[Secure-testing-commits] r5758 - data/CVE
Florian Weimer
fw at alioth.debian.org
Tue May 1 11:10:18 UTC 2007
Author: fw
Date: 2007-05-01 11:10:15 +0000 (Tue, 01 May 2007)
New Revision: 5758
Modified:
data/CVE/list
Log:
normalize MyBB product names
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-05-01 11:04:07 UTC (rev 5757)
+++ data/CVE/list 2007-05-01 11:10:15 UTC (rev 5758)
@@ -789,9 +789,9 @@
CVE-2007-1965 (Multiple cross-site scripting (XSS) vulnerabilities in eXV2 CMS ...)
NOT-FOR-US: eXV2 CMS
CVE-2007-1964 (member.php in MyBB (aka MyBulletinBoard), when debug mode is ...)
- NOT-FOR-US: MyBulletinBoard
+ NOT-FOR-US: MyBB (aka MyBulletinBoard)
CVE-2007-1963 (SQL injection vulnerability in the create_session function in ...)
- NOT-FOR-US: MyBulletinBoard
+ NOT-FOR-US: MyBB (aka MyBulletinBoard)
CVE-2007-1962 (SQL injection vulnerability in index.php in the WF-Snippets 1.02 and ...)
NOT-FOR-US: WF-Snippets module for Xoops
CVE-2007-1961 (PHP remote file inclusion vulnerability in mutant_functions.php in the ...)
@@ -4337,7 +4337,7 @@
CVE-2007-0623 (SQL injection vulnerability in index.php in MAXdev MDPro 1.0.76 allows ...)
NOT-FOR-US: MAXdev MDPro
CVE-2007-0622 (Cross-site request forgery (CSRF) vulnerability in MyBB (aka ...)
- NOT-FOR-US: MyBulletinBoard
+ NOT-FOR-US: MyBB (aka MyBulletinBoard)
CVE-2007-0621
REJECTED
NOT-FOR-US: Microsoft Word
@@ -4505,7 +4505,7 @@
CVE-2007-0545 (Maxtricity Tagger 0.1 stores sensitive information under the web root ...)
NOT-FOR-US: Maxtricity Tagger
CVE-2007-0544 (Cross-site scripting (XSS) vulnerability in private.php in MyBB (aka ...)
- NOT-FOR-US: MyBulletinBoard
+ NOT-FOR-US: MyBB (aka MyBulletinBoard)
CVE-2007-0543 (ZixForum 1.14 and earlier stores sensitive information under the web ...)
NOT-FOR-US: ZixForum
CVE-2007-0542 (Cross-site scripting (XSS) vulnerability in show.php in 212cafe ...)
@@ -10198,9 +10198,9 @@
CVE-2006-4973 (Cross-site scripting (XSS) vulnerability in Default.aspx in Perpetual ...)
NOT-FOR-US: DotNetNuke
CVE-2006-4972 (Cross-site scripting (XSS) vulnerability in ...)
- NOT-FOR-US: MyBB
+ NOT-FOR-US: MyBB (aka MyBulletinBoard)
CVE-2006-4971 (MyBB (aka MyBulletinBoard) allows remote attackers to obtain sensitive ...)
- NOT-FOR-US: MyBB
+ NOT-FOR-US: MyBB (aka MyBulletinBoard)
CVE-2006-4970 (PHP remote file inclusion vulnerability in enc/content.php in WAHM ...)
NOT-FOR-US: Pie Cart Pro
CVE-2006-4969 (Multiple PHP remote file inclusion vulnerabilities in WAHM E-Commerce ...)
@@ -11382,7 +11382,7 @@
- phpbb2 2.0.21-1 (unimportant)
NOTE: That's by design and even disabled by default
CVE-2006-4449 (Cross-site scripting (XSS) vulnerability in attachment.php in ...)
- NOT-FOR-US: MyBulletinBoard (MyBB)
+ NOT-FOR-US: MyBB (aka MyBulletinBoard)
CVE-2006-4448 (Multiple PHP remote file inclusion vulnerabilities in interact 2.2, ...)
NOT-FOR-US: interact
CVE-2006-4447 (X.Org and XFree86, including libX11, xdm, xf86dga, xinit, xload, ...)
@@ -12530,9 +12530,9 @@
CVE-2006-3955 (Multiple PHP remote file inclusion vulnerabilities in MiniBB Forum ...)
