From 1e9de1e7dd2e639c3335d43da2a67a234614e390 Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Tue, 12 Feb 2019 21:32:28 +0100 Subject: Unify some older Joomla! NFUs --- data/CVE/2009.list | 52 ++++++++++++++++++++++++++-------------------------- 1 file changed, 26 insertions(+), 26 deletions(-) (limited to 'data/CVE/2009.list') diff --git a/data/CVE/2009.list b/data/CVE/2009.list index 22ffe97e83..dc7d139e28 100644 --- a/data/CVE/2009.list +++ b/data/CVE/2009.list @@ -1187,13 +1187,13 @@ CVE-2009-4629 (Mozilla Necko, as used in Thunderbird 3.0.1, SeaMonkey, and other [etch] - iceape (dns prefetching implemented in xulrunner 1.9.1) [lenny] - iceape (dns prefetching implemented in xulrunner 1.9.1) CVE-2009-4628 (SQL injection vulnerability in the TemplatePlaza.com TPDugg ...) - NOT-FOR-US: Joomla + NOT-FOR-US: Joomla! CVE-2009-4627 (Directory traversal vulnerability in sources/_template_parser.php in ...) NOT-FOR-US: Moa Gallery CVE-2009-4626 (Directory traversal vulnerability in menu.php in phpNagios 1.2.0 ...) NOT-FOR-US: phpNagios CVE-2009-4625 (SQL injection vulnerability in the updateOnePage function in ...) - NOT-FOR-US: Joomla + NOT-FOR-US: Joomla! CVE-2009-4624 (SQL injection vulnerability in download.php in Nicecoder iDesk allows ...) NOT-FOR-US: Nicecoder iDesk CVE-2009-4623 (Multiple PHP remote file inclusion vulnerabilities in Advanced Comment ...) @@ -1203,9 +1203,9 @@ CVE-2009-4622 (PHP remote file inclusion vulnerability in admin/admin_news_bot.p CVE-2009-4621 (SQL injection vulnerability in the JiangHu Inn plugin 1.1 and earlier ...) NOT-FOR-US: Discuz CVE-2009-4620 (SQL injection vulnerability in the Joomloc (com_joomloc) component 1.0 ...) - NOT-FOR-US: Joomla + NOT-FOR-US: Joomla! CVE-2009-4619 (SQL injection vulnerability in the Lucy Games (com_lucygames) ...) - NOT-FOR-US: Joomla + NOT-FOR-US: Joomla! CVE-2009-4618 (Multiple SQL injection vulnerabilities in Tourism Script Bus Script ...) NOT-FOR-US: Tourism Script Bus Script CVE-2009-4617 (Multiple SQL injection vulnerabilities in Tourism Script Accommodation ...) @@ -1235,7 +1235,7 @@ CVE-2009-4607 (The command line interface in Overland Storage Snap Server 410 wi CVE-2009-4606 (South River Technologies WebDrive 9.02 build 2232 installs the ...) NOT-FOR-US: South River Technologies WebDrive CVE-2009-4604 (PHP remote file inclusion vulnerability in mamboleto.php in the ...) - NOT-FOR-US: Joomla + NOT-FOR-US: Joomla! CVE-2009-4603 (Unspecified vulnerability in sapstartsrv.exe in the SAP Kernel 6.40, ...) NOT-FOR-US: SAP Kernel CVE-2009-4602 (Cross-site scripting (XSS) vulnerability in the Randomizer module 5.x ...) @@ -1245,9 +1245,9 @@ CVE-2009-4601 (Cross-site scripting (XSS) vulnerability in basic_search_result.p CVE-2009-4600 (SQL injection vulnerability in realestate20/loginaction.php in NetArt ...) NOT-FOR-US: NetArt Media Real Estate Portal CVE-2009-4599 (Multiple SQL injection vulnerabilities in the JS Jobs (com_jsjobs) ...) - NOT-FOR-US: Joomla + NOT-FOR-US: Joomla! CVE-2009-4598 (SQL injection vulnerability in the JPhoto (com_jphoto) component 1.0 ...) - NOT-FOR-US: Joomla + NOT-FOR-US: Joomla! CVE-2009-4597 (Multiple SQL injection vulnerabilities in index.php in PHP Inventory ...) NOT-FOR-US: PHP Inventory CVE-2009-4596 (Cross-site scripting (XSS) vulnerability in index.php in PHP Inventory ...) @@ -2307,7 +2307,7 @@ CVE-2009-4159 (Cross-site scripting (XSS) vulnerability in the newsletter ...) CVE-2009-4158 (SQL injection vulnerability in the Calendar Base (cal) extension ...) NOT-FOR-US: TYPO3 extension CVE-2009-4157 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...) - NOT-FOR-US: Joomla + NOT-FOR-US: Joomla! CVE-2009-4156 (PHP remote file inclusion vulnerability in modules/pms/index.php in ...) NOT-FOR-US: Ciamos CMS CVE-2009-4155 (Multiple SQL injection vulnerabilities in Eshopbuilde CMS allow remote ...) @@ -3232,9 +3232,9 @@ CVE-2009-3837 (Stack-based buffer overflow in Eureka Email 2.2q allows remote PO CVE-2009-3836 (ArubaOS 3.3.1.x, 3.3.2.x, RN 3.1.x, 3.4.x, and 3.3.2.x-FIPS on the ...) NOT-FOR-US: ArubaOS CVE-2009-3835 (SQL injection vulnerability in the JShop (com_jshop) component for ...) - NOT-FOR-US: Joomla + NOT-FOR-US: Joomla! CVE-2009-3834 (SQL injection vulnerability in the Photoblog (com_photoblog) component ...) - NOT-FOR-US: Joomla + NOT-FOR-US: Joomla! CVE-2009-3833 (Cross-site scripting (XSS) vulnerability in index.php in TFTgallery ...) NOT-FOR-US: TFTgallery CVE-2009-3832 (Opera before 10.01 on Windows does not prevent use of Web fonts in ...) @@ -7302,7 +7302,7 @@ CVE-2009-2402 (SQL injection vulnerability in index.php in the forum module in . CVE-2009-2401 (Cross-site scripting (XSS) vulnerability in PHPEcho CMS 2.0-rc3 allows ...) NOT-FOR-US: PHPEcho CVE-2009-2400 (SQL injection vulnerability in the PHP (com_php) component for Joomla! ...) - NOT-FOR-US: Joomla + NOT-FOR-US: Joomla! CVE-2009-2399 (PHP remote file inclusion vulnerability in ...) NOT-FOR-US: DM FileManager CVE-2009-2398 (Directory traversal vulnerability in test/index.php in PHP-Sugar 0.80 ...) @@ -7312,7 +7312,7 @@ CVE-2009-2397 (Directory traversal vulnerability in download.php in Audio Articl CVE-2009-2396 (PHP remote file inclusion vulnerability in template/album.php in DM ...) NOT-FOR-US: DM Albums CVE-2009-2395 (SQL injection vulnerability in the K2 (com_k2) component 1.0.1 Beta ...) - NOT-FOR-US: Joomla + NOT-FOR-US: Joomla! CVE-2009-2394 (SQL injection vulnerability in cat.php in SMSPages 1.0 in Mr.Saphp ...) NOT-FOR-US: SMSPages CVE-2009-2393 (admin/index.php in Virtuenetz Virtue Online Test Generator does not ...) @@ -7322,7 +7322,7 @@ CVE-2009-2392 (SQL injection vulnerability in text.php in Virtuenetz Virtue Onli CVE-2009-2391 (Cross-site scripting (XSS) vulnerability in text.php in Virtuenetz ...) NOT-FOR-US: Virtuenetz Virtue Online Test Generator CVE-2009-2390 (SQL injection vulnerability in