diff --git a/data/plugin_vulns.xml b/data/plugin_vulns.xml
index 0b6be541..fdffe0f3 100644
--- a/data/plugin_vulns.xml
+++ b/data/plugin_vulns.xml
@@ -1388,9 +1388,10 @@
       <type>XSS</type>
     </vulnerability>
     <vulnerability>
-      <title>[CVE-2013-1636] WordPress pretty-link plugin XSS in SWF</title>
+      <title>WordPress pretty-link plugin XSS in SWF</title>
       <reference>http://seclists.org/bugtraq/2013/Feb/100</reference>
       <reference>http://packetstormsecurity.com/files/120433/wpprettylink163-xss.txt</reference>
+      <cve>2013-1636</cve>
       <type>XSS</type>
     </vulnerability>
   </plugin>
@@ -1467,8 +1468,11 @@
 
   <plugin name="download-monitor">
     <vulnerability>
-      <title>CVE-2013-5098, CVE-2013-3262: Download Monitor &lt; 3.3.6.2 Cross Site Scripting</title>
-      <reference>https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5098</reference>
+      <title>Download Monitor &lt; 3.3.6.2 Cross Site Scripting</title>
+      <reference>http://www.securityfocus.com/bid/61407</reference>
+      <reference>http://secunia.com/advisories/53116</reference>
+      <cve>2013-5098</cve>
+      <cve>2013-3262</cve>
       <type>XSS</type>
       <fixed_in>3.3.6.2</fixed_in>
     </vulnerability>
@@ -2290,9 +2294,10 @@
       <type>MULTI</type>
     </vulnerability>
     <vulnerability>
-      <title>NextGEN Gallery 1.9.12 Arbitrary File Upload (CVE-2013-3684)</title>
+      <title>NextGEN Gallery 1.9.12 Arbitrary File Upload</title>
       <reference>http://wordpress.org/plugins/nextgen-gallery/changelog/</reference>
       <reference>http://osvdb.org/94232</reference>
+      <cve>2013-3684</cve>
       <type>UPLOAD</type>
       <fixed_in>1.9.13</fixed_in>
     </vulnerability>
@@ -4128,223 +4133,249 @@
 
   <plugin name="zopim-live-chat">
     <vulnerability>
-      <title>CVE-2013-1808: zopim-live-chat &lt;= 1.2.5 XSS in ZeroClipboard</title>
+      <title>zopim-live-chat &lt;= 1.2.5 XSS in ZeroClipboard</title>
       <reference>http://www.openwall.com/lists/oss-security/2013/03/10/2</reference>
       <reference>http://1337day.com/exploit/20396</reference>
+      <cve>2013-1808</cve>
       <type>XSS</type>
     </vulnerability>
   </plugin>
 
   <plugin name="ed2k-link-selector">
     <vulnerability>
-      <title>CVE-2013-1808: ed2k-link-selector &lt;= 1.1.7 XSS in ZeroClipboard</title>
+      <title>ed2k-link-selector &lt;= 1.1.7 XSS in ZeroClipboard</title>
       <reference>http://1337day.com/exploit/20396</reference>
+      <cve>2013-1808</cve>
       <type>XSS</type>
     </vulnerability>
   </plugin>
 
   <plugin name="wppygments">
     <vulnerability>
-      <title>CVE-2013-1808: wppygments &lt;= 0.3.2 XSS in ZeroClipboard</title>
+      <title>wppygments &lt;= 0.3.2 XSS in ZeroClipboard</title>
       <reference>http://www.openwall.com/lists/oss-security/2013/03/10/2</reference>
       <reference>http://1337day.com/exploit/20396</reference>
+      <cve>2013-1808</cve>
       <type>XSS</type>
     </vulnerability>
   </plugin>
 
   <plugin name="copy-in-clipboard">
     <vulnerability>
-      <title>CVE-2013-1808: copy-in-clipboard &lt;= 0.8 XSS in ZeroClipboard</title>
+      <title>copy-in-clipboard &lt;= 0.8 XSS in ZeroClipboard</title>
       <reference>http://1337day.com/exploit/20396</reference>
+      <cve>2013-1808</cve>
       <type>XSS</type>
     </vulnerability>
   </plugin>
 
