From 7d07b27d4f4d47ebb298c56170236e8840dcfb89 Mon Sep 17 00:00:00 2001
From: Peter <vanderlaan.pm@gmail.com>
Date: Sat, 14 Dec 2013 22:12:32 +0100
Subject: [PATCH] Update theme_vulns.xml

---
 data/theme_vulns.xml | 74 +++++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 73 insertions(+), 1 deletion(-)

diff --git a/data/theme_vulns.xml b/data/theme_vulns.xml
index 724ba66e..f7931dc4 100644
--- a/data/theme_vulns.xml
+++ b/data/theme_vulns.xml
@@ -1789,9 +1789,13 @@
 
   <theme name="clockstone">
     <vulnerability>
-      <title>Clockstone - upload.php Arbitrary File Upload Vulnerability</title>
+      <title>Clockstone 1.2 - upload.php Arbitrary File Upload Vulnerability</title>
       <references>
+        <osvdb>88622</osvdb>
         <secunia>51619</secunia>
+        <url>http://www.exploit-db.com/exploits/23494</url>
+        <url>http://www.securityfocus.com/bid/56988</url>
+        <url>http://xforce.iss.net/xforce/xfdb/80725</url>
       </references>
       <type>UPLOAD</type>
     </vulnerability>
@@ -2527,4 +2531,72 @@
     </vulnerability>
   </theme>
 
+  <theme name="twentyten">
+    <vulnerability>
+      <title>TwentyTen 1.1-1.5 - loop.php Multiple File Extension Upload Arbitrary Code Execution</title>
+      <references>
+        <osvdb>88822</osvdb>
+      </references>
+      <type>RCE</type>
+    </vulnerability>
+  </theme>
+
+  <theme name="nest">
+    <vulnerability>
+      <title>Nest - gerador_galeria.php codigo Parameter SQL Injection</title>
+      <references>
+        <osvdb>88298</osvdb>
+        <url>http://www.securityfocus.com/bid/56792</url>
+        <url>http://xforce.iss.net/xforce/xfdb/80503</url>
+      </references>
+      <type>SQLI</type>
+    </vulnerability>
+  </theme>
+
+  <theme name="toolbox">
+    <vulnerability>
+      <title>Toolbox 1.4 - flyer.php mls Parameter SQL Injection</title>
+      <references>
+        <osvdb>88293</osvdb>
+        <url>http://www.securityfocus.com/bid/56745</url>
+      </references>
+      <type>SQLI</type>
+    </vulnerability>
+  </theme>
+
+  <theme name="oberliga_theme">
+    <vulnerability>
+      <title>Oberliga - team.php team Parameter SQL Injection</title>
+      <references>
+        <osvdb>88454</osvdb>
+        <url>http://packetstormsecurity.org/files/118368/</url>
+        <url>http://xforce.iss.net/xforce/xfdb/80273</url>
+      </references>
+      <type>SQLI</type>
+    </vulnerability>
+  </theme>
+
+  <theme name="cstardesign">
+    <vulnerability>
+      <title>CStar Design 2.0 - flashmoXML.php id Parameter SQL Injection</title>
+      <references>
+        <osvdb>88291</osvdb>
+        <url>http://www.securityfocus.com/bid/56694</url>
+      </references>
+      <type>SQLI</type>
+    </vulnerability>
+  </theme>
+
+  <theme name="malmonation">
+    <vulnerability>
+      <title>Malmonation - debate.php id Parameter SQL Injection</title>
+      <references>
+        <osvdb>87866</osvdb>
+        <url>http://packetstormsecurity.org/files/118340/</url>
+        <url>http://xforce.iss.net/xforce/xfdb/80252</url>
+      </references>
+      <type>SQLI</type>
+    </vulnerability>
+  </theme>
+
 </vulnerabilities>