From f82cbf2b7188af6ab47035c8efa3bfe1a6618cb1 Mon Sep 17 00:00:00 2001
From: security tracker role <sectracker@soriano.debian.org>
Date: Thu, 31 Dec 2020 08:10:27 +0000
Subject: automatic update

---
 data/CVE/2016.list | 20 ++++++++++----------
 1 file changed, 10 insertions(+), 10 deletions(-)

(limited to 'data/CVE/2016.list')

diff --git a/data/CVE/2016.list b/data/CVE/2016.list
index 38158d87ff..7a5b484ed8 100644
--- a/data/CVE/2016.list
+++ b/data/CVE/2016.list
@@ -6322,18 +6322,18 @@ CVE-2016-9028 (Unauthorized redirect vulnerability in Citrix NetScaler ADC befor
 	NOT-FOR-US: Citrix
 CVE-2016-9027
 	RESERVED
-CVE-2016-9026
-	RESERVED
-CVE-2016-9025
-	RESERVED
+CVE-2016-9026 (Exponent CMS before 2.6.0 has improper input validation in fileControl ...)
+	TODO: check
+CVE-2016-9025 (Exponent CMS before 2.6.0 has improper input validation in purchaseOrd ...)
+	TODO: check
 CVE-2016-9024
 	RESERVED
-CVE-2016-9023
-	RESERVED
-CVE-2016-9022
-	RESERVED
-CVE-2016-9021
-	RESERVED
+CVE-2016-9023 (Exponent CMS before 2.6.0 has improper input validation in cron/find_h ...)
+	TODO: check
+CVE-2016-9022 (Exponent CMS before 2.6.0 has improper input validation in usersContro ...)
+	TODO: check
+CVE-2016-9021 (Exponent CMS before 2.6.0 has improper input validation in storeContro ...)
+	TODO: check
 CVE-2016-9020 (SQL injection vulnerability in framework/modules/help/controllers/help ...)
 	NOT-FOR-US: Exponent CMS
 CVE-2016-9019 (SQL injection vulnerability in the activate_address function in framew ...)
-- 
cgit v1.2.3