[Secure-testing-commits] r38704 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2016-01-04 21:26:40 +0000 (Mon, 04 Jan 2016)
New Revision: 38704

Modified:
   data/CVE/list
Log:
Add another cacti issue, not the same as CVE-2015-8377

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-01-04 21:10:11 UTC (rev 38703)
+++ data/CVE/list	2016-01-04 21:26:40 UTC (rev 38704)
@@ -1,3 +1,6 @@
+CVE-2015-XXXX [SQL Injection in graphs_new.php]
+	- cacti <unfixed>
+	NOTE: http://bugs.cacti.net/view.php?id=2652
 CVE-2016-1282
 	RESERVED
 CVE-2016-1281
@@ -3674,7 +3677,6 @@
 	{DLA-374-1}
 	- cacti <unfixed>
 	NOTE: http://seclists.org/fulldisclosure/2015/Dec/att-57/cacti_sqli%281%29.txt
-	NOTE: http://bugs.cacti.net/view.php?id=2652
 CVE-2015-XXXX [Avoid unbounded SFTP extended attribute key/values]
 	- proftpd-dfsg <unfixed>
 	[squeeze] - proftpd-dfsg <not-affected> (Vulerable code not present)