[Secure-testing-commits] r10153 - data/CVE
nion at alioth.debian.org
nion at alioth.debian.org
Thu Oct 23 18:15:26 UTC 2008
Author: nion
Date: 2008-10-23 18:15:25 +0000 (Thu, 23 Oct 2008)
New Revision: 10153
Modified:
data/CVE/list
Log:
two new drupal issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-10-22 21:14:09 UTC (rev 10152)
+++ data/CVE/list 2008-10-23 18:15:25 UTC (rev 10153)
@@ -1,3 +1,10 @@
+CVE-2008-XXXX [local file inclusion in drupal]
+ - drupal6 <unfixed> (low; bug #503222)
+ - drupal5 <unfixed> (low; bug #503217)
+CVE-2008-XXXX [XSS in book module in drupal]
+ - drupal6 <unfixed> (low; bug #503222)
+ - drupal5 <unfixed> (low; bug #503217)
+ TODO: check if druapal5 really has this vulnerability, the code looks different
CVE-2008-4676 (Unspecified vulnerability in Citrix XenApp (formerly Presentation ...)
TODO: check
CVE-2008-4675 (SQL injection vulnerability in index.php in PHPcounter 1.3.2 and ...)
More information about the Secure-testing-commits
mailing list