From 47f2545a50331db066b1a92dfec8bf59455e1c38 Mon Sep 17 00:00:00 2001
From: Peter van der Laan <vanderlaan.pm@gmail.com>
Date: Wed, 6 Nov 2013 11:25:03 +0100
Subject: [PATCH] Update plugin_vulns.xml

---
 data/plugin_vulns.xml | 63 ++++++++++++++++++-------------------------
 1 file changed, 26 insertions(+), 37 deletions(-)

diff --git a/data/plugin_vulns.xml b/data/plugin_vulns.xml
index 9293a3c9..b50bbd2f 100644
--- a/data/plugin_vulns.xml
+++ b/data/plugin_vulns.xml
@@ -123,8 +123,7 @@
       <title>Crayon Syntax Highlighter - Remote File Inclusion Vulnerability</title>
       <references>
         <secunia>50804</secunia>
-        <url>http://ceriksen.com/2012/10/15/wordpress-crayon-syntax-highlighter-remote-file-inclusion-vulnerability/
-        </url>
+        <url>http://ceriksen.com/2012/10/15/wordpress-crayon-syntax-highlighter-remote-file-inclusion-vulnerability/</url>
       </references>
       <type>RFI</type>
       <fixed_in>1.13</fixed_in>
@@ -197,9 +196,7 @@
       <title>FireStorm Professional Real Estate - Multiple SQL Injection</title>
       <references>
         <secunia>50873</secunia>
-        <url>
-          http://ceriksen.com/2012/10/25/wordpress-firestorm-professional-real-estate-plugin-sql-injection-vulnerability/
-        </url>
+        <url>http://ceriksen.com/2012/10/25/wordpress-firestorm-professional-real-estate-plugin-sql-injection-vulnerability/</url>
       </references>
       <type>SQLI</type>
       <fixed_in>2.06.03</fixed_in>
@@ -290,8 +287,7 @@
         <secunia>50832</secunia>
         <url>http://www.securityfocus.com/bid/57133</url>
         <url>http://packetstormsecurity.com/files/119329/</url>
-        <url>http://ceriksen.com/2013/01/03/wordpress-google-document-embedder-arbitrary-file-disclosure/
-        </url>
+        <url>http://ceriksen.com/2013/01/03/wordpress-google-document-embedder-arbitrary-file-disclosure/</url>
         <metasploit>exploit/unix/webapp/wp_google_document_embedder_exec</metasploit>
       </references>
       <type>UNKNOWN</type>
@@ -551,9 +547,7 @@
       <title>Asset Manager - upload.php Arbitrary Code Execution</title>
       <references>
         <osvdb>82653</osvdb>
-        <url>
-          http://www.ethicalhack3r.co.uk/security/wordpress-plugin-asset-manager-upload-php-arbitrary-code-execution/
-        </url>
+        <url>http://www.ethicalhack3r.co.uk/security/wordpress-plugin-asset-manager-upload-php-arbitrary-code-execution/</url>
         <url>http://packetstormsecurity.com/files/113285/</url>
         <url>http://xforce.iss.net/xforce/xfdb/80823</url>
       </references>
@@ -676,7 +670,7 @@
     <vulnerability>
       <title>powerzoomer - Arbitrary File Upload Vulnerability</title>
       <references>
-        <url>http://www.1337day.com/exploit/20253</url>
+        <url>http://1337day.com/exploit/20253</url>
       </references>
       <type>UPLOAD</type>
     </vulnerability>
@@ -754,7 +748,7 @@
     <vulnerability>
       <title>wp-3dflick-slideshow - Arbitrary File Upload Vulnerability</title>
       <references>
-        <url>http://www.1337day.com/exploit/20255</url>
+        <url>http://1337day.com/exploit/20255</url>
       </references>
       <type>UPLOAD</type>
     </vulnerability>
@@ -840,7 +834,7 @@
     <vulnerability>
       <title>wp-homepage-slideshow - Arbitrary File Upload Vulnerability</title>
       <references>
-        <url>http://www.1337day.com/exploit/20260</url>