   <plugin name="search-and-share">
     <vulnerability>
-      <title>CVE-2013-1808: search-and-share &lt;= 0.9.3 XSS in ZeroClipboard</title>
+      <title>search-and-share &lt;= 0.9.3 XSS in ZeroClipboard</title>
       <reference>http://1337day.com/exploit/20396</reference>
+      <cve>2013-1808</cve>
       <type>XSS</type>
     </vulnerability>
   </plugin>
 
   <plugin name="placester">
     <vulnerability>
-      <title>CVE-2013-1808: placester &lt;= 0.3.12 XSS in ZeroClipboard</title>
+      <title>placester &lt;= 0.3.12 XSS in ZeroClipboard</title>
       <reference>http://1337day.com/exploit/20396</reference>
+      <cve>2013-1808</cve>
       <type>XSS</type>
     </vulnerability>
   </plugin>
 
   <plugin name="drp-coupon">
     <vulnerability>
-      <title>CVE-2013-1808: drp-coupon &lt;= 2.1 XSS in ZeroClipboard</title>
+      <title>drp-coupon &lt;= 2.1 XSS in ZeroClipboard</title>
       <reference>http://1337day.com/exploit/20396</reference>
+      <cve>2013-1808</cve>
       <type>XSS</type>
     </vulnerability>
   </plugin>
 
   <plugin name="coupon-code-plugin">
     <vulnerability>
-      <title>CVE-2013-1808: coupon-code-plugin &lt;= 2.1 XSS in ZeroClipboard</title>
+      <title>coupon-code-plugin &lt;= 2.1 XSS in ZeroClipboard</title>
       <reference>http://1337day.com/exploit/20396</reference>
+      <cve>2013-1808</cve>
       <type>XSS</type>
     </vulnerability>
   </plugin>
 
   <plugin name="q2w3-inc-manager">
     <vulnerability>
-      <title>CVE-2013-1808: q2w3-inc-manager &lt;= 2.3.1 XSS in ZeroClipboard</title>
+      <title>q2w3-inc-manager &lt;= 2.3.1 XSS in ZeroClipboard</title>
       <reference>http://1337day.com/exploit/20396</reference>
+      <cve>2013-1808</cve>
       <type>XSS</type>
     </vulnerability>
   </plugin>
 
   <plugin name="scorerender">
     <vulnerability>
-      <title>CVE-2013-1808: scorerender &lt;= 0.3.4 XSS in ZeroClipboard</title>
+      <title>scorerender &lt;= 0.3.4 XSS in ZeroClipboard</title>
       <reference>http://1337day.com/exploit/20396</reference>
+      <cve>2013-1808</cve>
       <type>XSS</type>
     </vulnerability>
   </plugin>
 
   <plugin name="wp-link-to-us">
     <vulnerability>
-      <title>CVE-2013-1808: wp-link-to-us &lt;= 2.0 XSS in ZeroClipboard</title>
+      <title>wp-link-to-us &lt;= 2.0 XSS in ZeroClipboard</title>
       <reference>http://www.openwall.com/lists/oss-security/2013/03/10/2</reference>
       <reference>http://1337day.com/exploit/20396</reference>
+      <cve>2013-1808</cve>
       <type>XSS</type>
     </vulnerability>
   </plugin>
 
   <plugin name="buckets">
     <vulnerability>
-      <title>CVE-2013-1808: buckets &lt;= 0.1.9.2 XSS in ZeroClipboard</title>
+      <title>buckets &lt;= 0.1.9.2 XSS in ZeroClipboard</title>
       <reference>http://www.openwall.com/lists/oss-security/2013/03/10/2</reference>
       <reference>http://1337day.com/exploit/20396</reference>
+      <cve>2013-1808</cve>
       <type>XSS</type>
     </vulnerability>
   </plugin>
 
   <plugin name="java-trackback">
     <vulnerability>
-      <title>CVE-2013-1808: java-trackback &lt;= 0.2 XSS in ZeroClipboard</title>
+      <title>java-trackback &lt;= 0.2 XSS in ZeroClipboard</title>
       <reference>http://1337day.com/exploit/20396</reference>
+      <cve>2013-1808</cve>
       <type>XSS</type>
     </vulnerability>
   </plugin>
 
