aboutsummaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authorsimon <simon@FreeBSD.org>2005-09-30 03:31:12 +0800
committersimon <simon@FreeBSD.org>2005-09-30 03:31:12 +0800
commit8b02d294d0a305de962913d6213ad886ff485d5b (patch)
treef95f110e1b206976d6c171717ea35c0cee3dcca8 /security
parent370788a86b8c748d90323e7ae1e1eb8885f52ffa (diff)
downloadfreebsd-ports-graphics-8b02d294d0a305de962913d6213ad886ff485d5b.tar.gz
freebsd-ports-graphics-8b02d294d0a305de962913d6213ad886ff485d5b.tar.zst
freebsd-ports-graphics-8b02d294d0a305de962913d6213ad886ff485d5b.zip
- Add a note that new entries, per convention, should be added to the
start of this file. For latest phpmyfaq entry: - Use port directory name as first part of topic. - No need to include information about affected releases in topic (it's somewhat redundant and makes the title longer). - Reindent body with standard FreeBSD Doc Project (more or less) style.
Diffstat (limited to 'security')
-rw-r--r--security/vuxml/vuln.xml16
1 files changed, 11 insertions, 5 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml
index 3216a4855ac..48e294d427f 100644
--- a/security/vuxml/vuln.xml
+++ b/security/vuxml/vuln.xml
@@ -30,6 +30,8 @@ EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
$FreeBSD$
+Note: Please add new entries to the beginning of this file.
+
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
<vuln vid="271498a9-2cd4-11da-a263-0001020eed82">
@@ -21508,7 +21510,8 @@ misc.c:
</vuln>
<vuln vid="c6b9aee8-3071-11da-af18-000ae4641456">
- <topic>phpMyFAQ -- SQL injection, takeover, path disclosure, remote code execution in phpMyFAQ 1.5.x</topic>
+ <topic>phpmyfaq -- SQL injection, takeover, path disclosure,
+ remote code execution</topic>
<affects>
<package>
<name>phpmyfaq</name>
@@ -21517,10 +21520,12 @@ misc.c:
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
- <p>If magic quotes are off there's a SQL injection when sending a forgotten password.
- It's possible to overwrite the admin password and to take over the whole system.
- In some files in the admin section there are some cross site scripting vulnerabilities.
- In the public frontend it's possible to include arbitrary php files.</p>
+ <p>If magic quotes are off there's a SQL injection when
+ sending a forgotten password. It's possible to overwrite
+ the admin password and to take over the whole system. In
+ some files in the admin section there are some cross site
+ scripting vulnerabilities. In the public frontend it's
+ possible to include arbitrary php files.</p>
</body>
</description>
<references>
@@ -21532,3 +21537,4 @@ misc.c:
</dates>
</vuln>
</vuxml>
+<!-- Note: Please add new entries to the beginning of this file. -->