garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #447 from droope/arb-fileupload-add

Browse Source 
add more templates which are vulnerable to 1337day.com/exploit/22090
This commit is contained in:
Peter
2014-04-08 09:13:18 +02:00
parent a4dfb05d0c 97a798e357
commit 5e00d77e69
1 changed files with 419 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

454
data/theme_vulns.xml
View File

@@ -3065,53 +3065,437 @@
</theme> </theme>
<theme name="Realestate"> <theme name="Realestate">
<vulnerability> <vulnerability>
<title>Wordpress Templatic Themes CSRF File Upload Vulnerability</title> <title>Wordpress Templatic Themes CSRF File Upload Vulnerability</title>
<references> <references>
<url>http://1337day.com/exploit/22091</url> <url>http://1337day.com/exploit/22091</url>
</references> </references>
<type>CSRF</type> <type>CSRF</type>
</vulnerability> </vulnerability>
</theme> </theme>
<theme name="dailydeal"> <theme name="dailydeal">
<vulnerability> <vulnerability>
<title>Wordpress Templatic Themes CSRF File Upload Vulnerability</title> <title>Wordpress Templatic Themes CSRF File Upload Vulnerability</title>
<references> <references>
<url>http://1337day.com/exploit/22091</url> <url>http://1337day.com/exploit/22091</url>
</references> </references>
<type>CSRF</type> <type>CSRF</type>
</vulnerability> </vulnerability>
</theme> </theme>
<theme name="nightlife"> <theme name="nightlife">
<vulnerability> <vulnerability>
<title>Wordpress Templatic Themes CSRF File Upload Vulnerability</title> <title>Wordpress Templatic Themes CSRF File Upload Vulnerability</title>
<references> <references>
<url>http://1337day.com/exploit/22091</url> <url>http://1337day.com/exploit/22091</url>
</references> </references>
<type>CSRF</type> <type>CSRF</type>
</vulnerability> </vulnerability>
</theme> </theme>
<theme name="5star"> <theme name="5star">
<vulnerability> <vulnerability>
<title>Wordpress Templatic Themes CSRF File Upload Vulnerability</title> <title>Wordpress Templatic Themes CSRF File Upload Vulnerability</title>
<references> <references>
<url>http://1337day.com/exploit/22091</url> <url>http://1337day.com/exploit/22091</url>
</references> </references>
<type>CSRF</type> <type>CSRF</type>
</vulnerability> </vulnerability>
</theme> </theme>
<theme name="specialist"> <theme name="specialist">
<vulnerability> <vulnerability>
<title>Wordpress Templatic Themes CSRF File Upload Vulnerability</title> <title>Wordpress Templatic Themes CSRF File Upload Vulnerability</title>
<references> <references>
<url>http://1337day.com/exploit/22091</url> <url>http://1337day.com/exploit/22091</url>
</references> </references>
<type>CSRF</type> <type>CSRF</type>
</vulnerability> </vulnerability>
</theme>
<theme name="flatshop">
<vulnerability>
<title>themify-ajax.php File Upload Arbitrary Code Execution</title>
<references>
<osvdb>100271</osvdb>
<url>http://packetstormsecurity.com/files/124097/</url>
<url>http://1337day.com/exploit/22090</url>
</references>
<type>UPLOAD</type>
</vulnerability>
</theme>
<theme name="magazine">
<vulnerability>
<title>themify-ajax.php File Upload Arbitrary Code Execution</title>
<references>
<osvdb>100271</osvdb>
<url>http://packetstormsecurity.com/files/124097/</url>
<url>http://1337day.com/exploit/22090</url>
</references>
<type>UPLOAD</type>
</vulnerability>
</theme>
<theme name="parallax">
<vulnerability>
<title>themify-ajax.php File Upload Arbitrary Code Execution</title>
<references>
<osvdb>100271</osvdb>
<url>http://packetstormsecurity.com/files/124097/</url>
<url>http://1337day.com/exploit/22090</url>
</references>
<type>UPLOAD</type>
</vulnerability>
</theme>
<theme name="bold">
<vulnerability>
<title>themify-ajax.php File Upload Arbitrary Code Execution</title>
<references>
<osvdb>100271</osvdb>
<url>http://packetstormsecurity.com/files/124097/</url>
<url>http://1337day.com/exploit/22090</url>
</references>
<type>UPLOAD</type>
</vulnerability>
</theme>
<theme name="metro">
<vulnerability>
<title>themify-ajax.php File Upload Arbitrary Code Execution</title>
<references>
<osvdb>100271</osvdb>
<url>http://packetstormsecurity.com/files/124097/</url>