   <plugin name="slidedeck2">
     <vulnerability>
-      <title>CVE-2013-1808: slidedeck2 &lt;= 2.1.20130228 XSS in ZeroClipboard</title>
+      <title>slidedeck2 &lt;= 2.1.20130228 XSS in ZeroClipboard</title>
       <reference>http://www.openwall.com/lists/oss-security/2013/03/10/2</reference>
       <reference>http://1337day.com/exploit/20396</reference>
+      <cve>2013-1808</cve>
       <type>XSS</type>
     </vulnerability>
   </plugin>
 
   <plugin name="wp-clone-by-wp-academy">
     <vulnerability>
-      <title>CVE-2013-1808: wp-clone-by-wp-academy &lt;= 2.1.1 XSS in ZeroClipboard</title>
+      <title>wp-clone-by-wp-academy &lt;= 2.1.1 XSS in ZeroClipboard</title>
       <reference>http://www.openwall.com/lists/oss-security/2013/03/10/2</reference>
       <reference>http://1337day.com/exploit/20396</reference>
+      <cve>2013-1808</cve>
       <type>XSS</type>
     </vulnerability>
   </plugin>
 
   <plugin name="tiny-url">
     <vulnerability>
-      <title>CVE-2013-1808: tiny-url &lt;= 1.3.2 XSS in ZeroClipboard</title>
+      <title>tiny-url &lt;= 1.3.2 XSS in ZeroClipboard</title>
       <reference>http://www.openwall.com/lists/oss-security/2013/03/10/2</reference>
       <reference>http://1337day.com/exploit/20396</reference>
+      <cve>2013-1808</cve>
       <type>XSS</type>
     </vulnerability>
   </plugin>
 
   <plugin name="thethe-layout-grid">
     <vulnerability>
-      <title>CVE-2013-1808: thethe-layout-grid &lt;= 1.0.0 XSS in ZeroClipboard.</title>
+      <title>thethe-layout-grid &lt;= 1.0.0 XSS in ZeroClipboard.</title>
       <reference>http://www.openwall.com/lists/oss-security/2013/03/10/2</reference>
       <reference>http://1337day.com/exploit/20396</reference>
+      <cve>2013-1808</cve>
       <type>XSS</type>
     </vulnerability>
   </plugin>
 
   <plugin name="paypal-digital-goods-monetization-powered-by-cleeng">
     <vulnerability>
-      <title>CVE-2013-1808: paypal-digital-goods-monetization-powered-by-cleeng &lt;= 2.2.13 XSS in ZeroClipboard</title>
+      <title>paypal-digital-goods-monetization-powered-by-cleeng &lt;= 2.2.13 XSS in ZeroClipboard</title>
       <reference>http://www.openwall.com/lists/oss-security/2013/03/10/2</reference>
       <reference>http://1337day.com/exploit/20396</reference>
+      <cve>2013-1808</cve>
       <type>XSS</type>
     </vulnerability>
   </plugin>
 
   <plugin name="mobileview">
     <vulnerability>
-      <title>CVE-2013-1808: mobileview &lt;= 1.0.7 XSS in ZeroClipboard</title>
+      <title>mobileview &lt;= 1.0.7 XSS in ZeroClipboard</title>
       <reference>http://www.openwall.com/lists/oss-security/2013/03/10/2</reference>
       <reference>http://1337day.com/exploit/20396</reference>
+      <cve>2013-1808</cve>
       <type>XSS</type>
     </vulnerability>
   </plugin>
 
   <plugin name="jaspreetchahals-coupons-lite">
     <vulnerability>
-      <title>CVE-2013-1808: jaspreetchahals-coupons-lite &lt;= 2.1 XSS in ZeroClipboard</title>
+      <title>jaspreetchahals-coupons-lite &lt;= 2.1 XSS in ZeroClipboard</title>
       <reference>http://www.openwall.com/lists/oss-security/2013/03/10/2</reference>
       <reference>http://1337day.com/exploit/20396</reference>
+      <cve>2013-1808</cve>
       <type>XSS</type>
     </vulnerability>
   </plugin>
 
