[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Sun, 01 Feb 2026 12:27:55 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
33750075 by Salvatore Bonaccorso at 2026-02-01T21:27:08+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,67 +1,67 @@
 CVE-2023-54343 (QWE DL 2.0.1 mobile web application contains a persistent 
input valida ...)
-       TODO: check
+       NOT-FOR-US: QWE DL
 CVE-2022-50952 (Banco Guayaquil 8.0.0 mobile iOS application contains a 
persistent cro ...)
-       TODO: check
+       NOT-FOR-US: Banco Guayaquil
 CVE-2022-50951 (WiFi File Transfer 1.0.8 contains a persistent cross-site 
scripting vu ...)
-       TODO: check
+       NOT-FOR-US: WiFi File Transfer
 CVE-2022-50950 (Webile 1.0.1 contains a directory traversal vulnerability that 
allows  ...)
-       TODO: check
+       NOT-FOR-US: Webile
 CVE-2022-50942 (Inciga Web 2.8.2 contains a client-side cross-site scripting 
vulnerabi ...)
        TODO: check
 CVE-2022-50941 (BootCommerce 3.2.1 contains persistent input validation 
vulnerabilitie ...)
-       TODO: check
+       NOT-FOR-US: BootCommerce
 CVE-2022-50940 (Knap Advanced PHP Login 3.1.3 contains a persistent cross-site 
scripti ...)
-       TODO: check
+       NOT-FOR-US: Knap Advanced PHP Login
 CVE-2022-50797 (Stripe Green Downloads Wordpress Plugin 2.03 contains a 
persistent cro ...)
-       TODO: check
+       NOT-FOR-US: Stripe Green Downloads Wordpress Plugin
 CVE-2021-47921 (Free Photo & Video Vault 0.0.2 contains a directory traversal 
web vuln ...)
-       TODO: check
+       NOT-FOR-US: Free Photo & Video Vault
 CVE-2021-47920 (WebMO Job Manager 20.0 contains a cross-site scripting 
vulnerability i ...)
-       TODO: check
+       NOT-FOR-US: WebMO Job Manager
 CVE-2021-47919 (Simple CMS 2.1 contains a non-persistent cross-site scripting 
vulnerab ...)
-       TODO: check
+       NOT-FOR-US: Simple CMS
 CVE-2021-47918 (Simple CMS 2.1 contains a remote SQL injection vulnerability 
that allo ...)
-       TODO: check
+       NOT-FOR-US: Simple CMS
 CVE-2021-47917 (Simple CMS 2.1 contains a persistent cross-site scripting 
vulnerabilit ...)
-       TODO: check
+       NOT-FOR-US: Simple CMS
 CVE-2021-47916 (Simple CMS 2.1 contains a remote SQL injection vulnerability 
that allo ...)
-       TODO: check
+       NOT-FOR-US: Simple CMS
 CVE-2021-47915 (PHP Melody version 3.0 contains a remote SQL injection 
vulnerability i ...)
-       TODO: check
+       NOT-FOR-US: PHP Melody
 CVE-2021-47914 (PHP Melody version 3.0 contains a persistent cross-site 
scripting vuln ...)
-       TODO: check
+       NOT-FOR-US: PHP Melody
 CVE-2021-47913 (PHP Melody 3.0 contains a persistent cross-site scripting 
vulnerabilit ...)
-       TODO: check
+       NOT-FOR-US: PHP Melody
 CVE-2021-47912 (PHP Melody version 3.0 contains multiple non-persistent 
cross-site scr ...)
-       TODO: check
+       NOT-FOR-US: PHP Melody
 CVE-2021-47911 (Affiliate Pro 1.7 contains multiple reflected cross-site 
scripting vul ...)
-       TODO: check
+       NOT-FOR-US: Affiliate Pro
 CVE-2021-47909 (Mult-E-Cart Ultimate 2.4 contains multiple SQL injection 
vulnerabiliti ...)
-       TODO: check
+       NOT-FOR-US: Mult-E-Cart Ultimate
 CVE-2021-47908 (Ultimate POS 4.4 contains a persistent cross-site scripting 
vulnerabil ...)
-       TODO: check
+       NOT-FOR-US: Ultimate POS
 CVE-2021-47885 (Multiple payment terminal versions contain non-persistent 
cross-site s ...)
        TODO: check
 CVE-2021-47856 (Easy Cart Shopping Cart 2021 contains a non-persistent 
cross-site scri ...)
-       TODO: check
+       NOT-FOR-US: Easy Cart Shopping Cart
 CVE-2020-37064 (EPSON EasyMP Network Projection 2.81 contains an unquoted 
service path ...)
-       TODO: check
+       NOT-FOR-US: EPSON
 CVE-2020-37063 (TFTP Turbo 4.6.1273 contains an unquoted service path 
vulnerability th ...)
-       TODO: check
+       NOT-FOR-US: TFTP Turbo
 CVE-2020-37062 (DHCP Turbo 4.61298 contains an unquoted service path 
vulnerability tha ...)
-       TODO: check
+       NOT-FOR-US: DHCP Turbo
 CVE-2020-37061 (BOOTP Turbo 2.0.1214 contains an unquoted service path 
vulnerability t ...)
-       TODO: check
+       NOT-FOR-US: BOOTP Turbo
 CVE-2020-37055 (SpyHunter 4 contains an unquoted service path vulnerability 
that allow ...)
-       TODO: check
+       NOT-FOR-US: SpyHunter
 CVE-2020-37048 (Iskysoft Application Framework Service 2.4.3.241 contains an 
unquoted  ...)
-       TODO: check
+       NOT-FOR-US: Iskysoft Application Framework Service
 CVE-2020-37047 (Deep Instinct Windows Agent 1.2.29.0 contains an unquoted 
service path ...)
-       TODO: check
+       NOT-FOR-US: Deep Instinct Windows Agent
 CVE-2020-37045 (Veritas NetBackup 7.0 contains an unquoted service path 
vulnerability  ...)
-       TODO: check
+       NOT-FOR-US: Veritas NetBackup
 CVE-2020-37037 (Avast SecureLine 5.5.522.0 contains an unquoted service path 
vulnerabi ...)
-       TODO: check
+       NOT-FOR-US: Avast SecureLine
 CVE-2026-25069 (SunFounder Pironman Dashboard (pm_dashboard) version 1.3.13 
and prior  ...)
        NOT-FOR-US: SunFounder Pironman Dashboard (pm_dashboard)
 CVE-2026-1165 (The Popup Box plugin for WordPress is vulnerable to Cross-Site 
Request ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/337500758f93000ba48de4dfb1664b0ae7ce0672

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/337500758f93000ba48de4dfb1664b0ae7ce0672
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to