the BookFlip (com_bookflip) component ...) - NOT-FOR-US: Joomla + NOT-FOR-US: Joomla! CVE-2009-2389 (Multiple SQL injection vulnerabilities in newsscript.php in USOLVED ...) NOT-FOR-US: USOLVED NEWSolved CVE-2009-2388 (SQL injection vulnerability in admin/index.php in Opial 1.0 allows ...) @@ -10321,9 +10321,9 @@ CVE-2009-1282 (SQL injection vulnerability in private/system/lib-session.php in CVE-2009-1281 (Cross-site scripting (XSS) vulnerability in glFusion before 1.1.3 ...) NOT-FOR-US: glFusion CVE-2009-1280 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...) - NOT-FOR-US: Joomla + NOT-FOR-US: Joomla! CVE-2009-1279 (Multiple cross-site scripting (XSS) vulnerabilities in Joomla! 1.5 ...) - NOT-FOR-US: Joomla + NOT-FOR-US: Joomla! CVE-2009-1278 (Static code injection vulnerability in forms/ajax/configure.php in ...) NOT-FOR-US: Gravity Board CVE-2009-1277 (SQL injection vulnerability in index.php in Gravity Board X (GBX) 2.0 ...) @@ -10365,7 +10365,7 @@ CVE-2009-1265 (Integer overflow in rose_sendmsg (sys/net/af_rose.c) in the Linux CVE-2009-1264 (Frontend User Registration (sr_feuser_register) extension 2.5.20 and ...) NOT-FOR-US: Frontend User Registration (sr_feuser_register) extension CVE-2009-1263 (SQL injection vulnerability in sub_commententry.php in the BookJoomlas ...) - NOT-FOR-US: Joomla + NOT-FOR-US: Joomla! CVE-2009-1262 (Format string vulnerability in Fortinet FortiClient 3.0.614, and ...) NOT-FOR-US: Fortinet FortiClient CVE-2009-1261 (Multiple cross-site scripting (XSS) vulnerabilities in Web Help Desk ...) @@ -10375,7 +10375,7 @@ CVE-2009-1260 (Multiple stack-based buffer overflows in UltraISO 9.3.3.2685 and CVE-2009-1259 (SQL injection vulnerability in inc/bb/topic.php in Insane Visions ...) NOT-FOR-US: Insane Visions AdaptBB CVE-2009-1258 (SQL injection vulnerability in the RD-Autos (com_rdautos) component ...) - NOT-FOR-US: Joomla + NOT-FOR-US: Joomla! CVE-2009-1257 (Heap-based buffer overflow in Magic ISO Maker 5.5 build 0274 allows ...) NOT-FOR-US: Magic ISO Maker CVE-2009-1256 (SQL injection vulnerability in FlexCMS 2.5 allows remote attackers to ...) @@ -11803,7 +11803,7 @@ CVE-2009-0728 (SQL injection vulnerability in the My_eGallery module for MAXdev CVE-2009-0727 (SQL injection vulnerability in jobdetails.php in taifajobs 1.0 and ...) NOT-FOR-US: taifajobs CVE-2009-0726 (SQL injection vulnerability in the GigCalendar (com_gigcal) component ...) - NOT-FOR-US: Joomla + NOT-FOR-US: Joomla! CVE-2009-0725 RESERVED CVE-2009-0724 @@ -11846,7 +11846,7 @@ CVE-2009-0708 (Multiple cross-site request forgery (CSRF) vulnerabilities in ... CVE-2009-0707 (SQL injection vulnerability in admin/index.php in PowerClan 1.14a ...) NOT-FOR-US: PowerClan CVE-2009-0706 (SQL injection vulnerability in the Simple Review (com_simple_review) ...) - NOT-FOR-US: Joomla + NOT-FOR-US: Joomla! CVE-2009-0705 (SQL injection vulnerability in news.php in PowerScripts PowerNews ...) NOT-FOR-US: PowerScripts