[Secure-testing-commits] r10177 - data/CVE
nion at alioth.debian.org
nion at alioth.debian.org
Mon Oct 27 09:01:27 UTC 2008
Author: nion
Date: 2008-10-27 09:01:25 +0000 (Mon, 27 Oct 2008)
New Revision: 10177
Modified:
data/CVE/list
Log:
NFUs
CVE-2008-4671 does not affect wordpress
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-10-27 08:50:06 UTC (rev 10176)
+++ data/CVE/list 2008-10-27 09:01:25 UTC (rev 10177)
@@ -149,14 +149,13 @@
CVE-2008-4672 (Cross-site scripting (XSS) vulnerability in search_results.php in ...)
NOT-FOR-US: buymyscripts Lyrics Script
CVE-2008-4671 (Cross-site scripting (XSS) vulnerability in wp-admin/wp-blogs.php in ...)
- - wordpress <unfixed> (low; bug #503642)
- NOTE: http://lists.grok.org.uk/pipermail/full-disclosure/2008-September/064748.html
+ - wordpress <not-affected> (Vulnerable code only in mulitiuser wordpress)
CVE-2008-4670 (Cross-site scripting (XSS) vulnerability in search.php in Ed Pudol ...)
NOT-FOR-US: Ed Pudol Clickbank Portal
CVE-2008-4669 (Cross-site scripting (XSS) vulnerability in search.php in Dan Fletcher ...)
NOT-FOR-US: Dan Fletcher Recipe Script
CVE-2008-4668 (Directory traversal vulnerability in the Image Browser ...)
- NOT-FOR-US: additional Joomla! module
+ NOT-FOR-US: com_imagebrowser for Joomla!
CVE-2008-4667 (Directory traversal vulnerability in rss.php in ArabCMS 2.0 beta 1 ...)
NOT-FOR-US: ArabCMS
CVE-2008-4666 (SQL injection vulnerability in webboard.php in Ultimate Webboard 3.00 ...)
@@ -170,21 +169,21 @@
CVE-2008-4662 (Directory traversal vulnerability in admin.php in LokiCMS 0.3.4, when ...)
NOT-FOR-US: LokiCMS
CVE-2008-4661 (Cross-site scripting (XSS) vulnerability in the Page Improvements ...)
- NOT-FOR-US: Page Improvements module for typo3
+ NOT-FOR-US: sm_pageimprovements for Typo3
CVE-2008-4660 (SQL injection vulnerability in the M1 Intern (m1_intern) 1.0.0 ...)
- NOT-FOR-US: M1 Intern module for typo3
+ NOT-FOR-US: m1_intern for Typo3
CVE-2008-4659 (SQL injection vulnerability in the Mannschaftsliste ...)
- NOT-FOR-US: Mannschaftsliste module for typo3
+ NOT-FOR-US: kiddog_playerlist for Typo3
CVE-2008-4658 (SQL injection vulnerability in the JobControl (dmmjobcontrol) 1.15.4 ...)
- NOT-FOR-US: JobControl module for typo3
+ NOT-FOR-US: dmmjobcontrol for Typo3
CVE-2008-4657 (SQL injection vulnerability in the Econda Plugin (econda) 0.0.2 and ...)
- NOT-FOR-US: Econda plugin for typo3
+ NOT-FOR-US: econda for Typo3
CVE-2008-4656 (SQL injection vulnerability in the Frontend Users View (feusersview) ...)
- NOT-FOR-US: Frontend Users View module for typo3
+ NOT-FOR-US: fersview for Typo3
CVE-2008-4655 (SQL injection vulnerability in the Simple survey (simplesurvey) 1.7.0 ...)
- NOT-FOR-US: Simple survey module for typo3
+ NOT-FOR-US: simplesurvey for Typo3
CVE-2008-4653 (SQL injection vulnerability in makale.php in Makale 0.26 and possibly ...)
- NOT-FOR-US: XOOPS module
+ NOT-FOR-US: Makale module for XOOPS
CVE-2008-4652 (Buffer overflow in the ActiveX control (DartFtp.dll) in Dart ...)
NOT-FOR-US: Dart Communications PowerTCP FTP
CVE-2008-4651 (Multiple SQL injection vulnerabilities in Jetbox CMS 2.1 allow remote ...)
More information about the Secure-testing-commits
mailing list