Update theme_vulns.xml

2013-12-14 22:12:32 +01:00
parent 57fdc90623
commit 7d07b27d4f
1 changed files with 73 additions and 1 deletions
--- a/data/theme_vulns.xml
+++ b/data/theme_vulns.xml
@@ -1789,9 +1789,13 @@

  <theme name="clockstone">
    <vulnerability>
-      <title>Clockstone - upload.php Arbitrary File Upload Vulnerability</title>
+      <title>Clockstone 1.2 - upload.php Arbitrary File Upload Vulnerability</title>
      <references>
+        <osvdb>88622</osvdb>
        <secunia>51619</secunia>
+        <url>http://www.exploit-db.com/exploits/23494</url>
+        <url>http://www.securityfocus.com/bid/56988</url>
+        <url>http://xforce.iss.net/xforce/xfdb/80725</url>
      </references>
      <type>UPLOAD</type>
    </vulnerability>
@@ -2527,4 +2531,72 @@
    </vulnerability>
  </theme>

+  <theme name="twentyten">
+    <vulnerability>
+      <title>TwentyTen 1.1-1.5 - loop.php Multiple File Extension Upload Arbitrary Code Execution</title>
+      <references>
+        <osvdb>88822</osvdb>
+      </references>
+      <type>RCE</type>
+    </vulnerability>
+  </theme>
+
+  <theme name="nest">
+    <vulnerability>
+      <title>Nest - gerador_galeria.php codigo Parameter SQL Injection</title>
+      <references>
+        <osvdb>88298</osvdb>
+        <url>http://www.securityfocus.com/bid/56792</url>
+        <url>http://xforce.iss.net/xforce/xfdb/80503</url>
+      </references>
+      <type>SQLI</type>
+    </vulnerability>
+  </theme>
+
+  <theme name="toolbox">
+    <vulnerability>
+      <title>Toolbox 1.4 - flyer.php mls Parameter SQL Injection</title>
+      <references>
+        <osvdb>88293</osvdb>
+        <url>http://www.securityfocus.com/bid/56745</url>
+      </references>
+      <type>SQLI</type>
+    </vulnerability>
+  </theme>
+
+  <theme name="oberliga_theme">
+    <vulnerability>
+      <title>Oberliga - team.php team Parameter SQL Injection</title>
+      <references>
+        <osvdb>88454</osvdb>
+        <url>http://packetstormsecurity.org/files/118368/</url>
+        <url>http://xforce.iss.net/xforce/xfdb/80273</url>
+      </references>
+      <type>SQLI</type>
+    </vulnerability>
+  </theme>
+
+  <theme name="cstardesign">
+    <vulnerability>
+      <title>CStar Design 2.0 - flashmoXML.php id Parameter SQL Injection</title>
+      <references>
+        <osvdb>88291</osvdb>
+        <url>http://www.securityfocus.com/bid/56694</url>
+      </references>
+      <type>SQLI</type>
+    </vulnerability>
+  </theme>
+
+  <theme name="malmonation">
+    <vulnerability>
+      <title>Malmonation - debate.php id Parameter SQL Injection</title>
+      <references>
+        <osvdb>87866</osvdb>
+        <url>http://packetstormsecurity.org/files/118340/</url>
+        <url>http://xforce.iss.net/xforce/xfdb/80252</url>
+      </references>
+      <type>SQLI</type>
+    </vulnerability>
+  </theme>
+
 </vulnerabilities>