garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update vuln db

Browse Source
This commit is contained in:
Peter
2014-02-06 18:43:26 +01:00
parent 9c3947a7b1
commit 13080ade9e
1 changed files with 30 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
data/plugin_vulns.xml
View File

@@ -572,11 +572,12 @@
<plugin name="reflex-gallery"> <plugin name="reflex-gallery">
<vulnerability> <vulnerability>
<title>ReFlex Gallery 1.3 - Shell Upload</title> <title>ReFlex Gallery 1.4.2 - Unspecified XSS</title>
<references> <references>
<url>http://packetstormsecurity.com/files/119218/</url> <osvdb>102585</osvdb>
</references> </references>
<type>UPLOAD</type> <type>XSS</type>
<fixed_in>1.4.3</fixed_in>
</vulnerability> </vulnerability>
<vulnerability> <vulnerability>
<title>ReFlex Gallery 1.4 - reflex-gallery.php Direct Request Path Disclosure</title> <title>ReFlex Gallery 1.4 - reflex-gallery.php Direct Request Path Disclosure</title>
@@ -584,6 +585,13 @@
<osvdb>88869</osvdb> <osvdb>88869</osvdb>
</references> </references>
</vulnerability> </vulnerability>
<vulnerability>
<title>ReFlex Gallery 1.3 - Shell Upload</title>
<references>
<url>http://packetstormsecurity.com/files/119218/</url>
</references>
<type>UPLOAD</type>
</vulnerability>
</plugin> </plugin>
<plugin name="uploader"> <plugin name="uploader">
@@ -5380,13 +5388,20 @@
<vulnerability> <vulnerability>
<title>AdRotate &lt;= 3.6.5 - SQL Injection Vulnerability</title> <title>AdRotate &lt;= 3.6.5 - SQL Injection Vulnerability</title>
<references> <references>
<osvdb>77507</osvdb>
<cve>2011-4671</cve>
<exploitdb>17888</exploitdb>
<url>http://unconciousmind.blogspot.com/2011/09/wordpress-adrotate-plugin-365-sql.html</url> <url>http://unconciousmind.blogspot.com/2011/09/wordpress-adrotate-plugin-365-sql.html</url>
</references> </references>
<type>SQLI</type> <type>SQLI</type>
<fixed_in>3.6.8</fixed_in>
</vulnerability> </vulnerability>
<vulnerability> <vulnerability>
<title>AdRotate &lt;= 3.6.6 - SQL Injection Vulnerability</title> <title>AdRotate &lt;= 3.6.6 - SQL Injection Vulnerability</title>
<references> <references>
<osvdb>77507</osvdb>
<cve>2011-4671</cve>
<secunia>46814</secunia>
<exploitdb>18114</exploitdb> <exploitdb>18114</exploitdb>
</references> </references>
<type>SQLI</type> <type>SQLI</type>
@@ -7766,8 +7781,11 @@
<plugin name="wp-print"> <plugin name="wp-print">
<vulnerability> <vulnerability>
<title>WP-Print - CSRF</title> <title>WP-Print 2.51 - Setting Manipulation CSRF</title>
<references> <references>
<osvdb>92053</osvdb>
<cve>2013-2693</cve>
<secunia>52878</secunia>
<url>http://www.securityfocus.com/bid/58900</url> <url>http://www.securityfocus.com/bid/58900</url>
</references> </references>
<type>CSRF</type> <type>CSRF</type>
@@ -9175,6 +9193,14 @@
</references> </references>
<type>XSS</type> <type>XSS</type>
</vulnerability> </vulnerability>
<vulnerability>
<title>Finalist - vote.php id Parameter SQL Injection </title>
<references>
<osvdb>98665</osvdb>
<url>http://packetstormsecurity.com/files/120951/</url>
</references>
<type>SQLI</type>
</vulnerability>
</plugin> </plugin>
<plugin name="dexs-pm-system"> <plugin name="dexs-pm-system">