[Secure-testing-commits] r14465 - data/CVE

Joey Hess joeyh at alioth.debian.org
Mon Apr 12 21:14:56 UTC 2010 

Author: joeyh
Date: 2010-04-12 21:14:50 +0000 (Mon, 12 Apr 2010)
New Revision: 14465

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-04-12 14:54:15 UTC (rev 14464)
+++ data/CVE/list	2010-04-12 21:14:50 UTC (rev 14465)
@@ -1,39 +1,39 @@
-CVE-2010-1346
+CVE-2010-1346 (SQL injection vulnerability in admin/login.php in Mini CMS RibaFS 1.0, ...)
 	NOT-FOR-US: Mini CMS RibaFS
-CVE-2010-1345
+CVE-2010-1345 (Directory traversal vulnerability in the Cookex Agency CKForms ...)
 	NOT-FOR-US: Joomla!
-CVE-2010-1344
+CVE-2010-1344 (SQL injection vulnerability in the Cookex Agency CKForms (com_ckforms) ...)
 	NOT-FOR-US: Joomla!
-CVE-2010-1343
+CVE-2010-1343 (SQL injection vulnerability in photo.php in SiteX 0.7.4 beta allows ...)
 	NOT-FOR-US: SiteX
-CVE-2010-1342
+CVE-2010-1342 (Multiple PHP remote file inclusion vulnerabilities in Direct News ...)
 	NOT-FOR-US: Direct News
-CVE-2010-1341
+CVE-2010-1341 (SQL injection vulnerability in index.php in Systemsoftware Community ...)
 	NOT-FOR-US: Systemsoftware Community Black Forum
-CVE-2010-1340
+CVE-2010-1340 (Directory traversal vulnerability in jresearch.php in the J!Research ...)
 	NOT-FOR-US: Joomla!
-CVE-2010-1339
+CVE-2010-1339 (Cross-site scripting (XSS) vulnerability in ts_other.php in the ...)
 	NOT-FOR-US: Teamsite Hack plugin
-CVE-2010-1338
+CVE-2010-1338 (SQL injection vulnerability in ts_other.php in the Teamsite Hack ...)
 	NOT-FOR-US: Teamsite Hack plugin
-CVE-2010-1337
+CVE-2010-1337 (Multiple PHP remote file inclusion vulnerabilities in definitions.php ...)
 	NOT-FOR-US: Lussumo Vanilla
-CVE-2010-1336
+CVE-2010-1336 (Multiple SQL injection vulnerabilities in INVOhost 3.4 allow remote ...)
 	NOT-FOR-US: INVOhost
-CVE-2010-1335
+CVE-2010-1335 (Multiple PHP remote file inclusion vulnerabilities in Insky CMS ...)
 	NOT-FOR-US: Insky CMS
-CVE-2010-1334
+CVE-2010-1334 (Unrestricted file upload vulnerability in Pulse CMS Basic 1.2.4 allows ...)
 	NOT-FOR-US: Pulse CMS Basic
-CVE-2010-1333
+CVE-2010-1333 (Multiple cross-site scripting (XSS) vulnerabilities in Almas Inc. ...)
 	NOT-FOR-US: Almas Inc. Compiere J300_A02
 CVE-2010-XXXX [irssi two issues]
 	- irssi 0.8.15-1
 	TODO: check
 	NOTE: "The first [sec issue] being that Irssi didn't check hostname on SSL connections and the other being a hard to exploit remote crash bug."
 	NOTE: from www.irssi.org
-CVE-2010-1332
+CVE-2010-1332 (Cross-site scripting (XSS) vulnerability in PrettyBook PrettyFormMail ...)
 	NOT-FOR-US: PrettyBook PrettyFormMail
-CVE-2010-1331
+CVE-2010-1331 (SQL injection vulnerability in Heartlogic HL-SiteManager allows remote ...)
 	NOT-FOR-US: Heartlogic HL-SiteManager
 CVE-2010-1330
 	RESERVED
@@ -892,9 +892,9 @@
 	RESERVED
 CVE-2010-0994
 	RESERVED
-CVE-2010-0993
+CVE-2010-0993 (Unrestricted file upload vulnerability in Pulse CMS Basic 1.2.2 and ...)
 	NOT-FOR-US: Pulse CMS Basic
-CVE-2010-0992
+CVE-2010-0992 (Multiple cross-site request forgery (CSRF) vulnerabilities in Pulse ...)
 	NOT-FOR-US: Pulse CMS Basic
 CVE-2010-0991
 	RESERVED

More information about the Secure-testing-commits mailing list