PowerNews CVE-2009-0704 (SQL injection vulnerability in search.php in WSN Guest 1.23 allows ...) @@ -11854,7 +11854,7 @@ CVE-2009-0704 (SQL injection vulnerability in search.php in WSN Guest 1.23 allow CVE-2009-0703 (SQL injection vulnerability in bview.asp in ASPThai.Net Webboard 6.0 ...) NOT-FOR-US: ASPThai.Net Webboard CVE-2009-0702 (SQL injection vulnerability in the Phoca Documentation ...) - NOT-FOR-US: Joomla + NOT-FOR-US: Joomla! CVE-2009-0701 (Multiple PHP remote file inclusion vulnerabilities in index.php in ...) NOT-FOR-US: Cybershade CVE-2009-0700 (Plunet BusinessManager 4.1 and earlier allows remote authenticated ...) @@ -12397,7 +12397,7 @@ CVE-2009-0496 (Multiple cross-site scripting (XSS) vulnerabilities in Ignite Rea CVE-2009-0495 (PHP remote file inclusion vulnerability in include/define.php in ...) NOT-FOR-US: REALTOR CVE-2009-0494 (SQL injection vulnerability in the Portfol (com_portfol) 1.2 component ...) - NOT-FOR-US: Joomla + NOT-FOR-US: Joomla! CVE-2009-0493 (SQL injection vulnerability in login.php in IT!CMS 2.1a and earlier ...) NOT-FOR-US: IT CMS CVE-2009-0492 (Unspecified vulnerability in SimpleIrcBot before 1.0 Stable has ...) @@ -12549,9 +12549,9 @@ CVE-2009-0423 (Directory traversal vulnerability in index.php in Php Photo Album CVE-2009-0422 (Dynamic variable evaluation vulnerability in lists/admin.php in ...) NOT-FOR-US: phpList CVE-2009-0421 (SQL injection vulnerability in the Eventing (com_eventing) 1.6.x ...) - NOT-FOR-US: Joomla + NOT-FOR-US: Joomla! CVE-2009-0420 (SQL injection vulnerability in the RD-Autos (com_rdautos) 1.5.5 Stable ...) - NOT-FOR-US: Joomla + NOT-FOR-US: Joomla! CVE-2009-0419 (Microsoft XML Core Services, as used in Microsoft Expression Web, ...) NOT-FOR-US: Microsoft CVE-2009-0418 (The IPv6 Neighbor Discovery Protocol (NDP) implementation in HP HP-UX ...) @@ -12649,9 +12649,9 @@ CVE-2009-0380 (** DISPUTED ** ...) CVE-2009-0379 (SQL injection vulnerability in the Prince Clan Chess Club ...) NOT-FOR-US: Prince Clan Chess Club CVE-2009-0378 (Cross-site scripting (XSS) vulnerability in index.php in the ...) - NOT-FOR-US: Joomla + NOT-FOR-US: Joomla! CVE-2009-0377 (SQL injection vulnerability in the beamospetition (com_beamospetition) ...) - NOT-FOR-US: Joomla + NOT-FOR-US: Joomla! CVE-2009-0376 (Heap-based buffer overflow in a DLL file in RealNetworks RealPlayer ...) NOT-FOR-US: RealPlayer CVE-2009-0375 (Buffer overflow in a DLL file in RealNetworks RealPlayer 10, ...) @@ -12660,7 +12660,7 @@ CVE-2009-0374 (** DISPUTED ** ...) - chromium-browser (unimportant) - webkit (poc doesn't work) CVE-2009-0373 (SQL injection vulnerability in the ElearningForce Flash Magazine ...) - NOT-FOR-US: Joomla + NOT-FOR-US: Joomla! CVE-2009-0372 (Unrestricted file upload vulnerability in index.php in Miltenovik ...) NOT-FOR-US: Miltenovik Manojlo MemHT Portal CVE-2009-0371 (Directory traversal vulnerability in post.php in SiteXS CMS 0.1.1 and ...) -- cgit v1.2.3