<url>http://1337day.com/exploit/22090</url>
</references>
<type>UPLOAD</type>
</vulnerability>
</theme>
<theme name="pinshop">
<vulnerability>
<title>themify-ajax.php File Upload Arbitrary Code Execution</title>
<references>
<osvdb>100271</osvdb>
<url>http://packetstormsecurity.com/files/124097/</url>
<url>http://1337day.com/exploit/22090</url>
</references>
<type>UPLOAD</type>
</vulnerability>
</theme>
<theme name="agency">
<vulnerability>
<title>themify-ajax.php File Upload Arbitrary Code Execution</title>
<references>
<osvdb>100271</osvdb>
<url>http://packetstormsecurity.com/files/124097/</url>
<url>http://1337day.com/exploit/22090</url>
</references>
<type>UPLOAD</type>
</vulnerability>
</theme>
<theme name="slide">
<vulnerability>
<title>themify-ajax.php File Upload Arbitrary Code Execution</title>
<references>
<osvdb>100271</osvdb>
<url>http://packetstormsecurity.com/files/124097/</url>
<url>http://1337day.com/exploit/22090</url>
</references>
<type>UPLOAD</type>
</vulnerability>
</theme>
<theme name="postline">
<vulnerability>
<title>themify-ajax.php File Upload Arbitrary Code Execution</title>
<references>
<osvdb>100271</osvdb>
<url>http://packetstormsecurity.com/files/124097/</url>
<url>http://1337day.com/exploit/22090</url>
</references>
<type>UPLOAD</type>
</vulnerability>
</theme>
<theme name="fullscreen">
<vulnerability>
<title>themify-ajax.php File Upload Arbitrary Code Execution</title>
<references>
<osvdb>100271</osvdb>
<url>http://packetstormsecurity.com/files/124097/</url>
<url>http://1337day.com/exploit/22090</url>
</references>
<type>UPLOAD</type>
</vulnerability>
</theme>
<theme name="shopo">
<vulnerability>
<title>themify-ajax.php File Upload Arbitrary Code Execution</title>
<references>
<osvdb>100271</osvdb>
<url>http://packetstormsecurity.com/files/124097/</url>
<url>http://1337day.com/exploit/22090</url>
</references>
<type>UPLOAD</type>
</vulnerability>
</theme>
<theme name="minshop">
<vulnerability>
<title>themify-ajax.php File Upload Arbitrary Code Execution</title>
<references>
<osvdb>100271</osvdb>
<url>http://packetstormsecurity.com/files/124097/</url>
<url>http://1337day.com/exploit/22090</url>
</references>
<type>UPLOAD</type>
</vulnerability>
</theme>
<theme name="notes">
<vulnerability>
<title>themify-ajax.php File Upload Arbitrary Code Execution</title>
<references>
<osvdb>100271</osvdb>
<url>http://packetstormsecurity.com/files/124097/</url>
<url>http://1337day.com/exploit/22090</url>
</references>
<type>UPLOAD</type>
</vulnerability>
</theme>
<theme name="shopdock">
<vulnerability>
<title>themify-ajax.php File Upload Arbitrary Code Execution</title>
<references>
<osvdb>100271</osvdb>
<url>http://packetstormsecurity.com/files/124097/</url>
<url>http://1337day.com/exploit/22090</url>
</references>
<type>UPLOAD</type>
</vulnerability>
</theme>
<theme name="phototouch">
<vulnerability>
<title>themify-ajax.php File Upload Arbitrary Code Execution</title>
<references>
<osvdb>100271</osvdb>
<url>http://packetstormsecurity.com/files/124097/</url>
<url>http://1337day.com/exploit/22090</url>
</references>
<type>UPLOAD</type>
</vulnerability>
</theme>
<theme name="basic">
<vulnerability>
<title>themify-ajax.php File Upload Arbitrary Code Execution</title>
<references>
<osvdb>100271</osvdb>
<url>http://packetstormsecurity.com/files/124097/</url>
<url>http://1337day.com/exploit/22090</url>
</references>
<type>UPLOAD</type>
</vulnerability>
</theme>
<theme name="responz">
<vulnerability>
<title>themify-ajax.php File Upload Arbitrary Code Execution</title>
<references>
<osvdb>100271</osvdb>
<url>http://packetstormsecurity.com/files/124097/</url>
<url>http://1337day.com/exploit/22090</url>
</references>
<type>UPLOAD</type>
</vulnerability>
</theme>
<theme name="simfo">
<vulnerability>
<title>themify-ajax.php File Upload Arbitrary Code Execution</title>
<references>
<osvdb>100271</osvdb>
<url>http://packetstormsecurity.com/files/124097/</url>
<url>http://1337day.com/exploit/22090</url>
</references>
<type>UPLOAD</type>
</vulnerability>
</theme>
<theme name="grido">
<vulnerability>
<title>themify-ajax.php File Upload Arbitrary Code Execution</title>
<references>
