From 6e65e65e23ec39e6ac3c264364f4eddb68a46717 Mon Sep 17 00:00:00 2001 From: William Desportes Date: Sat, 11 Jan 2020 20:50:29 +0100 Subject: Update old phpMyAdmin CVE entries years: - 2003 (ignored, no CVEs found) - 2004 (4; 1 has patch links) - 2005 (9; 3 had patch links) - 2006 (9; 9 had patch links) - 2007 (8; 8 had patch links) - 2008 (10; 10 had patch links) - 2018 (5; 5 had patch links) - 2019 (5; 5 had patch links) - 2020 (1; 1 has patch links) Fixed links for: http://www.phpmyadmin.net/home_page/security/(.*).php --- data/CVE/2004.list | 11 +++++++++++ 1 file changed, 11 insertions(+) (limited to 'data/CVE/2004.list') diff --git a/data/CVE/2004.list b/data/CVE/2004.list index aa0b151954..d866237052 100644 --- a/data/CVE/2004.list +++ b/data/CVE/2004.list @@ -318,8 +318,10 @@ CVE-2004-2632 (phpMyAdmin 2.5.1 up to 2.5.7 allows remote attackers to modify co - phpmyadmin 1:2.5.7-pl1-1 CVE-2004-2631 (Eval injection vulnerability in left.php in phpMyAdmin 2.5.1 up to 2.5 ...) - phpmyadmin 1:2.5.7-pl1-1 + NOTE: https://www.phpmyadmin.net/security/PMASA-2004-1/ CVE-2004-2630 (The MIME transformation system (transformations/text_plain__external.i ...) - phpmyadmin 2:2.6.0-pl2-1 + NOTE: https://www.phpmyadmin.net/security/PMASA-2004-2/ CVE-2004-2629 (Multiple vulnerabilities in the H.323 protocol implementation for Firs ...) NOT-FOR-US: Click to Meet express CVE-2004-2628 (Multiple directory traversal vulnerabilities in thttpd 2.07 beta 0.4, ...) @@ -3449,8 +3451,16 @@ CVE-2004-1149 (Computer Associates eTrust EZ Antivirus 7.0.0 to 7.0.4, including NOT-FOR-US: Computer Associates eTrust EZ Antivirus CVE-2004-1148 (phpMyAdmin before 2.6.1, when configured with UploadDir functionality, ...) - phpmyadmin 2:2.6.1-rc1-1 + NOTE: https://www.phpmyadmin.net/security/PMASA-2004-4/ + NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/1d170eefbf3b07c6bd968d9905a419aaf3aeedf0 + NOTE: A very big commit that might include useless changes + NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/f1f39b8ed115c5cfbd18d3dca5fad1707beb00f2 CVE-2004-1147 (phpMyAdmin 2.6.0-pl2, and other versions before 2.6.1, with external t ...) - phpmyadmin 2:2.6.1-rc1-1 + NOTE: https://www.phpmyadmin.net/security/PMASA-2004-4/ + NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/1d170eefbf3b07c6bd968d9905a419aaf3aeedf0 + NOTE: A very big commit that might include useless changes + NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/f1f39b8ed115c5cfbd18d3dca5fad1707beb00f2 CVE-2004-1146 (Multiple cross-site scripting (XSS) vulnerabilities in (1) main.c and ...) - cvstrac 1.1.5 CVE-2004-1145 (Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) all ...) @@ -3678,6 +3688,7 @@ CVE-2004-1056 (Direct Rendering Manager (DRM) driver in Linux kernel 2.6 does no [sarge] - kernel-source-2.6.8 2.6.8-11 CVE-2004-1055 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.6. ...) - phpmyadmin 2:2.6.0-pl3-1 + NOTE: https://www.phpmyadmin.net/security/PMASA-2004-3/ CVE-2004-1054 (Untrusted execution path vulnerability in invscout in IBM AIX 5.1.0, 5 ...) NOT-FOR-US: AIX CVE-2004-1053 (Integer overflow in fetch on FreeBSD 4.1 through 5.3 allows remote mal ...) -- cgit v1.2.3