garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update vuln db

Browse Source
This commit is contained in:
Peter
2014-02-10 13:29:47 +01:00
parent 518135006c
commit 9761d70f23
2 changed files with 43 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
data/plugin_vulns.xml
View File

@@ -6063,10 +6063,20 @@
</plugin> </plugin>
<plugin name="sagepay-direct-for-woocommerce-payment-gateway"> <plugin name="sagepay-direct-for-woocommerce-payment-gateway">
<vulnerability>
<title>WooCommerce SagePay Direct Payment Gateway 0.1.6.6 - pages/3DRedirect.php Multiple Parameter Reflected XSS</title>
<references>
<osvdb>102882</osvdb>
<secunia>56801</secunia>
</references>
<type>XSS</type>
<fixed_in>0.1.6.7</fixed_in>
</vulnerability>
<vulnerability> <vulnerability>
<title>WooCommerce SagePay Direct Payment Gateway 0.1.6.6 - pages/3DCallBack.php Multiple Parameter Reflected XSS</title> <title>WooCommerce SagePay Direct Payment Gateway 0.1.6.6 - pages/3DCallBack.php Multiple Parameter Reflected XSS</title>
<references> <references>
<osvdb>102746</osvdb> <osvdb>102746</osvdb>
<secunia>56801</secunia>
</references> </references>
<type>XSS</type> <type>XSS</type>
<fixed_in>0.1.6.7</fixed_in> <fixed_in>0.1.6.7</fixed_in>
@@ -6075,6 +6085,7 @@
<title>WooCommerce SagePay Direct Payment Gateway 0.1.6.6 - pages/3DComplete.php Multiple Parameter Reflected XSS</title> <title>WooCommerce SagePay Direct Payment Gateway 0.1.6.6 - pages/3DComplete.php Multiple Parameter Reflected XSS</title>
<references> <references>
<osvdb>102747</osvdb> <osvdb>102747</osvdb>
<secunia>56801</secunia>
</references> </references>
<type>XSS</type> <type>XSS</type>
<fixed_in>0.1.6.7</fixed_in> <fixed_in>0.1.6.7</fixed_in>
@@ -10791,4 +10802,15 @@
</vulnerability> </vulnerability>
</plugin> </plugin>
<plugin name="delightful-downloads">
<vulnerability>
<title>Delightful Downloads 1.3.1.1 - meta-boxes.php dedo_meta_boxes_save Function Multiple Action Authorization Bypass</title>
<references>
<osvdb>102932</osvdb>
</references>
<type>AUTHBYPASS</type>
<fixed_in>1.3.2</fixed_in>
</vulnerability>
</plugin>
</vulnerabilities> </vulnerabilities>

22
data/theme_vulns.xml
View File

@@ -2900,6 +2900,14 @@
</theme> </theme>
<theme name="infocus"> <theme name="infocus">
<vulnerability>
<title>InFocus - prettyPhoto Cross-Site Scripting Vulnerability</title>
<references>
<secunia>56583</secunia>
<url>http://packetstormsecurity.com/files/124960/</url>
</references>
<type>XSS</type>
</vulnerability>
<vulnerability> <vulnerability>
<title>InFocus 3.3 - dl-skin.php _mysite_delete_skin_zip Parameter Absolute Path Traversal Remote Directory Deletion</title> <title>InFocus 3.3 - dl-skin.php _mysite_delete_skin_zip Parameter Absolute Path Traversal Remote Directory Deletion</title>
<references> <references>
@@ -2908,7 +2916,7 @@
<url>http://www.securityfocus.com/bid/64501</url> <url>http://www.securityfocus.com/bid/64501</url>
</references> </references>
<type>UNKNOWN</type> <type>UNKNOWN</type>
<fixed_in>2.5</fixed_in> <fixed_in>3.4</fixed_in>
</vulnerability> </vulnerability>
<vulnerability> <vulnerability>
<title>InFocus 3.3 - dl-skin.php _mysite_download_skin Parameter Absolute Path Traversal Remote File Download</title> <title>InFocus 3.3 - dl-skin.php _mysite_download_skin Parameter Absolute Path Traversal Remote File Download</title>
@@ -2967,4 +2975,16 @@
</vulnerability> </vulnerability>
</theme> </theme>
<theme name="dandelion">
<vulnerability>
<title>Dandelion - Arbitry File Upload</title>
<references>
<osvdb>99043</osvdb>
<exploitdb>31424</exploitdb>
<url>http://packetstormsecurity.com/files/125098/</url>
</references>
<type>UPLOAD</type>
</vulnerability>
</theme>
</vulnerabilities> </vulnerabilities>