Peter van der Laan
@@ -3099,7 +3099,7 @@
|
|||||||
|
|
||||||
<plugin name="ImageManager">
|
<plugin name="ImageManager">
|
||||||
<vulnerability>
|
<vulnerability>
|
||||||
<title>Image Manager Plugins Shell Upload Vulnerability</title>
|
<title>Image Manager - Shell Upload Vulnerability</title>
|
||||||
<references>
|
<references>
|
||||||
<exploitdb>10325</exploitdb>
|
<exploitdb>10325</exploitdb>
|
||||||
</references>
|
</references>
|
||||||
@@ -3205,7 +3205,7 @@
|
|||||||
|
|
||||||
<plugin name="wp-lytebox">
|
<plugin name="wp-lytebox">
|
||||||
<vulnerability>
|
<vulnerability>
|
||||||
<title>Lytebox (wp-lytebox) Local File Inclusion Vulnerability</title>
|
<title>Lytebox - Local File Inclusion Vulnerability</title>
|
||||||
<references>
|
<references>
|
||||||
<exploitdb>8791</exploitdb>
|
<exploitdb>8791</exploitdb>
|
||||||
</references>
|
</references>
|
||||||
@@ -3270,7 +3270,7 @@
|
|||||||
|
|
||||||
<plugin name="wp-download">
|
<plugin name="wp-download">
|
||||||
<vulnerability>
|
<vulnerability>
|
||||||
<title>Download (dl_id) SQL Injection Vulnerability</title>
|
<title>Download - (dl_id) SQL Injection Vulnerability</title>
|
||||||
<references>
|
<references>
|
||||||
<exploitdb>5326</exploitdb>
|
<exploitdb>5326</exploitdb>
|
||||||
</references>
|
</references>
|
||||||
@@ -3290,7 +3290,7 @@
|
|||||||
|
|
||||||
<plugin name="wp-photo-album">
|
<plugin name="wp-photo-album">
|
||||||
<vulnerability>
|
<vulnerability>
|
||||||
<title>Photo album Remote SQL Injection Vulnerability</title>
|
<title>Photo album - Remote SQL Injection Vulnerability</title>
|
||||||
<references>
|
<references>
|
||||||
<exploitdb>5135</exploitdb>
|
<exploitdb>5135</exploitdb>
|
||||||
</references>
|
</references>
|
||||||
@@ -3317,14 +3317,14 @@
|
|||||||
|
|
||||||
<plugin name="st_newsletter">
|
<plugin name="st_newsletter">
|
||||||
<vulnerability>
|
<vulnerability>
|
||||||
<title>st_newsletter Remote SQL Injection Vulnerability</title>
|
<title>st_newsletter - Remote SQL Injection Vulnerability</title>
|
||||||
<references>
|
<references>
|
||||||
<exploitdb>5053</exploitdb>
|
<exploitdb>5053</exploitdb>
|
||||||
</references>
|
</references>
|
||||||
<type>SQLI</type>
|
<type>SQLI</type>
|
||||||
</vulnerability>
|
</vulnerability>
|
||||||
<vulnerability>
|
<vulnerability>
|
||||||
<title>st_newsletter (stnl_iframe.php) SQL Injection Vuln</title>
|
<title>st_newsletter - (stnl_iframe.php) SQL Injection Vulnerability</title>
|
||||||
<references>
|
<references>
|
||||||
<exploitdb>6777</exploitdb>
|
<exploitdb>6777</exploitdb>
|
||||||
</references>
|
</references>
|
||||||
@@ -3334,7 +3334,7 @@
|
|||||||
|
|
||||||
<plugin name="wordspew">
|
<plugin name="wordspew">
|
||||||
<vulnerability>
|
<vulnerability>
|
||||||
<title>Wordspew Remote SQL Injection Vulnerability</title>
|
<title>Wordspew - Remote SQL Injection Vulnerability</title>
|
||||||
<references>
|
<references>
|
||||||
<exploitdb>5039</exploitdb>
|
<exploitdb>5039</exploitdb>
|
||||||
</references>
|
</references>
|
||||||
@@ -3441,7 +3441,7 @@