NOT-FOR-US: MiniBB Forum
CVE-2006-3954 (Directory traversal vulnerability in usercp.php in MyBB (aka ...)
- NOT-FOR-US: mybb
+ NOT-FOR-US: MyBB (aka MyBulletinBoard)
CVE-2006-3953 (Cross-site scripting (XSS) vulnerability in usercp.php in MyBB (aka ...)
- NOT-FOR-US: mybb
+ NOT-FOR-US: MyBB (aka MyBulletinBoard)
CVE-2006-3952 (Stack-based buffer overflow in EFS Software Easy File Sharing FTP ...)
NOT-FOR-US: EFS Software Easy File Sharing FTP
CVE-2006-3951 (PHP remote file inclusion vulnerability in moodle.php in Mam-moodle ...)
@@ -12985,7 +12985,7 @@
CVE-2006-3776 (PHP remote file inclusion vulnerability in order/index.php in IDevSpot ...)
NOT-FOR-US: IDevSpot (1) PhpHostBot 1.0 and (2) AutoHost 3.0
CVE-2006-3775 (SQL injection vulnerability in the init function in class_session.php ...)
- NOT-FOR-US: MyBB
+ NOT-FOR-US: MyBB (aka MyBulletinBoard)
CVE-2006-3774 (PHP remote file inclusion vulnerability in performs.php in the ...)
NOT-FOR-US: perForms component (com_performs) for Joomla!
CVE-2006-3773 (PHP remote file inclusion vulnerability in smf.php in the SMF-Forum ...)
@@ -13013,13 +13013,13 @@
CVE-2006-3762 (The Touch Control ActiveX control 2.0.0.55 allows remote attackers to ...)
NOT-FOR-US: Touch Control ActiveX control
CVE-2006-3761 (Cross-site scripting (XSS) vulnerability in inc/functions_post.php in ...)
- NOT-FOR-US: MyBB
+ NOT-FOR-US: MyBB (aka MyBulletinBoard)
CVE-2006-3760 (Multiple SQL injection vulnerabilities in MyBB (aka MyBulletinBoard) ...)
- NOT-FOR-US: MyBB
+ NOT-FOR-US: MyBB (aka MyBulletinBoard)
CVE-2006-3759 (Unspecified vulnerability in MyBB (aka MyBulletinBoard) 1.1.4, related ...)
- NOT-FOR-US: MyBB
+ NOT-FOR-US: MyBB (aka MyBulletinBoard)
CVE-2006-3758 (inc/init.php in Archive Mode (Light) in MyBB (aka MyBulletinBoard) ...)
- NOT-FOR-US: MyBB
+ NOT-FOR-US: MyBB (aka MyBulletinBoard)
CVE-2006-3757 (index.php in Zen Cart 1.3.0.2 allows remote attackers to obtain ...)
NOT-FOR-US: Zen Cart
CVE-2006-3756 (Cross-site scripting (XSS) vulnerability in Geeklog 1.4.0sr4 and ...)
@@ -13775,7 +13775,7 @@
CVE-2006-3421 (PHP remote file inclusion vulnerability in SmartSiteCMS 1.0 and ...)
NOT-FOR-US: SmartSiteCMS
CVE-2006-3420 (Cross-site request forgery (CSRF) vulnerability in editpost.php in ...)
- NOT-FOR-US: MyBB
+ NOT-FOR-US: MyBB (aka MyBulletinBoard)
CVE-2006-3419 (Tor before 0.1.1.20 uses OpenSSL pseudo-random bytes ...)
- tor 0.1.1.20-1
CVE-2006-3418 (Tor before 0.1.1.20 does not validate that a server descriptor's ...)
@@ -14158,7 +14158,7 @@
CVE-2006-3244 (Multiple SQL injection vulnerabilities in Anthill 0.2.6 and earlier ...)
NOT-FOR-US: Anthill
CVE-2006-3243 (SQL injection vulnerability in usercp.php in MyBB (MyBulletinBoard) ...)
- NOT-FOR-US: MyBB
+ NOT-FOR-US: MyBB (aka MyBulletinBoard)
CVE-2006-3242 (Stack-based buffer overflow in the browse_get_namespace function in ...)
{DSA-1108}
- mutt 1.5.11+cvs20060403-2 (low; bug #375828)
@@ -14798,7 +14798,7 @@
CVE-2006-2950 (Net Portal Dynamic System (NPDS) 5.10 and earlier allows remote ...)
