 (SQL injection vulnerability in censura.php in Censura 1.16.04 allows ...) + TODO: check +CVE-2009-2592 (SQL injection vulnerability in guestbook.php in PHPJunkYard GBook 1.6 ...) + TODO: check +CVE-2009-2591 (SQL injection vulnerability in the MyAnnonces module for E-Xoopport ...) + TODO: check +CVE-2009-2590 (SQL injection vulnerability in showcategory.php in Hutscripts PHP ...) + TODO: check +CVE-2009-2589 (Multiple cross-site scripting (XSS) vulnerabilities in Hutscripts PHP ...) + TODO: check +CVE-2009-2588 (Multiple cross-site scripting (XSS) vulnerabilities in Hotscripts Type ...) + TODO: check +CVE-2009-2587 (Multiple cross-site scripting (XSS) vulnerabilities in DragDropCart ...) + TODO: check +CVE-2009-2586 (Cross-site scripting (XSS) vulnerability in articles.php in EDGEPHP ...) + TODO: check +CVE-2009-2585 (SQL injection vulnerability in index.php in Mlffat 2.2 allows remote ...) + TODO: check +CVE-2008-6876 (Cross-site scripting (XSS) vulnerability in login.php in EsPartenaires ...) + TODO: check +CVE-2008-6875 (SQL injection vulnerability in default.asp in ASP Product Catalog ...) + TODO: check +CVE-2008-6874 (Multiple SQL injection vulnerabilities in ASP SiteWare autoDealer 1 ...) + TODO: check CVE-2009-XXXX [nilfs-tools privilege escalation] - nilfs2-tools <not-affected> (We don''t install this with setuid) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=505374 @@ -77269,7 +77297,7 @@ NOT-FOR-US: IP Messenger for Win CVE-2003-0287 (Cross-site scripting (XSS) vulnerability in Movable Type before 2.6, ...) NOT-FOR-US: Movable Type -CVE-2003-0286 (SQL injection vulnerability in Snitz Forums 2000 before 3.3.03 and ...) +CVE-2003-0286 (SQL injection vulnerability in register.asp in Snitz Forums 2000 ...) NOT-FOR-US: Snitz Forums CVE-2003-0285 (IBM AIX 5.2 and earlier distributes Sendmail with a configuration file ...) NOT-FOR-US: bad sendmail config on AIX