From 2a3e06610fd2d2e5f893d7fb83ecd8b0fc94e1c5 Mon Sep 17 00:00:00 2001
From: Peter <vanderlaan.pm@gmail.com>
Date: Thu, 6 Mar 2014 20:29:20 +0100
Subject: [PATCH] Update Fix #388

---
 data/plugin_vulns.xml | 63 +++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 63 insertions(+)

diff --git a/data/plugin_vulns.xml b/data/plugin_vulns.xml
index 8136ceb3..53953edb 100644
--- a/data/plugin_vulns.xml
+++ b/data/plugin_vulns.xml
@@ -10477,6 +10477,26 @@
   </plugin>
 
   <plugin name="dewplayer-flash-mp3-player">
+    <vulnerability>
+      <title>Dewplayer - dewplayer-vinyl.swf xml Parameter XML File Handling XSS</title>
+      <references>
+        <osvdb>101353</osvdb>
+        <url>http://packetstormsecurity.com/files/124582/</url>
+        <url>http://www.securityfocus.com/bid/64506</url>
+        <url>http://seclists.org/fulldisclosure/2013/Dec/192</url>
+      </references>
+      <type>XSS</type>
+    </vulnerability>
+    <vulnerability>
+      <title>Dewplayer - dewplayer-vinyl-en.swf xml Parameter XML File Handling XSS</title>
+      <references>
+        <osvdb>101352</osvdb>
+        <url>http://packetstormsecurity.com/files/124582/</url>
+        <url>http://www.securityfocus.com/bid/64506</url>
+        <url>http://seclists.org/fulldisclosure/2013/Dec/192</url>
+      </references>
+      <type>XSS</type>
+    </vulnerability>
     <vulnerability>
       <title>Dewplayer &lt;= 1.2 - dewplayer.php Direct Request Path Disclosure Weakness</title>
       <references>
@@ -10488,6 +10508,26 @@
   </plugin>
 
   <plugin name="advanced-dewplayer">
+    <vulnerability>
+      <title>Advanced Dewplayer - dewplayer-vinyl.swf xml Parameter XML File Handling XSS</title>
+      <references>
+        <osvdb>101353</osvdb>
+        <url>http://packetstormsecurity.com/files/124582/</url>
+        <url>http://www.securityfocus.com/bid/64506</url>
+        <url>http://seclists.org/fulldisclosure/2013/Dec/192</url>
+      </references>
+      <type>XSS</type>
+    </vulnerability>
+    <vulnerability>
+      <title>Dewplayer - dewplayer-vinyl-en.swf xml Parameter XML File Handling XSS</title>
+      <references>
+        <osvdb>101352</osvdb>
+        <url>http://packetstormsecurity.com/files/124582/</url>
+        <url>http://www.securityfocus.com/bid/64506</url>
+        <url>http://seclists.org/fulldisclosure/2013/Dec/192</url>
+      </references>
+      <type>XSS</type>
+    </vulnerability>
     <vulnerability>
       <title>Advanced Dewplayer &lt;= 1.2 - dewplayer.php Direct Request Path Disclosure Weakness</title>
       <references>
@@ -11362,4 +11402,27 @@
     </vulnerability>
   </plugin>
 
+  <plugin name="repagent">
+    <vulnerability>
+      <title>Repagent - dewplayer-vinyl.swf xml Parameter XML File Handling XSS</title>
+      <references>
+        <osvdb>101353</osvdb>
+        <url>http://packetstormsecurity.com/files/124582/</url>
+        <url>http://www.securityfocus.com/bid/64506</url>
+        <url>http://seclists.org/fulldisclosure/2013/Dec/192</url>
+      </references>
+      <type>XSS</type>
+    </vulnerability>
+    <vulnerability>
+      <title>Repagent - dewplayer-vinyl-en.swf xml Parameter XML File Handling XSS</title>
+      <references>
+        <osvdb>101352</osvdb>
+        <url>http://packetstormsecurity.com/files/124582/</url>
+        <url>http://www.securityfocus.com/bid/64506</url>
+        <url>http://seclists.org/fulldisclosure/2013/Dec/192</url>
+      </references>
+      <type>XSS</type>
+    </vulnerability>
+  </plugin>
+
 </vulnerabilities>