NOT-FOR-US: NPDS
CVE-2006-2949 (Cross-site scripting (XSS) vulnerability in private.php in MyBB 1.1.2 ...)
- NOT-FOR-US: MyBB
+ NOT-FOR-US: MyBB (aka MyBulletinBoard)
CVE-2006-2948 (A-CART 2.0 stores the acart2_0.mdb file under the web document root ...)
NOT-FOR-US: A-CART
CVE-2006-2947 (Dmx Forum 2.1a allows remote attackers to obtain username and password ...)
@@ -14895,7 +14895,7 @@
CVE-2006-2909 (Stack-based buffer overflow in the info tip shell extension ...)
NOT-FOR-US: PicoZip
CVE-2006-2908 (The domecode function in inc/functions_post.php in MyBulletinBoard ...)
- NOT-FOR-US: MyBB
+ NOT-FOR-US: MyBB (aka MyBulletinBoard)
CVE-2006-2907
RESERVED
CVE-2006-2906 (The LZW decoding in the gdImageCreateFromGifPtr function in the Thomas ...)
@@ -15676,7 +15676,7 @@
CVE-2006-2590 (SQL injection vulnerability in e107 before 0.7.5 allows remote ...)
NOT-FOR-US: e107
CVE-2006-2589 (SQL injection vulnerability in rss.php in MyBB (aka MyBulletinBoard) ...)
- NOT-FOR-US: MyBB
+ NOT-FOR-US: MyBB (aka MyBulletinBoard)
CVE-2006-2588 (Russcom PHPImages allows remote attackers to upload files of arbitrary ...)
NOT-FOR-US: Russcom PHPImages
CVE-2006-2587 (Buffer overflow in the WebTool HTTP server component in (1) PunkBuster ...)
@@ -16247,13 +16247,13 @@
CVE-2006-2337 (Directory traversal vulnerability in webcm in the D-Link DSL-G604T ...)
NOT-FOR-US: D-Link
CVE-2006-2336 (SQL injection vulnerability in showthread.php in MyBB (aka ...)
- NOT-FOR-US: MyBB
+ NOT-FOR-US: MyBB (aka MyBulletinBoard)
CVE-2006-2335 (Jelsoft vBulletin accepts uploads of Cascading Style Sheets (CSS) and ...)
NOT-FOR-US: vBulletin
CVE-2006-2334 (The RtlDosPathNameToNtPathName_U API function in NTDLL.DLL in ...)
NOT-FOR-US: Windows
CVE-2006-2333 (Multiple SQL injection vulnerabilities in MyBB (aka MyBulletinBoard) ...)
- NOT-FOR-US: MyBB
+ NOT-FOR-US: MyBB (aka MyBulletinBoard)
CVE-2006-2332 (Mozilla Firefox 1.5.0.3 allows remote attackers to cause a denial of ...)
NOTE: 1.5.dfsg+1.5.0.3-2 didn't crash or do anything but stutter on the sample pages, marking it fixed in there
- firefox 1.5.dfsg+1.5.0.3-2
@@ -16787,7 +16787,7 @@
CVE-2006-2104 (Multiple cross-site scripting (XSS) vulnerabilities in Kamgaing Email ...)
NOT-FOR-US: Kamgaing
CVE-2006-2103 (SQL injection vulnerability in MyBB (MyBulletinBoard) 1.1.1 allows ...)
- NOT-FOR-US: MyBB
+ NOT-FOR-US: MyBB (aka MyBulletinBoard)
CVE-2006-2102 (Directory traversal vulnerability in PowerISO 2.9 allows remote ...)
NOT-FOR-US: PowerISO
CVE-2006-2101 (Directory traversal vulnerability in WinISO 5.3 allows remote ...)
@@ -17098,7 +17098,7 @@
CVE-2006-1975 (Cross-site scripting (XSS) vulnerability in guestbook_newentry.php in ...)
NOT-FOR-US: PHP-Gastebuch
CVE-2006-1974 (SQL injection vulnerability in index.php in MyBB (MyBulletinBoard) ...)
- NOT-FOR-US: MyBB
+ NOT-FOR-US: MyBB (aka MyBulletinBoard)
CVE-2006-1973 (Multiple unspecified vulnerabilities in Linksys RT31P2 VoIP router ...)
