Author: micah
Date: 2006-12-06 03:12:46 +0100 (Wed, 06 Dec 2006)
New Revision: 5077
Modified:
data/CVE/list
Log:
more NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-12-06 01:59:32 UTC (rev 5076)
+++ data/CVE/list 2006-12-06 02:12:46 UTC (rev 5077)
@@ -66,38 +66,38 @@
CVE-2006-6248 (index.php in GPhotos 1.5 allows remote attackers to obtain
sensitive ...)
TODO: check
CVE-2006-6247 (Multiple SQL injection vulnerabilities in Uapplication
UPhotoGallery ...)
- TODO: check
+ NOT-FOR-US: UPhotoGallery
CVE-2006-6246 (Photo Organizer 2.32b and earlier does not properly check the
...)
- TODO: check
+ NOT-FOR-US: Photo Organizer
CVE-2006-6245 (Multiple SQL injection vulnerabilities in Photo Organizer (PO)
2.32b ...)
- TODO: check
+ NOT-FOR-US: Photo Organizer
CVE-2006-6244 (Coalescent Systems freePBX (formerly Asterisk Management
Portal) ...)
- TODO: check
+ NOT-FOR-US: Coalescent Systems freePBX
CVE-2006-6243 (Multiple SQL injection vulnerabilities in index.asp in FipsSHOP
allow ...)
- TODO: check
+ NOT-FOR-US: FipsSHOP
CVE-2006-6242 (Multiple directory traversal vulnerabilities in Serendipity
1.0.3 and ...)
- serendipity 1.0.4-1 (unimportant; bug #401614)
NOTE: Only exploitable with register_globals
CVE-2006-6241 (Sorin Chitu Telnet-FTP Server 1.0 allows remote authenticated
users to ...)
- TODO: check
+ NOT-FOR-US: Sorin Chitu Telnet-FTP Server
CVE-2006-6240 (Directory traversal vulnerability in Sorin Chitu Telnet-FTP
Server 1.0 ...)
- TODO: check
+ NOT-FOR-US: Sorin Chitu Telnet-FTP Server
CVE-2006-6239 (webadmin in MailEnable NetWebAdmin Profession 2.32 and
Enterprise 2.32 ...)
TODO: MailEnable NetWebAdmin
CVE-2006-6238 (The AutoFill feature in Apple Safari 2.0.4 does not properly
verify ...)
- TODO: check
+ NOT-FOR-US: Apple Safari
CVE-2006-6237 (SQL injection vulnerability in the decode_cookie function in
...)
- TODO: check
+ NOT-FOR-US: Woltlab Burning Board Lite
CVE-2006-6236 (Adobe Reader (Adobe Acrobat Reader) 7.0 through 7.0.8 allows
remote ...)
TODO: check
CVE-2006-6235
RESERVED
CVE-2006-6234 (Multiple SQL injection vulnerabilities in the Content module in
...)
- TODO: check
+ NOT-FOR-US: PHP-Nuke
CVE-2006-6233 (SQL injection vulnerability in the Downloads module for unknown
...)
- TODO: check
+ NOT-FOR-US: PostNuke
CVE-2006-6232 (PHP remote file inclusion vulnerability in admin/index.php in
...)
- TODO: check
+ NOT-FOR-US: DreamAccount
CVE-2006-6231 (vuBB 0.2.1 and earlier allows remote attackers to obtain
sensitive ...)
NOT-FOR-US: VuBB
CVE-2006-6230 (SQL injection vulnerability in vuBB 0.2.1 and earlier allows
remote ...)
@@ -111,9 +111,9 @@
CVE-2006-6226 (Multiple format string vulnerabilities in NeoEngine 0.8.2 and
earlier, ...)
NOT-FOR-US: NeoEngine
CVE-2006-6225 (Multiple PHP remote file inclusion vulnerabilities in GeekLog
1.4 ...)
- TODO: check
+ NOT-FOR-US: GeekLog
CVE-2006-6224 (PHP remote file inclusion vulnerability in the installation
scripts in ...)
- TODO: check
+ NOT-FOR-US: Puntal
CVE-2006-6223 (Cross-site scripting (XSS) vulnerability in Google Search
Appliance ...)
NOT-FOR-US: Google Search Appliance
CVE-2006-6222
@@ -121,39 +121,39 @@
CVE-2006-6221
RESERVED
CVE-2006-6220 (Multiple SQL injection vulnerabilities in Recipes Website
(Recipes ...)
- TODO: check
+ NOT-FOR-US: Recipes Complete Website
CVE-2006-6219 (Multiple cross-site scripting (XSS) vulnerabilities in
index.php in ...)
- TODO: check
+ NOT-FOR-US: dev4u CMS
CVE-2006-6218 (Multiple SQL injection vulnerabilities in index.php in dev4u
CMS allow ...)
- TODO: check
+ NOT-FOR-US: dev4u CMS
CVE-2006-6217 (PHP remote file inclusion vulnerability in formdisp.php in the
Mermaid ...)
- TODO: check
+ NOT-FOR-US: Mermaid module for PHP-NUKE
CVE-2006-6216 (SQL injection vulnerability in admin_hacks_list.php in the
Nivisec ...)
- TODO: check
+ NOT-FOR-US: Nivisec Hacks List
CVE-2006-6215 (Multiple SQL injection vulnerabilities in Wallpaper Website
(Wallpaper ...)
- TODO: check
+ NOT-FOR-US: Wallpaper Complete Website
CVE-2006-6214 (SQL injection vulnerability in wallpaper.php in Wallpaper
Website ...)
- TODO: check
+ NOT-FOR-US: Wallpaper Complete Website
CVE-2006-6213 (index.php in PEGames uses the extract function to overwrite
critical ...)
- TODO: check
+ NOT-FOR-US: PEGames
CVE-2006-6212 (PHP remote file inclusion vulnerability in centre.php in Site
News ...)
TODO: check
CVE-2006-6211 (Multiple cross-site scripting (XSS) vulnerabilities in BirdBlog
1.4.0 ...)
- TODO: check
+ NOT-FOR-US: BirdBlog
CVE-2006-6210 (SQL injection vulnerability in listpics.asp in ASP ListPics 5.0
allows ...)
- TODO: check
+ NOT-FOR-US: ASP ListPics
CVE-2006-6209 (Multiple SQL injection vulnerabilities in MidiCart ASP Shopping
Cart ...)
- TODO: check
+ NOT-FOR-US: MidiCart ASP Shopping Cart
CVE-2006-6208 (Multiple SQL injection vulnerabilities in Enthrallweb
eClassifieds ...)
- TODO: check
+ NOT-FOR-US: Enthreallweb eClassifieds
CVE-2006-6207 (SQL injection vulnerability in products.asp in Evolve shopping
cart ...)
- TODO: check
+ NOT-FOR-US: Evolve Merchant
CVE-2006-6206 (SQL injection vulnerability in item.asp in WarHound General
Shopping ...)
- TODO: check
+ NOT-FOR-US: WarHound General Shopping Cart
CVE-2006-6205 (Multiple cross-site scripting (XSS) vulnerabilities in
result.asp in ...)
- TODO: check
+ NOT-FOR-US: Enthrallweb eHomes
CVE-2006-6204 (Multiple SQL injection vulnerabilities in Enthrallweb eHomes
allow ...)
- TODO: check
+ NOT-FOR-US: Enthrallweb eHomes
CVE-2006-6203 (Directory traversal vulnerability in startdown.php in the
Flyspray ME ...)
TODO: check
CVE-2006-6202 (PHP remote file inclusion vulnerability in
modules/NukeAI/util.php in ...)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