|
|||||||
|
|
||||||
<plugin name="backupwordpress">
|
<plugin name="backupwordpress">
|
||||||
<vulnerability>
|
<vulnerability>
|
||||||
<title>BackUp <= 0.4.2b RFI Vulnerability</title>
|
<title>BackUp <= 0.4.2b - RFI Vulnerability</title>
|
||||||
<references>
|
<references>
|
||||||
<exploitdb>4593</exploitdb>
|
<exploitdb>4593</exploitdb>
|
||||||
</references>
|
</references>
|
||||||
@@ -3679,7 +3679,7 @@
|
|||||||
|
|
||||||
<plugin name="yolink-search">
|
<plugin name="yolink-search">
|
||||||
<vulnerability>
|
<vulnerability>
|
||||||
<title>yolink Search "s" Cross-Site Scripting Vulnerability</title>
|
<title>yolink Search - "s" Cross-Site Scripting Vulnerability</title>
|
||||||
<references>
|
<references>
|
||||||
<secunia>52030</secunia>
|
<secunia>52030</secunia>
|
||||||
</references>
|
</references>
|
||||||
@@ -3861,7 +3861,7 @@
|
|||||||
|
|
||||||
<plugin name="eventify">
|
<plugin name="eventify">
|
||||||
<vulnerability>
|
<vulnerability>
|
||||||
<title>Eventify - Simple Events <= 1.7.f SQL Injection Vulnerability</title>
|
<title>Eventify - Simple Events <= 1.7.f - SQL Injection Vulnerability</title>
|
||||||
<references>
|
<references>
|
||||||
<exploitdb>17794</exploitdb>
|
<exploitdb>17794</exploitdb>
|
||||||
</references>
|
</references>
|
||||||
@@ -3898,7 +3898,7 @@
|
|||||||
<type>XSS</type>
|
<type>XSS</type>
|
||||||
</vulnerability>
|
</vulnerability>
|
||||||
<vulnerability>
|
<vulnerability>
|
||||||
<title>1 Flash Gallery Arbiraty File Upload Exploit (MSF)</title>
|
<title>1 Flash Gallery - Arbiraty File Upload Exploit (MSF)</title>
|
||||||
<references>
|
<references>
|
||||||
<exploitdb>17801</exploitdb>
|
<exploitdb>17801</exploitdb>
|
||||||
</references>
|
</references>
|
||||||
@@ -3915,7 +3915,7 @@
|
|||||||
<type>SQLI</type>
|
<type>SQLI</type>
|
||||||
</vulnerability>
|
</vulnerability>
|
||||||
<vulnerability>
|
<vulnerability>
|
||||||
<title>WP-Filebase Unspecified Vulnerabilities</title>
|
<title>WP-Filebase - Unspecified Vulnerabilities</title>
|
||||||
<references>
|
<references>
|
||||||
<secunia>51269</secunia>
|
<secunia>51269</secunia>
|
||||||
</references>
|
</references>
|
||||||
@@ -4027,7 +4027,7 @@
|
|||||||
<type>RFI</type>
|
<type>RFI</type>
|
||||||
</vulnerability>
|
</vulnerability>
|
||||||
<vulnerability>
|
<vulnerability>
|
||||||
<title>Mailing List Arbitrary file download</title>
|
<title>Mailing List - Arbitrary file download</title>
|
||||||
<references>
|
<references>
|
||||||
<exploitdb>18276</exploitdb>
|
<exploitdb>18276</exploitdb>
|
||||||
</references>
|
</references>
|
||||||
@@ -4089,7 +4089,7 @@
|
|||||||
<type>UPLOAD</type>
|
<type>UPLOAD</type>
|
||||||
</vulnerability>
|
</vulnerability>
|
||||||
<vulnerability>
|
<vulnerability>
|
||||||
<title>Category Grid View Gallery CatGridPost.php ID Parameter XSS</title>
|
<title>Category Grid View Gallery - CatGridPost.php ID Parameter XSS</title>
|
||||||
<references>
|
<references>
|
||||||
<osvdb>94805</osvdb>
|
<osvdb>94805</osvdb>
|
||||||
</references>
|
</references>