NOT-FOR-US: Linksys router
CVE-2006-1972 (Cross-site scripting (XSS) vulnerability in EasyGallery.php in Wingnut ...)
@@ -17260,9 +17260,9 @@
CVE-2006-1913 (Cross-site scripting (XSS) vulnerability in jax_guestbook.php in Jax ...)
NOT-FOR-US: Jax Guestbook
CVE-2006-1912 (MyBB (MyBulletinBoard) 1.1.0 does not set the constant KILL_GLOBAL ...)
- NOT-FOR-US: MyBB
+ NOT-FOR-US: MyBB (aka MyBulletinBoard)
CVE-2006-1911 (Cross-site scripting (XSS) vulnerability in MyBB (MyBulletinBoard) 1.1 ...)
- NOT-FOR-US: MyBB
+ NOT-FOR-US: MyBB (aka MyBulletinBoard)
CVE-2006-1910 (config.php in S9Y Serendipity 1.0 beta 2 allows remote attackers to ...)
- serendipity 1.0-1
CVE-2006-1909 (Directory traversal vulnerability in index.php in Coppermine 1.4.4 ...)
@@ -17803,9 +17803,9 @@
CVE-2006-1718 (Magus Perde Clever Copy 3.0 and earlier stores sensitive information ...)
NOT-FOR-US: Clever Copy
CVE-2006-1717 (Cross-site scripting (XSS) vulnerability in newthread.php in MyBB (aka ...)
- NOT-FOR-US: MyBB
+ NOT-FOR-US: MyBB (aka MyBulletinBoard)
CVE-2006-1716 (Cross-site scripting (XSS) vulnerability in inc/functions_post.php in ...)
- NOT-FOR-US: MyBB
+ NOT-FOR-US: MyBB (aka MyBulletinBoard)
CVE-2006-1715 (Multiple directory traversal vulnerabilities in Christian Kindahl ...)
NOT-FOR-US: TUGZip
CVE-2006-1714 (CRLF injection vulnerability in index.php in Christoph Roeder ...)
@@ -18040,7 +18040,7 @@
CVE-2006-1626 (Internet Explorer 6 for Windows XP SP2 and earlier allows remote ...)
NOT-FOR-US: Internet Explorer
CVE-2006-1625 (Cross-site scripting (XSS) vulnerability in inc/functions_post.php in ...)
- NOT-FOR-US: MyBB
+ NOT-FOR-US: MyBB (aka MyBulletinBoard)
CVE-2006-1624 (The default configuration of syslogd in the Linux sysklogd package ...)
- sysklogd <unfixed> (unimportant)
NOTE: No sane person will open a network socket for syslog without apropriate
@@ -18771,7 +18771,7 @@
CVE-2006-1346 (Directory traversal vulnerability in inc/setLang.php in Greg ...)
NOT-FOR-US: Greg Neustaetter gCards
CVE-2006-1345 (polls.php in MyBB (aka MyBulletinBoard) 1.10 allows remote attackers ...)
- NOT-FOR-US: MyBB
+ NOT-FOR-US: MyBB (aka MyBulletinBoard)
CVE-2006-1344 (Cross-site scripting (XSS) vulnerability in VeriSign haydn.exe, as ...)
NOT-FOR-US: VeriSign haydn.exe
CVE-2006-1343 (net/ipv4/netfilter/ip_conntrack_core.c in Linux kernel 2.4 and 2.6, ...)
@@ -18896,9 +18896,9 @@
CVE-2006-1283 (opiepasswd in One-Time Passwords in Everything (OPIE) in FreeBSD ...)
- libpam-opie <not-affected> (FreeBSD specific vulnerability)
CVE-2006-1282 (CRLF injection vulnerability in inc/function.php in MyBulletinBoard ...)
- NOT-FOR-US: MyBB
+ NOT-FOR-US: MyBB (aka MyBulletinBoard)
CVE-2006-1281 (Cross-site scripting (XSS) vulnerability in member.php in ...)
- NOT-FOR-US: MyBB
+ NOT-FOR-US: MyBB (aka MyBulletinBoard)
CVE-2006-1280 (CGI::Session 4.03-1 does not set proper permissions on temporary files ...)
