[Secure-testing-commits] r11245 - data/CVE
jamie-guest at alioth.debian.org
jamie-guest at alioth.debian.org
Fri Feb 20 22:40:21 UTC 2009
Author: jamie-guest
Date: 2009-02-20 22:40:20 +0000 (Fri, 20 Feb 2009)
New Revision: 11245
Modified:
data/CVE/list
Log:
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-02-20 21:14:11 UTC (rev 11244)
+++ data/CVE/list 2009-02-20 22:40:20 UTC (rev 11245)
@@ -1,53 +1,53 @@
CVE-2009-0648 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
- TODO: check
+ NOT-FOR-US: Falt4 CMS
CVE-2009-0647 (msnmsgr.exe in Windows Live Messenger (WLM) 2009 build 14.0.8064.206, ...)
- TODO: check
+ NOT-FOR-US: Windows Live Messenger
CVE-2008-6212 (Cross-site scripting (XSS) vulnerability in admin.php in Php-Stats ...)
- TODO: check
+ NOT-FOR-US: Php-Stats
CVE-2008-6211 (Multiple cross-site scripting (XSS) vulnerabilities in PhpForums.net ...)
- TODO: check
+ NOT-FOR-US: PhpForums.net mcGallery
CVE-2008-6210 (SQL injection vulnerability in index.php in dream4 Koobi 4.4 and 5.4 ...)
- TODO: check
+ NOT-FOR-US: dream4 Koobi
CVE-2008-6209 (SQL injection vulnerability in view_product.php in Vastal I-Tech ...)
- TODO: check
+ NOT-FOR-US: Vastal I-Tech Software Zone
CVE-2008-6208 (Cross-site scripting (XSS) vulnerability in submitnews.php in e107 CMS ...)
- TODO: check
+ NOT-FOR-US: e107 CMS
CVE-2008-6207 (Unrestricted file upload vulnerability in form_upload.php in PHPG ...)
- TODO: check
+ NOT-FOR-US: PHPG Upload
CVE-2008-6206 (Multiple PHP remote file inclusion vulnerabilities in RobotStats 0.1 ...)
- TODO: check
+ NOT-FOR-US: RobotStats
CVE-2008-6205 (Cross-site scripting (XSS) vulnerability in seeurl.php in Xavier ...)
- TODO: check
+ NOT-FOR-US: Xavier Flahaut URLStreet
CVE-2008-6204 (Multiple SQL injection vulnerabilities in SuperNET Shop 1.0 and ...)
- TODO: check
+ NOT-FOR-US: SuperNET Shop
CVE-2008-6203 (SQL injection vulnerability in adminler.asp in CoBaLT 2.0 allows ...)
- TODO: check
+ NOT-FOR-US: CoBaLT
CVE-2008-6202 (SQL injection vulnerability in CoBaLT 1.0 allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: CoBaLT
CVE-2008-6201 (Directory traversal vulnerability in help.php in the eskuel module in ...)
- TODO: check
+ NOT-FOR-US: KwsPHP
CVE-2008-6200 (Multiple cross-site scripting (XSS) vulnerabilities in Swiki 1.5 allow ...)
- TODO: check
+ NOT-FOR-US: Swiki
CVE-2008-6199 (2532designs 2532|Gigs 1.2.2 and earlier allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: 2532designs 2532|Gigs
CVE-2008-6198 (SQL injection vulnerability in pages.php in Custom Pages 1.0 plugin ...)
- TODO: check
+ NOT-FOR-US: Custom Pages 1.0 plugin for MyBulletinBoard
CVE-2008-6197 (SQL injection vulnerability in index.php in the galerie module for ...)
- TODO: check
+ NOT-FOR-US: KwsPHP
CVE-2008-6196 (Multiple PHP remote file inclusion vulnerabilities in Philippe CROCHAT ...)
- TODO: check
+ NOT-FOR-US: Philippe CROCHAT EasySite
CVE-2008-6195 (Directory traversal vulnerability in the PXE TFTP Service ...)
- TODO: check
+ NOT-FOR-US: LANDesk Management Suite
CVE-2008-6194 (Memory leak in the DNS server in Microsoft Windows allows remote ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2008-6193 (Sam Crew MyBlog stores passwords in cleartext in a MySQL database, ...)
- TODO: check
+ NOT-FOR-US: Sam Crew MyBlog
CVE-2008-6192 (Multiple cross-site scripting (XSS) vulnerabilities in unspecified ...)
- TODO: check
+ NOT-FOR-US: Sun Java System Portal Server
CVE-2008-6191 (Conductor.exe in Intrinsic Swimage Encore before 5.0.1.21 contains a ...)
- TODO: check
+ NOT-FOR-US: Intrinsic Swimage Encore
CVE-2008-6190 (Cross-site scripting (XSS) vulnerability in index.php in EEBCMS 0.95 ...)
- TODO: check
+ NOT-FOR-US: EEBCMS
CVE-2008-6189 (SQL injection vulnerability in GForge 4.5.19 allows remote attackers ...)
TODO: check
CVE-2008-6188 (SQL injection vulnerability in people/editprofile.php in Gforge 4.6 ...)
@@ -55,45 +55,45 @@
CVE-2008-6187 (SQL injection vulnerability in frs/shownotes.php in Gforge 4.5.19 and ...)
TODO: check
CVE-2008-6186 (Stack-based buffer overflow in RaidenFTPD 2.4 build 3620 allows remote ...)