+        <url>http://1337day.com/exploit/20260</url>
       </references>
       <type>UPLOAD</type>
     </vulnerability>
@@ -857,7 +851,7 @@
     <vulnerability>
       <title>wp-image-news-slider - Arbitrary File Upload Vulnerability</title>
       <references>
-        <url>http://www.1337day.com/exploit/20259</url>
+        <url>http://1337day.com/exploit/20259</url>
       </references>
       <type>UPLOAD</type>
     </vulnerability>
@@ -892,7 +886,7 @@
     <vulnerability>
       <title>wp-levoslideshow - Arbitrary File Upload Vulnerability</title>
       <references>
-        <url>http://www.1337day.com/exploit/20250</url>
+        <url>http://1337day.com/exploit/20250</url>
       </references>
       <type>UPLOAD</type>
     </vulnerability>
@@ -919,7 +913,7 @@
     <vulnerability>
       <title>wp-powerplaygallery - Arbitrary File Upload Vulnerability</title>
       <references>
-        <url>http://www.1337day.com/exploit/20252</url>
+        <url>http://1337day.com/exploit/20252</url>
       </references>
       <type>UPLOAD</type>
     </vulnerability>
@@ -936,7 +930,7 @@
     <vulnerability>
       <title>wp-royal-gallery - Arbitrary File Upload Vulnerability</title>
       <references>
-        <url>http://www.1337day.com/exploit/20261</url>
+        <url>http://1337day.com/exploit/20261</url>
       </references>
       <type>UPLOAD</type>
     </vulnerability>
@@ -1022,7 +1016,7 @@
     <vulnerability>
       <title>Spider Catalog - Multiple SQL Injection and Cross Site Scripting Vulnerabilities</title>
       <references>
-        <url>http://www.securityfocus.com/bid/60079/info</url>
+        <url>http://www.securityfocus.com/bid/60079</url>
       </references>
       <type>MULTI</type>
     </vulnerability>
@@ -1088,9 +1082,7 @@
     <vulnerability>
       <title>ABtest - Directory Traversal</title>
       <references>
-        <url>
-          http://scott-herbert.com/blog/2012/10/11/wordpress-plugin-abtest-vulnerable-to-a-directory-traversal-attack-1110
-        </url>
+        <url>http://scott-herbert.com/blog/2012/10/11/wordpress-plugin-abtest-vulnerable-to-a-directory-traversal-attack-1110</url>
       </references>
       <type>UNKNOWN</type>
     </vulnerability>
@@ -2387,7 +2379,7 @@
     <vulnerability>
       <title>WP Cycle Playlist - Multiple Vulnerabilities</title>
       <references>
-        <url>http://1337day.com/exploits/17396</url>
+        <url>http://1337day.com/exploit/17396</url>
       </references>
       <type>MULTI</type>
     </vulnerability>
@@ -2456,7 +2448,7 @@
     <vulnerability>
       <title>WP-AutoYoutube &lt;= 0.1 - Blind SQL Injection Vulnerability</title>
       <references>
-        <url>http://1337day.com/exploits/17368</url>
+        <url>http://1337day.com/exploit/17368</url>
       </references>
       <type>SQLI</type>
     </vulnerability>
@@ -4591,9 +4583,7 @@
       <references>
         <url>http://www.acunetix.com/blog/web-security-zone/wp-plugins-remote-code-execution/</url>
         <url>http://wordpress.org/support/topic/pwn3d</url>
-        <url>
-          http://blog.sucuri.net/2013/04/update-wp-super-cache-and-w3tc-immediately-remote-code-execution-vulnerability-disclosed.html
-        </url>
+        <url>http://blog.sucuri.net/2013/04/update-wp-super-cache-and-w3tc-immediately-remote-code-execution-vulnerability-disclosed.html</url>
         <metasploit>exploits/unix/webapp/php_wordpress_total_cache</metasploit>
