Added plugins affected by ZeroClipboard XSS.

2013-03-05 20:23:00 +01:00
parent 08e66a86ce
commit 8d5ae7f94f
1 changed files with 127 additions and 0 deletions
--- a/data/plugin_vulns.xml
+++ b/data/plugin_vulns.xml
@@ -2745,6 +2745,11 @@
  </plugin>

  <plugin name="1-flash-gallery">
+    <vulnerability>
+      <title>1-flash-gallery <= 1.9.0 XSS in ZeroClipboard.swf</title>
+      <reference>http://1337day.com/exploit/20396</reference>
+      <type>XSS</type>
+    </vulnerability>
    <vulnerability>
      <title>1 Flash Gallery Arbiraty File Upload Exploit (MSF)</title>
      <reference>http://www.exploit-db.com/exploits/17801/</reference>
@@ -3479,6 +3484,11 @@
  </plugin>

  <plugin name="wp-topbar">
+    <vulnerability>
+      <title>wp-topbar <= 3.04 XSS in ZeroClipboard.swf</title>
+      <reference>http://1337day.com/exploit/20396</reference>
+      <type>XSS</type>
+    </vulnerability>
    <vulnerability>
      <title>WordPress WP-TopBar Plugin &lt; 4.0.3 Cross-Site Request Forgery Vulnerability</title>
      <reference>http://secunia.com/advisories/50693/</reference>
@@ -3648,6 +3658,11 @@
  </plugin>

  <plugin name="wp-table-reloaded">
+    <vulnerability>
+      <title>wp-table-reloaded <= 1.9.3 XSS in ZeroClipboard.swf</title>
+      <reference>http://1337day.com/exploit/20396</reference>
+      <type>XSS</type>
+    </vulnerability>
    <vulnerability>
      <title>Wordpress wp-table-reloaded plugin &lt; 1.9.4 cross-site scripting in SWF</title>
      <reference>http://packetstormsecurity.com/files/119968/wptablereloaded-xss.txt</reference>
@@ -3803,4 +3818,116 @@
    </vulnerability>
  </plugin>

+  <plugin name="zopim-live-chat">
+    <vulnerability>
+      <title>zopim-live-chat <= 1.2.5 XSS in ZeroClipboard.swf</title>
+      <reference>http://1337day.com/exploit/20396</reference>
+      <type>XSS</type>
+    </vulnerability>
+  </plugin>
+
+  <plugin name="ed2k-link-selector">
+    <vulnerability>
+      <title>ed2k-link-selector <= 1.1.7 XSS in ZeroClipboard.swf</title>
+      <reference>http://1337day.com/exploit/20396</reference>
+      <type>XSS</type>
+    </vulnerability>
+  </plugin>
+
+  <plugin name="wppygments">
+    <vulnerability>
+      <title>wppygments <= 0.3.2 XSS in ZeroClipboard.swf</title>
+      <reference>http://1337day.com/exploit/20396</reference>
+      <type>XSS</type>
+    </vulnerability>
+  </plugin>
+
+  <plugin name="copy-in-clipboard">
+    <vulnerability>
+      <title>copy-in-clipboard <= 0.8 XSS in ZeroClipboard.swf</title>
+      <reference>http://1337day.com/exploit/20396</reference>
+      <type>XSS</type>
+    </vulnerability>
+  </plugin>
+
+  <plugin name="search-and-share">
+    <vulnerability>
+      <title>search-and-share <= 0.9.3 XSS in ZeroClipboard.swf</title>
+      <reference>http://1337day.com/exploit/20396</reference>
+      <type>XSS</type>
+    </vulnerability>
+  </plugin>
+
+  <plugin name="placester">
+    <vulnerability>
+      <title>placester <= 0.3.12 XSS in ZeroClipboard.swf</title>
+      <reference>http://1337day.com/exploit/20396</reference>
+      <type>XSS</type>
+    </vulnerability>
+  </plugin>
+
+  <plugin name="drp-coupon">
+    <vulnerability>
+      <title>drp-coupon <= 2.1 XSS in ZeroClipboard.swf</title>
+      <reference>http://1337day.com/exploit/20396</reference>
+      <type>XSS</type>
+    </vulnerability>
+  </plugin>
+
+  <plugin name="coupon-code-plugin">
+    <vulnerability>
+      <title>coupon-code-plugin <= 2.1 XSS in ZeroClipboard.swf</title>
+      <reference>http://1337day.com/exploit/20396</reference>
+      <type>XSS</type>
+    </vulnerability>
+  </plugin>
+
+  <plugin name="q2w3-inc-manager">
+    <vulnerability>
+      <title>q2w3-inc-manager <= 2.3.1 XSS in ZeroClipboard.swf</title>
+      <reference>http://1337day.com/exploit/20396</reference>
+      <type>XSS</type>
+    </vulnerability>
+  </plugin>
+
+  <plugin name="scorerender">
+    <vulnerability>
+      <title>scorerender <= 0.3.4 XSS in ZeroClipboard.swf</title>
+      <reference>http://1337day.com/exploit/20396</reference>
+      <type>XSS</type>
+    </vulnerability>
+  </plugin>
+
+  <plugin name="wp-link-to-us">
+    <vulnerability>
+      <title>wp-link-to-us <= 2.0 XSS in ZeroClipboard.swf</title>
+      <reference>http://1337day.com/exploit/20396</reference>
+      <type>XSS</type>
+    </vulnerability>
+  </plugin>
+
+  <plugin name="buckets">
+    <vulnerability>
+      <title>buckets <= 0.1.9.2 XSS in ZeroClipboard.swf</title>
+      <reference>http://1337day.com/exploit/20396</reference>
+      <type>XSS</type>
+    </vulnerability>
+  </plugin>
+
+  <plugin name="java-trackback">
+    <vulnerability>
+      <title>java-trackback <= 0.2 XSS in ZeroClipboard.swf</title>
+      <reference>http://1337day.com/exploit/20396</reference>
+      <type>XSS</type>
+    </vulnerability>
+  </plugin>
+
+  <plugin name="slidedeck2">
+    <vulnerability>
+      <title>slidedeck2 <= 2.1.20130228 XSS in ZeroClipboard.swf</title>
+      <reference>http://1337day.com/exploit/20396</reference>
+      <type>XSS</type>
+    </vulnerability>
+  </plugin>
+
 </vulnerabilities>