- libcgi-session-perl 4.07-1 (low; bug #356555)
[sarge] - libcgi-session-perl <no-dsa> (Minor issues)
@@ -18918,7 +18918,7 @@
CVE-2006-1273 (** DISPUTED ** ...)
NOT-FOR-US: Reportedly problem with a firefox addon
CVE-2006-1272 (Multiple cross-site scripting (XSS) vulnerabilities in member.php in ...)
- NOT-FOR-US: MyBB
+ NOT-FOR-US: MyBB (aka MyBulletinBoard)
CVE-2006-1271 (SQL injection vulnerability in index.php in OxyNews allows remote ...)
NOT-FOR-US: OxyNews
CVE-2006-1270 (Multiple cross-site scripting (XSS) vulnerabilities in zones.php in ...)
@@ -19402,7 +19402,7 @@
{DSA-1017-1}
- linux-2.6 2.6.16-1
CVE-2006-1065 (SQL injection vulnerability in search.php in MyBulletinBoard (MyBB) ...)
- NOT-FOR-US: MyBulletinBoard
+ NOT-FOR-US: MyBB (aka MyBulletinBoard)
CVE-2006-1064 (Multiple cross-site scripting (XSS) vulnerabilities in Lurker 2.0 and ...)
{DSA-999-1}
- lurker 2.1-1
@@ -19650,7 +19650,7 @@
CVE-2006-0960 (uConfig agent in Compex NetPassage WPE54G router allows remote ...)
NOT-FOR-US: Compex NetPassage WPE54G router
CVE-2006-0959 (SQL injection vulnerability in misc.php in MyBulletinBoard (MyBB) ...)
- NOT-FOR-US: MyBB
+ NOT-FOR-US: MyBB (aka MyBulletinBoard)
CVE-2006-0958 (Cross-site scripting (XSS) vulnerability in func.inc.php in ZoneO-Soft ...)
NOT-FOR-US: ZoneO-Soft freeForum
CVE-2006-0957 (Direct static code injection vulnerability in func.inc.php in ...)
@@ -20082,7 +20082,7 @@
CVE-2006-0771 (Format string vulnerability in PunkBuster 1.180 and earlier, as used ...)
NOT-FOR-US: PunkBuster
CVE-2006-0770 (Cross-site scripting (XSS) vulnerability in calendar.php in ...)
- NOT-FOR-US: MyBB
+ NOT-FOR-US: MyBB (aka MyBulletinBoard)
CVE-2006-0769 (Unspecified vulnerability in in.rexecd in Solaris 10 allows local ...)
NOT-FOR-US: Solaris
CVE-2006-0768 (Kadu 0.4.3 allows remote attackers to cause a denial of service ...)
@@ -20426,9 +20426,9 @@
CVE-2006-0640 (Orbicule Undercover allows attackers with physical or root access to ...)
NOT-FOR-US: Orbicule Undercover
CVE-2006-0639 (Cross-site scripting (XSS) vulnerability in search.php in MyBB (aka ...)
- NOT-FOR-US: MyBB
+ NOT-FOR-US: MyBB (aka MyBulletinBoard)
CVE-2006-0638 (SQL injection vulnerability in moderation.php in MyBB (aka ...)
- NOT-FOR-US: MyBB
+ NOT-FOR-US: MyBB (aka MyBulletinBoard)
CVE-2006-0637 (Buffer overflow in cram.dll in QUALCOMM Eudora WorldMail 3.0 allows ...)
NOT-FOR-US: QUALCOMM Eudora WorldMail
CVE-2006-0636 (desktop.php in eyeOS 0.8.9 and earlier tests for the existence of the ...)
@@ -20691,7 +20691,7 @@
CVE-2006-0524 (Cross-site scripting (XSS) vulnerability in ashnews.php in Derek ...)
NOT-FOR-US: Derek Ashauer ashnews
CVE-2006-0523 (SQL injection vulnerability in global.php in MyBB before 1.03 allows ...)
- NOT-FOR-US: MyBB
+ NOT-FOR-US: MyBB (aka MyBulletinBoard)
CVE-2006-0522 (SQL injection vulnerability in the Authentication Servlet in Symantec ...)
NOT-FOR-US: Symantec Sygate Management Server
CVE-2006-0521 (Cross-site scripting (XSS) vulnerability in results.php in BrowserCRM ...)
@@ -20766,9 +20766,9 @@
- iceape <unfixed>
- xulrunner <unfixed>
CVE-2006-0495 (Cross-site scripting (XSS) vulnerability in the Add Thread to ...)