       </references>
       <type>RCE</type>
@@ -4664,7 +4654,7 @@
       <title>ipfeuilledechou - SQL Injection Vulnerability</title>
       <references>
         <url>http://www.exploit4arab.com/exploits/377</url>
-        <url>http://1337day.com/exploits/20206</url>
+        <url>http://1337day.com/exploit/20206</url>
       </references>
       <type>SQLI</type>
     </vulnerability>
@@ -4771,7 +4761,7 @@
       <title>Developer Formatter - CSRF and XSS Vulnerability</title>
       <references>
         <url>http://illsecure.com/code/Wordpress-DevFormatter-CSRF-Vulnerability.txt</url>
-        <url>http://1337day.com/exploits/20210</url>
+        <url>http://1337day.com/exploit/20210</url>
         <secunia>51912</secunia>
       </references>
       <type>MULTI</type>
@@ -5299,7 +5289,7 @@
     <vulnerability>
       <title>wp-explorer-gallery - Arbitrary File Upload Vulnerability</title>
       <references>
-        <url>http://www.1337day.com/exploit/20251</url>
+        <url>http://1337day.com/exploit/20251</url>
       </references>
       <type>UPLOAD</type>
     </vulnerability>
@@ -5309,7 +5299,7 @@
     <vulnerability>
       <title>accordion - Arbitrary File Upload Vulnerability</title>
       <references>
-        <url>http://www.1337day.com/exploit/20254</url>
+        <url>http://1337day.com/exploit/20254</url>
       </references>
       <type>UPLOAD</type>
     </vulnerability>
@@ -5319,7 +5309,7 @@
     <vulnerability>
       <title>wp-catpro - Arbitrary File Upload Vulnerability</title>
       <references>
-        <url>http://www.1337day.com/exploit/20256</url>
+        <url>http://1337day.com/exploit/20256</url>
       </references>
       <type>UPLOAD</type>
     </vulnerability>
@@ -5372,7 +5362,7 @@
     <vulnerability>
       <title>p1m media manager - SQL Injection Vulnerability</title>
       <references>
-        <url>http://www.1337day.com/exploit/20270</url>
+        <url>http://1337day.com/exploit/20270</url>
       </references>
       <type>SQLI</type>
     </vulnerability>
@@ -5412,7 +5402,7 @@
     <vulnerability>
       <title>ForumConverter - SQL Injection Vulnerability</title>
       <references>
-        <url>http://www.1337day.com/exploit/20275</url>
+        <url>http://1337day.com/exploit/20275</url>
       </references>
       <type>SQLI</type>
     </vulnerability>
@@ -5422,7 +5412,7 @@
     <vulnerability>
       <title>Newsletter - SQL Injection Vulnerability</title>
       <references>
-        <url>http://www.1337day.com/exploit/20287</url>
+        <url>http://1337day.com/exploit/20287</url>
       </references>
       <type>SQLI</type>
     </vulnerability>
@@ -5542,7 +5532,7 @@
     <vulnerability>
       <title>Google Alert And Twitter 3.1.5 - XSS Exploit, SQL Injection</title>
       <references>
-        <url>http://1337day.com/exploits/20433</url>
+        <url>http://1337day.com/exploit/20433</url>
       </references>
       <type>MULTI</type>
     </vulnerability>
@@ -5962,8 +5952,7 @@
       <title>WP-Banners-Lite - XSS vulnerability</title>
       <references>
         <url>http://seclists.org/fulldisclosure/2013/Mar/209</url>
-        <url>http://threatpost.com/en_us/blogs/xss-flaw-wordpress-plugin-allows-injection-malicious-code-032513
-        </url>
+        <url>http://threatpost.com/en_us/blogs/xss-flaw-wordpress-plugin-allows-injection-malicious-code-032513</url>
       </references>
       <type>XSS</type>
     </vulnerability>