[Secure-testing-commits] r10173 - data/CVE
white at alioth.debian.org
white at alioth.debian.org
Mon Oct 27 08:37:19 UTC 2008
Author: white
Date: 2008-10-27 08:37:18 +0000 (Mon, 27 Oct 2008)
New Revision: 10173
Modified:
data/CVE/list
Log:
new wordpress issue; joomla module NFU
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-10-27 08:27:59 UTC (rev 10172)
+++ data/CVE/list 2008-10-27 08:37:18 UTC (rev 10173)
@@ -148,13 +148,14 @@
CVE-2008-4672 (Cross-site scripting (XSS) vulnerability in search_results.php in ...)
NOT-FOR-US: buymyscripts Lyrics Script
CVE-2008-4671 (Cross-site scripting (XSS) vulnerability in wp-admin/wp-blogs.php in ...)
- TODO: check
+ - wordpress <unfixed> (low; bug #503642)
+ NOTE: http://lists.grok.org.uk/pipermail/full-disclosure/2008-September/064748.html
CVE-2008-4670 (Cross-site scripting (XSS) vulnerability in search.php in Ed Pudol ...)
NOT-FOR-US: Ed Pudol Clickbank Portal
CVE-2008-4669 (Cross-site scripting (XSS) vulnerability in search.php in Dan Fletcher ...)
NOT-FOR-US: Dan Fletcher Recipe Script
CVE-2008-4668 (Directory traversal vulnerability in the Image Browser ...)
- TODO: check
+ NOT-FOR-US: additional Joomla! module
CVE-2008-4667 (Directory traversal vulnerability in rss.php in ArabCMS 2.0 beta 1 ...)
NOT-FOR-US: ArabCMS
CVE-2008-4666 (SQL injection vulnerability in webboard.php in Ultimate Webboard 3.00 ...)
More information about the Secure-testing-commits
mailing list