diff options
| author | simon <simon@FreeBSD.org> | 2005-09-30 03:31:12 +0800 |
|---|---|---|
| committer | simon <simon@FreeBSD.org> | 2005-09-30 03:31:12 +0800 |
| commit | 8b02d294d0a305de962913d6213ad886ff485d5b (patch) | |
| tree | f95f110e1b206976d6c171717ea35c0cee3dcca8 /security | |
| parent | 370788a86b8c748d90323e7ae1e1eb8885f52ffa (diff) | |
| download | freebsd-ports-gnome-8b02d294d0a305de962913d6213ad886ff485d5b.tar.gz freebsd-ports-gnome-8b02d294d0a305de962913d6213ad886ff485d5b.tar.zst freebsd-ports-gnome-8b02d294d0a305de962913d6213ad886ff485d5b.zip | |
- Add a note that new entries, per convention, should be added to the
start of this file.
For latest phpmyfaq entry:
- Use port directory name as first part of topic.
- No need to include information about affected releases in topic
(it's somewhat redundant and makes the title longer).
- Reindent body with standard FreeBSD Doc Project (more or less)
style.
Diffstat (limited to 'security')
| -rw-r--r-- | security/vuxml/vuln.xml | 16 |
1 files changed, 11 insertions, 5 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 3216a4855ac6..48e294d427fc 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -30,6 +30,8 @@ EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. $FreeBSD$ +Note: Please add new entries to the beginning of this file. + --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> <vuln vid="271498a9-2cd4-11da-a263-0001020eed82"> @@ -21508,7 +21510,8 @@ misc.c: </vuln> <vuln vid="c6b9aee8-3071-11da-af18-000ae4641456"> - <topic>phpMyFAQ -- SQL injection, takeover, path disclosure, remote code execution in phpMyFAQ 1.5.x</topic> + <topic>phpmyfaq -- SQL injection, takeover, path disclosure, + remote code execution</topic> <affects> <package> <name>phpmyfaq</name> @@ -21517,10 +21520,12 @@ misc.c: </affects> <description> <body xmlns="http://www.w3.org/1999/xhtml"> - <p>If magic quotes are off there's a SQL injection when sending a forgotten password. - It's possible to overwrite the admin password and to take over the whole system. - In some files in the admin section there are some cross site scripting vulnerabilities. - In the public frontend it's possible to include arbitrary php files.</p> + <p>If magic quotes are off there's a SQL injection when + sending a forgotten password. It's possible to overwrite + the admin password and to take over the whole system. In + some files in the admin section there are some cross site + scripting vulnerabilities. In the public frontend it's + possible to include arbitrary php files.</p> </body> </description> <references> @@ -21532,3 +21537,4 @@ misc.c: </dates> </vuln> </vuxml> +<!-- Note: Please add new entries to the beginning of this file. --> |