- NOT-FOR-US: MyBB
+ NOT-FOR-US: MyBB (aka MyBulletinBoard)
CVE-2006-0494 (Directory traversal vulnerability in MyBB (aka MyBulletinBoard) 1.02 ...)
- NOT-FOR-US: MyBB
+ NOT-FOR-US: MyBB (aka MyBulletinBoard)
CVE-2006-0493 (Cross-site scripting (XSS) vulnerability in MG2 (formerly known as ...)
NOT-FOR-US: MG2
CVE-2006-0492 (Multiple SQL injection vulnerabilities in Calendarix allow remote ...)
@@ -20820,7 +20820,7 @@
CVE-2006-0471 (Cross-site scripting (XSS) vulnerability in the bbcode function in ...)
NOT-FOR-US: My little homepage
CVE-2006-0470 (Cross-site scripting (XSS) vulnerability in search.php in ...)
- NOT-FOR-US: MyBB
+ NOT-FOR-US: MyBB (aka MyBulletinBoard)
CVE-2006-0469 (Cross-site scripting (XSS) vulnerability in UebiMiau 2.7.9, and ...)
NOT-FOR-US: uebimiau
NOTE: this had an ITP back in 2002, but it never was done (bug #164116)
@@ -20967,7 +20967,7 @@
CVE-2006-0443 (Cross-site scripting (XSS) vulnerability in archive.php in CheesyBlog ...)
NOT-FOR-US: CheesyBlog
CVE-2006-0442 (Multiple cross-site scripting (XSS) vulnerabilities in usercp.php in ...)
- NOT-FOR-US: MyBB
+ NOT-FOR-US: MyBB (aka MyBulletinBoard)
CVE-2006-0441 (Stack-based buffer overflow in Sami FTP Server 2.0.1 allows remote ...)
NOT-FOR-US: Sami FTP Server
CVE-2006-0440 (Text Rider 2.4 allows attackers to bypass authentication and upload ...)
@@ -21062,7 +21062,7 @@
CVE-2006-0407 (Cross-site scripting (XSS) vulnerability in post.php in AZ Bulletin ...)
NOT-FOR-US: AZ Bulletin Board
CVE-2006-0406 (search.php in MyBB 1.0.2 allows remote attackers to obtain sensitive ...)
- NOT-FOR-US: MyBB
+ NOT-FOR-US: MyBB (aka MyBulletinBoard)
CVE-2006-0405 (The TIFFFetchShortPair function in tif_dirread.c in libtiff 3.8.0 ...)
- tiff 3.8.0-2 (bug #350715)
[sarge] - tiff <not-affected> (Vulnerability was introduced later)
@@ -21151,7 +21151,7 @@
CVE-2006-0365 (Cross-site scripting (XSS) vulnerability in XMB (aka extreme message ...)
NOT-FOR-US: XMB
CVE-2006-0364 (Cross-site scripting (XSS) vulnerability in MyBulletinBoard (MyBB) ...)
- NOT-FOR-US: MyBB
+ NOT-FOR-US: MyBB (aka MyBulletinBoard)
CVE-2006-0363 (The "Remember my Password" feature in MSN Messenger 7.5 stores ...)
NOT-FOR-US: MSN Messenger
CVE-2006-0362 (TippingPoint Intrusion Prevention System (IPS) TOS before 2.1.4.6324, ...)
@@ -21508,9 +21508,9 @@
CVE-2006-0220 (Multiple cross-site scripting (XSS) vulnerabilities in DCP-Portal 5.3 ...)
NOT-FOR-US: DCP-Portal
CVE-2006-0219 (The original distribution of MyBulletinBoard (MyBB) to update from ...)
- NOT-FOR-US: MyBB
+ NOT-FOR-US: MyBB (aka MyBulletinBoard)
CVE-2006-0218 (Multiple unspecified vulnerabilities in MyBulletinBoard (MyBB) before ...)
- NOT-FOR-US: MyBB
+ NOT-FOR-US: MyBB (aka MyBulletinBoard)
CVE-2006-0217 (Multiple cross-site scripting (XSS) vulnerabilities in Ultimate ...)
NOT-FOR-US: Ultimate Auction
CVE-2006-0216 (admin.php in QualityEBiz Quality PPC (QPPC) 1.0 build 1644 allows ...)
