From 7288c82994da28a216351f0d6d9e59fad58bb258 Mon Sep 17 00:00:00 2001
From: Peter van der Laan <vanderlaan.pm@gmail.com>
Date: Wed, 23 Oct 2013 09:36:17 +0200
Subject: [PATCH] Update plugin_vulns.xml

---
 data/plugin_vulns.xml | 45 +++++++++++++++++++++++++++++++++++++++++--
 1 file changed, 43 insertions(+), 2 deletions(-)

diff --git a/data/plugin_vulns.xml b/data/plugin_vulns.xml
index 8ee9ef4b..e1813d90 100644
--- a/data/plugin_vulns.xml
+++ b/data/plugin_vulns.xml
@@ -4462,7 +4462,7 @@
 
   <plugin name="portable-phpmyadmin">
     <vulnerability>
-      <title>portable-phpMyAdmin - Authentication Bypass</title>
+      <title>Portable-phpMyAdmin - Authentication Bypass</title>
       <references>
         <osvdb>88391</osvdb>
         <cve>2012-5469</cve>
@@ -4472,6 +4472,23 @@
       <type>AUTHBYPASS</type>
       <fixed_in>1.3.1</fixed_in>
     </vulnerability>
+    <vulnerability>
+      <title>Portable phpMyAdmin - /pma/phpinfo.php Direct Request System Information Disclosure</title>
+      <references>
+        <osvdb>98766</osvdb>
+        <url>http://seclists.org/oss-sec/2013/q4/138</url>
+      </references>
+    </vulnerability>
+    <vulnerability>
+      <title>Portable phpMyAdmin 1.4.1 - Multiple Script Direct Request Authentication Bypass</title>
+      <references>
+        <osvdb>98767</osvdb>
+        <cve>2013-4454</cve>
+        <secunia>55270</secunia>
+        <url>http://seclists.org/oss-sec/2013/q4/138</url>
+      </references>
+      <type>AUTHBYPASS</type>
+    </vulnerability>
   </plugin>
 
   <plugin name="super-refer-a-friend">
@@ -4793,8 +4810,9 @@
       <fixed_in>2.0.13</fixed_in>
     </vulnerability>
     <vulnerability>
-      <title>WooCommerce 2.0.17 - Cross Site Scripting</title>
+      <title>WooCommerce 2.0.17 - hide-wc-extensions-message Parameter Reflected XSS</title>
       <references>
+        <osvdb>98754</osvdb>
         <url>http://packetstormsecurity.com/files/123684/</url>
       </references>
       <type>XSS</type>
@@ -7456,4 +7474,27 @@
     </vulnerability>
   </plugin>
 
+  <plugin name="wp-reality">
+    <vulnerability>
+      <title>WP Realty - wp-content/plugins/wp-realty/index_ext.php listing_id Parameter SQL Injection</title>
+      <references>
+        <osvdb>98748</osvdb>
+        <exploitdb>29021</exploitdb>
+      </references>
+      <type>SQLI</type>
+    </vulnerability>
+  </plugin>
+
+  <plugin name="videowall">
+    <vulnerability>
+      <title>Videowall - index.php page_id Parameter Reflected XSS</title>
+      <references>
+        <osvdb>98765</osvdb>
+        <url>http://packetstormsecurity.com/files/123693/</url>
+        <url>http://seclists.org/bugtraq/2013/Oct/98</url>
+      </references>
+      <type>XSS</type>
+    </vulnerability>
+  </plugin>
+
 </vulnerabilities>