Some vulns added

2013-09-17 14:34:33 +01:00
parent 4a4df8e1c4
commit 95557ce095
2 changed files with 90 additions and 1 deletions
--- a/data/plugin_vulns.xml
+++ b/data/plugin_vulns.xml
@@ -2794,6 +2794,15 @@
      </references>
      <type>SQLI</type>
    </vulnerability>
+    <vulnerability>
+      <title>Privilege Escalation CSRF</title>
+      <references>
+        <osvdb>96905</osvdb>
+        <cve>2013-0736</cve>
+        <secunia>47687</secunia>
+      </references>
+      <type>CSRF</type>
+    </vulnerability>
  </plugin>

  <plugin name="accept-signups">
@@ -6494,4 +6503,43 @@
      <fixed_in>1.3.8</fixed_in>
    </vulnerability>
  </plugin>
+
+  <plugin name="design-approval-system">
+    <vulnerability>
+      <title>/admin/walkthrough/walkthrough.php step Parameter Reflected XSS</title>
+      <references>
+        <url>http://seclists.org/bugtraq/2013/Sep/54</url>
+        <cve>2013-5711</cve>
+        <osvdb>97279</osvdn>
+      </references>
+      <fixed_in>3.7</fixed_in>
+    </vulnerability>
+  </plugin>
+
+  <plugin name="event-easy-calendar">
+    <vulnerability>
+      <title>Multiple Administrator Action CSRF</title>
+      <references>
+        <osvdb>97042</osvdb>
+      </references>
+    </vulnerability>
+    <vulnerability>
+      <title>Multiple Unspecified XSS</title>
+      <references>
+        <osvdb>97041</osvdb>
+      </references>
+    </vulnerability>
+  </plugin>
+
+  <plugin name="">
+    <vulnerability>
+      <title></title>
+      <references>
+        <url></url>
+        <cve></cve>
+        <osvdb></osvdb>
+      </references>
+      <fixed_in></fixed_in>
+    </vulnerability>
+  </plugin>
 </vulnerabilities>