   <plugin name="geshi-source-colorer">
     <vulnerability>
-      <title>CVE-2013-1808: geshi-source-colorer &lt;= 0.13 XSS in ZeroClipboard</title>
+      <title>geshi-source-colorer &lt;= 0.13 XSS in ZeroClipboard</title>
       <reference>http://www.openwall.com/lists/oss-security/2013/03/10/2</reference>
       <reference>http://1337day.com/exploit/20396</reference>
+      <cve>2013-1808</cve>
       <type>XSS</type>
     </vulnerability>
   </plugin>
 
   <plugin name="click-to-copy-grab-box">
     <vulnerability>
-      <title>CVE-2013-1808: click-to-copy-grab-box &lt;= 0.1.1 XSS in ZeroClipboard</title>
+      <title>click-to-copy-grab-box &lt;= 0.1.1 XSS in ZeroClipboard</title>
       <reference>http://www.openwall.com/lists/oss-security/2013/03/10/2</reference>
       <reference>http://1337day.com/exploit/20396</reference>
+      <cve>2013-1808</cve>
       <type>XSS</type>
     </vulnerability>
   </plugin>
 
   <plugin name="cleeng">
     <vulnerability>
-      <title>CVE-2013-1808: cleeng &lt;= 2.3.2 XSS in ZeroClipboard</title>
+      <title>cleeng &lt;= 2.3.2 XSS in ZeroClipboard</title>
       <reference>http://www.openwall.com/lists/oss-security/2013/03/10/2</reference>
       <reference>http://1337day.com/exploit/20396</reference>
+      <cve>2013-1808</cve>
       <type>XSS</type>
     </vulnerability>
   </plugin>
 
   <plugin name="bp-code-snippets">
     <vulnerability>
-      <title>CVE-2013-1808: bp-code-snippets &lt;= 2.0 XSS in ZeroClipboard</title>
+      <title>bp-code-snippets &lt;= 2.0 XSS in ZeroClipboard</title>
       <reference>http://www.openwall.com/lists/oss-security/2013/03/10/2</reference>
       <reference>http://1337day.com/exploit/20396</reference>
+      <cve>2013-1808</cve>
       <type>XSS</type>
     </vulnerability>
   </plugin>
 
   <plugin name="snazzy-archives">
     <vulnerability>
-      <title>CVE-2009-4168: snazzy-archives &lt;= 1.7.1 XSS vulnerability</title>
+      <title>snazzy-archives &lt;= 1.7.1 XSS vulnerability</title>
       <reference>http://www.openwall.com/lists/oss-security/2013/03/10/3</reference>
+      <cve>2009-4168</cve>
       <type>XSS</type>
     </vulnerability>
   </plugin>
 
   <plugin name="vkontakte-api">
     <vulnerability>
-      <title>CVE-2009-4168: vkontakte-api XSS vulnerability</title>
+      <title>vkontakte-api XSS vulnerability</title>
       <reference>http://www.openwall.com/lists/oss-security/2013/03/11/1</reference>
+      <cve>2009-4168</cve>
       <type>XSS</type>
     </vulnerability>
   </plugin>
@@ -4436,7 +4467,7 @@
       <title>ofc_upload_image.php Arbitrary File Upload Vulnerability</title>
       <reference>http://www.exploit-db.com/exploits/24492/</reference>
       <reference>http://secunia.com/advisories/37903</reference>
-      <reference>http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4140</reference>
+      <cve>2009-4140</cve>
       <type>UPLOAD</type>
       <fixed_in>0.5</fixed_in>
     </vulnerability>
@@ -4538,7 +4569,7 @@
     <vulnerability>
       <title>facebook-members CSRF</title>
       <reference>https://secunia.com/advisories/52962/</reference>
-      <reference>http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2703</reference>
+      <cve>2013-2703</cve>
       <type>CSRF</type>
       <fixed_in>5.0.5</fixed_in>
     </vulnerability>
@@ -4548,7 +4579,7 @@
     <vulnerability>
       <title>foursquare-checkins CSRF</title>
       <reference>https://secunia.com/advisories/53151/</reference>
-      <reference>http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2709</reference>
+      <cve>2013-2709</cve>
       <type>CSRF</type>
       <fixed_in>1.3</fixed_in>
     </vulnerability>
@@ -4567,7 +4598,7 @@
     <vulnerability>
       <title>all-in-one-webmaster CSRF</title>
       <reference>https://secunia.com/advisories/52877/</reference>
-      <reference>http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2696</reference>
+      <cve>2013-2696</cve>
       <type>CSRF</type>
       <fixed_in>8.2.4</fixed_in>
     </vulnerability>
@@ -4619,7 +4650,7 @@
     <vulnerability>
       <title>easy-adsense-lite CSRF</title>
       <reference>https://secunia.com/advisories/52953/</reference>
-      <reference>http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2702</reference>
+      <cve>2013-2702</cve>
       <type>CSRF</type>
       <fixed_in>6.10</fixed_in>
     </vulnerability>
@@ -4627,27 +4658,31 @@
 
