[Secure-testing-commits] r4755 - data/CVE
Stefan Fritsch
stef-guest at costa.debian.org
Thu Sep 21 21:57:28 UTC 2006
Author: stef-guest
Date: 2006-09-21 21:57:25 +0000 (Thu, 21 Sep 2006)
New Revision: 4755
Modified:
data/CVE/list
Log:
some NFUs, one moodle issue already fixed
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-09-21 21:36:36 UTC (rev 4754)
+++ data/CVE/list 2006-09-21 21:57:25 UTC (rev 4755)
@@ -1,43 +1,43 @@
CVE-2006-4923 (Cross-site scripting (XSS) vulnerability in search.php in eSyndiCat ...)
- TODO: check
+ NOT-FOR-US: eSyndiCat Portal System
CVE-2006-4922 (Unrestricted file upload vulnerability in ...)
- TODO: check
+ NOT-FOR-US: Site at School
CVE-2006-4921 (PHP remote file inclusion vulnerability in Site at School (S at S) 2.4.03 ...)
- TODO: check
+ NOT-FOR-US: Site at School
CVE-2006-4920 (Multiple PHP remote file inclusion vulnerabilities in Site at School ...)
- TODO: check
+ NOT-FOR-US: Site at School
CVE-2006-4919 (Directory traversal vulnerability in ...)
- TODO: check
+ NOT-FOR-US: Site at School
CVE-2006-4918 (Multiple PHP remote file inclusion vulnerabilities in Simple ...)
- TODO: check
+ NOT-FOR-US: Simple Discussion Board
CVE-2006-4917 (Cross-site scripting (XSS) vulnerability in search.php in PT News ...)
- TODO: check
+ NOT-FOR-US: PT News
CVE-2006-4916 (SQL injection vulnerability in uye_profil.asp in Tekman Portal (TR) ...)
- TODO: check
+ NOT-FOR-US: Tekman Portal
CVE-2006-4915 (Cross-site scripting (XSS) vulnerability in index.php in Innovate ...)
- TODO: check
+ NOT-FOR-US: Innovate Portal
CVE-2006-4914 (Directory traversal vulnerability in A.l-Pifou 1.8p2 allows remote ...)
- TODO: check
+ NOT-FOR-US: A.l-Pifou
CVE-2006-4913 (Directory traversal vulnerability in chat/getStartOptions.php in ...)
- TODO: check
+ NOT-FOR-US: AlstraSoft E-friends
CVE-2006-4912 (PHP remote file inclusion vulnerability in PHP DocWriter 0.3 and ...)
- TODO: check
+ NOT-FOR-US: PHP DocWriter
CVE-2006-4911 (Unspecified vulnerability in Cisco IPS 5.0 before 5.0(6p2) and 5.1 ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2006-4910 (The web administration interface (mainApp) to Cisco IDS before ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2006-4909 (Cross-site scripting (XSS) vulnerability in Cisco Guard DDoS ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2006-4908 (OSU 3.11alpha and 3.10a allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: OSU
CVE-2006-4907 (OSU 3.11alpha and 3.10a allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: OSU
CVE-2006-4906 (SQL injection vulnerability in modules/calendar/week.php in ...)
- TODO: check
+ NOT-FOR-US: More.groupware
CVE-2006-4905 (PHP remote file inclusion vulnerability in index.php in Artmedic Links ...)
- TODO: check
+ NOT-FOR-US: Artmedic Links
CVE-2006-4904 (Dynamic variable evaluation vulnerability in cmpi.php in Qualiteam ...)
- TODO: check
+ NOT-FOR-US: X-Cart
CVE-2006-4903
RESERVED
CVE-2006-4902
@@ -49,100 +49,100 @@
CVE-2006-4899
RESERVED
CVE-2006-4898 (PHP remote file inclusion vulnerability in include/phpxd/phpXD.php in ...)
