Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 172dabaf by Salvatore Bonaccorso at 2018-10-20T08:53:57Z Process NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -13,11 +13,11 @@ CVE-2018-18533 CVE-2018-18532 RESERVED CVE-2018-18531 (text/impl/DefaultTextCreator.java, text/impl/ChineseTextProducer.java, ...) - TODO: check + NOT-FOR-US: kaptcha CVE-2018-18530 (ThinkPHP 5.1.25 has SQL Injection via the count parameter because the ...) - TODO: check + NOT-FOR-US: ThinkPHP CVE-2018-18529 (ThinkPHP 3.2.4 has SQL Injection via the count parameter because the ...) - TODO: check + NOT-FOR-US: ThinkPHP CVE-2018-18528 RESERVED CVE-2018-18527 (OwnTicket 2018-05-23 allows SQL Injection via the showTicketId or ...) @@ -273,7 +273,7 @@ CVE-2018-18430 (An issue was discovered in DESTOON B2B 7.0. admin\setting.inc.ph CVE-2018-18429 RESERVED CVE-2018-18428 (TP-Link TL-SC3130 1.6.18P12_121101 devices allow unauthenticated RTSP ...) - TODO: check + NOT-FOR-US: TP-Link CVE-2018-18427 (s-cms 3.0 allows SQL Injection via the member/post.php 0_id parameter ...) NOT-FOR-US: s-cms CVE-2018-18426 (s-cms 3.0 allows remote attackers to execute arbitrary PHP code by ...) @@ -289,15 +289,15 @@ CVE-2018-18422 (UsualToolCMS 8.0 allows CSRF for adding a user account via the . CVE-2018-18421 RESERVED CVE-2018-18420 (Cross-Site Request Forgery (CSRF) vulnerability was discovered in the ...) - TODO: check + NOT-FOR-US: Zenario Content Management System CVE-2018-18419 (Stored XSS has been discovered in the upload section of ARDAWAN.COM ...) - TODO: check + NOT-FOR-US: ARDAWAN.COM User Management CVE-2018-18418 RESERVED CVE-2018-18417 (In the 3.1 version of Ekushey Project Manager CRM, Stored XSS has been ...) - TODO: check + NOT-FOR-US: Ekushey Project Manager CRM CVE-2018-18416 (LANGO Codeigniter Multilingual Script 1.0 has XSS in the input and ...) - TODO: check + NOT-FOR-US: LANGO Codeigniter Multilingual Scrip CVE-2018-18415 RESERVED CVE-2018-18414 @@ -385,7 +385,7 @@ CVE-2018-18382 (Advanced HRM 1.6 allows Remote Code Execution via PHP code in a CVE-2018-18381 (Z-BlogPHP 1.5.2.1935 (Zero) has a stored XSS Vulnerability in ...) NOT-FOR-US: Z-BlogPHP CVE-2018-18380 (A Session Fixation issue was discovered in Bigtree. admin.php accepts ...) - TODO: check + NOT-FOR-US: Bigtree CMS CVE-2018-18379 RESERVED CVE-2018-18378 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/172dabaf348fa9cfc08af5ab8029b7857025ea63 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/172dabaf348fa9cfc08af5ab8029b7857025ea63 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits