From 7b26d0e1057f10570e68775d350a552a3594777e Mon Sep 17 00:00:00 2001
From: Peter van der Laan <vanderlaan.pm@gmail.com>
Date: Mon, 28 Oct 2013 14:45:43 +0100
Subject: [PATCH 1/9] Added OSVDB #98831, #98978

---
 data/plugin_vulns.xml | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)

diff --git a/data/plugin_vulns.xml b/data/plugin_vulns.xml
index b3a91b51..08417be1 100644
--- a/data/plugin_vulns.xml
+++ b/data/plugin_vulns.xml
@@ -7712,4 +7712,27 @@
     </vulnerability>
   </plugin>
 
+  <plugin name="dhtmlxspreadsheet">
+    <vulnerability>
+      <title>Spreadsheet - /dhtmlxspreadsheet/codebase/spreadsheet.php page Parameter Reflected XSS</title>
+      <references>
+        <osvdb>98831</osvdb>
+        <cve>2013-6281</cve>
+        <secunia>55396</secunia>
+        <url>http://www.securityfocus.com/bid/63256</url>
+      </references>
+      <type>XSS</type>
+    </vulnerability>
+  </plugin>
+
+  <plugin name="tweet-blender">
+    <vulnerability>
+      <title>Tweet Blender 4.0.1 - Unspecified XSS</title>
+      <references>
+        <osvdb>98978</osvdb>
+      </references>
+      <type>XSS</type>
+    </vulnerability>
+  </plugin>
+
 </vulnerabilities>

From 42576a9c7e7fd314727eff588aec02ac89a23034 Mon Sep 17 00:00:00 2001
From: Peter van der Laan <vanderlaan.pm@gmail.com>
Date: Mon, 28 Oct 2013 16:46:12 +0100
Subject: [PATCH 2/9] Update plugin_vulns.xml

---
 data/plugin_vulns.xml | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/data/plugin_vulns.xml b/data/plugin_vulns.xml
index 08417be1..84c55686 100644
--- a/data/plugin_vulns.xml
+++ b/data/plugin_vulns.xml
@@ -7734,5 +7734,16 @@
       <type>XSS</type>
     </vulnerability>
   </plugin>
+  <plugin name="connections">
+    <vulnerability>
+      <title>Connections &lt;= 0.7.1.5 - Unspecified Security Vulnerability</title>
+      <references>
+        <cve>2011-5254</cve>
+        <url>http://www.securityfocus.com/bid/51204</url>
+      </references>
+      <type>XSS</type>
+      <fixed_in>0.7.1.5</fixed_in>
+    </vulnerability>
+  </plugin>
 
 </vulnerabilities>

From 93597fe3ac539e3bd96282fe92baef1613d432df Mon Sep 17 00:00:00 2001
From: Peter van der Laan <vanderlaan.pm@gmail.com>
Date: Mon, 28 Oct 2013 17:30:29 +0100
Subject: [PATCH 3/9] Update wp_vulns.xml

---
 data/wp_vulns.xml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/data/wp_vulns.xml b/data/wp_vulns.xml
index 32eed501..4d6bfe14 100644
--- a/data/wp_vulns.xml
+++ b/data/wp_vulns.xml
@@ -587,6 +587,7 @@
       <title>Wordpress &lt;= 3.1.2 Clickjacking Vulnerability</title>
       <references>
         <url>http://seclists.org/fulldisclosure/2011/Sep/219</url>
+        <url>http://www.securityfocus.com/bid/49730</url>
       </references>
       <type>UNKNOWN</type>
     </vulnerability>

From fb921f8f78db1011a47b06e6fed7ebbd167a54bd Mon Sep 17 00:00:00 2001
From: Peter van der Laan <vanderlaan.pm@gmail.com>
Date: Mon, 28 Oct 2013 17:48:49 +0100
Subject: [PATCH 4/9] Added SimplyDark Theme Vuln

---
 data/theme_vulns.xml | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/data/theme_vulns.xml b/data/theme_vulns.xml
index 0ae6c0ce..a87293c6 100644
--- a/data/theme_vulns.xml
+++ b/data/theme_vulns.xml
@@ -1854,4 +1854,24 @@
     </vulnerability>
   </theme>
 
+  <theme name="simpledark">
+    <vulnerability>
+      <title>SimpleDark 1.2.10 - 's' Parameter Cross Site Scripting Vulnerability</title>
+      <references>
+        <url>http://www.securityfocus.com/bid/46615</url>
+      </references>
+      <type>XSS</type>
+    </vulnerability>
+  </theme>
+
+  <theme name="simpledark">
+    <vulnerability>
+      <title>SimpleDark 1.2.10 - 's' Parameter Cross Site Scripting Vulnerability</title>
+      <references>
+        <url>http://www.securityfocus.com/bid/46615</url>
+      </references>
+      <type>XSS</type>
+    </vulnerability>
+  </theme>
+
 </vulnerabilities>

From 5921458fc4005d26005c20ca113720b6dd7573ba Mon Sep 17 00:00:00 2001
From: Peter van der Laan <vanderlaan.pm@gmail.com>
Date: Mon, 28 Oct 2013 17:57:54 +0100
Subject: [PATCH 5/9] Added OSVDB #98975

---
 data/theme_vulns.xml | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/data/theme_vulns.xml b/data/theme_vulns.xml
index a87293c6..462b09ba 100644
--- a/data/theme_vulns.xml
+++ b/data/theme_vulns.xml
@@ -1874,4 +1874,15 @@
     </vulnerability>
   </theme>
 
+  <theme name="geoplaces4">
+    <vulnerability>
+      <title>GeoPlaces - File Upload Handling Remote Command Execution</title>
+      <references>
+        <osvdb>98975</osvdb>
+        <url>http://packetstormsecurity.com/files/123773/</url>
+      </references>
+      <type>RCE</type>
+    </vulnerability>
+  </theme>
+
 </vulnerabilities>

