Merge branch 'master' of github.com:wpscanteam/wpscan

data/plugin_vulns.xml

@@ -10500,7 +10500,7 @@
       <fixed_in>3.7.2</fixed_in>
     </vulnerability>
     <vulnerability>
-      <title>Contact Form 7 3.5.3 - Crafted File Extension Upload Remote Code Execution</title>
+      <title>Contact Form 7 &amp; Old WP Versions - Crafted File Extension Upload Remote Code Execution</title>
       <references>
         <osvdb>102776</osvdb>
         <url>http://packetstormsecurity.com/files/125018/</url>
@@ -10637,6 +10637,13 @@
       </references>
       <type>FPD</type>
     </vulnerability>
+    <vulnerability>
+      <title>DZS Video Gallery - Flash Files Content Spoofing &amp; Cross-Site Scripting</title>
+      <references>
+        <url>http://seclists.org/fulldisclosure/2014/May/157</url>
+      </references>
+      <type>MULTI</type>
+    </vulnerability>
   </plugin>
 
   <plugin name="askapache-firefox-adsense">
@@ -12306,7 +12313,7 @@
       <fixed_in>1.0.4</fixed_in>
     </vulnerability>
   </plugin>
-  
+
   <plugin name="wp-business-intelligence-lite">
     <vulnerability>
       <title>WP Business intelligence lite &lt;= 1.0.6 - Remote Code Execution Exploit</title>
@@ -12585,7 +12592,7 @@
       <fixed_in>1.2</fixed_in>
     </vulnerability>
   </plugin>
-  
+
   <plugin name="photo-gallery">
     <vulnerability>
       <title>Photo-Gallery - UploadHandler.php File Upload CSRF</title>
@@ -12708,6 +12715,7 @@
      <title>bib2html 0.9.3 - /OSBiB/create/index.php styleShortName Parameter XSS</title>
       <references>
         <osvdb>107296</osvdb>
+        <cve>2014-3870</cve>
         <url>http://packetstormsecurity.com/files/126782/</url>
         <url>http://www.securityfocus.com/bid/67589</url>
       </references>
@@ -12727,4 +12735,71 @@
     </vulnerability>
   </plugin>
 
+  <plugin name="cool-video-gallery">
+    <vulnerability>
+     <title>Cool Video Gallery 1.8 - admin/gallery-details.php Multiple Actions CSRF</title>
+      <references>
+        <osvdb>107354</osvdb>
+      </references>
+      <type>CSRF</type>
+      <fixed_in>1.9</fixed_in>
+    </vulnerability>
+    <vulnerability>
+     <title>Cool Video Gallery 1.8 - admin/gallery-manage.php Gallery Deletion CSRF</title>
+      <references>
+        <osvdb>107355</osvdb>
+      </references>
+      <type>CSRF</type>
+      <fixed_in>1.9</fixed_in>
+    </vulnerability>
+    <vulnerability>
+     <title>Cool Video Gallery 1.8 - admin/gallery-settings.php Gallery Settings Manipulation CSRF</title>
+      <references>
+        <osvdb>107356</osvdb>
+      </references>
+      <type>CSRF</type>
+      <fixed_in>1.9</fixed_in>
+    </vulnerability>
+    <vulnerability>
+     <title>Cool Video Gallery 1.8 - admin/gallery-sort.php Gallery Sort Order Manipulation CSRF</title>
+      <references>
+        <osvdb>107357</osvdb>
+      </references>
+      <type>CSRF</type>
+      <fixed_in>1.9</fixed_in>
+    </vulnerability>
+    <vulnerability>
+     <title>Cool Video Gallery 1.8 - admin/player-settings.php Player Settings Manipulation CSRF</title>
+      <references>
+        <osvdb>107358</osvdb>
+      </references>
+      <type>CSRF</type>
+      <fixed_in>1.9</fixed_in>
+    </vulnerability>
+    <vulnerability>
+     <title>Cool Video Gallery 1.8 - admin/plugin-uninstall.php Plugin Uninstallation CSRF</title>
+      <references>
+        <osvdb>107359</osvdb>
+      </references>
+      <type>CSRF</type>
+      <fixed_in>1.9</fixed_in>
+    </vulnerability>
+    <vulnerability>
+     <title>Cool Video Gallery 1.8 - admin/video-sitemap.php XML Video Sitemap Generation CSRF</title>
+      <references>
+        <osvdb>107360</osvdb>
+      </references>
+      <type>CSRF</type>
+      <fixed_in>1.9</fixed_in>
+    </vulnerability>
+    <vulnerability>
+     <title>Cool Video Gallery 1.8 - lib/core.php Multiple Actions CSRF</title>
+      <references>
+        <osvdb>107361</osvdb>
+      </references>
+      <type>CSRF</type>
+      <fixed_in>1.9</fixed_in>
+    </vulnerability>
+  </plugin>
+
 </vulnerabilities>