   <plugin name="uk-cookie">
     <vulnerability>
-      <title>CVE-2012-5856: uk-cookie plugin XSS</title>
+      <title>uk-cookie plugin XSS</title>
       <reference>http://osvdb.org/87561</reference>
       <reference>http://seclists.org/bugtraq/2012/Nov/50</reference>
+      <cve>2012-5856</cve>
       <type>XSS</type>
     </vulnerability>
     <vulnerability>
-      <title>CVE-2013-2180: uk-cookie CSRF</title>
+      <title>uk-cookie CSRF</title>
       <reference>http://www.openwall.com/lists/oss-security/2013/06/06/10</reference>
       <reference>http://osvdb.org/94032</reference>
+      <cve>2013-2180</cve>
       <type>CSRF</type>
     </vulnerability>
   </plugin>
 
   <plugin name="wp-cleanfix">
     <vulnerability>
-      <title>CVE-2013-2108|CVE-2013-2109: wp-cleanfix Remote Command Execution, CSRF and XSS</title>
+      <title>wp-cleanfix Remote Command Execution, CSRF and XSS</title>
       <reference>https://github.com/wpscanteam/wpscan/issues/186</reference>
       <reference>http://wordpress.org/support/topic/plugin-wp-cleanfix-remote-code-execution-warning</reference>
       <reference>http://osvdb.org/93450</reference>
       <reference>http://secunia.com/advisories/53395/</reference>
       <reference>http://osvdb.org/93468</reference>
+      <cve>2013-2108</cve>
+      <cve>2013-2109</cve>
       <type>MULTI</type>
       <fixed_in>3.0.2</fixed_in>
     </vulnerability>
@@ -4811,10 +4846,11 @@
 
   <plugin name="underconstruction">
     <vulnerability>
-      <title>CSRF in WordPress underConstruction plugin (CVE-2013-2699)</title>
+      <title>CSRF in WordPress underConstruction plugin</title>
       <reference>http://wordpress.org/plugins/underconstruction/changelog/</reference>
       <reference>http://secunia.com/advisories/52881/</reference>
       <reference>http://osvdb.org/93857</reference>
+      <cve>2013-2699</cve>
       <type>CSRF</type>
       <fixed_in>1.09</fixed_in>
     </vulnerability>
@@ -4971,16 +5007,18 @@
 
    <plugin name="xorbin-analog-flash-clock">
     <vulnerability>
-      <title>CVE-2013-4692: Xorbin Analog Flash Clock 1.0 Flash-based XSS</title>
+      <title>Xorbin Analog Flash Clock 1.0 Flash-based XSS</title>
       <reference>http://advisory.prakharprasad.com/xorbin_afc_wp.txt</reference>
+      <cve>2013-4692</cve>
       <type>XSS</type>
     </vulnerability>
   </plugin>
 
   <plugin name="xorbin-digital-flash-clock">
     <vulnerability>
-      <title>CVE-2013-4693: Xorbin Digital Flash Clock 1.0 Flash-based XSS</title>
+      <title>Xorbin Digital Flash Clock 1.0 Flash-based XSS</title>
       <reference>http://advisory.prakharprasad.com/xorbin_dfc_wp.txt</reference>
+      <cve>2013-4693</cve>
       <type>XSS</type>
     </vulnerability>
   </plugin>
@@ -5020,8 +5058,9 @@
 