@@ -22029,9 +22029,9 @@
CVE-2005-4604 (Buffer overflow in MTink in the printer-filters-utils package allows ...)
- mtink <not-affected> (mtink not installed SUID root)
CVE-2005-4603 (Cross-site scripting (XSS) vulnerability in printthread.php in MyBB ...)
- NOT-FOR-US: MyBB
+ NOT-FOR-US: MyBB (aka MyBulletinBoard)
CVE-2005-4602 (SQL injection vulnerability in inc/function_upload.php in MyBB before ...)
- NOT-FOR-US: MyBB
+ NOT-FOR-US: MyBB (aka MyBulletinBoard)
CVE-2005-4600 (tiny_mce_gzip.php in TinyMCE Compressor PHP before 1.06 allows remote ...)
TODO: check wordpress
NOTE: pinged maintainer
@@ -22973,9 +22973,9 @@
CVE-2005-4201 (Directory traversal vulnerability in My Album Online 1.0 allows remote ...)
NOT-FOR-US: My Album Online
CVE-2005-4200 (Multiple unspecified vulnerabilities in MyBulletinBoard (MyBB) before ...)
- NOT-FOR-US: MyBB
+ NOT-FOR-US: MyBB (aka MyBulletinBoard)
CVE-2005-4199 (Multiple SQL injection vulnerabilities in MyBulletinBoard (MyBB) ...)
- NOT-FOR-US: MyBB
+ NOT-FOR-US: MyBB (aka MyBulletinBoard)
CVE-2005-4198 (SQL injection vulnerability in index.php in Netref 3.0 allows remote ...)
NOT-FOR-US: Netref
CVE-2005-4197 (tunnelform.yaws in Nortel SSL VPN 4.2.1.6 allows remote attackers to ...)
@@ -24084,11 +24084,11 @@
CVE-2005-3779 (Unspecified vulnerability in xterm for HP-UX 11.00, 11.11, and 11.23 ...)
NOT-FOR-US: HP-UX
CVE-2005-3778 (Unspecified vulnerability in MyBulletinBoard (MyBB) before 1.0 PR2 Rev ...)
- NOT-FOR-US: MyBB
+ NOT-FOR-US: MyBB (aka MyBulletinBoard)
CVE-2005-3777 (MyBulletinBoard (MyBB) 1.0 PR2 Rev 686 allows remote attackers to ...)
- NOT-FOR-US: MyBB
+ NOT-FOR-US: MyBB (aka MyBulletinBoard)
CVE-2005-3776 (Multiple cross-site scripting (XSS) vulnerabilities in MyBulletinBoard ...)
- NOT-FOR-US: MyBB
+ NOT-FOR-US: MyBB (aka MyBulletinBoard)
CVE-2005-3775 (PHP remote file inclusion vulnerability in pollvote.php in PollVote ...)
NOT-FOR-US: PollVote
CVE-2005-3774 (Cisco PIX 6.3 and 7.0 allows remote attackers to cause a denial of ...)
@@ -25593,7 +25593,7 @@
CVE-2005-3327 (Network Appliance Data ONTAP 7.0 and earlier allows iSCSI Initiators ...)
NOT-FOR-US: Data ONTAP
CVE-2005-3326 (SQL injection vulnerability in usercp.php in MyBulletinBoard (MyBB) ...)
- NOT-FOR-US: MyBB
+ NOT-FOR-US: MyBB (aka MyBulletinBoard)
CVE-2005-3325 (SQL injection vulnerability in base_qry_main.php in Analysis Console ...)
{DSA-893-1}
- acidbase 1.2.1-1 (bug #335998; bug #336788; medium)
@@ -26890,7 +26890,7 @@
CVE-2005-2889 (Check Point NGX R60 does not properly verify packets against the ...)
NOT-FOR-US: Check Point
CVE-2005-2888 (Multiple SQL injection vulnerabilities in MyBulletinBoard (MyBB) ...)
- NOT-FOR-US: MyBB
+ NOT-FOR-US: MyBB (aka MyBulletinBoard)
CVE-2005-2887 (MAXdev MD-Pro 1.0.73, and possibly earlier versions, allows remote ...)
NOT-FOR-US: MAXDev MD-Pro
CVE-2005-2886 (Multiple cross-site scripting (XSS) vulnerabilities in MAXdev MD-Pro ...)