|
||||||
@@ -4347,7 +4347,7 @@
|
|||||||
<type>XSS</type>
|
<type>XSS</type>
|
||||||
</vulnerability>
|
</vulnerability>
|
||||||
<vulnerability>
|
<vulnerability>
|
||||||
<title>WP Photo Album Plus Full Path Disclosure</title>
|
<title>WP Photo Album Plus - Full Path Disclosure</title>
|
||||||
<references>
|
<references>
|
||||||
<url>http://1337day.com/exploit/20125</url>
|
<url>http://1337day.com/exploit/20125</url>
|
||||||
</references>
|
</references>
|
||||||
@@ -4355,7 +4355,7 @@
|
|||||||
<fixed_in>4.9.1</fixed_in>
|
<fixed_in>4.9.1</fixed_in>
|
||||||
</vulnerability>
|
</vulnerability>
|
||||||
<vulnerability>
|
<vulnerability>
|
||||||
<title>WP Photo Album Plus index.php wppa-tag Parameter XSS</title>
|
<title>WP Photo Album Plus - index.php wppa-tag Parameter XSS</title>
|
||||||
<references>
|
<references>
|
||||||
<osvdb>89165</osvdb>
|
<osvdb>89165</osvdb>
|
||||||
<secunia>51829</secunia>
|
<secunia>51829</secunia>
|
||||||
@@ -4364,7 +4364,7 @@
|
|||||||
<fixed_in>4.9.3</fixed_in>
|
<fixed_in>4.9.3</fixed_in>
|
||||||
</vulnerability>
|
</vulnerability>
|
||||||
<vulnerability>
|
<vulnerability>
|
||||||
<title>WP Photo Album Plus "commentid" Cross-Site Scripting Vulnerability</title>
|
<title>WP Photo Album Plus - "commentid" Cross-Site Scripting Vulnerability</title>
|
||||||
<references>
|
<references>
|
||||||
<osvdb>93033</osvdb>
|
<osvdb>93033</osvdb>
|
||||||
<cve>2013-3254</cve>
|
<cve>2013-3254</cve>
|
||||||
@@ -4374,7 +4374,7 @@
|
|||||||
<fixed_in>5.0.3</fixed_in>
|
<fixed_in>5.0.3</fixed_in>
|
||||||
</vulnerability>
|
</vulnerability>
|
||||||
<vulnerability>
|
<vulnerability>
|
||||||
<title>WP Photo Album Plus wp-admin/admin.php edit_id Parameter XSS</title>
|
<title>WP Photo Album Plus - wp-admin/admin.php edit_id Parameter XSS</title>
|
||||||
<references>
|
<references>
|
||||||
<osvdb>94465</osvdb>
|
<osvdb>94465</osvdb>
|
||||||
<secunia>53915</secunia>
|
<secunia>53915</secunia>
|
||||||
@@ -4507,7 +4507,7 @@
|
|||||||
|
|
||||||
<plugin name="floating-tweets">
|
<plugin name="floating-tweets">
|
||||||
<vulnerability>
|
<vulnerability>
|
||||||
<title>floating-tweets persistent - XSS</title>
|
<title>floating-tweets - persistent XSS</title>
|
||||||
<references>
|
<references>
|
||||||
<url>http://packetstormsecurity.com/files/119499/</url>
|
<url>http://packetstormsecurity.com/files/119499/</url>
|
||||||
<url>http://websecurity.com.ua/6023/</url>
|
<url>http://websecurity.com.ua/6023/</url>
|
||||||
@@ -4515,7 +4515,7 @@
|
|||||||
<type>XSS</type>
|
<type>XSS</type>
|
||||||
</vulnerability>
|
</vulnerability>
|
||||||
<vulnerability>
|
<vulnerability>
|
||||||
<title>floating-tweets directory traversal</title>
|
<title>floating-tweets - directory traversal</title>
|
||||||
<references>
|
<references>
|
||||||
<url>http://packetstormsecurity.com/files/119499/</url>
|
<url>http://packetstormsecurity.com/files/119499/</url>
|
||||||
<url>http://websecurity.com.ua/6023/</url>
|
<url>http://websecurity.com.ua/6023/</url>
|
||||||
@@ -4545,7 +4545,7 @@
|
|||||||
