From 1f2588d677cfb5e3b3233861bc273425089bc7fd Mon Sep 17 00:00:00 2001
From: Peter <vanderlaan.pm@gmail.com>
Date: Wed, 12 Feb 2014 10:16:02 +0100
Subject: [PATCH] Update vuln db

---
 data/plugin_vulns.xml | 27 +++++++++++++++++++++++++++
 data/theme_vulns.xml  | 22 ++++++++++++++++++++++
 2 files changed, 49 insertions(+)

diff --git a/data/plugin_vulns.xml b/data/plugin_vulns.xml
index f75198f3..84dbb07a 100644
--- a/data/plugin_vulns.xml
+++ b/data/plugin_vulns.xml
@@ -10811,6 +10811,33 @@
       <type>AUTHBYPASS</type>
       <fixed_in>1.3.2</fixed_in>
     </vulnerability>
+    <vulnerability>
+      <title>Delightful Downloads 1.3.1.1 - includes/functions.php User-Agent HTTP Header Stored XSS</title>
+      <references>
+        <osvdb>102928</osvdb>
+      </references>
+      <type>XSS</type>
+      <fixed_in>1.3.2</fixed_in>
+    </vulnerability>
+  </plugin>
+
+  <plugin name="mobiloud-mobile-app-plugin">
+    <vulnerability>
+      <title>Mobiloud 1.9.0 - comments/disqus_count.php shortname Parameter Reflected XSS</title>
+      <references>
+        <osvdb>102898</osvdb>
+      </references>
+      <type>XSS</type>
+      <fixed_in>1.9.1</fixed_in>
+    </vulnerability>
+    <vulnerability>
+      <title>Mobiloud 1.9.0 - comments/disqus.php shortname Parameter Reflected XSS</title>
+      <references>
+        <osvdb>102899</osvdb>
+      </references>
+      <type>XSS</type>
+      <fixed_in>1.9.1</fixed_in>
+    </vulnerability>
   </plugin>
 
 </vulnerabilities>
diff --git a/data/theme_vulns.xml b/data/theme_vulns.xml
index b486b0fc..d53cfc24 100644
--- a/data/theme_vulns.xml
+++ b/data/theme_vulns.xml
@@ -1987,6 +1987,7 @@
       <title>Persuasion &lt;= 2.4 - dl-skin.php _mysite_download_skin Parameter Absolute Path Traversal Remote File Download</title>
       <references>
         <osvdb>101331</osvdb>
+        <secunia>56359</secunia>
         <exploitdb>30443</exploitdb>
         <url>http://packetstormsecurity.com/files/124547/</url>
         <url>http://www.securityfocus.com/bid/64501</url>
@@ -2435,6 +2436,7 @@
       <title>Highlight Powerful Premium - upload-handler.php File Upload CSRF</title>
       <references>
         <osvdb>99703</osvdb>
+        <secunia>55671</secunia>
         <exploitdb>29525</exploitdb>
         <url>http://packetstormsecurity.com/files/123974/</url>
       </references>
@@ -2707,6 +2709,7 @@
       <title>DejaVu 2.4 - dl-skin.php _mysite_download_skin Parameter Absolute Path Traversal Remote File Download</title>
       <references>
         <osvdb>101331</osvdb>
+        <secunia>56359</secunia>
         <exploitdb>30443</exploitdb>
         <url>http://www.securityfocus.com/bid/64501</url>
       </references>
@@ -2730,6 +2733,7 @@
       <title>Elegance 2.4 - dl-skin.php _mysite_download_skin Parameter Absolute Path Traversal Remote File Download</title>
       <references>
         <osvdb>101331</osvdb>
+        <secunia>56359</secunia>
         <exploitdb>30443</exploitdb>
         <url>http://www.securityfocus.com/bid/64501</url>
       </references>
@@ -2753,6 +2757,7 @@
       <title>Echelon 2.4 - dl-skin.php _mysite_download_skin Parameter Absolute Path Traversal Remote File Download</title>
       <references>
         <osvdb>101331</osvdb>
+        <secunia>56359</secunia>
         <exploitdb>30443</exploitdb>
         <url>http://www.securityfocus.com/bid/64501</url>
       </references>
@@ -2776,6 +2781,7 @@
       <title>Modular 2.4 - dl-skin.php _mysite_download_skin Parameter Absolute Path Traversal Remote File Download</title>
       <references>
         <osvdb>101331</osvdb>
+        <secunia>56359</secunia>
         <exploitdb>30443</exploitdb>
         <url>http://www.securityfocus.com/bid/64501</url>
       </references>
@@ -2799,6 +2805,7 @@
       <title>Fusion 2.1 - dl-skin.php _mysite_download_skin Parameter Absolute Path Traversal Remote File Download</title>
       <references>
         <osvdb>101331</osvdb>
+        <secunia>56359</secunia>
         <exploitdb>30443</exploitdb>
         <url>http://www.securityfocus.com/bid/64501</url>
       </references>
@@ -2822,6 +2829,7 @@
       <title>Method 2.1 - dl-skin.php _mysite_download_skin Parameter Absolute Path Traversal Remote File Download</title>
       <references>
         <osvdb>101331</osvdb>
+        <secunia>56359</secunia>
         <exploitdb>30443</exploitdb>
         <url>http://www.securityfocus.com/bid/64501</url>
       </references>
@@ -2845,6 +2853,7 @@
       <title>Myriad 2.0 - dl-skin.php _mysite_download_skin Parameter Absolute Path Traversal Remote File Download</title>
       <references>
         <osvdb>101331</osvdb>
+        <secunia>56359</secunia>
         <exploitdb>30443</exploitdb>
         <url>http://www.securityfocus.com/bid/64501</url>
       </references>
@@ -2868,6 +2877,7 @@
       <title>Construct 1.4 - dl-skin.php _mysite_download_skin Parameter Absolute Path Traversal Remote File Download</title>
       <references>
         <osvdb>101331</osvdb>
+        <secunia>56359</secunia>
         <exploitdb>30443</exploitdb>
         <url>http://www.securityfocus.com/bid/64501</url>
       </references>
@@ -2891,6 +2901,7 @@
       <title>Awake 3.3 - dl-skin.php _mysite_download_skin Parameter Absolute Path Traversal Remote File Download</title>
       <references>
         <osvdb>101331</osvdb>
+        <secunia>56359</secunia>
         <exploitdb>30443</exploitdb>
         <url>http://www.securityfocus.com/bid/64501</url>
       </references>
@@ -2922,6 +2933,7 @@
       <title>InFocus 3.3 - dl-skin.php _mysite_download_skin Parameter Absolute Path Traversal Remote File Download</title>
       <references>
         <osvdb>101331</osvdb>
+        <secunia>56359</secunia>
         <exploitdb>30443</exploitdb>
         <url>http://www.securityfocus.com/bid/64501</url>
       </references>
@@ -2987,4 +2999,14 @@
     </vulnerability>
   </theme>
 
+  <theme name="kiddo">
+    <vulnerability>
+      <title> Kiddo - remote shell upload vulnerability</title>
+      <references>
+        <url>http://packetstormsecurity.com/files/125138/</url>
+      </references>
+      <type>RCE</type>
+    </vulnerability>
+  </theme>
+
 </vulnerabilities>