From 6d197200fc0dcbb8893e1af052711638be030474 Mon Sep 17 00:00:00 2001 From: Stefan Behte Date: Fri, 13 May 2011 11:45:18 +0000 Subject: bug numbers, NFU svn path=/; revision=2226 --- data/CVE/list | 124 +++++++++++++++++++++++++++++----------------------------- 1 file changed, 62 insertions(+), 62 deletions(-) diff --git a/data/CVE/list b/data/CVE/list index 39ac9ce..e2a3357 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -86090,7 +86090,7 @@ CVE-2010-0119 (Bournal before 1.4.1 on FreeBSD 8.0, when the -K option is used, CVE-2010-0120 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...) NOT-FOR-US: realnetworks realplayer_sp CVE-2010-0121 (The cook codec in RealNetworks RealPlayer 11.0 through 11.1, ...) - TODO: check + NOT-FOR-US: realnetworks realplayer_sp CVE-2010-0122 (Multiple SQL injection vulnerabilities in Employee Timeclock Software ...) NOT-FOR-US: timeclock software employee_timeclock_software CVE-2010-0123 (The database backup implementation in Employee Timeclock Software 0.99 ...) @@ -86098,7 +86098,7 @@ CVE-2010-0123 (The database backup implementation in Employee Timeclock Software CVE-2010-0124 (Employee Timeclock Software 0.99 places the database password on the ...) NOT-FOR-US: timeclock software employee_timeclock_software CVE-2010-0125 (RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through ...) - TODO: check + NOT-FOR-US: realnetworks realplayer_sp CVE-2010-0126 (Heap-based buffer overflow in an unspecified library in Autonomy ...) NOT-FOR-US: autonomy keyview_viewer_sdk CVE-2010-0127 (Adobe Shockwave Player before 11.5.7.609 allows remote attackers to ...) @@ -86301,7 +86301,7 @@ CVE-2010-0214 (The administrative interface on the PolyVision RoomWizard with .. CVE-2010-0215 (ActiveCollab before 2.3.2 allows remote authenticated users to bypass ...) NOT-FOR-US: a51dev activecollab CVE-2010-0216 (authenticate_ad_setup_finished.cfm in MediaCAST 8 and earlier allows ...) - TODO: check + NOT-FOR-US: inventivetec mediacast CVE-2010-0217 RESERVED CVE-2010-0218 (ISC BIND 9.7.2 through 9.7.2-P1 uses an incorrect ACL to restrict the ...) @@ -88886,7 +88886,7 @@ CVE-2010-1506 (The Google V8 bindings in Google Chrome before 4.1.249.1059 allow CVE-2010-1507 (WebYaST in yast2-webclient in SUSE Linux Enterprise (SLE) 11 on the ...) NOT-FOR-US: novell suse_linux CVE-2010-1508 (Heap-based buffer overflow in Apple QuickTime before 7.6.9 on Windows ...) - TODO: check + NOT-FOR-US: apple quicktime CVE-2010-1509 (IrfanView before 4.27 does not properly handle an unspecified integer ...) NOT-FOR-US: irfanview CVE-2010-1510 (Heap-based buffer overflow in IrfanView before 4.27 allows remote ...) @@ -89219,9 +89219,9 @@ CVE-2010-1672 CVE-2010-1673 RESERVED CVE-2010-1674 (The extended-community parser in bgpd in Quagga before 0.99.18 allows ...) - TODO: check + BUG: 359903 CVE-2010-1675 (bgpd in Quagga before 0.99.18 allows remote attackers to cause a ...) - TODO: check + BUG: 359903 CVE-2010-1676 (Heap-based buffer overflow in Tor before 0.2.1.28 and 0.2.2.x before ...) TODO: check CVE-2010-1677 (MHonArc 2.6.16 allows remote attackers to cause a denial of service ...) @@ -91051,11 +91051,11 @@ CVE-2010-2585 (Multiple buffer overflows in the RealPage Module Upload ActiveX . CVE-2010-2586 (Multiple integer overflows in in_nsv.dll in the in_nsv plugin in ...) NOT-FOR-US: nullsoft winamp CVE-2010-2587 (The dirapi.dll module in Adobe Shockwave Player before 11.5.9.620 ...) - TODO: check + NOT-FOR-US: adobe shockwave_player CVE-2010-2588 (The dirapi.dll module in Adobe Shockwave Player before 11.5.9.620 ...) - TODO: check + NOT-FOR-US: adobe shockwave_player CVE-2010-2589 (Integer overflow in the dirapi.dll module in Adobe Shockwave Player ...) - TODO: check + NOT-FOR-US: adobe shockwave_player CVE-2010-2590 (Heap-based buffer overflow in the ...) NOT-FOR-US: sap crystal_reports CVE-2010-2591 @@ -91399,7 +91399,7 @@ CVE-2010-2759 (Bugzilla 2.23.1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through CVE-2010-2760 (Use-after-free vulnerability in the nsTreeSelection function in ...) TODO: check CVE-2010-2761 (The multipart_init function in (1) CGI.pm before 3.50 and (2) ...) - TODO: check + NOT-FOR-US: andy_armstrong cgi pm CVE-2010-2762 (The XPCSafeJSObjectWrapper class in the SafeJSObjectWrapper (aka SJOW) ...) TODO: check CVE-2010-2763 (The XPCSafeJSObjectWrapper class in the SafeJSObjectWrapper (aka SJOW) ...) @@ -91463,7 +91463,7 @@ CVE-2010-2791 (mod_proxy in httpd in Apache HTTP Server 2.2.9, when running on U CVE-2010-2792 (Race condition in the SPICE (aka spice-xpi) plug-in 2.2 for Firefox ...) NOT-FOR-US: redhat spice xpi CVE-2010-2793 (Race condition in the SPICE (aka spice-activex) plug-in for Internet ...) - TODO: check + NOT-FOR-US: redhat spice activex CVE-2010-2794 (The SPICE (aka spice-xpi) plug-in 2.2 for Firefox allows local users ...) NOT-FOR-US: redhat spice xpi CVE-2010-2795 (phpCAS before 1.1.2 allows remote authenticated users to hijack ...) @@ -91862,13 +91862,13 @@ CVE-2010-2990 (Citrix Online Plug-in for Windows for XenApp & XenDesktop bef CVE-2010-2991 (The IICAClient interface in the ICAClient library in the ICA Client ...) NOT-FOR-US: citrix online_plug in_for_windows_for_xenapp_ _xendesktop CVE-2010-2992 (packet-gsm_a_rr.c in the GSM A RR dissector in Wireshark 1.2.2 through ...) - TODO: check + BUG: 330479 CVE-2010-2993 (The IPMI dissector in Wireshark 1.2.0 through 1.2.9 allows remote ...) - TODO: check + BUG: 330479 CVE-2010-2994 (Stack-based buffer overflow in the ASN.1 BER dissector in Wireshark ...) - TODO: check + BUG: 330479 CVE-2010-2995 (The SigComp Universal Decompressor Virtual Machine (UDVM) in Wireshark ...) - TODO: check + BUG: 330479 CVE-2010-2996 (Array index error in RealNetworks RealPlayer 11.0 through 11.1 on ...) NOT-FOR-US: realnetworks realplayer CVE-2010-2997 (Use-after-free vulnerability in RealNetworks RealPlayer 11.0 through ...) @@ -92399,13 +92399,13 @@ CVE-2010-3258 (The sandbox implementation in Google Chrome before 6.0.472.53 doe CVE-2010-3259 (WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, ...) TODO: check CVE-2010-3260 (oxf/xml/xerces/XercesSAXParserFactoryImpl.java in the xforms-server ...) - TODO: check + NOT-FOR-US: orbeon forms CVE-2010-3261 (Directory traversal vulnerability in RSA Authentication Agent 7.0 ...) NOT-FOR-US: rsa authentication_agent_for_web CVE-2010-3262 (Cross-site scripting (XSS) vulnerability in Flock Browser 3.x before ...) NOT-FOR-US: flock CVE-2010-3263 (Cross-site scripting (XSS) vulnerability in setup/frames/index.inc.php ...) - TODO: check + BUG: 336462 CVE-2010-3264 (The engine installer in Novell Identity Manager (aka IDM) 3.6.1 stores ...) NOT-FOR-US: novell identity_manager CVE-2010-3265 @@ -92580,7 +92580,7 @@ CVE-2010-3348 (Microsoft Internet Explorer 6, 7, and 8 does not prevent renderin CVE-2010-3349 (Ardour 2.8.11 places