   <plugin name="duplicator">
     <vulnerability>
-      <title>CVE-2013-4625: Duplicator installer.cleanup.php package Parameter XSS</title>
+      <title>Duplicator installer.cleanup.php package Parameter XSS</title>
       <reference>http://osvdb.org/95627</reference>
+      <cve>2013-4625</cve>
       <type>XSS</type>
       <fixed_in>0.4.5</fixed_in>
     </vulnerability>
@@ -5056,8 +5095,9 @@
 
   <plugin name="xhanch-my-twitter">
     <vulnerability>
-      <title>CVE-2013-3253: CSRF in admin/setting.php in Xhanch</title>
-      <reference>https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-3253</reference>
+      <title>CSRF in admin/setting.php in Xhanch</title>
+      <reference>http://secunia.com/advisories/53133</reference>
+      <cve>2013-3253</cve>
       <type>CSRF</type>
       <fixed_in>2.7.7</fixed_in>
     </vulnerability>
@@ -5065,8 +5105,9 @@
 
   <plugin name="sexybookmarks">
     <vulnerability>
-      <title>CVE-2013-3256: CSRF in sexybookmarks</title>
+      <title>CSRF in sexybookmarks</title>
       <reference>http://wordpress.org/plugins/sexybookmarks/changelog/</reference>
+      <cve>2013-3256</cve>
       <type>CSRF</type>
       <fixed_in>6.1.5.0</fixed_in>
     </vulnerability>
diff --git a/data/vuln.xsd b/data/vuln.xsd
index 6c344184..8b2404a9 100644
--- a/data/vuln.xsd
+++ b/data/vuln.xsd
@@ -52,6 +52,7 @@
       <xs:element name="title" type="stringtype"/>
       <xs:element name="reference" type="uritype" maxOccurs="unbounded" minOccurs="1"/>
       <xs:element name="metasploit" type="stringtype" maxOccurs="unbounded" minOccurs="0"/>
+      <xs:element name="cve" type="stringtype" minOccurs="0" maxOccurs="unbounded"/>
       <xs:element name="type" type="typetype"/>
       <xs:element name="fixed_in" type="stringtype" minOccurs="0" maxOccurs="1"/>
     </xs:sequence>
diff --git a/lib/common/models/vulnerability.rb b/lib/common/models/vulnerability.rb
index 1fb412a7..7ca7cf1e 100755
--- a/lib/common/models/vulnerability.rb
+++ b/lib/common/models/vulnerability.rb
@@ -5,22 +5,24 @@ require 'vulnerability/output'
 class Vulnerability
   include Vulnerability::Output
 
-  attr_accessor :title, :references, :type, :fixed_in, :metasploit_modules
+  attr_accessor :title, :references, :type, :fixed_in, :metasploit_modules, :cve
 
   #
   # @param [ String ] title The title of the vulnerability
   # @param [ String ] type  The type of the vulnerability
   # @param [ Array ] references References urls
   # @param [ Array ] metasploit_modules Metasploit modules for the vulnerability
-	# @param [ String ] fixed_in  Vuln fixed in Version X
+  # @param [ String ] fixed_in  Vuln fixed in Version X
+  # @param [ Array ] cve CVE numbers for the vulnerability
   #
   # @return [ Vulnerability ]
-  def initialize(title, type, references, metasploit_modules = [], fixed_in = '')
+  def initialize(title, type, references, metasploit_modules = [], fixed_in = '', cve = [])
     @title              = title
     @type               = type
     @references         = references
     @metasploit_modules = metasploit_modules
-    @fixed_in						= fixed_in
+    @fixed_in           = fixed_in
+    @cve                = cve
   end
 
   # @param [ Vulnerability ] other
@@ -32,6 +34,7 @@ class Vulnerability
         type == other.type &&
         references == other.references &&
         fixed_in == other.fixed_in &&
+        cve == other.cve &&
         metasploit_modules == other.metasploit_modules
   end
   # :nocov:
@@ -47,7 +50,8 @@ class Vulnerability
       xml_node.search('type').text,
       xml_node.search('reference').map(&:text),
       xml_node.search('metasploit').map(&:text),
-      xml_node.search('fixed_in').text
+      xml_node.search('fixed_in').text,
+      xml_node.search('cve').map(&:text)
     )
   end
 
