[Secure-testing-commits] r3860 - data/CVE

Sun, 23 Apr 2006 07:14:19 -0700 

Author: micah
Date: 2006-04-23 14:13:41 +0000 (Sun, 23 Apr 2006)
New Revision: 3860

Modified:
   data/CVE/list
Log:
NFUs and two issues in Mambo


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2006-04-23 13:24:05 UTC (rev 3859)
+++ data/CVE/list       2006-04-23 14:13:41 UTC (rev 3860)
@@ -1,51 +1,51 @@
 CVE-2006-XXXX [moinmoin XSS]
        - moin 1.5.3-1
 CVE-2006-1976 (Cross-site scripting (XSS) vulnerability in addRequest.php in 
Prayer ...)
-       TODO: check
+       NOT-FOR-US: Prayer Request Board
 CVE-2006-1975 (Cross-site scripting (XSS) vulnerability in 
guestbook_newentry.php in ...)
-       TODO: check
+       NOT-FOR-US: PHP-Gastebuch
 CVE-2006-1974 (SQL injection vulnerability in index.php in MyBB 
(MyBulletinBoard) ...)
-       TODO: check
+       NOT-FOR-US: MyBB
 CVE-2006-1973 (Multiple unspecified vulnerabilities in Linksys RT31P2 VoIP 
router ...)
-       TODO: check
+       NOT-FOR-US: Linksys router
 CVE-2006-1972 (Cross-site scripting (XSS) vulnerability in EasyGallery.php in 
Wingnut ...)
-       TODO: check
+       NOT-FOR-US: EasyGallery
 CVE-2006-1971 (Cross-site scripting (XSS) vulnerability in login.php in 
KRANKIKOM ...)
-       TODO: check
+       NOT-FOR-US: KRANKIKOM ContentBoxX
 CVE-2006-1970 (Cross-site scripting (XSS) vulnerability in 
classifieds/viewcat.cgi in ...)
-       TODO: check
+       NOT-FOR-US: KCScripts Classifieds
 CVE-2006-1969 (Cross-site scripting (XSS) vulnerability in search/search.cgi 
in an ...)
-       TODO: check
+       NOT-FOR-US: KCScripts
 CVE-2006-1968 (Cross-site scripting (XSS) vulnerability in news/NsVisitor.cgi 
in ...)
-       TODO: check
+       NOT-FOR-US: KCScripts
 CVE-2006-1967 (Cross-site scripting (XSS) vulnerability in 
calendar/Visitor.cgi in ...)
-       TODO: check
+       NOT-FOR-US: KCScripts
 CVE-2006-1966 (An unspecified Fortinet product, possibly Fortinet28, allows 
remote ...)
-       TODO: check
+       NOT-FOR-US: Fortinet
 CVE-2006-1965 (Multiple cross-site scripting (XSS) vulnerabilities in aasi 
media Net ...)
-       TODO: check
+       NOT-FOR-US: Net Clubs Pro
 CVE-2006-1964 (SQL injection vulnerability in Haberler.asp in ASPSitem 1.83 
and ...)
-       TODO: check
+       NOT-FOR-US: ASPSitem
 CVE-2006-1963 (Directory traversal vulnerability in main.php in PCPIN Chat 
5.0.4 and ...)
-       TODO: check
+       NOT-FOR-US: PCPIN Chat
 CVE-2006-1962 (SQL injection vulnerability in PCPIN Chat 5.0.4 and earlier 
allows ...)
-       TODO: check
+       NOT-FOR-US: PCPIN Chat
 CVE-2006-1961 (Cisco CiscoWorks Wireless LAN Solution Engine (WLSE) and WLSE 
Express ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2006-1960 (Cross-site scripting (XSS) vulnerability in the appliance web 
user ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2006-1959 (PHP remote file inclusion vulnerability in direct.php in 
ActualScripts ...)
-       TODO: check
+       NOT-FOR-US: ActualScripts ActualAnalyzer Lite
 CVE-2006-1958 (Multiple SQL injection vulnerabilities in WWWThreads RC 3 allow 
remote ...)
-       TODO: check
+       NOT-FOR-US: WWWThreads
 CVE-2006-1957 (The com_rss option (rss.php) in (1) Mambo and (2) Joomla! 
allows ...)
-       TODO: check
+        - mambo <unfixed> (bug #233014; medium)
 CVE-2006-1956 (The com_rss option (rss.php) in (1) Mambo and (2) Joomla! 
allows ...)
-       TODO: check
+       - mambo <unfixed> (bug #233014; medium)
 CVE-2006-1955 (PHP remote file inclusion vulnerability in authent.php4 in 
Nicolas ...)
-       TODO: check
+       NOT-FOR-US: RechnungsZentrale
 CVE-2006-1954 (SQL injection vulnerability in authent.php4 in Nicolas Fischer 
(aka ...)
-       TODO: check
+       NOT-FOR-US: RechnungsZentrale
 CVE-2006-1953
        RESERVED
 CVE-2006-1952


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

Reply via email to