a zero-length directory name in the ...) BUG: 341567 CVE-2010-3350 (bareFTP 0.3.4 places a zero-length directory name in the ...) - TODO: check + NOT-FOR-US: fixed for long enough CVE-2010-3351 (startBristol in Bristol 0.60.5 places a zero-length directory name in ...) TODO: check CVE-2010-3352 @@ -93591,7 +93591,7 @@ CVE-2010-3852 (The default configuration of Luci 0.22.4 and earlier in Red Hat C CVE-2010-3853 (pam_namespace.c in the pam_namespace module in Linux-PAM (aka pam) ...) TODO: check CVE-2010-3854 (Multiple cross-site scripting (XSS) vulnerabilities in the web ...) - TODO: check + BUG: 353243 CVE-2010-3855 (Buffer overflow in the ft_var_readpackedpoints function in ...) TODO: check CVE-2010-3856 (ld.so in the GNU C Library (aka glibc or libc6) before 2.11.3, and ...) @@ -93800,7 +93800,7 @@ CVE-2010-3956 (The OpenType Font (OTF) driver in Microsoft Windows XP SP2 and SP CVE-2010-3957 (Double free vulnerability in the OpenType Font (OTF) driver in ...) NOT-FOR-US: microsoft windows_xp CVE-2010-3958 (The x86 JIT compiler in Microsoft .NET Framework 2.0 SP2, 3.5 SP1, ...) - TODO: check + NOT-FOR-US: microsoft windows_xp CVE-2010-3959 (The OpenType Font (OTF) driver in Microsoft Windows XP SP2 and SP3, ...) NOT-FOR-US: microsoft windows_xp CVE-2010-3960 (Hyper-V in Microsoft Windows Server 2008 Gold, SP2, and R2 allows ...) @@ -93832,7 +93832,7 @@ CVE-2010-3972 (Heap-based buffer overflow in the TELNET_STREAM_CONTEXT::OnSendDa CVE-2010-3973 (The WMITools ActiveX control in WBEMSingleView.ocx 1.50.1131.0 in ...) NOT-FOR-US: microsoft wmi_administrative_tools CVE-2010-3974 (fxscover.exe in the Fax Cover Page Editor in Microsoft Windows XP SP2 ...) - TODO: check + NOT-FOR-US: microsoft windows_xp CVE-2010-3975 (Untrusted search path vulnerability in Adobe Flash Player 9 allows ...) TODO: check CVE-2010-3976 (Untrusted search path vulnerability in Adobe Flash Player before ...) @@ -93852,7 +93852,7 @@ CVE-2010-3982 (SAP BusinessObjects Enterprise XI 3.2 allows remote attackers to CVE-2010-3983 (CmcApp in SAP BusinessObjects Enterprise XI 3.2 allows remote ...) NOT-FOR-US: sap businessobjects CVE-2010-3984 (Buffer overflow in mng_core_com.dll in CA XOsoft Replication r12.0 SP1 ...) - TODO: check + NOT-FOR-US: xosoft_replication CVE-2010-3985 (Cross-site scripting (XSS) vulnerability in HP Operations ...) NOT-FOR-US: hp operations_orchestration CVE-2010-3986 (Unspecified vulnerability in HP Virtual Connect Enterprise Manager ...) @@ -93902,7 +93902,7 @@ CVE-2010-4007 (Oracle Mojarra uses an encrypted View State without a Message ... CVE-2010-4008 (libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44, ...) TODO: check CVE-2010-4009 (Integer overflow in Apple QuickTime before 7.6.9 allows remote ...) - TODO: check + NOT-FOR-US: apple quicktime CVE-2010-4010 (Integer signedness error in Apple Type Services (ATS) in Apple Mac OS ...) NOT-FOR-US: apple mac_os_x_server CVE-2010-4011 (Dovecot in Apple Mac OS X 10.6.5 10H574 does not properly manage ...) @@ -94070,7 +94070,7 @@ CVE-2010-4091 (The EScript.api plugin in Adobe Reader and Acrobat 10.x before 10 CVE-2010-4092 (Use-after-free vulnerability in an unspecified compatibility component ...) NOT-FOR-US: adobe shockwave_player CVE-2010-4093 (Adobe Shockwave Player before 11.5.9.620 allows attackers to execute ...) - TODO: check + NOT-FOR-US: adobe shockwave_player CVE-2010-4094 (The Tomcat server in IBM Rational Quality