@@ -27167,7 +27167,7 @@
CVE-2005-2779 (The iTAN Online-Banking Security System allows remote attackers to ...)
NOT-FOR-US: iTAN
CVE-2005-2778 (SQL injection vulnerability in member.php in MyBulletinBoard (MyBB) ...)
- NOT-FOR-US: MyBB
+ NOT-FOR-US: MyBB (aka MyBulletinBoard)
CVE-2005-2777 (Looking Glass 20040427 allows remote attackers to execute arbitrary ...)
NOT-FOR-US: Looking Glass
CVE-2005-2776 (Multiple cross-site scripting (XSS) vulnerabilities in Looking Glass ...)
@@ -27359,7 +27359,7 @@
CVE-2005-2698 (Cross-site scripting (XSS) vulnerability in browse.php in Nephp ...)
NOT-FOR-US: Nephp Publisher Enterprise
CVE-2005-2697 (SQL injection vulnerability in search.php for MyBulletinBoard (MyBB) ...)
- NOT-FOR-US: MyBB
+ NOT-FOR-US: MyBB (aka MyBulletinBoard)
CVE-2005-2696 (IBM Lotus Notes does not properly restrict access to password hashes ...)
NOT-FOR-US: Notes
CVE-2005-2695 (Unspecified vulnerability in the SSL certificate checking ...)
@@ -27861,7 +27861,7 @@
CVE-2005-2581 (Grandstream BudgeTone 101 and 102 running firmware 1.0.6.7 and ...)
NOT-FOR-US: Grandstream BudgeTone
CVE-2005-2580 (Multiple SQL injection vulnerabilities in MyBulletinBoard (MyBB) 1.00 ...)
- NOT-FOR-US: MyBB
+ NOT-FOR-US: MyBB (aka MyBulletinBoard)
CVE-2005-2579 (Nortel Contivity VPN Client V05_01.030, when configuring a certificate ...)
NOT-FOR-US: Contivity
CVE-2005-2578
@@ -31412,9 +31412,9 @@
CVE-2005-1834 (SQL injection vulnerability in login.asp in NEXTWEB (i)Site allows ...)
NOT-FOR-US: NEXTWEB
CVE-2005-1833 (Multiple SQL injection vulnerabilities in MyBulletinBoard (MyBB) 1.00 ...)
- NOT-FOR-US: MyBB
+ NOT-FOR-US: MyBB (aka MyBulletinBoard)
CVE-2005-1832 (Multiple cross-site scripting (XSS) vulnerabilities in MyBulletinBoard ...)
- NOT-FOR-US: MyBB
+ NOT-FOR-US: MyBB (aka MyBulletinBoard)
CVE-2005-1831 (** DISPUTED ** ...)
- sudo <not-affected> (Unreproducable, seems like a broken PAM setup on the submitter's side)
CVE-2005-1830 (The DbgMsg.sys driver in Compuware SoftICE DriverStudio 3.1 and 3.2 ...)
@@ -31456,7 +31456,7 @@
CVE-2005-1812 (Multiple stack-based buffer overflows in FutureSoft TFTP Server ...)
NOT-FOR-US: FutureSoft TFTP Server
CVE-2005-1811 (Cross-site scripting (XSS) vulnerability in usercp.php for ...)
- NOT-FOR-US: MyBB
+ NOT-FOR-US: MyBB (aka MyBulletinBoard)
CVE-2005-1810 (SQL injection vulnerability in template-functions-category.php in ...)
- wordpress 1.5.1.2-1
CVE-2005-1809 (Sony Ericsson P900 Beamer allows remote attackers to cause a denial of ...)
@@ -37038,7 +37038,7 @@
CVE-2005-0283 (Directory traversal vulnerability in index.php in QwikiWiki allows ...)
NOT-FOR-US: QwikiWiki
CVE-2005-0282 (SQL injection vulnerability in member.php in MyBulletinBoard (MyBB) ...)
- NOT-FOR-US: MyBB
+ NOT-FOR-US: MyBB (aka MyBulletinBoard)
CVE-2005-0281 (Cross-site scripting (XSS) vulnerability in the web interface in ...)
NOT-FOR-US: Soldner Secret
CVE-2005-0280 (Format string vulnerability in Soldner Secret Wars 30830 and earlier ...)
More information about the Secure-testing-commits
mailing list