[Secure-testing-commits] r20346 - data/CVE
Thijs Kinkhorst
thijs at alioth.debian.org
Sun Oct 14 13:33:39 UTC 2012
Author: thijs
Date: 2012-10-14 13:33:39 +0000 (Sun, 14 Oct 2012)
New Revision: 20346
Modified:
data/CVE/list
Log:
nfu
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-10-14 11:03:52 UTC (rev 20345)
+++ data/CVE/list 2012-10-14 13:33:39 UTC (rev 20346)
@@ -152,85 +152,85 @@
CVE-2012-5316 (Multiple cross-site scripting (XSS) vulnerabilities in Barracuda Spam ...)
NOT-FOR-US: Barracuda
CVE-2012-5315 (Multiple cross-site scripting (XSS) vulnerabilities in php ireport 1.0 ...)
- TODO: check
+ NOT-FOR-US: iReport
CVE-2012-5314 (Cross-site scripting (XSS) vulnerability in ViewGit 0.0.6 and earlier ...)
- TODO: check
+ NOT-FOR-US: ViewGit
CVE-2012-5313 (SQL injection vulnerability in forum.asp in Snitz Forums 2000 allows ...)
- TODO: check
+ NOT-FOR-US: Snitz Forums
CVE-2012-5312 (SQL injection vulnerability in Tribiq CMS allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: Tribiq CMS
CVE-2012-5311 (Buffer overflow in the VSFlex7.VSFlexGrid ActiveX control in ...)
- TODO: check
+ NOT-FOR-US: VSFlex7.VSFlexGrid
CVE-2012-5310 (SQL injection vulnerability in the WP e-Commerce plugin before 3.8.7.6 ...)
- TODO: check
+ NOT-FOR-US: WP e-Commerce plugin
CVE-2012-5309 (servlet/traveler in IBM Lotus Notes Traveler through 8.5.3.3 Interim ...)
- TODO: check
+ NOT-FOR-US: Lotus Notes
CVE-2012-5308 (Cross-site request forgery (CSRF) vulnerability in servlet/traveler in ...)
- TODO: check
+ NOT-FOR-US: Lotus Notes
CVE-2012-5307 (Cross-site scripting (XSS) vulnerability in servlet/traveler in IBM ...)
- TODO: check
+ NOT-FOR-US: Lotus Notes
CVE-2012-5306 (Stack-based buffer overflow in the SelectDirectory method in ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2012-5305 (Cross-site scripting (XSS) vulnerability in CMD_DOMAIN in JBMC ...)
- TODO: check
+ NOT-FOR-US: DirectAdmin
CVE-2012-5304 (Static code injection vulnerability in administration/install.php in ...)
- TODO: check
+ NOT-FOR-US: YVS
CVE-2012-5303 (Monkey HTTP Daemon 0.9.3 might allow local users to overwrite ...)
- TODO: check
+ - monkey <removed> (unimportant)
CVE-2012-5302
RESERVED
CVE-2011-5208 (Multiple directory traversal vulnerabilities in the BackWPup plugin ...)
- TODO: check
+ NOT-FOR-US: BackWPup
CVE-2010-5279 (article.php in Virtual War (aka VWar) 1.6.1 R2 allows remote attackers ...)
- TODO: check
+ NOT-FOR-US: VWar
CVE-2010-5278 (Directory traversal vulnerability in ...)
- TODO: check
+ NOT-FOR-US: MODx Revolution
CVE-2010-5277 (Unspecified vulnerability in the Views Bulk Operations module 6 before ...)
- TODO: check
+ NOT-FOR-US: Drupal Views Bulk Operations
CVE-2010-5276 (The Memcache module 5.x before 5.x-1.10 and 6.x before 6.x-1.6 for ...)
- TODO: check
+ NOT-FOR-US: Drupal Memcache
CVE-2010-5275 (Cross-site scripting (XSS) vulnerability in memcache_admin in the ...)
- TODO: check
+ NOT-FOR-US: Drupal Memcache
CVE-2012-XXXX [python-keyring: CryptedFileKeyring is insecure]
- python-keyring 0.9.2-1 (bug #675379)
CVE-2012-5301 (The default configuration of Cerberus FTP Server before 5.0.4.0 ...)
- TODO: check
+ NOT-FOR-US: Cerberus
CVE-2012-5300 (SQL injection vulnerability in art_catalogo.php in MyStore Xpress ...)
- TODO: check
+ NOT-FOR-US: MyStore Xpress
CVE-2012-5299 (Mavili Guestbook, as released in November 2007, allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: Mavili Guestbook
CVE-2012-5298 (Mavili Guestbook, as released in November 2007, stores guestbook.mdb under ...)
- TODO: check
+ NOT-FOR-US: Mavili Guestbook
CVE-2012-5297 (SQL injection vulnerability in edit.asp in Mavili Guestbook, as ...)
- TODO: check
+ NOT-FOR-US: Mavili Guestbook
CVE-2012-5296 (Multiple cross-site scripting (XSS) vulnerabilities in Mavili ...)
- TODO: check
+ NOT-FOR-US: Mavili Guestbook
CVE-2012-5295 (Cross-site scripting (XSS) vulnerability in login.cfm in FuseTalk ...)
