Merge pull request #582 from fgeek/CVE-2011-4562

CVE-2011-3981/allwebmenus-wordpress-menu-plugin, CVE-2011-4562/redirection
2014-07-26 20:20:38 +01:00
parent 6fbf2643a1 ef3ed86096
commit 4514123279
1 changed files with 14 additions and 0 deletions
--- a/data/plugin_vulns.xml
+++ b/data/plugin_vulns.xml
@@ -3344,7 +3344,10 @@
    <vulnerability>
      <title>AllWebMenus 1.1.3 - Remote File Inclusion</title>
      <references>
+        <cve>2011-3981</cve>
+        <osvdb>75615</osvdb>
        <exploitdb>17861</exploitdb>
+        <secunia>46068</secunia>
      </references>
      <type>RFI</type>
    </vulnerability>
@@ -5900,6 +5903,7 @@
        <osvdb>75638</osvdb>
        <cve>2011-4106</cve>
        <exploitdb>17872</exploitdb>
+        <url>http://markmaunder.com/2011/08/01/zero-day-vulnerability-in-many-wordpress-themes/</url>
      </references>
      <type>UPLOAD</type>
    </vulnerability>
@@ -10450,6 +10454,16 @@
      <type>XSS</type>
      <fixed_in>2.3.4</fixed_in>
    </vulnerability>
+    <vulnerability>
+      <title>Redirection - view/admin/log_item.php Non-existent Posts Referer HTTP Header XSS</title>
+      <references>
+        <cve>2011-4562</cve>
+        <osvdb>76092</osvdb>
+        <secunia>46310</secunia>
+      </references>
+      <type>XSS</type>
+      <fixed_in>2.2.10</fixed_in>
+    </vulnerability>
    <vulnerability>
      <title>Redirection - wp-admin/tools.php id Parameter XSS</title>
      <references>