Aded plugin vuln: spicy-blogroll RFI

2013-08-02 15:51:43 +02:00
parent e9374e4fe3
commit 9a70b8e2af
1 changed files with 9 additions and 1 deletions
--- a/data/plugin_vulns.xml
+++ b/data/plugin_vulns.xml
@@ -4980,7 +4980,6 @@
    </vulnerability>
  </plugin>

-
  <plugin name="buddypress-extended-friendship-request">
    <vulnerability>
      <title>BuddyPress Extended Friendship Request wp-admin/admin-ajax.php friendship_request_message Parameter XSS</title>
@@ -5024,4 +5023,13 @@
    </vulnerability>
  </plugin>

+   <plugin name="spicy-blogroll">
+    <vulnerability>
+      <title>Spicy Blogroll spicy-blogroll-ajax.php Multiple Parameter Remote File Inclusion</title>
+      <reference>http://osvdb.org/95557</reference>
+      <reference>www.exploit-db.com/exploits/26804</reference>
+      <type>RFI</type>
+    </vulnerability>
+  </plugin>
+
 </vulnerabilities>