diff --git a/data/plugin_vulns.xml b/data/plugin_vulns.xml
index 5e7a223c..bda8e428 100644
--- a/data/plugin_vulns.xml
+++ b/data/plugin_vulns.xml
@@ -995,12 +995,15 @@
- Answer My Question 1.1 - Multiple XSS
+ Answer My Question 1.1 - record_question.php Multiple Parameter XSS
- http://www.securityfocus.com/archive/1/524625/30/0/threaded
+ 85567
50655
+ http://www.securityfocus.com/archive/1/524625/30/0/threaded
+ http://seclists.org/bugtraq/2012/Nov/24
XSS
+ 1.2
@@ -5120,9 +5123,11 @@
- Notices Ticker - Cross-Site Request Forgery Vulnerability
+ Notices Ticker 5.0 - Cross-Site Request Forgery Vulnerability
+ 85729
50717
+ http://packetstormsecurity.org/files/116774/
CSRF
@@ -5130,9 +5135,12 @@
- MF Gig Calendar - URL Cross-Site Scripting Vulnerability
+ MF Gig Calendar 0.9.4.1 - URL Cross-Site Scripting Vulnerability
+ 85682
+ 2012-4242
50571
+ http://packetstormsecurity.org/files/116713/
XSS
diff --git a/data/theme_vulns.xml b/data/theme_vulns.xml
index 6fe031bb..7ce1f5f4 100644
--- a/data/theme_vulns.xml
+++ b/data/theme_vulns.xml
@@ -80,54 +80,92 @@
- vithy Full Path Disclosure vulnerability
+ vithy - Full Path Disclosure vulnerability
http://1337day.com/exploit/20040
FPD
+
+ vithy - Arbitrary File Upload Vulnerability
+
+ http://1337day.com/exploit/19830
+
+ UPLOAD
+
- appius Full Path Disclosure vulnerability
+ appius - Full Path Disclosure vulnerability
http://1337day.com/exploit/20039
FPD
+
+ appius - Arbitrary File Upload Vulnerability
+
+ http://1337day.com/exploit/19831
+
+ UPLOAD
+
- yvora Full Path Disclosure vulnerability
+ yvora - Full Path Disclosure vulnerability
http://1337day.com/exploit/20038
FPD
+
+ yvora - Arbitrary File Upload Vulnerability
+
+ http://1337day.com/exploit/19834
+
+ UPLOAD
+
- shotzz Full Path Disclosure vulnerability
+ Shotzz - Full Path Disclosure vulnerability
http://1337day.com/exploit/20041
FPD
+
+ Shotzz - Arbitrary File Upload Vulnerability
+
+ http://1337day.com/exploit/19829
+
+ UPLOAD
+
+
+
+
+
+ dagda - Arbitrary File Upload Vulnerability
+
+ http://1337day.com/exploit/19832
+
+ UPLOAD
+
- moneymasters Full Path Disclosure vulnerability
+ moneymasters - Full Path Disclosure vulnerability
http://1337day.com/exploit/20077
FPD
- moneymasters File Upload Vulnerability (metasploit)
+ moneymasters - File Upload Vulnerability (metasploit)
http://1337day.com/exploit/20076
@@ -457,7 +495,7 @@
- WordPress Famous Theme 2.0.5 Shell Upload
+ Famous 2.0.5 - Shell Upload
http://packetstormsecurity.org/files/113842/
@@ -467,7 +505,7 @@
- WordPress Deep-Blue Theme 1.9.2 Arbitrary File Upload Vulnerability
+ Deep-Blue 1.9.2 - Arbitrary File Upload Vulnerability
http://packetstormsecurity.org/files/113843/
@@ -477,7 +515,7 @@
- WordPress Classipress Theme <= 3.1.4 Stored XSS
+ Classipress <= 3.1.4 - Stored XSS
18053
http://cxsecurity.com/issue/WLB-2011110001
@@ -1528,7 +1566,7 @@
- Wordpress dt-chocolate Theme Image Open redirect
+ dt-chocolate - Image Open redirect
http://cxsecurity.com/issue/WLB-2013020011
@@ -1545,7 +1583,7 @@
- Wordpress theme sandbox Arbitrary File Upload/FD Vulnerability
+ sandbox - Arbitrary File Upload/FD Vulnerability
http://1337day.com/exploit/20228
@@ -1555,7 +1593,7 @@
- WordPress Clockstone Theme upload.php Arbitrary File Upload Vulnerability
+ Clockstone - upload.php Arbitrary File Upload Vulnerability
51619
@@ -1565,7 +1603,7 @@
- WordPress Archin Theme Cross-Site Scripting and Arbitrary File Upload Vulnerabilities
+ Archin - Cross-Site Scripting and Arbitrary File Upload Vulnerabilities
50711
@@ -1575,7 +1613,7 @@
- WordPress Purity Theme Multiple Cross-Site Scripting Vulnerabilities
+ Purity - Multiple Cross-Site Scripting Vulnerabilities
50627
@@ -1599,7 +1637,7 @@
- montezuma <= 1.1.3 XSS in ZeroClipboard.swf
+ montezuma <= 1.1.3 - XSS in ZeroClipboard.swf
http://1337day.com/exploit/20396
@@ -1609,7 +1647,7 @@
- scarlet <= 1.1.3 XSS in ZeroClipboard.swf
+ scarlet <= 1.1.3 - XSS in ZeroClipboard.swf
http://1337day.com/exploit/20396
@@ -1619,7 +1657,7 @@
- allure-real-estate-theme-for-placester <= 0.1.1 XSS in ZeroClipboard.swf
+ allure-real-estate-theme-for-placester <= 0.1.1 - XSS in ZeroClipboard.swf
http://1337day.com/exploit/20396
@@ -1629,7 +1667,7 @@
- allure-real-estate-theme-for-real-estate <= 0.1.1 XSS in ZeroClipboard.swf
+ allure-real-estate-theme-for-real-estate <= 0.1.1 - XSS in ZeroClipboard.swf
http://1337day.com/exploit/20396
@@ -1639,7 +1677,7 @@
- felici XSS Vulnerability
+ felici - XSS Vulnerability
http://1337day.com/exploit/20560
@@ -1649,7 +1687,7 @@
- Classic v1.5 Theme PHP_SELF XSS
+ Classic 1.5 - PHP_SELF XSS
http://osvdb.org/38450
2007-4483
@@ -1660,7 +1698,7 @@
- brilliant File Upload Vulnerability
+ brilliant - File Upload Vulnerability
http://ruinedsec.wordpress.com/2013/04/03/wordpress-themes-exploits-are-in-action-wpscan/