diff --git a/lib/common/models/vulnerability/output.rb b/lib/common/models/vulnerability/output.rb
index 5c5baff5..789e1161 100644
--- a/lib/common/models/vulnerability/output.rb
+++ b/lib/common/models/vulnerability/output.rb
@@ -10,6 +10,9 @@ class Vulnerability
       references.each do |r|
         puts ' | ' + red("* Reference: #{r}")
       end
+      cve.each do |c|
+        puts ' | ' + red("* CVE-#{c} - #{Output.cve_url(c)}")
+      end
       metasploit_modules.each do |m|
         puts ' | ' + red("* Metasploit module: #{Output.metasploit_module_url(m)}")
       end
@@ -22,5 +25,9 @@ class Vulnerability
       "http://www.metasploit.com/modules/#{module_path}"
     end
 
+    def self.cve_url(cve)
+      "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE#{cve}"
+    end
+
   end
 end
diff --git a/spec/lib/common/models/vulnerability/output_spec.rb b/spec/lib/common/models/vulnerability/output_spec.rb
index ad92af62..db21773a 100644
--- a/spec/lib/common/models/vulnerability/output_spec.rb
+++ b/spec/lib/common/models/vulnerability/output_spec.rb
@@ -19,7 +19,13 @@ describe Vulnerability::Output do
       @module   = 'gathering/yolo'
       @expected = modules_url + @module
     end
-  end
+    end
+
+    describe '::cve_url' do
+        it 'returns the correct url' do
+            Vulnerability::Output.cve_url('1111-1111').should == 'http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1111-1111'
+        end
+    end
 
   describe '#output' do
     # How to test it ? oO
diff --git a/spec/lib/common/models/vulnerability_spec.rb b/spec/lib/common/models/vulnerability_spec.rb
index ca0cf959..391a9028 100644
--- a/spec/lib/common/models/vulnerability_spec.rb
+++ b/spec/lib/common/models/vulnerability_spec.rb
@@ -18,6 +18,7 @@ describe Vulnerability do
       its(:type)               { should be type }
       its(:metasploit_modules) { should be_empty }
       its(:fixed_in)           { should be_empty }
+      its(:cve)                { should be_empty }
     end
 
     context 'with metasploit modules argument' do
@@ -26,6 +27,7 @@ describe Vulnerability do
 
       its(:metasploit_modules) { should be modules }
       its(:fixed_in)           { should be_empty }
+      its(:cve)                { should be_empty }
     end
 
     context 'with metasploit modules and fixed version argument' do
@@ -33,8 +35,19 @@ describe Vulnerability do
       let(:fixed_version)  { '1.0' }
 
       its(:metasploit_modules) { should be modules }
-      its(:fixed_in) { should == '1.0' }
+      its(:fixed_in)           { should == '1.0' }
+      its(:cve)                { should be_empty }
     end
+
+    context 'with cve argument' do
+      subject(:vulnerability) { Vulnerability.new(title, type, references, [], '', cve) }
+      let(:cve) { %w{2011-001 2011-002} }
+
+      its(:metasploit_modules) { should be_empty }
+      its(:fixed_in)           { should be_empty }
+      its(:cve)                { should be cve }
+    end
+
   end
 
   describe '::load_from_xml_node' do
@@ -47,6 +60,7 @@ describe Vulnerability do
     its(:type)               { should == 'CSRF' }
     its(:references)         { should == ['Ref 1', 'Ref 2'] }
     its(:metasploit_modules) { should == %w{exploit/ex1} }
+    its(:cve)                { should == %w{2011-001} }
     its(:fixed_in)           { should == '1.0'}
   end
 
diff --git a/spec/samples/common/models/vulnerability/xml_node.xml b/spec/samples/common/models/vulnerability/xml_node.xml
index f02ec5d2..24a1fb2e 100644
--- a/spec/samples/common/models/vulnerability/xml_node.xml
+++ b/spec/samples/common/models/vulnerability/xml_node.xml
@@ -2,6 +2,7 @@
   <title>Vuln Title</title>
   <reference>Ref 1</reference>
   <reference>Ref 2</reference>
+  <cve>2011-001</cve>
   <type>CSRF</type>
   <metasploit>exploit/ex1</metasploit>
   <fixed_in>1.0</fixed_in>