From 9fb0597a3eaf282662691837f67db632f5b257c3 Mon Sep 17 00:00:00 2001
From: Peter van der Laan <vanderlaan.pm@gmail.com>
Date: Mon, 28 Oct 2013 18:08:06 +0100
Subject: [PATCH 6/9] Update theme_vulns.xml

---
 data/theme_vulns.xml | 10 ----------
 1 file changed, 10 deletions(-)

diff --git a/data/theme_vulns.xml b/data/theme_vulns.xml
index 462b09ba..c7e5ac8c 100644
--- a/data/theme_vulns.xml
+++ b/data/theme_vulns.xml
@@ -1864,16 +1864,6 @@
     </vulnerability>
   </theme>
 
-  <theme name="simpledark">
-    <vulnerability>
-      <title>SimpleDark 1.2.10 - 's' Parameter Cross Site Scripting Vulnerability</title>
-      <references>
-        <url>http://www.securityfocus.com/bid/46615</url>
-      </references>
-      <type>XSS</type>
-    </vulnerability>
-  </theme>
-
   <theme name="geoplaces4">
     <vulnerability>
       <title>GeoPlaces - File Upload Handling Remote Command Execution</title>

From aca4d8ac505d81b36a47aa8f4459bd89b112c9ee Mon Sep 17 00:00:00 2001
From: Peter van der Laan <vanderlaan.pm@gmail.com>
Date: Mon, 28 Oct 2013 19:47:04 +0100
Subject: [PATCH 7/9] Update plugin_vulns.xml

---
 data/plugin_vulns.xml | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/data/plugin_vulns.xml b/data/plugin_vulns.xml
index 84c55686..293b2713 100644
--- a/data/plugin_vulns.xml
+++ b/data/plugin_vulns.xml
@@ -4547,6 +4547,10 @@
     <vulnerability>
       <title>W3 Total Cache - Username and Hash Extract</title>
       <references>
+        <osvdb>92742</osvdb>
+        <osvdb>92741</osvdb>
+        <cve>2012-6079</cve>
+        <cve>2012-6078</cve>
         <url>http://seclists.org/fulldisclosure/2012/Dec/242</url>
         <url>https://github.com/FireFart/W3TotalCacheExploit</url>
         <metasploit>auxiliary/gather/wp_w3_total_cache_hash_extract</metasploit>
@@ -7734,6 +7738,17 @@
       <type>XSS</type>
     </vulnerability>
   </plugin>
+
+  <plugin name="sb-uploader">
+    <vulnerability>
+      <title>WordPress SB Uploader 3.9 - Arbitrary File Upload Vulnerability</title>
+      <references>
+        <url>http://packetstormsecurity.com/files/119159/</url>
+      </references>
+      <type>UPLOAD</type>
+    </vulnerability>
+  </plugin>
+
   <plugin name="connections">
     <vulnerability>
       <title>Connections &lt;= 0.7.1.5 - Unspecified Security Vulnerability</title>

From 383b2ad563baf6d0d39ff82e8622ac5417fd5339 Mon Sep 17 00:00:00 2001
From: Peter van der Laan <vanderlaan.pm@gmail.com>
Date: Tue, 29 Oct 2013 11:26:18 +0100
Subject: [PATCH 8/9] Added OSVDB #99043

---
 data/theme_vulns.xml | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/data/theme_vulns.xml b/data/theme_vulns.xml
index c7e5ac8c..53077e3c 100644
--- a/data/theme_vulns.xml
+++ b/data/theme_vulns.xml
@@ -1875,4 +1875,15 @@
     </vulnerability>
   </theme>
 
+  <theme name="curvo">
+    <vulnerability>
+      <title>Curvo - wp-content/themes/curvo/functions/upload-handler.php File Upload CSRF</title>
+      <references>
+        <osvdb>99043</osvdb>
+        <url>http://packetstormsecurity.com/files/123799/</url>
+      </references>
+      <type>CSRF</type>
+    </vulnerability>
+  </theme>
+
 </vulnerabilities>

From 924770f73e1c77a778bc28fce5a8dd32320a8cca Mon Sep 17 00:00:00 2001
From: Peter van der Laan <vanderlaan.pm@gmail.com>
Date: Tue, 29 Oct 2013 11:45:49 +0100
Subject: [PATCH 9/9] Added OSVDB #99045, #99046

---
 data/plugin_vulns.xml | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)

diff --git a/data/plugin_vulns.xml b/data/plugin_vulns.xml
index 293b2713..8debb1f4 100644
--- a/data/plugin_vulns.xml
+++ b/data/plugin_vulns.xml
@@ -7761,4 +7761,27 @@
     </vulnerability>
   </plugin>
 
+  <plugin name="gallery-bank">
+    <vulnerability>
+      <title>Gallery Bank 2.0.19 - Multiple Unspecified XSS</title>
+      <references>
+        <osvdb>99045</osvdb>
+        <secunia>55443</secunia>
+        <url>http://www.securityfocus.com/bid/63382</url>
+      </references>
+      <type>XSS</type>
+      <fixed_in>2.0.20</fixed_in>
+    </vulnerability>
+    <vulnerability>
+      <title>Gallery Bank 2.0.19 - Multiple Unspecified Issues</title>
+      <references>
+        <osvdb>99046</osvdb>
+        <secunia>55443</secunia>
+        <url>http://www.securityfocus.com/bid/63382</url>
+      </references>
+      <type>UNKNOWN</type>
+      <fixed_in>2.0.20</fixed_in>
+    </vulnerability>
+  </plugin>
+
 </vulnerabilities>