Update vuln db

2014-03-30 15:40:36 +02:00
parent bb70c0733a
commit 10c09e9375
1 changed files with 55 additions and 9 deletions
--- a/data/plugin_vulns.xml
+++ b/data/plugin_vulns.xml
@@ -2437,15 +2437,6 @@
  </plugin>

  <plugin name="wp-easy-gallery">
-    <vulnerability>
-      <title>WP Easy Gallery &lt;= 1.7 - Cross Site Scripting</title>
-      <references>
-        <secunia>49190</secunia>
-        <url>http://packetstormsecurity.com/files/112687/</url>
-      </references>
-      <type>XSS</type>
-      <fixed_in>2.7.3</fixed_in>
-    </vulnerability>
    <vulnerability>
      <title>WP Easy Gallery &lt;= 2.7 - CSRF</title>
      <references>
@@ -2455,6 +2446,39 @@
      <type>CSRF</type>
      <fixed_in>2.7.3</fixed_in>
    </vulnerability>
+    <vulnerability>
+      <title>WP Easy Gallery 2.7 - admin/overview.php galleryId Parameter SQL Injection</title>
+      <references>
+        <osvdb>105012</osvdb>
+      </references>
+      <type>SQLI</type>
+      <fixed_in>2.7.1</fixed_in>
+    </vulnerability>
+    <vulnerability>
+      <title>WP Easy Gallery 2.7 - admin/add-images.php Multiple Parameter SQL Injection</title>
+      <references>
+        <osvdb>105013</osvdb>
+      </references>
+      <type>SQLI</type>
+      <fixed_in>2.7.1</fixed_in>
+    </vulnerability>
+    <vulnerability>
+      <title>WP Easy Gallery 2.7 - Multiple Admin Function CSRF</title>
+      <references>
+        <osvdb>105014</osvdb>
+      </references>
+      <type>CSRF</type>
+      <fixed_in>2.7.1</fixed_in>
+    </vulnerability>
+    <vulnerability>
+      <title>WP Easy Gallery &lt;= 1.7 - Cross Site Scripting</title>
+      <references>
+        <secunia>49190</secunia>
+        <url>http://packetstormsecurity.com/files/112687/</url>
+      </references>
+      <type>XSS</type>
+      <fixed_in>2.7.3</fixed_in>
+    </vulnerability>
  </plugin>

  <plugin name="subscribe2">
@@ -11934,4 +11958,26 @@
    </vulnerability>
  </plugin>

+  <plugin name="springboard-video-quick-publish">
+    <vulnerability>
+      <title>Springboard Video Quick Publish 0.2.4 - Unspecified Issue</title>
+      <references>
+        <osvdb>105007</osvdb>
+      </references>
+      <type>UNKNOWN</type>
+      <fixed_in>0.2.5</fixed_in>
+    </vulnerability>
+  </plugin>
+
+  <plugin name="ignitiondeck">
+    <vulnerability>
+      <title>IgnitionDeck 1.1 - Purchase Form Unspecified XSS</title>
+      <references>
+        <osvdb>105008</osvdb>
+      </references>
+      <type>XSS</type>
+      <fixed_in>1.2</fixed_in>
+    </vulnerability>
+  </plugin>
+
 </vulnerabilities>