From 285d7d3265f9f26926dc550642309bdfed4bcf07 Mon Sep 17 00:00:00 2001 From: Peter Date: Tue, 1 Apr 2014 15:16:04 +0200 Subject: [PATCH] Update vuln db --- data/plugin_vulns.xml | 34 ++++++++++++++++++++++++++++++++++ data/timthumbs.txt | 1 + 2 files changed, 35 insertions(+) diff --git a/data/plugin_vulns.xml b/data/plugin_vulns.xml index 662b6f5d..402223f2 100644 --- a/data/plugin_vulns.xml +++ b/data/plugin_vulns.xml @@ -10434,6 +10434,40 @@ + + JS MultiHotel 2.2.1 - includes/show_image.php file Parameter Remote File Inclusion DoS + + 105185 + http://seclists.org/fulldisclosure/2014/Mar/428 + + RFI + + + JS MultiHotel 2.2.1 - includes/delete_img.php path Parameter Reflected XSS + + 105186 + http://seclists.org/fulldisclosure/2014/Mar/428 + http://www.securityfocus.com/bid/66529 + + XSS + + + JS MultiHotel 2.2.1 - Multiple Script Direct Request Path Disclosure + + 105187 + http://seclists.org/fulldisclosure/2014/Mar/428 + + FPD + + + JS MultiHotel 2.2.1 - includes/timthumb.php src Parameter Direct Request Path Disclosure + + 105119 + http://seclists.org/fulldisclosure/2014/Mar/413 + http://www.securityfocus.com/bid/66529 + + FPD + Js-Multi-Hotel 2.2.1 - refreshDate.php roomid Parameter Reflected XSS diff --git a/data/timthumbs.txt b/data/timthumbs.txt index b25a87f1..b18e163b 100644 --- a/data/timthumbs.txt +++ b/data/timthumbs.txt @@ -115,6 +115,7 @@ $wp-plugins$/islidex/js/timthumb.php $wp-plugins$/islidex/js/timthumb.phpthumb.php $wp-plugins$/islidex/js/timthumb.phptimthumb.php $wp-plugins$/jquery-slider-for-featured-content/scripts/timthumb.php +$wp-plugins$/js-multihotel/includes/timthumb.php $wp-plugins$/kc-related-posts-by-category/timthumb.php $wp-plugins$/kino-gallery/timthumb.php $wp-plugins$/lisl-last-image-slider/timthumb.php