From fed48e6c7688ac8ee71651aec81364be4d697599 Mon Sep 17 00:00:00 2001
From: Peter van der Laan <vanderlaan.pm@gmail.com>
Date: Wed, 9 Oct 2013 18:20:43 +0200
Subject: [PATCH 1/4] Update plugin_vulns.xml

---
 data/plugin_vulns.xml | 19 ++++++++++++++++---
 1 file changed, 16 insertions(+), 3 deletions(-)

diff --git a/data/plugin_vulns.xml b/data/plugin_vulns.xml
index 1033d647..0ee20eae 100644
--- a/data/plugin_vulns.xml
+++ b/data/plugin_vulns.xml
@@ -1043,8 +1043,11 @@
 
   <plugin name="bbpress">
     <vulnerability>
-      <title>BBPress SQL Injection / Path Disclosure</title>
+      <title>BBPress - SQL Injection / Path Disclosure</title>
       <references>
+        <exploitdb>22396</exploitdb>
+        <osvdb>86400</osvdb>
+        <url>http://xforce.iss.net/xforce/xfdb/78244</url>
         <url>http://packetstormsecurity.com/files/116123/</url>
       </references>
       <type>MULTI</type>
@@ -1607,6 +1610,9 @@
       <title>Font Uploader 1.2.4 Arbitrary File Upload</title>
       <references>
         <exploitdb>18994</exploitdb>
+        <osvdb>82657</osvdb>
+        <cve>2012-3814</cve>
+        <url>http://www.securityfocus.com/bid/53853</url>
       </references>
       <type>UPLOAD</type>
     </vulnerability>
@@ -1656,9 +1662,10 @@
 
   <plugin name="html5avmanager">
     <vulnerability>
-      <title>HTML5 AV Manager 0.2.7 Arbitrary File Upload</title>
+      <title>HTML5 AV Manager 0.2.7 - Arbitrary File Upload</title>
       <references>
         <exploitdb>18990</exploitdb>
+        <url>http://www.securityfocus.com/bid/53804</url>
       </references>
       <type>UPLOAD</type>
     </vulnerability>
@@ -1868,6 +1875,8 @@
       <title>LeagueManager v3.8 SQL Injection</title>
       <references>
         <exploitdb>24789</exploitdb>
+        <cve>2013-1852</cve>
+        <osvdb>91442</osvdb>
       </references>
       <type>SQLI</type>
     </vulnerability>
@@ -4620,8 +4629,10 @@
 
   <plugin name="solvemedia">
     <vulnerability>
-      <title>WordPress SolveMedia CSRF Vulnerability</title>
+      <title>SolveMedia 1.1.0 - CSRF Vulnerability</title>
       <references>
+        <exploitdb>24364</exploitdb>
+        <osvdb>89585</osvdb>
         <url>http://1337day.com/exploit/20222</url>
         <secunia>51927</secunia>
       </references>
@@ -5720,6 +5731,8 @@
     <vulnerability>
       <title>Mathjax Latex 1.1 CSRF Vulnerability</title>
       <references>
+        <exploitdb>24889</exploitdb>
+        <osvdb>91737</osvdb>
         <url>http://1337day.com/exploit/20566</url>
       </references>
       <type>CSRF</type>

From c6cae028e4afb8d873ad9b42e4f2b091686fa309 Mon Sep 17 00:00:00 2001
From: Peter van der Laan <vanderlaan.pm@gmail.com>
Date: Wed, 9 Oct 2013 23:25:15 +0200
Subject: [PATCH 2/4] Update plugin_vulns.xml

---
 data/plugin_vulns.xml | 74 +++++++++++++++++++++++++++++++++++++++++--
 1 file changed, 72 insertions(+), 2 deletions(-)

diff --git a/data/plugin_vulns.xml b/data/plugin_vulns.xml
index 0ee20eae..2b72de98 100644
--- a/data/plugin_vulns.xml
+++ b/data/plugin_vulns.xml
@@ -2003,12 +2003,23 @@
 
   <plugin name="bulletproof-security">
     <vulnerability>
-      <title>BulletProof Security &lt;= 0.47 Cross Site Scripting</title>
+      <title>BulletProof Security &lt;= 0.47 - Cross Site Scripting</title>
       <references>
         <url>http://packetstormsecurity.com/files/112618/</url>
       </references>
       <type>XSS</type>
     </vulnerability>
+    <vulnerability>
+      <title>BulletProof Security - Security Log Script Insertion Vulnerability</title>
+      <references>
+        <osvdb>95928</osvdb>
+        <osvdb>95929</osvdb>
+        <osvdb>95930</osvdb>
+        <cve>2013-3487</cve>
+        <secunia>53614</secunia>
+      </references>
+      <fixed_in>0.49</fixed_in>
+    </vulnerability>
   </plugin>
 
   <plugin name="better-wp-security">
@@ -6570,10 +6581,12 @@
 
   <plugin name="sexybookmarks">
     <vulnerability>
-      <title>CSRF in sexybookmarks</title>
+      <title>SexyBookmarks - Setting Manipulation CSRF</title>
       <references>
         <url>http://wordpress.org/plugins/sexybookmarks/changelog/</url>
+        <osvdb>95908</osvdb>
         <cve>2013-3256</cve>
+        <secunia>53138</secunia>
       </references>
       <type>CSRF</type>
       <fixed_in>6.1.5.0</fixed_in>
@@ -7003,4 +7016,61 @@
     </vulnerability>
   </plugin>
 