- TODO: check
+ NOT-FOR-US: FuseTalk
CVE-2012-5294 (SQL injection vulnerability in art_detalle.php in MyStore Xpress ...)
- TODO: check
+ NOT-FOR-US: MyStore Xpress
CVE-2012-5293 (Multiple PHP remote file inclusion vulnerabilities in SAPID CMS 1.2.3 ...)
- TODO: check
+ NOT-FOR-US: SAPID CMS
CVE-2012-5292 (Multiple SQL injection vulnerabilities in Atar2b CMS 4.0.1 allow ...)
- TODO: check
+ NOT-FOR-US: Atar2b
CVE-2012-5291 (SQL injection vulnerability in team.php in Posse Softball Director CMS ...)
- TODO: check
+ NOT-FOR-US: Posse Softball Director
CVE-2012-5290 (Multiple SQL injection vulnerabilities in EasyWebRealEstate allow ...)
- TODO: check
+ NOT-FOR-US: EasyWebRealEstate
CVE-2012-5289 (Multiple SQL injection vulnerabilities in Plogger 1.0 RC1 allow remote ...)
- TODO: check
+ NOT-FOR-US: Plogger
CVE-2012-5288 (SQL injection vulnerability in page.php in phpMyDirectory 1.3.3 allows ...)
- TODO: check
+ NOT-FOR-US: phpMyDirectory
CVE-2011-5207 (Cross-site scripting (XSS) vulnerability in admin/OptionsPostsList.php ...)
- TODO: check
+ NOT-FOR-US: WP TheCartPress
CVE-2011-5206 (Cross-site scripting (XSS) vulnerability in notes.php in Rapidleech ...)
- TODO: check
+ NOT-FOR-US: Rapidleech
CVE-2011-5205 (Cross-site scripting (XSS) vulnerability in audl.php in Rapidleech 2.3 ...)
- TODO: check
+ NOT-FOR-US: Rapidleech
CVE-2011-5204 (Akiva WebBoard 8.x stores passwords in plaintext, which allows local ...)
- TODO: check
+ NOT-FOR-US: Akiva WebBoard
CVE-2011-5203 (SQL injection vulnerability in WB/Default.asp in Akiva WebBoard before ...)
- TODO: check
+ NOT-FOR-US: Akiva WebBoard
CVE-2012-XXXX [gunicorn fails to drop supplemental groups]
- gunicorn 0.14.5-3 (low)
[squeeze] - gunicorn <no-dsa> (Minor issue)
@@ -346,27 +346,27 @@
CVE-2012-5234 (Open redirect vulnerability in index.php in ocPortal before 7.1.6 ...)
- ocportal <itp> (bug #625865)
CVE-2012-5233 (Cross-site scripting (XSS) vulnerability in the stickynote module ...)
- TODO: check
+ NOT-FOR-US: Drupal stickynote
CVE-2012-5232 (Cross-site scripting (XSS) vulnerability in the Quickl Form component ...)
- TODO: check
+ NOT-FOR-US: Joomla component
CVE-2012-5231 (miniCMS 1.0 and 2.0 allows remote attackers to execute arbitrary PHP ...)
- TODO: check
+ NOT-FOR-US: miniCMS
CVE-2012-5230 (Unspecified vulnerability in the JE Story Submit (com_jesubmit) ...)
- TODO: check
+ NOT-FOR-US: Joomla jesusmit
CVE-2012-5229 (Cross-site scripting (XSS) vulnerability in css/gallery-css.php in the ...)
- TODO: check
+ NOT-FOR-US: WP Gallery2
CVE-2012-5228 (Cross-site scripting (XSS) vulnerability in admin/index.php in phplist ...)
- TODO: check
+ NOT-FOR-US: phplist
CVE-2012-5227 (SQL injection vulnerability in administrer/tva.php in Peel SHOPPING ...)
- TODO: check
+ NOT-FOR-US: Peel Shopping
CVE-2012-5226 (Multiple cross-site scripting (XSS) vulnerabilities in Peel SHOPPING ...)
- TODO: check
+ NOT-FOR-US: Peel Shopping
CVE-2012-5225 (Cross-site scripting (XSS) vulnerability in webscr.php in xClick Cart ...)
- TODO: check
+ NOT-FOR-US: xClick
CVE-2012-5224 (PHP remote file inclusion vulnerability in ...)
- TODO: check
+ NOT-FOR-US: vbadvanced CMPS
CVE-2012-5223 (The proc_deutf function in includes/functions_vbseocp_abstract.php in ...)
- TODO: check
+ NOT-FOR-US: vBSEO
CVE-2012-5222
RESERVED
CVE-2012-5221
@@ -9530,7 +9530,7 @@
CVE-2012-1565 (Unspecified vulnerability in ez Publish 4.1.4, 4.2, 4.3, 4.4, 4.5, and ...)
NOT-FOR-US: eZ Publish
CVE-2012-1564 (Cross-site scripting (XSS) vulnerability in ...)
- TODO: check
+ NOT-FOR-US: YVS
CVE-2012-1563
RESERVED
NOT-FOR-US: Joomla!
More information about the Secure-testing-commits
mailing list