garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

XML check rspecs

Browse Source 
Example output:
  1) XML content each plugin vuln needs a type node
     Failure/Error: @result.should have(0).items, "Items:\n#{@result.join("\n")}"
       Items:
       ReFlex Gallery 1.4 - reflex-gallery.php Direct Request Path Disclosure
       Gallery Plugin 3.8.3 - gallery-plugin.php filename_1 Parameter Arbitrary File Access
       EZPZ One Click Backup <= 12.03.10 - OS Command Injection
       BulletProof Security - Security Log Script Insertion Vulnerability
       Portable phpMyAdmin - /pma/phpinfo.php Direct Request System Information Disclosure
       HMS Testimonials 2.0.10 - CSRF
       HMS Testimonials 2.0.10 - XSS
       platinum_seo_pack.php - s Parameter Reflected XSS
       Email Newsletter 8.0 - 'option' Parameter Information Disclosure Vulnerability
This commit is contained in:
Christian Mehlmauer
2014-05-09 17:58:04 +02:00
parent a3eedb14f4
commit 7b0cb29466
2 changed files with 36 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.travis.yml
View File

@@ -5,7 +5,7 @@ rvm:
- 2.0.0
- 2.1.0
- 2.1.1
script: bundle exec rspec --format documentation
script: bundle exec rspec
notifications:
email:
- wpscanteam@gmail.com

35
spec/xml_checks_spec.rb
View File

@@ -77,3 +77,38 @@ describe 'Well formed XML checks' do
@file = LOCAL_FILES_FILE
end
end
describe 'XML content' do
before :all do
@vuln_plugins = xml(PLUGINS_VULNS_FILE)
@vuln_themes = xml(THEMES_VULNS_FILE)
end
after :each do
@result.should have(0).items, "Items:\n#{@result.join("\n")}"
end
it 'each plugin vuln needs a type node' do
@result = @vuln_plugins.xpath('//vulnerability[not(type)]/title/text()').map(&:text)
end
it 'each theme vuln needs a type node' do
@result = @vuln_themes.xpath('//vulnerability[not(type)]/title/text()').map(&:text)
end
it 'each plugin vuln needs a title node' do
@result = @vuln_plugins.xpath('//vulnerability[not(title)]/../@name').map(&:text)
end
it 'each theme vuln needs a title node' do
@result = @vuln_themes.xpath('//vulnerability[not(title)]/../@name').map(&:text)
end
it 'each plugin vuln needs a references node' do
@result = @vuln_plugins.xpath('//vulnerability[not(references)]/title/text()').map(&:text)
end
it 'each theme vuln needs a references node' do
@result = @vuln_themes.xpath('//vulnerability[not(references)]/title/text()').map(&:text)
end
end