[Git][security-tracker-team/security-tracker][master] Adjust some older Textpattern CMS entries

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Dec 28 08:38:32 GMT 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8f39ad41 by Salvatore Bonaccorso at 2023-12-28T09:38:03+01:00
Adjust some older Textpattern CMS entries

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -23587,7 +23587,7 @@ CVE-2023-38044 (Improper Neutralization of Special Elements used in an SQL Comma
 CVE-2023-36499 (Netgear XR300 v1.0.3.78 was discovered to contain multiple buffer over ...)
 	NOT-FOR-US: Netgear
 CVE-2023-36220 (Directory Traversal vulnerability in Textpattern CMS v4.8.8 allows a r ...)
-	NOT-FOR-US: Textpattern CMS
+	- textpattern <removed>
 CVE-2023-36054 (lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 an ...)
 	{DLA-3626-1}
 	- krb5 1.20.1-3 (bug #1043431)
@@ -150237,7 +150237,7 @@ CVE-2021-44084
 CVE-2021-44083
 	RESERVED
 CVE-2021-44082 (textpattern 4.8.7 is vulnerable to Cross Site Scripting (XSS) via /tex ...)
-	NOT-FOR-US: Textpattern CMS
+	- textpattern <removed>
 CVE-2021-44081 (A buffer overflow vulnerability exists in the AMF of open5gs 2.1.4. Wh ...)
 	NOT-FOR-US: Open5GS
 CVE-2021-44080 (A Command Injection vulnerability in httpd web server (setup.cgi) in S ...)
@@ -162881,7 +162881,7 @@ CVE-2021-40660 (An issue was discovered in Delight Nashorn Sandbox 0.2.0. There
 CVE-2021-40659
 	RESERVED
 CVE-2021-40658 (Textpattern 4.8.7 is affected by a HTML injection vulnerability throug ...)
-	NOT-FOR-US: Textpattern CMS
+	- textpattern <removed>
 CVE-2021-40657
 	RESERVED
 CVE-2021-40656 (libsixel before 1.10 is vulnerable to Buffer Overflow in libsixel/src/ ...)
@@ -162927,7 +162927,7 @@ CVE-2021-40644 (An SQL Injection vulnerability exists in oasys oa_system as of 9
 CVE-2021-40643 (EyesOfNetwork before 07-07-2021 has a Remote Code Execution vulnerabil ...)
 	NOT-FOR-US: EyesOfNetwork (EON)
 CVE-2021-40642 (Textpattern CMS v4.8.7 and older vulnerability exists through Sensitiv ...)
-	NOT-FOR-US: Textpattern CMS
+	- textpattern <removed>
 CVE-2021-40641
 	RESERVED
 CVE-2021-40640
@@ -189822,7 +189822,7 @@ CVE-2021-30211 (Knowage Suite 7.3 is vulnerable to Stored Cross-Site Scripting (
 CVE-2021-30210
 	RESERVED
 CVE-2021-30209 (Textpattern V4.8.4 contains an arbitrary file upload vulnerability whe ...)
-	NOT-FOR-US: Textpattern CMS
+	- textpattern <removed>
 CVE-2021-30208
 	RESERVED
 CVE-2021-30207
@@ -195617,9 +195617,9 @@ CVE-2021-28004
 CVE-2021-28003
 	RESERVED
 CVE-2021-28002 (A persistent cross-site scripting vulnerability was discovered in the  ...)
-	NOT-FOR-US: Textpattern CMS
+	- textpattern <removed>
 CVE-2021-28001 (A cross-site scripting vulnerability was discovered in the Comments pa ...)
-	NOT-FOR-US: Textpattern CMS
+	- textpattern <removed>
 CVE-2021-28000 (A persistent cross-site scripting vulnerability was discovered in Loca ...)
 	NOT-FOR-US: Local Services Search Engine Management System Project
 CVE-2021-27999 (A SQL injection vulnerability was discovered in the editid parameter i ...)
@@ -212254,7 +212254,7 @@ CVE-2020-35856 (SolarWinds Orion Platform before 2020.2.5 allows stored XSS atta
 CVE-2020-35855
 	RESERVED
 CVE-2020-35854 (Textpattern 4.8.4 is affected by cross-site scripting (XSS) in the Bod ...)
-	NOT-FOR-US: Textpattern CMS
+	- textpattern <removed>
 CVE-2020-35853 (4images Image Gallery Management System 1.7.11 is affected by cross-si ...)
 	NOT-FOR-US: 4images Image Gallery Management System
 CVE-2020-35852 (Chatbox is affected by cross-site scripting (XSS). An attacker has to  ...)
@@ -220412,7 +220412,7 @@ CVE-2020-29460
 CVE-2020-29459
 	RESERVED
 CVE-2020-29458 (Textpattern CMS 4.6.2 allows CSRF via the prefs subsystem.)
-	NOT-FOR-US: Textpattern CMS
+	- textpattern <removed>
 CVE-2020-29457 (A Privilege Elevation vulnerability in OPC UA .NET Standard Stack 1.4. ...)
 	NOT-FOR-US: OPC UA .NET
 CVE-2020-29456 (Multiple cross-site scripting (XSS) vulnerabilities in Papermerge befo ...)
@@ -238935,7 +238935,7 @@ CVE-2020-23241 (Cross Site Scripting (XSS) vulnerability in CMS Made Simple 2.2.
 CVE-2020-23240 (Cross Site Scripting (XSS) vulnerablity in CMS Made Simple 2.2.14 via  ...)
 	NOT-FOR-US: CMS Made Simple
 CVE-2020-23239 (Cross Site Scripting (XSS) vulnerability in Textpattern CMS 4.8.1 via  ...)
-	NOT-FOR-US: Textpattern CMS
+	- textpattern <removed>
 CVE-2020-23238 (Cross Site Scripting (XSS) vulnerability in Evolution CMS 2.0.2 via th ...)
 	NOT-FOR-US: Evolution CMS
 CVE-2020-23237
@@ -246994,7 +246994,7 @@ CVE-2020-19512
 CVE-2020-19511 (Cross Site Scriptiong vulnerability in Typesetter 5.1 via the !1) clas ...)
 	NOT-FOR-US: Typesetter CMS
 CVE-2020-19510 (Textpattern 4.7.3 contains an aribtrary file load via the file_insert  ...)
-	NOT-FOR-US: Textpattern CMS
+	- textpattern <removed>
 CVE-2020-19509
 	RESERVED
 CVE-2020-19508



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8f39ad410c9d53945c42a6328bfbb0f0ac9d70f5

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8f39ad410c9d53945c42a6328bfbb0f0ac9d70f5
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231228/9a4dd972/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list