Manager and Rational Test ...) NOT-FOR-US: ibm rational_test_lab_manager CVE-2010-4095 (Directory traversal vulnerability in the FTP client in Serengeti ...) @@ -94250,7 +94250,7 @@ CVE-2010-4181 (Directory traversal vulnerability in Yaws 1.89 allows remote atta CVE-2010-4182 (Untrusted search path vulnerability in the Data Access Objects (DAO) ...) NOT-FOR-US: microsoft windows_xp CVE-2010-4183 (Multiple cross-site scripting (XSS) vulnerabilities in HTML Purifier ...) - TODO: check + NOT-FOR-US: htmlpurifier CVE-2010-4184 (NetSupport Manager (NSM) before 11.00.0005 sends HTTP headers with ...) NOT-FOR-US: netsupportsoftware netsupport_manager CVE-2010-4185 (SQL injection vulnerability in index.php in Energine, possibly 2.3.8 ...) @@ -94343,7 +94343,7 @@ CVE-2010-4227 (The xdrDecodeString function in XNFS.NLM in Novell Netware 6.5 be CVE-2010-4228 (Stack-based buffer overflow in NWFTPD.NLM before 5.10.02 in the FTP ...) NOT-FOR-US: novell netware CVE-2010-4229 (Directory traversal vulnerability in an unspecified servlet in the ...) - TODO: check + NOT-FOR-US: novell zenworks_configuration_management CVE-2010-4230 (Stack-based buffer overflow in a certain ActiveX control for the ...) NOT-FOR-US: tecvoz cmnc 200 CVE-2010-4231 (Directory traversal vulnerability in the web-based administration ...) @@ -94355,7 +94355,7 @@ CVE-2010-4233 (The Linux installation on the Camtron CMNC-200 Full HD IP Camera CVE-2010-4234 (The web server on the Camtron CMNC-200 Full HD IP Camera and TecVoz ...) NOT-FOR-US: tecvoz cmnc 200 CVE-2010-4235 (Format string vulnerability in RealNetworks Helix Server 12.x, 13.x, ...) - TODO: check + NOT-FOR-US: realnetworks helix_server CVE-2010-4236 (Untrusted search path vulnerability in estaskwrapper in IBM OmniFind ...) NOT-FOR-US: ibm omnifind CVE-2010-4237 @@ -94415,7 +94415,7 @@ CVE-2010-4263 (The igb_receive_skb function in drivers/net/igb/igb_main.c in the CVE-2010-4264 RESERVED CVE-2010-4265 (The ...) - TODO: check + NOT-FOR-US: redhat jboss_remoting CVE-2010-4266 RESERVED CVE-2010-4267 (Stack-based buffer overflow in the hpmud_get_pml function in ...) @@ -94453,7 +94453,7 @@ CVE-2010-4282 (Multiple directory traversal vulnerabilities in Pandora FMS befor CVE-2010-4283 (PHP remote file inclusion vulnerability in extras/pandora_diag.php in ...) NOT-FOR-US: artica pandora_fms CVE-2010-4284 (SQL injection vulnerability in the authentication form in the ...) - TODO: check + NOT-FOR-US: samsung data_management_server CVE-2010-4285 RESERVED CVE-2010-4286 @@ -94567,7 +94567,7 @@ CVE-2010-4339 (Cross-site scripting (XSS) vulnerability in Hypermail 2.2.0 allow CVE-2010-4340 TODO: check CVE-2010-4341 (The pam_parse_in_data_v2 function in src/responder/pam/pamsrv_cmd.c in ...) - TODO: check + NOT-FOR-US: fedoraproject sssd CVE-2010-4342 (The aun_incoming function in net/econet/af_econet.c in the Linux ...) TODO: check CVE-2010-4343 (drivers/scsi/bfa/bfa_core.c in the Linux kernel before 2.6.35 does not ...) @@ -94671,7 +94671,7 @@ CVE-2010-4391 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 throug CVE-2010-4392 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...) NOT-FOR-US: realnetworks realplayer_sp CVE-2010-4393 (Heap-based buffer overflow in vidplin.dll in RealNetworks RealPlayer ...) - TODO: check + NOT-FOR-US: realnetworks realplayer_sp CVE-2010-4394 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...) NOT-FOR-US: realnetworks