<osvdb>100271</osvdb>
<url>http://packetstormsecurity.com/files/124097/</url>
<url>http://1337day.com/exploit/22090</url>
</references>
<type>UPLOAD</type>
</vulnerability>
</theme>
<theme name="tisa">
<vulnerability>
<title>themify-ajax.php File Upload Arbitrary Code Execution</title>
<references>
<osvdb>100271</osvdb>
<url>http://packetstormsecurity.com/files/124097/</url>
<url>http://1337day.com/exploit/22090</url>
</references>
<type>UPLOAD</type>
</vulnerability>
</theme>
<theme name="funki">
<vulnerability>
<title>themify-ajax.php File Upload Arbitrary Code Execution</title>
<references>
<osvdb>100271</osvdb>
<url>http://packetstormsecurity.com/files/124097/</url>
<url>http://1337day.com/exploit/22090</url>
</references>
<type>UPLOAD</type>
</vulnerability>
</theme>
<theme name="minblr">
<vulnerability>
<title>themify-ajax.php File Upload Arbitrary Code Execution</title>
<references>
<osvdb>100271</osvdb>
<url>http://packetstormsecurity.com/files/124097/</url>
<url>http://1337day.com/exploit/22090</url>
</references>
<type>UPLOAD</type>
</vulnerability>
</theme>
<theme name="newsy">
<vulnerability>
<title>themify-ajax.php File Upload Arbitrary Code Execution</title>
<references>
<osvdb>100271</osvdb>
<url>http://packetstormsecurity.com/files/124097/</url>
<url>http://1337day.com/exploit/22090</url>
</references>
<type>UPLOAD</type>
</vulnerability>
</theme>
<theme name="wumblr">
<vulnerability>
<title>themify-ajax.php File Upload Arbitrary Code Execution</title>
<references>
<osvdb>100271</osvdb>
<url>http://packetstormsecurity.com/files/124097/</url>
<url>http://1337day.com/exploit/22090</url>
</references>
<type>UPLOAD</type>
</vulnerability>
</theme>
<theme name="rezo">
<vulnerability>
<title>themify-ajax.php File Upload Arbitrary Code Execution</title>
<references>
<osvdb>100271</osvdb>
<url>http://packetstormsecurity.com/files/124097/</url>
<url>http://1337day.com/exploit/22090</url>
</references>
<type>UPLOAD</type>
</vulnerability>
</theme>
<theme name="photobox">
<vulnerability>
<title>themify-ajax.php File Upload Arbitrary Code Execution</title>
<references>
<osvdb>100271</osvdb>
<url>http://packetstormsecurity.com/files/124097/</url>
<url>http://1337day.com/exploit/22090</url>
</references>
<type>UPLOAD</type>
</vulnerability>
</theme>
<theme name="edmin">
<vulnerability>
<title>themify-ajax.php File Upload Arbitrary Code Execution</title>
<references>
<osvdb>100271</osvdb>
<url>http://packetstormsecurity.com/files/124097/</url>
<url>http://1337day.com/exploit/22090</url>
</references>
<type>UPLOAD</type>
</vulnerability>
</theme>
<theme name="koi">
<vulnerability>
<title>themify-ajax.php File Upload Arbitrary Code Execution</title>
<references>
<osvdb>100271</osvdb>
<url>http://packetstormsecurity.com/files/124097/</url>
<url>http://1337day.com/exploit/22090</url>
</references>
<type>UPLOAD</type>
</vulnerability>
</theme>
<theme name="bizco">
<vulnerability>
<title>themify-ajax.php File Upload Arbitrary Code Execution</title>
<references>
<osvdb>100271</osvdb>
<url>http://packetstormsecurity.com/files/124097/</url>
<url>http://1337day.com/exploit/22090</url>
</references>
<type>UPLOAD</type>
</vulnerability>
</theme>
<theme name="thememin">
<vulnerability>
<title>themify-ajax.php File Upload Arbitrary Code Execution</title>
<references>
<osvdb>100271</osvdb>
<url>http://packetstormsecurity.com/files/124097/</url>
<url>http://1337day.com/exploit/22090</url>
</references>
<type>UPLOAD</type>
</vulnerability>
</theme>
<theme name="wigi">
<vulnerability>
<title>themify-ajax.php File Upload Arbitrary Code Execution</title>
<references>
<osvdb>100271</osvdb>
<url>http://packetstormsecurity.com/files/124097/</url>
<url>http://1337day.com/exploit/22090</url>
</references>
<type>UPLOAD</type>
</vulnerability>
</theme>
<theme name="sidepane">
<vulnerability>
<title>themify-ajax.php File Upload Arbitrary Code Execution</title>
<references>
<osvdb>100271</osvdb>
<url>http://packetstormsecurity.com/files/124097/</url>
<url>http://1337day.com/exploit/22090</url>
</references>
<type>UPLOAD</type>
</vulnerability>
</theme> </theme>
</vulnerabilities> </vulnerabilities>