package-update

3454 Commits

46 Branches

0 Tags

0 B

Tree: 86f7b06ef7

Commit Graph

Author	SHA1	Message	Date
Aldas Nabazas	e67310a6d9	[webmin] Updated (1.300 -> 1.410) : SECURITY - CRITICAL CVE-2007-1276 (Medium) : Multiple cross-site scripting (XSS) vulnerabilities in chooser.cgi in Webmin before 1.330 and Usermin before 1.260 allow remote attackers to inject arbitrary web script or HTML via a crafted filename. CVE-2007-3156 (Medium) : Multiple cross-site scripting (XSS) vulnerabilities in pam_login.cgi in Webmin before 1.350 and Usermin before 1.280 allow remote attackers to inject arbitrary web script or HTML via the (1) cid, (2) message, or (3) question parameter. NOTE: some of these details are obtained from third party information. CVE-2007-5066 (High) : Unspecified vulnerability in Webmin before 1.370 on Windows allows remote authenticated users to execute arbitrary commands via a crafted URL. CVE-2008-0720 (Medium) : Cross-site scripting (XSS) vulnerability in Webmin 1.370 and 1.390 and Usermin 1.300 and 1.320 allows remote attackers to inject arbitrary web script or HTML via the search parameter to webmin_search.cgi (aka the search section), and possibly other components accessed through a "search box" or "open file box." NOTE: some of these details are obtained from third party information.	17 years ago
Alejandro Mery	d15769f41d	Removed trailing spaces massively, hoping to not break anything. Copyright notes not renewed	17 years ago
Alejandro Mery	12b79fecfa	* relocated current package database to the trunk of the package sub-project git-svn-id: svn://svn.opensde.net/opensde/package/trunk@20072 10447126-35f2-4685-b0cf-6dd780d3921f	18 years ago

Author

SHA1

Message

Date

Aldas Nabazas

e67310a6d9

[webmin] Updated (1.300 -> 1.410) : SECURITY - CRITICAL

CVE-2007-1276 (Medium) :
Multiple cross-site scripting (XSS) vulnerabilities in chooser.cgi in Webmin before 1.330 and
Usermin before 1.260 allow remote attackers to inject arbitrary web script or HTML via a crafted
filename.

CVE-2007-3156 (Medium) :
Multiple cross-site scripting (XSS) vulnerabilities in pam_login.cgi in Webmin before 1.350 and
Usermin before 1.280 allow remote attackers to inject arbitrary web script or HTML via the (1) cid,
(2) message, or (3) question parameter. NOTE: some of these details are obtained from third
party information.

CVE-2007-5066 (High) :
Unspecified vulnerability in Webmin before 1.370 on Windows allows remote authenticated users
to execute arbitrary commands via a crafted URL.

CVE-2008-0720 (Medium) :
Cross-site scripting (XSS) vulnerability in Webmin 1.370 and 1.390 and Usermin 1.300 and 1.320
allows remote attackers to inject arbitrary web script or HTML via the search parameter to
webmin_search.cgi (aka the search section), and possibly other components accessed through
a "search box" or "open file box." NOTE: some of these details are obtained from third party
information.

17 years ago

Alejandro Mery

d15769f41d

Removed trailing spaces massively, hoping to not break anything. Copyright notes not renewed

17 years ago

Alejandro Mery

12b79fecfa

* relocated current package database to the trunk of the package sub-project

git-svn-id: svn://svn.opensde.net/opensde/package/trunk@20072 10447126-35f2-4685-b0cf-6dd780d3921f

18 years ago

3 Commits (86f7b06ef70092e7b62128cda19fdfe4d5a08822)