<fixed_in>0.9.4</fixed_in>
|
<fixed_in>0.9.4</fixed_in>
|
||||||
</vulnerability>
|
</vulnerability>
|
||||||
<vulnerability>
|
<vulnerability>
|
||||||
<title>Simple Login Log SQL Injection</title>
|
<title>Simple Login Log - SQL Injection</title>
|
||||||
<references>
|
<references>
|
||||||
<secunia>51780</secunia>
|
<secunia>51780</secunia>
|
||||||
</references>
|
</references>
|
||||||
@@ -4556,7 +4556,7 @@
|
|||||||
|
|
||||||
<plugin name="wp-slimstat">
|
<plugin name="wp-slimstat">
|
||||||
<vulnerability>
|
<vulnerability>
|
||||||
<title>wp-slimstat XSS</title>
|
<title>wp-slimstat - XSS</title>
|
||||||
<references>
|
<references>
|
||||||
<secunia>51721</secunia>
|
<secunia>51721</secunia>
|
||||||
</references>
|
</references>
|
||||||
@@ -4578,7 +4578,7 @@
|
|||||||
|
|
||||||
<plugin name="browser-rejector">
|
<plugin name="browser-rejector">
|
||||||
<vulnerability>
|
<vulnerability>
|
||||||
<title>browser-rejector Remote and Local File Inclusion</title>
|
<title>browser-rejector - Remote and Local File Inclusion</title>
|
||||||
<references>
|
<references>
|
||||||
<secunia>51739</secunia>
|
<secunia>51739</secunia>
|
||||||
</references>
|
</references>
|
||||||
@@ -4589,7 +4589,7 @@
|
|||||||
|
|
||||||
<plugin name="wp-file-uploader">
|
<plugin name="wp-file-uploader">
|
||||||
<vulnerability>
|
<vulnerability>
|
||||||
<title>File Uploader PHP File Upload Vulnerability</title>
|
<title>File Uploader - PHP File Upload Vulnerability</title>
|
||||||
<references>
|
<references>
|
||||||
<url>http://la.usch.io/2013/01/21/wordpress-file-uploader-plugin-php-file-upload-vulnerability/</url>
|
<url>http://la.usch.io/2013/01/21/wordpress-file-uploader-plugin-php-file-upload-vulnerability/</url>
|
||||||
</references>
|
</references>
|
||||||
@@ -4599,7 +4599,7 @@
|
|||||||
|
|
||||||
<plugin name="cardoza-wordpress-poll">
|
<plugin name="cardoza-wordpress-poll">
|
||||||
<vulnerability>
|
<vulnerability>
|
||||||
<title>Poll Cross-Site Request Forgery Vulnerability</title>
|
<title>Cardoza Wordpress poll - Cross-Site Request Forgery Vulnerability</title>
|
||||||
<references>
|
<references>
|
||||||
<secunia>51925</secunia>
|
<secunia>51925</secunia>
|
||||||
</references>
|
</references>
|
||||||
@@ -4607,7 +4607,7 @@
|
|||||||
<fixed_in>34.06</fixed_in>
|
<fixed_in>34.06</fixed_in>
|
||||||
</vulnerability>
|
</vulnerability>
|
||||||
<vulnerability>
|
<vulnerability>
|
||||||
<title>Multiple SQL injection vulnerabilities in Cardoza Wordpress poll plugin</title>
|
<title>Cardoza Wordpress poll - Multiple SQL injection vulnerabilities</title>
|
||||||
<references>
|
<references>
|
||||||
<secunia>51942</secunia>
|
<secunia>51942</secunia>
|
||||||
<url>http://www.girlinthemiddle.net/2013/01/multiple-sql-injection-vulnerabilities.html</url>
|
<url>http://www.girlinthemiddle.net/2013/01/multiple-sql-injection-vulnerabilities.html</url>
|
||||||
@@ -4616,7 +4616,7 @@
|
|||||||
<type>SQLI</type>
|
<type>SQLI</type>
|
||||||
</vulnerability>
|
</vulnerability>
|
||||||
<vulnerability>
|
<vulnerability>
|
||||||
