Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Fri, 20 Nov 2015 15:54:35 +0100
From: "Curesec Research Team (CRT)" <crt@...esec.com>
To: oss-security@...ts.openwall.com
Subject: CVE Request: Various

CVE request: Various

I would like to request CVE Identifiers for the following issues which
do not yet have an id assigned:

http://seclists.org/fulldisclosure/2015/Aug/28
BigTree CMS 4.2.3 XSS

http://seclists.org/fulldisclosure/2015/Aug/30
BigTree CMS 4.2.3 SQL Injection

http://seclists.org/fulldisclosure/2015/Aug/31
CodoForum 3.3.1 XSS

http://seclists.org/fulldisclosure/2015/Aug/32
CodoForum 3.3.1 SQL Injection

http://seclists.org/fulldisclosure/2015/Aug/67
ModX Revolution 2.3.5-pl XSS

http://seclists.org/fulldisclosure/2015/Aug/65
Phorum 5.2.19 XSS

http://seclists.org/fulldisclosure/2015/Sep/53
Anchor CMS 0.9.2: XSS

http://seclists.org/fulldisclosure/2015/Sep/54
Zen Cart 1.5.4: Code Execution

http://seclists.org/fulldisclosure/2015/Sep/55
ZeusCart 4.0: XSS

http://seclists.org/fulldisclosure/2015/Sep/60
ZeusCart 4.0: SQL Injection

http://seclists.org/fulldisclosure/2015/Sep/62
ZeusCart 4.0: CSRF

http://seclists.org/fulldisclosure/2015/Sep/61
ZeusCart 4.0: Code Execution

http://seclists.org/fulldisclosure/2015/Oct/107
Pligg CMS 2.0.2 Code Execution & CSRF

http://seclists.org/fulldisclosure/2015/Oct/108
Pligg CMS 2.0.2 Directory Traversal

http://seclists.org/fulldisclosure/2015/Oct/110
Pligg CMS 2.0.2 Multiple SQL Injections

http://seclists.org/fulldisclosure/2015/Nov/2
SQL Buddy 1.3.3 XSS

http://seclists.org/fulldisclosure/2015/Nov/1
SQL Buddy 1.3.3 CSRF

http://seclists.org/fulldisclosure/2015/Nov/5
Chyrp CMS 2.5.2  XSS

http://seclists.org/fulldisclosure/2015/Nov/19
MiniBB 3.1.1 XSS

http://seclists.org/fulldisclosure/2015/Nov/20
MyWebSQL 3.6 CSRF

http://seclists.org/fulldisclosure/2015/Nov/24
CubeCart 6.0.7 Code Execution

http://seclists.org/fulldisclosure/2015/Nov/25
CubeCart 6.0.7 XSS

http://seclists.org/fulldisclosure/2015/Nov/26
Quick.Cart 6.6 CSRF

http://seclists.org/fulldisclosure/2015/Nov/27
Quick.Cart 6.6 XSS

http://seclists.org/fulldisclosure/2015/Nov/28
TheHostingTool 1.2.6 Code Execution

http://seclists.org/fulldisclosure/2015/Nov/29
TheHostingTool 1.2.6 SQL Injection

http://seclists.org/fulldisclosure/2015/Nov/30
TheHostingTool 1.2.6 XSS

http://seclists.org/fulldisclosure/2015/Nov/49
XCart 5.2.6 XSS

http://seclists.org/fulldisclosure/2015/Nov/50
XCart 5.2.6 Path Traversal

http://seclists.org/fulldisclosure/2015/Nov/51
XCart 5.2.6 Code Execution

http://seclists.org/fulldisclosure/2015/Nov/53
TomatoCart v1.1.8.6.1 Code Execution

http://seclists.org/fulldisclosure/2015/Nov/54
TomatoCart v1.1.8.6.1 XSS

http://seclists.org/fulldisclosure/2015/Nov/55
Thelia 2.2.1 XSS

http://seclists.org/fulldisclosure/2015/Nov/56
Sitemagic CMS 4.1 XSS

http://seclists.org/fulldisclosure/2015/Nov/57
Open Source Social Network 3.5 XSS

http://seclists.org/fulldisclosure/2015/Nov/58
dotclear 2.8.1 Code Execution

http://seclists.org/fulldisclosure/2015/Nov/60
ClipperCMS 1.3.0 Code Execution

http://seclists.org/fulldisclosure/2015/Nov/62
ClipperCMS 1.3.0 CSRF

http://seclists.org/fulldisclosure/2015/Nov/64
ClipperCMS 1.3.0 Path Traversal

http://seclists.org/fulldisclosure/2015/Nov/63
ClipperCMS 1.3.0 SQL Injection

http://seclists.org/fulldisclosure/2015/Nov/65
ClipperCMS 1.3.0 XSS

http://seclists.org/fulldisclosure/2015/Nov/66
LiteCart 1.3.2 XSS

http://seclists.org/fulldisclosure/2015/Nov/67
AlegroCart 1.2.8 LFI/RFI

http://seclists.org/fulldisclosure/2015/Nov/68
AlegroCart 1.2.8 SQL Injection

Thanks,
Curesec Research Team

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