Author: fw Date: 2011-11-10 19:08:21 +0000 (Thu, 10 Nov 2011) New Revision: 17587 Modified: data/CVE/list Log: NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2011-11-10 18:59:03 UTC (rev 17586) +++ data/CVE/list 2011-11-10 19:08:21 UTC (rev 17587) @@ -1242,51 +1242,51 @@ CVE-2011-4025 RESERVED CVE-2010-4892 (Cross-site scripting (XSS) vulnerability in the powermail extension ...) - TODO: check + NOT-FOR-US: TYPO3 extension CVE-2010-4891 (SQL injection vulnerability in the Yet Another Calendar (ke_yac) ...) - TODO: check + NOT-FOR-US: TYPO3 extension CVE-2010-4890 (Cross-site scripting (XSS) vulnerability in the Yet Another Calendar ...) - TODO: check + NOT-FOR-US: TYPO3 extension CVE-2010-4889 (Unspecified vulnerability in the Tiny Market (hm_tinymarket) extension ...) - TODO: check + NOT-FOR-US: TYPO3 extension CVE-2010-4888 (SQL injection vulnerability in the Tiny Market (hm_tinymarket) ...) - TODO: check + NOT-FOR-US: TYPO3 extension CVE-2010-4887 (SQL injection vulnerability in the Commenting system Backend Module ...) - TODO: check + NOT-FOR-US: TYPO3 extension CVE-2010-4886 (Cross-site scripting (XSS) vulnerability in the "official twitter ...) - TODO: check + NOT-FOR-US: TYPO3 extension CVE-2010-4885 (Cross-site scripting (XSS) vulnerability in the XING Button (xing) ...) - TODO: check + NOT-FOR-US: TYPO3 extension CVE-2010-4884 (PHP remote file inclusion vulnerability in guestbook/gbook.php in ...) - TODO: check + NOT-FOR-US: Gaestebuch CVE-2010-4883 (Cross-site scripting (XSS) vulnerability in manager/index.php in MODx ...) - TODO: check + NOT-FOR-US: MODx Revolution CVE-2010-4882 (Cross-site scripting (XSS) vulnerability in autocms.php in Auto CMS ...) - TODO: check + NOT-FOR-US: Auto CMS CVE-2010-4881 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...) - TODO: check + NOT-FOR-US: ApPHP Calendar CVE-2010-4880 (Multiple cross-site scripting (XSS) vulnerabilities in ...) - TODO: check + NOT-FOR-US: ApPHP Calendar CVE-2010-4879 (PHP remote file inclusion vulnerability in dompdf.php in dompdf 0.6.0 ...) - TODO: check + NOT-FOR-US: dompdf CVE-2010-4878 (PHP remote file inclusion vulnerability in formmailer.php in Kontakt ...) - TODO: check + NOT-FOR-US: Kontakt Formular CVE-2010-4877 (Cross-site scripting (XSS) vulnerability in index.php in OneCMS 2.6.1 ...) - TODO: check + NOT-FOR-US: OneCMS CVE-2010-4876 (SQL injection vulnerability in viewpost.php in mBlogger 1.0.04 allows ...) - TODO: check + NOT-FOR-US: mBlogger CVE-2010-4875 (Cross-site scripting (XSS) vulnerability in ...) - TODO: check + NOT-FOR-US: Wordpress plugin CVE-2010-4874 (Multiple cross-site scripting (XSS) vulnerabilities in users.php in ...) - TODO: check + NOT-FOR-US: NinkoBB CVE-2010-4873 (Cross-site scripting (XSS) vulnerability in confirm.php in WeBid 0.8.5 ...) - TODO: check + NOT-FOR-US: WeBid CVE-2010-4872 (SQL injection vulnerability in newsroom.asp in ASPilot Pilot Cart 7.3 ...) - TODO: check + NOT-FOR-US: SmartFTP CVE-2010-4871 (Unspecified vulnerability in SmartFTP before 4.0 Build 1142 allows ...) - TODO: check + NOT-FOR-US: SmartFTP CVE-2010-4870 (SQL injection vulnerability in index.php in BloofoxCMS 0.3.5 allows ...) - TODO: check + NOT-FOR-US: BloofoxCMS CVE-2011-4024 (Cross-site scripting (XSS) vulnerability in ocsinventory in OCS ...) - ocsinventory-server 2.0.2-1 (unimportant) NOTE: Authentication is needed, only supported in trusted environments, see debtags