<title>Poll Multiple SQL Injection Vulnerabilities</title>
|
<title>Cardoza Wordpress poll - Multiple SQL Injection Vulnerabilities</title>
|
||||||
<references>
|
<references>
|
||||||
<secunia>50910</secunia>
|
<secunia>50910</secunia>
|
||||||
</references>
|
</references>
|
||||||
@@ -4627,7 +4627,7 @@
|
|||||||
|
|
||||||
<plugin name="devformatter">
|
<plugin name="devformatter">
|
||||||
<vulnerability>
|
<vulnerability>
|
||||||
<title>Developer Formatter CSRF and XSS Vulnerability</title>
|
<title>Developer Formatter - CSRF and XSS Vulnerability</title>
|
||||||
<references>
|
<references>
|
||||||
<url>http://illsecure.com/code/Wordpress-DevFormatter-CSRF-Vulnerability.txt</url>
|
<url>http://illsecure.com/code/Wordpress-DevFormatter-CSRF-Vulnerability.txt</url>
|
||||||
<url>http://1337day.com/exploits/20210</url>
|
<url>http://1337day.com/exploits/20210</url>
|
||||||
@@ -4639,7 +4639,7 @@
|
|||||||
|
|
||||||
<plugin name="dvs-custom-notification">
|
<plugin name="dvs-custom-notification">
|
||||||
<vulnerability>
|
<vulnerability>
|
||||||
<title>DVS Custom Notification Cross-Site Request Forgery Vulnerability</title>
|
<title>DVS Custom Notification - Cross-Site Request Forgery Vulnerability</title>
|
||||||
<references>
|
<references>
|
||||||
<secunia>51531</secunia>
|
<secunia>51531</secunia>
|
||||||
</references>
|
</references>
|
||||||
@@ -4694,7 +4694,7 @@
|
|||||||
|
|
||||||
<plugin name="usc-e-shop">
|
<plugin name="usc-e-shop">
|
||||||
<vulnerability>
|
<vulnerability>
|
||||||
<title>Welcart e-Commerce Cross-Site Scripting and Request Forgery Vulnerabilities</title>
|
<title>Welcart e-Commerce - Cross-Site Scripting and Request Forgery Vulnerabilities</title>
|
||||||
<references>
|
<references>
|
||||||
<secunia>51581</secunia>
|
<secunia>51581</secunia>
|
||||||
</references>
|
</references>
|
||||||
@@ -4704,7 +4704,7 @@
|
|||||||
|
|
||||||
<plugin name="knews">
|
<plugin name="knews">
|
||||||
<vulnerability>
|
<vulnerability>
|
||||||
<title>Knews Multilingual Newsletters Cross-Site Request Forgery Vulnerability</title>
|
<title>Knews - Multilingual Newsletters Cross-Site Request Forgery Vulnerability</title>
|
||||||
<references>
|
<references>
|
||||||
<secunia>51543</secunia>
|
<secunia>51543</secunia>
|
||||||
</references>
|
</references>
|
||||||
@@ -4714,7 +4714,7 @@
|
|||||||
|
|
||||||
<plugin name="video-lead-form">
|
<plugin name="video-lead-form">
|
||||||
<vulnerability>
|
<vulnerability>
|
||||||
<title>Video Lead Form "errMsg" Cross-Site Scripting Vulnerability</title>
|
<title>Video Lead Form - "errMsg" Cross-Site Scripting Vulnerability</title>
|
||||||
<references>
|
<references>
|
||||||
<secunia>51419</secunia>
|
<secunia>51419</secunia>
|
||||||
</references>
|
</references>
|
||||||
@@ -4724,7 +4724,7 @@
|
|||||||
|
|
||||||
<plugin name="woocommerce-predictive-search">
|
<plugin name="woocommerce-predictive-search">
|
||||||
<vulnerability>
|
<vulnerability>
|
||||||
<title>WooCommerce Predictive Search "rs" Cross-Site Scripting Vulnerability</title>
|
