[Secure-testing-commits] r15643 - data/CVE

Joey Hess joeyh at alioth.debian.org
Thu Dec 2 21:15:44 UTC 2010 

Author: joeyh
Date: 2010-12-02 21:15:39 +0000 (Thu, 02 Dec 2010)
New Revision: 15643

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-12-02 20:20:24 UTC (rev 15642)
+++ data/CVE/list	2010-12-02 21:15:39 UTC (rev 15643)
@@ -1,3 +1,35 @@
+CVE-2010-4366 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+	TODO: check
+CVE-2010-4365 (SQL injection vulnerability in JE Ajax Event Calendar ...)
+	TODO: check
+CVE-2010-4364 (DaDaBIK 4.3 beta3, when running in a case-sensitive environment, does ...)
+	TODO: check
+CVE-2010-4363 (Multiple SQL injection vulnerabilities in contact.php in MRCGIGUY ...)
+	TODO: check
+CVE-2010-4362 (Multiple SQL injection vulnerabilities in MicroNetsoft RV Dealer ...)
+	TODO: check
+CVE-2010-4361 (Cross-site scripting (XSS) vulnerability in url-gateway.php in ...)
+	TODO: check
+CVE-2010-4360 (Multiple SQL injection vulnerabilities in index.php in Jurpopage 0.2.0 ...)
+	TODO: check
+CVE-2010-4359 (SQL injection vulnerability in index.php in Jurpopage 0.2.0 allows ...)
+	TODO: check
+CVE-2010-4358 (Multiple cross-site scripting (XSS) vulnerabilities in gb.cgi in ...)
+	TODO: check
+CVE-2010-4357 (SQL injection vulnerability in comments.php in SiteEngine 7.1 allows ...)
+	TODO: check
+CVE-2010-4356 (SQL injection vulnerability in news_default.asp in Site2Nite Big Truck ...)
+	TODO: check
+CVE-2010-4355 (Cross-site scripting (XSS) vulnerability in DaDaBIK before 4.3 beta2, ...)
+	TODO: check
+CVE-2009-5019 (Web Wiz NewsPad stores sensitive information under the web root with ...)
+	TODO: check
+CVE-2008-7269 (Open redirect vulnerability in api.php in SiteEngine 5.x allows ...)
+	TODO: check
+CVE-2008-7268 (The phpinfo function in SiteEngine 5.x allows remote attackers to ...)
+	TODO: check
+CVE-2008-7267 (SQL injection vulnerability in announcements.php in SiteEngine 5.x ...)
+	TODO: check
 CVE-2010-XXXX [elfsign uses cryptographically weak md5 hashes]
 	- elfsign <unfixed> (low; bug #555668)
 	[lenny] - elfsign <no-dsa> (a stronger hashing algorithm would completely change functionality of the package)

More information about the Secure-testing-commits mailing list