Update vuln db

2014-04-13 22:34:53 +02:00
parent 3e6b019044
commit 79387730bc
2 changed files with 51 additions and 0 deletions
--- a/data/plugin_vulns.xml
+++ b/data/plugin_vulns.xml
@@ -11627,6 +11627,13 @@
      </references>
      <type>XSS</type>
    </vulnerability>
+    <vulnerability>
+      <title>Zedity 2.4 - Cross Site Scripting</title>
+      <references>
+        <url>http://packetstormsecurity.com/files/125402/</url>
+      </references>
+      <type>XSS</type>
+    </vulnerability>
  </plugin>

  <plugin name="wp-post-to-pdf">
@@ -11727,6 +11734,7 @@
      <references>
        <cve>2014-2340</cve>
        <osvdb>104402</osvdb>
+        <exploitdb>32701</exploitdb>
        <url>http://packetstormsecurity.com/files/125991/</url>
        <url>https://www.htbridge.com/advisory/HTB23206</url>
      </references>
@@ -12094,6 +12102,7 @@
      <title>Ajax Pagination 1.1 - wp-admin/admin-ajax.php loop Parameter Local File Inclusion</title>
      <references>
        <osvdb>105087</osvdb>
+        <exploitdb>32622</exploitdb>
        <url>http://packetstormsecurity.com/files/125929/</url>
        <url>http://seclists.org/fulldisclosure/2014/Mar/398</url>
      </references>
@@ -12207,6 +12216,14 @@
      <type>XSS</type>
      <fixed_in>1.1.21</fixed_in>
    </vulnerability>
+    <vulnerability>
+      <title>Lazyest Gallery 1.1.7 - Crafted Folder Name Unspecified Issue</title>
+      <references>
+        <osvdb>105728</osvdb>
+      </references>
+      <type>UNKNOWN</type>
+      <fixed_in>1.1.8</fixed_in>
+    </vulnerability>
  </plugin>

  <plugin name="post-expirator">
@@ -12244,4 +12261,28 @@
    </vulnerability>
  </plugin>

+  <plugin name="hk-exif-tags">
+    <vulnerability>
+      <title>HK Exif Tags 1.11 - hk_exif_tags.php hk_exif_tags_images_process Function EXIF Tags Handling Stored XSS</title>
+      <references>
+        <osvdb>105725</osvdb>
+        <secunia>57753</secunia>
+      </references>
+      <type>XSS</type>
+      <fixed_in>1.12</fixed_in>
+    </vulnerability>
+  </plugin>
+
+  <plugin name="unconfirmed">
+    <vulnerability>
+      <title>Unconfirmed &lt;= 1.2.4 - unconfirmed.php s Parameter Reflected XSS</title>
+      <references>
+        <osvdb>105722</osvdb>
+        <secunia>57838</secunia>
+      </references>
+      <type>XSS</type>
+      <fixed_in>1.2.5</fixed_in>
+    </vulnerability>
+  </plugin>
+
 </vulnerabilities>
--- a/data/theme_vulns.xml
+++ b/data/theme_vulns.xml
@@ -3498,4 +3498,14 @@
    </vulnerability>
  </theme>

+  <theme name="Sixtees">
+    <vulnerability>
+      <title>Sixtees - Shell Upload</title>
+      <references>
+        <url>http://packetstormsecurity.com/files/125491/</url>
+      </references>
+      <type>UPLOAD</type>
+    </vulnerability>
+  </theme>
+
 </vulnerabilities>