Update vuln db

2014-03-05 08:21:03 +01:00
parent 249af325c9
commit 0f0d4f06bb
1 changed files with 50 additions and 1 deletions
--- a/data/plugin_vulns.xml
+++ b/data/plugin_vulns.xml
@@ -2926,6 +2926,14 @@
  </plugin>

  <plugin name="zingiri-web-shop">
+    <vulnerability>
+      <title>Zingiri Web Shop 2.6.5 - fwkfor/ajax/uploadfilexd.php Unspecified Issue</title>
+      <references>
+        <osvdb>103554</osvdb>
+      </references>
+      <type>UNKNOWN</type>
+      <fixed_in>2.6.6</fixed_in>
+    </vulnerability>
    <vulnerability>
      <title>Zingiri Web Shop 2.6.4 - mform.php Unspecified Issue</title>
      <references>
@@ -6247,6 +6255,43 @@
  </plugin>

  <plugin name="usc-e-shop">
+    <vulnerability>
+      <title>Welcart e-Commerce 1.3.12 - wp-admin/admin-ajax.php Multiple Parameter DOM-Based XSS</title>
+      <references>
+        <osvdb>103956</osvdb>
+        <secunia>57222</secunia>
+        <url>http://packetstormsecurity.com/files/125513/</url>
+        <url>http://www.securityfocus.com/bid/65954</url>
+      </references>
+      <type>XSS</type>
+    </vulnerability>
+    <vulnerability>
+      <title>Welcart e-Commerce 1.3.12 - purchase_limit Parameter DOM-based XSS</title>
+      <references>
+        <osvdb>103955</osvdb>
+        <url>http://packetstormsecurity.com/files/125513/</url>
+        <url>http://www.securityfocus.com/bid/65954</url>
+      </references>
+      <type>XSS</type>
+    </vulnerability>
+    <vulnerability>
+      <title>Welcart e-Commerce 1.3.12 - wp-admin/admin.php Multiple Parameter SQL Injection</title>
+      <references>
+        <osvdb>103954</osvdb>
+        <url>http://packetstormsecurity.com/files/125513/</url>
+        <url>http://www.securityfocus.com/bid/65954</url>
+      </references>
+      <type>SQLI</type>
+    </vulnerability>
+    <vulnerability>
+      <title>Welcart e-Commerce - wp-admin/admin.php Multiple Parameter SQL Injection</title>
+      <references>
+        <osvdb>103954</osvdb>
+        <url>http://packetstormsecurity.com/files/125513/</url>
+        <url>http://www.securityfocus.com/bid/65954</url>
+      </references>
+      <type>SQLI</type>
+    </vulnerability>
    <vulnerability>
      <title>Welcart e-Commerce - Cross-Site Scripting and Request Forgery Vulnerabilities</title>
      <references>
@@ -11303,9 +11348,13 @@

  <plugin name="google-analytics-mu">
    <vulnerability>
-      <title>CSRF in WordPress plugin Google Analytics MU 2.3</title>
+      <title>Google Analytics MU 2.3 - google-analytics-mu-network.php Analytics Code Manipulation CSRF</title>
      <references>
+        <osvdb>103937</osvdb>
+        <secunia>56157</secunia>
+        <url>http://packetstormsecurity.com/files/125514/</url>
        <url>http://seclists.org/fulldisclosure/2014/Mar/20</url>
+        <url>http://www.securityfocus.com/bid/65926</url>
      </references>
      <type>CSRF</type>
      <fixed_in>2.4</fixed_in>