Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list]
Date: Fri, 20 Nov 2015 15:54:35 +0100
From: "Curesec Research Team (CRT)" <crt@...esec.com>
To: oss-security@...ts.openwall.com
Subject: CVE Request: Various

CVE request: Various

I would like to request CVE Identifiers for the following issues which
do not yet have an id assigned:

http://seclists.org/fulldisclosure/2015/Aug/28
BigTree CMS 4.2.3 XSS

http://seclists.org/fulldisclosure/2015/Aug/30
BigTree CMS 4.2.3 SQL Injection

http://seclists.org/fulldisclosure/2015/Aug/31
CodoForum 3.3.1 XSS

http://seclists.org/fulldisclosure/2015/Aug/32
CodoForum 3.3.1 SQL Injection

http://seclists.org/fulldisclosure/2015/Aug/67
ModX Revolution 2.3.5-pl XSS

http://seclists.org/fulldisclosure/2015/Aug/65
Phorum 5.2.19 XSS

http://seclists.org/fulldisclosure/2015/Sep/53
Anchor CMS 0.9.2: XSS

http://seclists.org/fulldisclosure/2015/Sep/54
Zen Cart 1.5.4: Code Execution

http://seclists.org/fulldisclosure/2015/Sep/55
ZeusCart 4.0: XSS

http://seclists.org/fulldisclosure/2015/Sep/60
ZeusCart 4.0: SQL Injection

http://seclists.org/fulldisclosure/2015/Sep/62
ZeusCart 4.0: CSRF

http://seclists.org/fulldisclosure/2015/Sep/61
ZeusCart 4.0: Code Execution

http://seclists.org/fulldisclosure/2015/Oct/107
Pligg CMS 2.0.2 Code Execution & CSRF

http://seclists.org/fulldisclosure/2015/Oct/108
Pligg CMS 2.0.2 Directory Traversal

http://seclists.org/fulldisclosure/2015/Oct/110
Pligg CMS 2.0.2 Multiple SQL Injections

http://seclists.org/fulldisclosure/2015/Nov/2
SQL Buddy 1.3.3 XSS

http://seclists.org/fulldisclosure/2015/Nov/1
SQL Buddy 1.3.3 CSRF

http://seclists.org/fulldisclosure/2015/Nov/5
Chyrp CMS 2.5.2  XSS

http://seclists.org/fulldisclosure/2015/Nov/19
MiniBB 3.1.1 XSS

http://seclists.org/fulldisclosure/2015/Nov/20
MyWebSQL 3.6 CSRF

http://seclists.org/fulldisclosure/2015/Nov/24
CubeCart 6.0.7 Code Execution

http://seclists.org/fulldisclosure/2015/Nov/25
CubeCart 6.0.7 XSS

http://seclists.org/fulldisclosure/2015/Nov/26
Quick.Cart 6.6 CSRF

http://seclists.org/fulldisclosure/2015/Nov/27
Quick.Cart 6.6 XSS

http://seclists.org/fulldisclosure/2015/Nov/28
TheHostingTool 1.2.6 Code Execution

http://seclists.org/fulldisclosure/2015/Nov/29
TheHostingTool 1.2.6 SQL Injection

http://seclists.org/fulldisclosure/2015/Nov/30
TheHostingTool 1.2.6 XSS

http://seclists.org/fulldisclosure/2015/Nov/49
XCart 5.2.6 XSS

http://seclists.org/fulldisclosure/2015/Nov/50
XCart 5.2.6 Path Traversal

http://seclists.org/fulldisclosure/2015/Nov/51
XCart 5.2.6 Code Execution

http://seclists.org/fulldisclosure/2015/Nov/53
TomatoCart v1.1.8.6.1 Code Execution

http://seclists.org/fulldisclosure/2015/Nov/54
TomatoCart v1.1.8.6.1 XSS

http://seclists.org/fulldisclosure/2015/Nov/55
Thelia 2.2.1 XSS

http://seclists.org/fulldisclosure/2015/Nov/56
Sitemagic CMS 4.1 XSS

http://seclists.org/fulldisclosure/2015/Nov/57
Open Source Social Network 3.5 XSS

http://seclists.org/fulldisclosure/2015/Nov/58
dotclear 2.8.1 Code Execution

http://seclists.org/fulldisclosure/2015/Nov/60
ClipperCMS 1.3.0 Code Execution

http://seclists.org/fulldisclosure/2015/Nov/62
ClipperCMS 1.3.0 CSRF

http://seclists.org/fulldisclosure/2015/Nov/64
ClipperCMS 1.3.0 Path Traversal

http://seclists.org/fulldisclosure/2015/Nov/63
ClipperCMS 1.3.0 SQL Injection

http://seclists.org/fulldisclosure/2015/Nov/65
ClipperCMS 1.3.0 XSS

http://seclists.org/fulldisclosure/2015/Nov/66
LiteCart 1.3.2 XSS

http://seclists.org/fulldisclosure/2015/Nov/67
AlegroCart 1.2.8 LFI/RFI

http://seclists.org/fulldisclosure/2015/Nov/68
AlegroCart 1.2.8 SQL Injection

Thanks,
Curesec Research Team

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.