Author: helmut-guest Date: 2011-10-18 14:15:22 +0000 (Tue, 18 Oct 2011) New Revision: 17449 Modified: data/CVE/list Log: 16 NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2011-10-18 14:01:16 UTC (rev 17448) +++ data/CVE/list 2011-10-18 14:15:22 UTC (rev 17449) @@ -783,27 +783,27 @@ CVE-2011-3827 RESERVED CVE-2010-4852 (Cross-site scripting (XSS) vulnerability in login.php in Eclime 1.1.2b ...) - TODO: check + NOT-FOR-US: Eclime CVE-2010-4851 (Multiple SQL injection vulnerabilities in Eclime 1.1.2b allow remote ...) - TODO: check + NOT-FOR-US: Eclime CVE-2010-4850 (Multiple cross-site scripting (XSS) vulnerabilities in Diferior 8.03 ...) - TODO: check + NOT-FOR-US: Diferior CVE-2010-4849 (SQL injection vulnerability in countrydetails.php in Alibaba Clone B2B ...) - TODO: check + NOT-FOR-US: Alibaba Clone B2B CVE-2010-4848 (Multiple cross-site scripting (XSS) vulnerabilities in addlink.php in ...) - TODO: check + NOT-FOR-US: AXScripts AxsLinks CVE-2010-4847 (SQL injection vulnerability in view_item.php in MH Products MHP ...) - TODO: check + NOT-FOR-US: MH Products MHP Downloadshop CVE-2010-4846 (SQL injection vulnerability in view_item.php in MH Products Pay Pal ...) - TODO: check + NOT-FOR-US: MH Products Pay Pal Shop Digital CVE-2010-4845 (Multiple SQL injection vulnerabilities in MH Products Projekt Shop ...) - TODO: check + NOT-FOR-US: MH Products Projekt Shop CVE-2010-4844 (SQL injection vulnerability in content.php in MH Products Easy Online ...) - TODO: check + NOT-FOR-US: MH Products Easy Online Shop CVE-2010-4843 (SQL injection vulnerability in website-page.php in PHP Web Scripts Ad ...) - TODO: check + NOT-FOR-US: PHP Web Scripts Ad Manager Pro CVE-2010-4842 (SQL injection vulnerability in admin/login.php in MHP DownloadScript ...) - TODO: check + NOT-FOR-US: MH Products Download Center CVE-2011-3826 (Zikula 1.2.4 allows remote attackers to obtain sensitive information ...) NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway) CVE-2011-3825 (Zend Framework 1.11.3 in Zend Server CE 5.1.0 allows remote attackers ...) @@ -1170,9 +1170,9 @@ CVE-2011-3645 (Newgen OmniDocs allows remote attackers to bypass intended access ...) NOT-FOR-US: Newgen OmniDocs CVE-2010-4841 (Multiple cross-site scripting (XSS) vulnerabilities in ManageEngine ...) - TODO: check + NOT-FOR-US: ManageEngine EventLog Analyzer CVE-2010-4840 (Multiple buffer overflows in the Syslog server in ManageEngine ...) - TODO: check + NOT-FOR-US: ManageEngine EventLog Analyzer CVE-2011-XXXX [roundcube XSS in UI messages] - roundcube 0.5.4+dfsg-1 (bug #641996) CVE-2011-XXXX [atftp DoS] @@ -9933,11 +9933,11 @@ CVE-2011-0555 (The TextXtra.x32 module in Adobe Shockwave Player before 11.5.9.620 ...) NOT-FOR-US: Adobe Shockwave Player CVE-2011-0554 (The management console in Symantec IM Manager before 8.4.18 allows ...) - TODO: check + NOT-FOR-US: Symantec IM Manager CVE-2011-0553 (SQL injection vulnerability in the management console in Symantec IM ...) - TODO: check + NOT-FOR-US: Symantec IM Manager CVE-2011-0552 (Multiple cross-site scripting (XSS) vulnerabilities in the management ...) - TODO: check + NOT-FOR-US: Symantec IM Manager CVE-2011-0551 (Cross-site request forgery (CSRF) vulnerability in the Web Interface ...) NOT-FOR-US: Symantec Endpoint Protection CVE-2011-0550 (Multiple cross-site scripting (XSS) vulnerabilities in the Web ...)