- TODO: check
+ NOT-FOR-US: RaidenFTPD
CVE-2008-6185 (NoticeWare Email Server NG 5.1.2.2 allows remote attackers to cause a ...)
- TODO: check
+ NOT-FOR-US: NoticeWare Email Server NG
CVE-2008-6184 (SQL injection vulnerability in the OwnBiblio (com_ownbiblio) component ...)
- TODO: check
+ NOT-FOR-US: Joomla!
CVE-2008-6183 (Multiple directory traversal vulnerabilities in index.php in My PHP ...)
- TODO: check
+ NOT-FOR-US: My PHP Indexer
CVE-2008-6182 (SQL injection vulnerability in the Ignite Gallery (com_ignitegallery) ...)
- TODO: check
+ NOT-FOR-US: Joomla!
CVE-2008-6181 (SQL injection vulnerability in the Mad4Joomla Mailforms ...)
- TODO: check
+ NOT-FOR-US: Joomla!
CVE-2008-6180 (SQL injection vulnerability in system/nlb_user.class.php in NewLife ...)
- TODO: check
+ NOT-FOR-US: NewLife Blogger
CVE-2008-6179 (SQL injection vulnerability in sug_cat.php in IndexScript 3.0 allows ...)
- TODO: check
+ NOT-FOR-US: IndexScript
CVE-2008-6178 (Unrestricted file upload vulnerability in ...)
TODO: check
CVE-2008-6177 (Multiple directory traversal vulnerabilities in LightBlog 9.8, when ...)
- TODO: check
+ NOT-FOR-US: LightBlog
CVE-2008-6176 (bootstrap.inc in Drupal 5.x before 5.12 and 6.x before 6.6, when the ...)
TODO: check
CVE-2008-6175 (SilverSHielD 1.0.2.34 allows remote attackers to cause a denial of ...)
- TODO: check
+ NOT-FOR-US: SilverSHielD
CVE-2008-6174 (Cross-site scripting (XSS) vulnerability in admin/postlister/index.php ...)
- TODO: check
+ NOT-FOR-US: Jetbox CMS
CVE-2008-6173 (Cross-site scripting (XSS) vulnerability in fullscreen.php in ...)
- TODO: check
+ NOT-FOR-US: ClipShare Pro
CVE-2008-6172 (Directory traversal vulnerability in captcha/captcha_image.php in the ...)
- TODO: check
+ NOT-FOR-US: Joomla!
CVE-2008-6171 (Drupal 5.x before 5.12 and 6.x before 6.6, when the server is ...)
TODO: check
CVE-2008-6170 (Cross-site scripting (XSS) vulnerability in Drupal 5.x before 5.12 and ...)
TODO: check
CVE-2008-6169 (Cross-site request forgery (CSRF) vulnerability in the Localization ...)
- TODO: check
+ NOT-FOR-US: Localization modules for Drupal
CVE-2008-6168 (Cross-site scripting (XSS) vulnerability in search.php in miniPortail ...)
- TODO: check
+ NOT-FOR-US: miniPortail
CVE-2008-6167 (Directory traversal vulnerability in search.php in miniPortail 2.2 and ...)
- TODO: check
+ NOT-FOR-US: miniPortail
CVE-2009-0646 (Multiple SQL injection vulnerabilities in 4Site CMS 2.6 and earlier ...)
NOT-FOR-US: 4Site CMS
CVE-2009-0645 (Directory traversal vulnerability in index.php in Jaws 0.8.8 allows ...)
@@ -101,13 +101,13 @@
CVE-2009-0644 (The HTTP interface in Swann DVR4-SecuraNet has a certain default ...)
NOT-FOR-US: Swann DVR4-SecuraNet
CVE-2009-0643 (Static code injection vulnerability in post.php in Simple PHP News 1.0 ...)
- TODO: check
+ NOT-FOR-US: Simple PHP News
CVE-2009-0642 (ext/openssl/ossl_ocsp.c in Ruby 1.8 and 1.9 does not properly check ...)
TODO: check
CVE-2009-0641 (sys_term.c in telnetd in FreeBSD 7.0-RELEASE and other 7.x versions ...)
TODO: check
CVE-2009-0640 (Directory traversal vulnerability in the administrative web server in ...)
- TODO: check
+ NOT-FOR-US: Swann DVR4-SecuraNet
CVE-2009-0639 (PHP remote file inclusion vulnerability in moduli/libri/index.php in ...)
NOT-FOR-US: phpyabs
CVE-2008-6166 (SQL injection vulnerability in the KBase (com_kbase) 1.2 component for ...)
@@ -115,11 +115,11 @@
CVE-2008-6165 (SQL injection vulnerability in gestion.php in CSPartner 0.1, when ...)
NOT-FOR-US: CSPartner
CVE-2008-6164 (Cross-site scripting (XSS) vulnerability in index.php in DreamCost ...)
- TODO: check
+ NOT-FOR-US: DreamCost HostAdmin
CVE-2008-6163 (SQL injection vulnerability in www/delivery/ac.php in OpenX 2.6.1 ...)
- TODO: check
+ NOT-FOR-US: OpenX
CVE-2008-6162 (Bux.to Clone script allows remote attackers to bypass authentication ...)
- TODO: check
+ NOT-FOR-US: Bux.to Clone script
CVE-2008-6161 (Cross-site scripting (XSS) vulnerability in WOW Raid Manager (WRM) ...)
NOT-FOR-US: WOW Raid Manager
CVE-2008-6160 (Semantically-Interconnected Online Communities (SIOC) 5.x before ...)
More information about the Secure-testing-commits
mailing list