Author: joeyh Date: 2010-04-12 21:14:50 +0000 (Mon, 12 Apr 2010) New Revision: 14465 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list ==================================================================--- data/CVE/list 2010-04-12 14:54:15 UTC (rev 14464) +++ data/CVE/list 2010-04-12 21:14:50 UTC (rev 14465) @@ -1,39 +1,39 @@ -CVE-2010-1346 +CVE-2010-1346 (SQL injection vulnerability in admin/login.php in Mini CMS RibaFS 1.0, ...) NOT-FOR-US: Mini CMS RibaFS -CVE-2010-1345 +CVE-2010-1345 (Directory traversal vulnerability in the Cookex Agency CKForms ...) NOT-FOR-US: Joomla! -CVE-2010-1344 +CVE-2010-1344 (SQL injection vulnerability in the Cookex Agency CKForms (com_ckforms) ...) NOT-FOR-US: Joomla! -CVE-2010-1343 +CVE-2010-1343 (SQL injection vulnerability in photo.php in SiteX 0.7.4 beta allows ...) NOT-FOR-US: SiteX -CVE-2010-1342 +CVE-2010-1342 (Multiple PHP remote file inclusion vulnerabilities in Direct News ...) NOT-FOR-US: Direct News -CVE-2010-1341 +CVE-2010-1341 (SQL injection vulnerability in index.php in Systemsoftware Community ...) NOT-FOR-US: Systemsoftware Community Black Forum -CVE-2010-1340 +CVE-2010-1340 (Directory traversal vulnerability in jresearch.php in the J!Research ...) NOT-FOR-US: Joomla! -CVE-2010-1339 +CVE-2010-1339 (Cross-site scripting (XSS) vulnerability in ts_other.php in the ...) NOT-FOR-US: Teamsite Hack plugin -CVE-2010-1338 +CVE-2010-1338 (SQL injection vulnerability in ts_other.php in the Teamsite Hack ...) NOT-FOR-US: Teamsite Hack plugin -CVE-2010-1337 +CVE-2010-1337 (Multiple PHP remote file inclusion vulnerabilities in definitions.php ...) NOT-FOR-US: Lussumo Vanilla -CVE-2010-1336 +CVE-2010-1336 (Multiple SQL injection vulnerabilities in INVOhost 3.4 allow remote ...) NOT-FOR-US: INVOhost -CVE-2010-1335 +CVE-2010-1335 (Multiple PHP remote file inclusion vulnerabilities in Insky CMS ...) NOT-FOR-US: Insky CMS -CVE-2010-1334 +CVE-2010-1334 (Unrestricted file upload vulnerability in Pulse CMS Basic 1.2.4 allows ...) NOT-FOR-US: Pulse CMS Basic -CVE-2010-1333 +CVE-2010-1333 (Multiple cross-site scripting (XSS) vulnerabilities in Almas Inc. ...) NOT-FOR-US: Almas Inc. Compiere J300_A02 CVE-2010-XXXX [irssi two issues] - irssi 0.8.15-1 TODO: check NOTE: "The first [sec issue] being that Irssi didn''t check hostname on SSL connections and the other being a hard to exploit remote crash bug." NOTE: from www.irssi.org -CVE-2010-1332 +CVE-2010-1332 (Cross-site scripting (XSS) vulnerability in PrettyBook PrettyFormMail ...) NOT-FOR-US: PrettyBook PrettyFormMail -CVE-2010-1331 +CVE-2010-1331 (SQL injection vulnerability in Heartlogic HL-SiteManager allows remote ...) NOT-FOR-US: Heartlogic HL-SiteManager CVE-2010-1330 RESERVED @@ -892,9 +892,9 @@ RESERVED CVE-2010-0994 RESERVED -CVE-2010-0993 +CVE-2010-0993 (Unrestricted file upload vulnerability in Pulse CMS Basic 1.2.2 and ...) NOT-FOR-US: Pulse CMS Basic -CVE-2010-0992 +CVE-2010-0992 (Multiple cross-site request forgery (CSRF) vulnerabilities in Pulse ...) NOT-FOR-US: Pulse CMS Basic CVE-2010-0991 RESERVED