- TODO: check
+ NOT-FOR-US: guanxiCRM
CVE-2006-4897 (CMtextS 1.0 and earlier stores users_logins/admin.txt under the web ...)
- TODO: check
+ NOT-FOR-US: CMtextS
CVE-2006-4896 (SQL injection vulnerability in blog/edit.php in Moodle 1.6.1+, and ...)
- TODO: check
+ - moodle 1.6.2-1 (bug #387177)
CVE-2006-4895 (IDevSpot NexieAffiliate 1.9 and earlier allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: IDevSpot NexieAffiliate
CVE-2006-4894 (Cross-site scripting (XSS) vulnerability in forms/lostpassword.php in ...)
- TODO: check
+ NOT-FOR-US: IDevSpot NexieAffiliate
CVE-2006-4893 (PHP remote file inclusion vulnerability in ...)
- TODO: check
+ NOT-FOR-US: phpBB XS
CVE-2006-4892 (SQL injection vulnerability in faqview.asp in Techno Dreams FAQ ...)
- TODO: check
+ NOT-FOR-US: Techno Dreams FAQ
CVE-2006-4891 (SQL injection vulnerability in ArticlesTableview.asp in Techno Dreams ...)
- TODO: check
+ NOT-FOR-US: Techno Dreams
CVE-2006-4890 (Multiple PHP remote file inclusion vulnerabilities in UNAK-CMS 1.5 and ...)
- TODO: check
+ NOT-FOR-US: UNAK-CMS
CVE-2006-4889 (Multiple PHP remote file inclusion vulnerabilities in Telekorn ...)
- TODO: check
+ NOT-FOR-US: Telekorn SignKorn Guestbook
CVE-2006-4888 (Microsoft Internet Explorer 6 and earlier allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2006-4887 (Apple Remote Desktop (ARD) for Mac OS X 10.2.8 and later does not drop ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2006-4886 (The VirusScan On-Access Scan component in McAfee VirusScan Enterprise ...)
- TODO: check
+ NOT-FOR-US: McAfee
CVE-2006-4885 (PHP remote file inclusion vulnerability in Shadowed Portal 5.599 and ...)
- TODO: check
+ NOT-FOR-US: Shadowed Portal
CVE-2006-4884 (Multiple cross-site scripting (XSS) vulnerabilities in IDevSpot ...)
- TODO: check
+ NOT-FOR-US: IDevSpot iSupport
CVE-2006-4883 (Multiple cross-site scripting (XSS) vulnerabilities in IDevSpot ...)
- TODO: check
+ NOT-FOR-US: IDevSpot BizDirectory
CVE-2006-4882 (SQL injection vulnerability in Review.asp in Julian Roberts Charon ...)
- TODO: check
+ NOT-FOR-US: Cart 3
CVE-2006-4881 (Multiple cross-site scripting (XSS) vulnerabilities in David Bennett ...)
- TODO: check
+ NOT-FOR-US: PHP-Post (PHPp)
CVE-2006-4880 (David Bennett PHP-Post (PHPp) 1.0 and earlier allows remote attackers ...)
- TODO: check
+ NOT-FOR-US: PHP-Post (PHPp)
CVE-2006-4879 (SQL injection vulnerability in profile.php in David Bennett PHP-Post ...)
- TODO: check
+ NOT-FOR-US: PHP-Post (PHPp)
CVE-2006-4878 (Directory traversal vulnerability in footer.php in David Bennett ...)
- TODO: check
+ NOT-FOR-US: PHP-Post (PHPp)
CVE-2006-4877 (Variable overwrite vulnerability in David Bennett PHP-Post (PHPp) 1.0 ...)
- TODO: check
+ NOT-FOR-US: PHP-Post (PHPp)
CVE-2006-4876 (Multiple SQL injection vulnerabilities in Jupiter CMS allow remote ...)
- TODO: check
+ NOT-FOR-US: Jupiter CMS
CVE-2006-4875 (Unrestricted file upload vulnerability in ...)
