garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix #395 CVEs added

Browse Source
This commit is contained in:
erwanlr
2014-01-18 14:45:26 +01:00
parent 277fff5f2c
commit 2578bfd0ff
1 changed files with 10 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
data/plugin_vulns.xml
View File

@@ -14,7 +14,7 @@
<type>CSRF</type>
</vulnerability>
</plugin>
<plugin name="wp-cron-dashboard">
<vulnerability>
<title>WP Cron DashBoard &lt;= 1.1.5 - wp-cron-dashboard.php procname Parameter Reflected XSS</title>
@@ -2272,6 +2272,7 @@
<secunia>49188</secunia>
<url>http://packetstormsecurity.com/files/112689/</url>
<url>http://www.securityfocus.com/bid/53537</url>
<cve>2012-6624</cve>
</references>
<type>XSS</type>
</vulnerability>
@@ -2362,10 +2363,11 @@
<plugin name="newsletter-manager">
<vulnerability>
<title>Newsletter Manager &lt;= 1.0 - Cross Site Scripting</title>
<title>Newsletter Manager &lt;= 1.0.2 - Cross Site Scripting</title>
<references>
<secunia>49183</secunia>
<url>http://packetstormsecurity.com/files/112694/</url>
<cve>2012-6628</cve>
</references>
<type>XSS</type>
<fixed_in>1.0.2</fixed_in>
@@ -2668,6 +2670,7 @@
<title>Media Library Categories &lt;= 1.1.1 - Cross Site Scripting</title>
<references>
<url>http://packetstormsecurity.com/files/112697/</url>
<cve>2012-6630</cve>
</references>
<type>SQLI</type>
</vulnerability>
@@ -3655,6 +3658,7 @@
<title>WP Forum Server &lt;= 1.7.3 - SQL Injection / XSS Vulnerabilities</title>
<references>
<url>http://packetstormsecurity.com/files/112703/</url>
<cve>2012-6622</cve>
</references>
<type>MULTI</type>
</vulnerability>
@@ -5378,7 +5382,7 @@
<type>RCE</type>
</vulnerability>
<vulnerability>
<title>BackWPup 3.0.12 - wp-admin/admin.php tab Parameter XSS</title>
<title>BackWPup 3.0.12 - wp-admin/admin.php tab Parameter XSS</title>
<references>
<cve>2013-4626</cve>
<url>https://www.htbridge.com/advisory/HTB23161</url>
@@ -6202,7 +6206,7 @@
<vulnerability>
<title>MF Gig Calendar 0.9.4.1 - URL Cross-Site Scripting Vulnerability</title>
<references>
<osvdb>85682</osvdb>
<osvdb>85682</osvdb>
<cve>2012-4242</cve>
<secunia>50571</secunia>
<url>http://packetstormsecurity.org/files/116713/</url>
@@ -9008,7 +9012,7 @@
<fixed_in>1.1.1</fixed_in>
</vulnerability>
</plugin>
<plugin name="wp-realty">
<vulnerability>
<title>WP Realty - MySQL Time Based Injection</title>
@@ -10017,7 +10021,7 @@
<fixed_in>2.6.8.5</fixed_in>
</vulnerability>
</plugin>
<plugin name="intouch">
<vulnerability>
<title>intouch 2.0 - intouch.js.php intouch_failure Parameter Reflected XSS</title>