garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Added WP-e-Commerce Vulns. Fix #640

Browse Source
This commit is contained in:
Peter
2014-07-31 11:43:42 +02:00
parent a00987efc8
commit 921596f6f8
1 changed files with 36 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

52
data/plugin_vulns.xml
View File

@@ -5579,22 +5579,6 @@
</plugin> </plugin>
<plugin name="wp-e-commerce"> <plugin name="wp-e-commerce">
<vulnerability>
<title>WP e-Commerce 3.8.6 - wpsc-cart_widget.php cart_messages Parameter XSS</title>
<references>
<osvdb>74295</osvdb>
<secunia>45513</secunia>
</references>
<type>XSS</type>
<fixed_in>3.8.8</fixed_in>
</vulnerability>
<vulnerability>
<title>WP e-Commerce &lt;= 3.8.6 - SQL Injection Vulnerability</title>
<references>
<exploitdb>17832</exploitdb>
</references>
<type>SQLI</type>
</vulnerability>
<vulnerability> <vulnerability>
<title>WP-e-Commerce 3.8.9.5 - Cross Site Scripting Vulnerability</title> <title>WP-e-Commerce 3.8.9.5 - Cross Site Scripting Vulnerability</title>
<references> <references>
@@ -5634,6 +5618,42 @@
</references> </references>
<type>UPLOAD</type> <type>UPLOAD</type>
</vulnerability> </vulnerability>
<vulnerability>
<title>WP-e-Commerce 3.8.9 - purchase-log-list-table-class.php m Parameter XSS</title>
<references>
<osvdb>88231</osvdb>
<url>http://www.securityfocus.com/bid/56499</url>
<url>http://xforce.iss.net/xforce/xfdb/80048</url>
</references>
<type>XSS</type>
<fixed_in>3.8.9.1</fixed_in>
</vulnerability>
<vulnerability>
<title>WP-e-Commerce 3.8.9 - purchaselogs.class.php view_purchlogs_by_status Parameter SQL Injection</title>
<references>
<osvdb>88232</osvdb>
<url>http://www.securityfocus.com/bid/56499</url>
<url>http://xforce.iss.net/xforce/xfdb/80042</url>
</references>
<type>SQLI</type>
<fixed_in>3.8.9.1</fixed_in>
</vulnerability>
<vulnerability>
<title>WP e-Commerce 3.8.6 - wpsc-cart_widget.php cart_messages Parameter XSS</title>
<references>
<osvdb>74295</osvdb>
<secunia>45513</secunia>
</references>
<type>XSS</type>
<fixed_in>3.8.8</fixed_in>
</vulnerability>
<vulnerability>
<title>WP e-Commerce &lt;= 3.8.6 - SQL Injection Vulnerability</title>
<references>
<exploitdb>17832</exploitdb>
</references>
<type>SQLI</type>
</vulnerability>
</plugin> </plugin>
<plugin name="filedownload"> <plugin name="filedownload">