Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list]
Date: Fri, 20 Nov 2015 15:54:35 +0100
From: "Curesec Research Team (CRT)" <>
Subject: CVE Request: Various

CVE request: Various

I would like to request CVE Identifiers for the following issues which
do not yet have an id assigned:
BigTree CMS 4.2.3 XSS
BigTree CMS 4.2.3 SQL Injection
CodoForum 3.3.1 XSS
CodoForum 3.3.1 SQL Injection
ModX Revolution 2.3.5-pl XSS
Phorum 5.2.19 XSS
Anchor CMS 0.9.2: XSS
Zen Cart 1.5.4: Code Execution
ZeusCart 4.0: XSS
ZeusCart 4.0: SQL Injection
ZeusCart 4.0: CSRF
ZeusCart 4.0: Code Execution
Pligg CMS 2.0.2 Code Execution & CSRF
Pligg CMS 2.0.2 Directory Traversal
Pligg CMS 2.0.2 Multiple SQL Injections
SQL Buddy 1.3.3 XSS
SQL Buddy 1.3.3 CSRF
Chyrp CMS 2.5.2  XSS
MiniBB 3.1.1 XSS
CubeCart 6.0.7 Code Execution
CubeCart 6.0.7 XSS
Quick.Cart 6.6 CSRF
Quick.Cart 6.6 XSS
TheHostingTool 1.2.6 Code Execution
TheHostingTool 1.2.6 SQL Injection
TheHostingTool 1.2.6 XSS
XCart 5.2.6 XSS
XCart 5.2.6 Path Traversal
XCart 5.2.6 Code Execution
TomatoCart v1. Code Execution
TomatoCart v1. XSS
Thelia 2.2.1 XSS
Sitemagic CMS 4.1 XSS
Open Source Social Network 3.5 XSS
dotclear 2.8.1 Code Execution
ClipperCMS 1.3.0 Code Execution
ClipperCMS 1.3.0 CSRF
ClipperCMS 1.3.0 Path Traversal
ClipperCMS 1.3.0 SQL Injection
ClipperCMS 1.3.0 XSS
LiteCart 1.3.2 XSS
AlegroCart 1.2.8 LFI/RFI
AlegroCart 1.2.8 SQL Injection

Curesec Research Team

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.