garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update plugin_vulns.xml

Browse Source
This commit is contained in:
Peter van der Laan
2013-11-05 11:31:42 +01:00
parent 99181a3bd9
commit 17fec7a161
1 changed files with 15 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
data/plugin_vulns.xml
View File

@@ -593,11 +593,12 @@
<plugin name="comment-extra-field"> <plugin name="comment-extra-field">
<vulnerability> <vulnerability>
<title>SWF Vulnerable to XSS Bundled in Many WordPress Plugins</title> <title>Comment Extra Field 1.7 - CSRF / XSS</title>
<references> <references>
<url>http://packetstormsecurity.com/files/122625/</url>
<url>http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html</url> <url>http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html</url>
</references> </references>
<type>XSS</type> <type>MULTI</type>
</vulnerability> </vulnerability>
</plugin> </plugin>
@@ -5883,8 +5884,10 @@
<plugin name="terillion-reviews"> <plugin name="terillion-reviews">
<vulnerability> <vulnerability>
<title>Terillion Reviews - Cross Site Scripting</title> <title>Terillion Reviews - Profile Id Field XSS</title>
<references> <references>
<osvdb>91123</osvdb>
<cve>2013-1201</cve>
<url>http://packetstormsecurity.com/files/120730/</url> <url>http://packetstormsecurity.com/files/120730/</url>
</references> </references>
<type>XSS</type> <type>XSS</type>
@@ -6702,6 +6705,7 @@
<vulnerability> <vulnerability>
<title>Xorbin Digital Flash Clock 1.0 - Flash-based XSS</title> <title>Xorbin Digital Flash Clock 1.0 - Flash-based XSS</title>
<references> <references>
<url>http://packetstormsecurity.com/files/122223/</url>
<url>http://advisory.prakharprasad.com/xorbin_dfc_wp.txt</url> <url>http://advisory.prakharprasad.com/xorbin_dfc_wp.txt</url>
<cve>2013-4693</cve> <cve>2013-4693</cve>
</references> </references>
@@ -6779,6 +6783,7 @@
<references> <references>
<osvdb>95557</osvdb> <osvdb>95557</osvdb>
<exploitdb>26804</exploitdb> <exploitdb>26804</exploitdb>
<url>http://packetstormsecurity.com/files/122396/</url>
</references> </references>
<type>RFI</type> <type>RFI</type>
</vulnerability> </vulnerability>
@@ -7253,8 +7258,10 @@
<vulnerability> <vulnerability>
<title>Booking Calendar 4.1.4 - CSRF Vulnerability</title> <title>Booking Calendar 4.1.4 - CSRF Vulnerability</title>
<references> <references>
<exploitdb>27399</exploitdb>
<osvdb>96088</osvdb> <osvdb>96088</osvdb>
<exploitdb>27399</exploitdb>
<secunia>54461</secunia>
<url>http://packetstormsecurity.com/files/122691/</url>
<url>http://wpbookingcalendar.com/</url> <url>http://wpbookingcalendar.com/</url>
</references> </references>
<type>CSRF</type> <type>CSRF</type>
@@ -7280,10 +7287,12 @@
<references> <references>
<osvdb>98279</osvdb> <osvdb>98279</osvdb>
<exploitdb>28808</exploitdb> <exploitdb>28808</exploitdb>
<secunia>55172</secunia>
<url>http://packetstormsecurity.com/files/123549/</url> <url>http://packetstormsecurity.com/files/123549/</url>
<url>http://quick-plugins.com/quick-contact-form/</url> <url>http://quick-plugins.com/quick-contact-form/</url>
</references> </references>
<type>XSS</type> <type>XSS</type>
<fixed_in>6.1</fixed_in>
</vulnerability> </vulnerability>
</plugin> </plugin>
@@ -7616,6 +7625,7 @@
<title>Feed - news_dt.php nid Parameter SQL Injection</title> <title>Feed - news_dt.php nid Parameter SQL Injection</title>
<references> <references>
<osvdb>94804</osvdb> <osvdb>94804</osvdb>
<url>http://packetstormsecurity.com/files/122260/</url>
</references> </references>
<type>SQLI</type> <type>SQLI</type>
</vulnerability> </vulnerability>
@@ -7772,6 +7782,7 @@
<osvdb>98831</osvdb> <osvdb>98831</osvdb>
<cve>2013-6281</cve> <cve>2013-6281</cve>
<secunia>55396</secunia> <secunia>55396</secunia>
<url>http://packetstormsecurity.com/files/123699/</url>
<url>http://www.securityfocus.com/bid/63256</url> <url>http://www.securityfocus.com/bid/63256</url>
</references> </references>
<type>XSS</type> <type>XSS</type>