garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Added Vulns & references

Browse Source
This commit is contained in:
erwanlr
2013-06-21 17:00:18 +02:00
parent a436bb059a
commit 61b13e4543
1 changed files with 30 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
data/plugin_vulns.xml
View File

@@ -2270,6 +2270,7 @@
<vulnerability> <vulnerability>
<title>NextGEN Gallery 1.9.12 Arbitrary File Upload (CVE-2013-3684)</title> <title>NextGEN Gallery 1.9.12 Arbitrary File Upload (CVE-2013-3684)</title>
<reference>http://wordpress.org/plugins/nextgen-gallery/changelog/</reference> <reference>http://wordpress.org/plugins/nextgen-gallery/changelog/</reference>
<reference>http://osvdb.org/94232</reference>
<type>UPLOAD</type> <type>UPLOAD</type>
<fixed_in>1.9.13</fixed_in> <fixed_in>1.9.13</fixed_in>
</vulnerability> </vulnerability>
@@ -4584,6 +4585,7 @@
<vulnerability> <vulnerability>
<title>CVE-2013-2180: uk-cookie CSRF</title> <title>CVE-2013-2180: uk-cookie CSRF</title>
<reference>http://www.openwall.com/lists/oss-security/2013/06/06/10</reference> <reference>http://www.openwall.com/lists/oss-security/2013/06/06/10</reference>
<reference>http://osvdb.org/94032</reference>
<type>CSRF</type> <type>CSRF</type>
</vulnerability> </vulnerability>
</plugin> </plugin>
@@ -4782,6 +4784,7 @@
<vulnerability> <vulnerability>
<title>FPD and Security bypass vulnerabilities in Exploit Scanner for WordPress</title> <title>FPD and Security bypass vulnerabilities in Exploit Scanner for WordPress</title>
<reference>http://seclists.org/fulldisclosure/2013/May/216</reference> <reference>http://seclists.org/fulldisclosure/2013/May/216</reference>
<reference>http://osvdb.org/93799</reference>
<type>MULTI</type> <type>MULTI</type>
</vulnerability> </vulnerability>
</plugin> </plugin>
@@ -4799,6 +4802,7 @@
<vulnerability> <vulnerability>
<title>Remote File Inclusion Vulnerability</title> <title>Remote File Inclusion Vulnerability</title>
<reference>http://secunia.com/advisories/51348/</reference> <reference>http://secunia.com/advisories/51348/</reference>
<reference>http://osvdb.org/93715</reference>
<type>RFI</type> <type>RFI</type>
<fixed_in>2.3</fixed_in> <fixed_in>2.3</fixed_in>
</vulnerability> </vulnerability>
@@ -4808,6 +4812,7 @@
<vulnerability> <vulnerability>
<title>WordPress qTranslate Plugin Cross-Site Request Forgery Vulnerability</title> <title>WordPress qTranslate Plugin Cross-Site Request Forgery Vulnerability</title>
<reference>http://secunia.com/advisories/53126/</reference> <reference>http://secunia.com/advisories/53126/</reference>
<reference>http://osvdb.org/93873</reference>
<type>CSRF</type> <type>CSRF</type>
</vulnerability> </vulnerability>
</plugin> </plugin>
@@ -4878,4 +4883,29 @@
</vulnerability> </vulnerability>
</plugin> </plugin>
<plugin name="wp-maintenance-mode">
<vulnerability>
<title>WP Maintenance Mode Setting Manipulation CSRF</title>
<reference>http://osvdb.org/94450</reference>
<type>CSRF</type>
</vulnerability>
</plugin>
<plugin name="ultimate-auction">
<vulnerability>
<title>ultimate Auction Auction Creation CSRF</title>
<reference>http://osvdb.org/94407</reference>
<type>CSRF</type>
</vulnerability>
</plugin>
<plugin name="mapsmarker">
<vulnerability>
<title>Leaflet Maps Marker Tag Multiple Parameter SQL Injection</title>
<reference>http://osvdb.org/94388</reference>
<type>SQLI</type>
<fixed_in>3.5.4</fixed_in>
</vulnerability>
</plugin>
</vulnerabilities> </vulnerabilities>