- TODO: check
+ NOT-FOR-US: Jupiter CMS
CVE-2006-4874 (Multiple cross-site scripting (XSS) vulnerabilities in Jupiter CMS ...)
- TODO: check
+ NOT-FOR-US: Jupiter CMS
CVE-2006-4873 (Jupiter CMS allows remote attackers to obtain sensitive information ...)
- TODO: check
+ NOT-FOR-US: Jupiter CMS
CVE-2006-4872 (SQL injection vulnerability in search.asp in Keyvan1 (aka Keyvan ...)
- TODO: check
+ NOT-FOR-US: ECardPro
CVE-2006-4871 (SQL injection vulnerability in search_run.asp in Keyvan1 (aka Keyvan ...)
- TODO: check
+ NOT-FOR-US: EShoppingPro
CVE-2006-4870 (Multiple PHP remote file inclusion vulnerabilities in AEDating 4.1, ...)
- TODO: check
+ NOT-FOR-US: AEDating
CVE-2006-4869 (PHP remote file inclusion vulnerability in phpunity-postcard.php in ...)
- TODO: check
+ NOT-FOR-US: phpunity.postcard
CVE-2006-4868 (Stack-based buffer overflow in Microsoft Internet Explorer 6.0 on ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2006-4867 (SQL injection vulnerability in mods.php in GNUTurk 2G and earlier ...)
- TODO: check
+ NOT-FOR-US: GNUTurk
CVE-2006-4866 (Buffer overflow in kextload in Apple OS X, as used by TDIXSupport in ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2006-4865 (Walter Beschmout PhpQuiz allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: PhpQuiz
CVE-2006-4864 (PHP remote file inclusion vulnerability in index.php in All Enthusiast ...)
- TODO: check
+ NOT-FOR-US: ReviewPost
CVE-2006-4863 (** DISPUTED ** ...)
- TODO: check
+ NOT-FOR-US: mcLinksCounter
CVE-2006-4862 (SQL injection vulnerability in default.aspx in easypage allows remote ...)
- TODO: check
+ NOT-FOR-US: easypage
CVE-2006-4861 (SQL injection vulnerability in loginprocess.asp in Mohammed Mehdi ...)
- TODO: check
+ NOT-FOR-US: Complain Center
CVE-2006-4860 (Multiple unspecified vulnerabilities in (1) index.php, (2) ...)
- TODO: check
+ NOT-FOR-US: Limbo
CVE-2006-4859 (Unrestricted file upload vulnerability in contact.html.php in the ...)
- TODO: check
+ NOT-FOR-US: Limbo
CVE-2006-4858 (PHP remote file inclusion vulnerability in install.serverstat.php in ...)
- TODO: check
+ NOT-FOR-US: Serverstat (com_serverstat) component for Mambo
CVE-2006-4857 (SQL injection vulnerability in default.asp (aka the login page) in ...)
- TODO: check
+ NOT-FOR-US: ClickBlog
CVE-2006-4856 (Multiple cross-site scripting (XSS) vulnerabilities in Roller ...)
- TODO: check
+ NOT-FOR-US: WebLogger
CVE-2006-4855 (The \Device\SymEvent driver in Symantec Norton Personal Firewall 2006 ...)
- TODO: check
+ NOT-FOR-US: Symantec
CVE-2006-4854
REJECTED
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2006-4853 (SQL injection vulnerability in kategorix.asp in Haberx 1.02 through ...)
- TODO: check
+ NOT-FOR-US: Haberx
CVE-2006-4852 (SQL injection vulnerability in browse.asp in QuadComm Q-Shop 3.5 ...)
- TODO: check
+ NOT-FOR-US: QuadComm Q-Shop
CVE-2006-4851 (PHP remote file inclusion vulnerability in ...)
TODO: check
CVE-2006-4850 (PHP remote file inclusion vulnerability in ...)
More information about the Secure-testing-commits
mailing list