+  <plugin name="booking-system">
+    <vulnerability>
+      <title>Booking System - events_facualty_list.php eid Parameter Reflected XSS</title>
+      <references>
+        <osvdb>96740</osvdb>
+      </references>
+      <type>XSS</type>
+    </vulnerability>
+  </plugin>
+
+  <plugin name="js-restaurant">
+    <vulnerability>
+      <title>JS Restaurant - popup.php restuarant_id Parameter SQL Injection</title>
+      <references>
+        <osvdb>96743</osvdb>
+        <url>http://packetstormsecurity.com/files/122316/</url>
+      </references>
+      <type>SQLI</type>
+    </vulnerability>
+  </plugin>
+
+  <plugin name="FlagEm">
+    <vulnerability>
+      <title>FlagEm Plugin - flagit.php cID Parameter XSS</title>
+      <references>
+        <osvdb>98226</osvdb>
+        <url>http://www.securityfocus.com/bid/61401</url>
+        <url>http://xforce.iss.net/xforce/xfdb/85925</url>
+        <url>http://packetstormsecurity.com/files/122505/</url>
+      </references>
+      <type>XSS</type>
+    </vulnerability>
+  </plugin>
+
+  <plugin name="chat">
+    <vulnerability>
+      <title>Chat - message Parameter XSS</title>
+      <references>
+        <osvdb>95984</osvdb>
+        <secunia>54403</secunia>
+      </references>
+      <type>XSS</type>
+    </vulnerability>
+  </plugin>
+
+  <plugin name="shareaholic">
+    <vulnerability>
+      <title>Shareaholic - Unspecified CSRF</title>
+      <references>
+        <osvdb>96321</osvdb>
+        <secunia>54529</secunia>
+      </references>
+      <type>CSRF</type>
+      <fixed_in>7.0.3.4/fixed_in>
+    </vulnerability>
+  </plugin>
+
 </vulnerabilities>

From 3e3f11a2734d7f2a9da64302642780b578653b33 Mon Sep 17 00:00:00 2001
From: Peter van der Laan <vanderlaan.pm@gmail.com>
Date: Thu, 10 Oct 2013 09:40:48 +0200
Subject: [PATCH 3/4] Update plugin_vulns.xml

---
 data/plugin_vulns.xml | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)

diff --git a/data/plugin_vulns.xml b/data/plugin_vulns.xml
index 2b72de98..094ae452 100644
--- a/data/plugin_vulns.xml
+++ b/data/plugin_vulns.xml
@@ -6806,7 +6806,19 @@
     <vulnerability>
       <title>WP Ultimate Email Marketer - Multiple Vulnerabilities</title>
       <references>
+        <osvdb>97648</osvdb>
+        <osvdb>97649</osvdb>
+        <osvdb>97650</osvdb>
+        <osvdb>97651</osvdb>
+        <osvdb>97652</osvdb>
+        <osvdb>97653</osvdb>
+        <osvdb>97654</osvdb>
+        <osvdb>97655</osvdb>
+        <osvdb>97656</osvdb>
+        <cve>2013-3263</cve>
+        <cve>2013-3264</cve>
         <secunia>53170</secunia>
+        <url>http://www.securityfocus.com/bid/62621</url>
       </references>
       <type>MULTI</type>
     </vulnerability>
@@ -6982,6 +6994,7 @@
       <title>Quick Contact Form Plugin 6.0 - Persistent XSS</title>
       <references>
         <exploitdb>28808</exploitdb>
+        <url>http://packetstormsecurity.com/files/123549/</url>
         <url>http://quick-plugins.com/quick-contact-form/</url>
       </references>
       <type>XSS</type>
@@ -7073,4 +7086,14 @@
     </vulnerability>
   </plugin>
 
+  <plugin name="page-showcaser-boxes">
+    <vulnerability>
+      <title>Page Showcaser Boxes - Title Field Stored XSS</title>
+      <references>
+        <osvdb>97579</osvdb>
+      </references>
+      <type>XSS</type>
+    </vulnerability>
+  </plugin>
+
 </vulnerabilities>

From 7549d3778ca1f185b54799879b3ef1dd25991f9b Mon Sep 17 00:00:00 2001
From: Peter van der Laan <vanderlaan.pm@gmail.com>
Date: Thu, 10 Oct 2013 09:49:10 +0200
Subject: [PATCH 4/4] Fixed a 'crucial typo'

---
 data/plugin_vulns.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/data/plugin_vulns.xml b/data/plugin_vulns.xml
index 094ae452..7f287eb3 100644
--- a/data/plugin_vulns.xml
+++ b/data/plugin_vulns.xml
@@ -7082,7 +7082,7 @@
         <secunia>54529</secunia>
       </references>
       <type>CSRF</type>
-      <fixed_in>7.0.3.4/fixed_in>
+      <fixed_in>7.0.3.4</fixed_in>
     </vulnerability>
   </plugin>