realplayer_sp CVE-2010-4395 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...) @@ -94705,9 +94705,9 @@ CVE-2010-4408 (Apache Archiva 1.0 through 1.0.3, 1.1 through 1.1.4, 1.2 through CVE-2010-4409 (Integer overflow in the NumberFormatter::getSymbol (aka ...) TODO: check CVE-2010-4410 (CRLF injection vulnerability in the header function in (1) CGI.pm ...) - TODO: check + NOT-FOR-US: andy_armstrong cgi pm CVE-2010-4411 (Unspecified vulnerability in CGI.pm 3.50 and earlier allows remote ...) - TODO: check + NOT-FOR-US: andy_armstrong cgi pm CVE-2010-4412 (Multiple cross-site scripting (XSS) vulnerabilities in pfSense 2 beta ...) NOT-FOR-US: bsdperimeter pfsense CVE-2010-4413 (Unspecified vulnerability in the Scheduler Agent component in Oracle ...) @@ -94875,7 +94875,7 @@ CVE-2010-4493 (Use-after-free vulnerability in Google Chrome before 8.0.552.215 CVE-2010-4494 (Double free vulnerability in libxml2 2.7.8 and other versions, as used ...) TODO: check CVE-2010-4495 (Unspecified vulnerability in the ActiveMatrix Runtime component in ...) - TODO: check + NOT-FOR-US: tibco silver_cap_service CVE-2010-4496 (Multiple SQL injection vulnerabilities in Collaborative Information ...) NOT-FOR-US: tibco collaborative_information_manager CVE-2010-4497 (Cross-site scripting (XSS) vulnerability in Collaborative Information ...) @@ -94963,7 +94963,7 @@ CVE-2010-4536 (Multiple cross-site scripting (XSS) vulnerabilities in KSES, as u CVE-2010-4537 (Unspecified vulnerability in CrawlTrack before 3.2.7, when a public ...) NOT-FOR-US: crawltrack CVE-2010-4538 (Buffer overflow in the sect_enttec_dmx_da function in ...) - TODO: check + BUG: 350551 CVE-2010-4539 (The walk function in repos.c in the mod_dav_svn module for the Apache ...) TODO: check CVE-2010-4540 (Stack-based buffer overflow in the load_preset_response function in ...) @@ -95079,7 +95079,7 @@ CVE-2010-4594 (The Connection Manager in IBM Lotus Mobile Connect before 6.1.4, CVE-2010-4595 (The Connection Manager in IBM Lotus Mobile Connect before 6.1.4 ...) NOT-FOR-US: ibm lotus_mobile_connect CVE-2010-4596 (Stack-based buffer overflow in RealNetworks Helix Server 12.x, 13.x, ...) - TODO: check + NOT-FOR-US: realnetworks helix_server CVE-2010-4597 (Stack-based buffer overflow in the save method in the ...) NOT-FOR-US: ecava integraxor CVE-2010-4598 (Directory traversal vulnerability in Ecava IntegraXor 3.6.4000.0 and ...) @@ -95379,15 +95379,15 @@ CVE-2010-4744 (Multiple unspecified vulnerabilities in abcm2ps before 5.9.13 hav CVE-2010-4745 (Cross-site scripting (XSS) vulnerability in nav.html in PHPXref before ...) NOT-FOR-US: gareth_watts phpxref CVE-2010-4746 (Multiple memory leaks in the normalization functionality in 389 ...) - TODO: check + NOT-FOR-US: fedoraproject 389_directory_server CVE-2010-4747 (Cross-site scripting (XSS) vulnerability in ...) NOT-FOR-US: ahmattox processing_embed_plugin CVE-2010-4748 (Cross-site scripting (XSS) vulnerability in pmwiki.php in PmWiki ...) NOT-FOR-US: pmwiki CVE-2010-4749 (Multiple cross-site scripting (XSS) vulnerabilities in BLOG:CMS ...) - TODO: check + NOT-FOR-US: blogcms blog cms CVE-2010-4750 (Cross-site request forgery (CSRF) vulnerability in ...) - TODO: check + NOT-FOR-US: blogcms blog cms CVE-2010-4751 (SQL injection vulnerability in LightNEasy.php in LightNEasy 3.2.1, ...) NOT-FOR-US: lightneasy CVE-2010-4752 (SQL injection vulnerability in LightNEasy.php in LightNEasy 3.2.1, ...) @@ -95445,51 +95445,51 @@ CVE-2010-4777 CVE-2010-4778 (Multiple cross-site scripting (XSS) vulnerabilities in ...) TODO: check CVE-2010-4779 (Cross-site scripting (XSS) vulnerability in lib/includes/auth.inc.php ...) - TODO: check + NOT-FOR-US: bravenewcode wptouch CVE-2010-4780 (SQL injection vulnerability in the check_banlist function in ...) - TODO: check + NOT-FOR-US: enanocms enano_cms CVE-2010-4781 (index.php in Enano CMS 1.1.7pl1, and possibly other versions before ...) - TODO: check + NOT-FOR-US: enanocms enano_cms CVE-2010-4782 (Multiple SQL injection vulnerabilities in list.asp in Softwebs Nepal ...) - TODO: check + NOT-FOR-US: softwebsnepal ananda_real_estate CVE-2010-4783 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...) - TODO: check + NOT-FOR-US: phpwebscripts easy_banner_free CVE-2010-4784 (Multiple SQL injection vulnerabilities in member.php in PHP Web ...) - TODO: check + NOT-FOR-US: phpwebscripts easy_banner_free CVE-2010-4785 (The do_extendedOp function in ibmslapd in IBM Tivoli Directory Server ...) - TODO: check + NOT-FOR-US: ibm tivoli_directory_server CVE-2010-4786 (IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.63 (aka ...) - TODO: check + NOT-FOR-US: ibm tivoli_directory_server CVE-2010-4787 (IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.63 (aka ...) - TODO: check + NOT-FOR-US: ibm tivoli_directory_server CVE-2010-4788 (IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.62 (aka ...) - TODO: check + NOT-FOR-US: ibm tivoli_directory_server CVE-2010-4789 (Use-after-free vulnerability in the proxy-server implementation in IBM ...) - TODO: check + NOT-FOR-US: ibm tivoli_directory_server CVE-2010-4790 (Directory traversal vulnerability in FilterFTP 2.0.3, 2.0.5, and ...) - TODO: check + NOT-FOR-US: in mediakg filterftp CVE-2010-4791 (SQL injection vulnerability in ...) - TODO: check + NOT-FOR-US: marcusg mg_user_fotoalbum_panel CVE-2010-4792 (Cross-site scripting (XSS) vulnerability in title.php in OPEN IT ...) - TODO: check + NOT-FOR-US: openit overlook CVE-2010-4793 (SQL injection vulnerability in detail.asp in Site2Nite Auto e-Manager ...) - TODO: check + NOT-FOR-US: site2nite auto_e manager CVE-2010-4794 (Multiple cross-site scripting (XSS) vulnerabilities in the ...) - TODO: check + NOT-FOR-US: joomlaseller com_jscalendar CVE-2010-4795 (SQL injection vulnerability in the JS Calendar (com_jscalendar) ...) - TODO: check + NOT-FOR-US: joomlaseller com_jscalendar CVE-2010-4796 (Multiple SQL injection vulnerabilities in PHPYun 1.1.6 allow remote ...) - TODO: check + NOT-FOR-US: phpyun CVE-2010-4797 (Multiple SQL injection vulnerabilities in the log-in form in Truworth ...) - TODO: check + NOT-FOR-US: truworthit flex_timesheet CVE-2010-4798 (Directory traversal vulnerability in index.php in OrangeHRM 2.6.0.1 ...) - TODO: check + NOT-FOR-US: orangehrm CVE-2010-4799 (Multiple SQL injection vulnerabilities in Chipmunk Pwngame 1.0, when ...) - TODO: check + NOT-FOR-US: pwngame CVE-2010-4800 (SQL injection vulnerability in doadd.php in BaconMap 1.0 allows remote ...) - TODO: check + NOT-FOR-US: baconmap CVE-2010-4801 (Directory traversal vulnerability in admin/updatelist.php in BaconMap ...) - TODO: check + NOT-FOR-US: baconmap CVE-2010-4802 (Commands.pm in Mojolicious before 0.999928 does not properly perform ...) TODO: check CVE-2010-4803 (Mojolicious before 0.999927 does not properly implement HMAC-MD5 ...) -- cgit v1.2.3-65-gdbad