<title>WooCommerce Predictive Search - "rs" Cross-Site Scripting Vulnerability</title>
|
||||||
<references>
|
<references>
|
||||||
<secunia>51385</secunia>
|
<secunia>51385</secunia>
|
||||||
</references>
|
</references>
|
||||||
@@ -4734,7 +4734,7 @@
|
|||||||
|
|
||||||
<plugin name="woocommerce">
|
<plugin name="woocommerce">
|
||||||
<vulnerability>
|
<vulnerability>
|
||||||
<title>WooCommerce index.php calc_shipping_state Parameter XSS</title>
|
<title>WooCommerce - index.php calc_shipping_state Parameter XSS</title>
|
||||||
<references>
|
<references>
|
||||||
<osvdb>95480</osvdb>
|
<osvdb>95480</osvdb>
|
||||||
</references>
|
</references>
|
||||||
@@ -4745,7 +4745,7 @@
|
|||||||
|
|
||||||
<plugin name="wp-e-commerce-predictive-search">
|
<plugin name="wp-e-commerce-predictive-search">
|
||||||
<vulnerability>
|
<vulnerability>
|
||||||
<title>WP e-Commerce Predictive Search "rs" Cross-Site Scripting Vulnerability</title>
|
<title>WP e-Commerce Predictive Search - "rs" Cross-Site Scripting Vulnerability</title>
|
||||||
<references>
|
<references>
|
||||||
<secunia>51384</secunia>
|
<secunia>51384</secunia>
|
||||||
</references>
|
</references>
|
||||||
@@ -4755,7 +4755,7 @@
|
|||||||
|
|
||||||
<plugin name="wp-tiger">
|
<plugin name="wp-tiger">
|
||||||
<vulnerability>
|
<vulnerability>
|
||||||
<title>vTiger CRM Lead Capture Unspecified Vulnerability</title>
|
<title>vTiger - CRM Lead Capture Unspecified Vulnerability</title>
|
||||||
<references>
|
<references>
|
||||||
<secunia>51305</secunia>
|
<secunia>51305</secunia>
|
||||||
</references>
|
</references>
|
||||||
@@ -4766,14 +4766,14 @@
|
|||||||
|
|
||||||
<plugin name="wp-postviews">
|
<plugin name="wp-postviews">
|
||||||
<vulnerability>
|
<vulnerability>
|
||||||
<title>WP-PostViews "search_input" Cross-Site Scripting Vulnerability</title>
|
<title>WP-PostViews - "search_input" Cross-Site Scripting Vulnerability</title>
|
||||||
<references>
|
<references>
|
||||||
<secunia>50982</secunia>
|
<secunia>50982</secunia>
|
||||||
</references>
|
</references>
|
||||||
<type>XSS</type>
|
<type>XSS</type>
|
||||||
</vulnerability>
|
</vulnerability>
|
||||||
<vulnerability>
|
<vulnerability>
|
||||||
<title>WP-PostViews Cross-Site Request Forgery Vulnerability</title>
|
<title>WP-PostViews - Cross-Site Request Forgery Vulnerability</title>
|
||||||
<references>
|
<references>
|
||||||
<secunia>53127</secunia>
|
<secunia>53127</secunia>
|
||||||
</references>
|
</references>
|
||||||
@@ -4784,7 +4784,7 @@
|
|||||||
|
|
||||||
<plugin name="dx-contribute">
|
<plugin name="dx-contribute">
|
||||||
<vulnerability>
|
<vulnerability>
|
||||||
<title>DX-Contribute Cross-Site Request Forgery Vulnerability</title>
|
<title>DX-Contribute - Cross-Site Request Forgery Vulnerability</title>
|
||||||
<references>
|
<references>
|
||||||
<secunia>51082</secunia>
|
<secunia>51082</secunia>
|
||||||
</references>
|
</references>
|
||||||
@@ -4794,7 +4794,7 @@
|
|||||||
|
|
||||||
<plugin name="wysija-newsletters">
|
<plugin name="wysija-newsletters">
|
||||||
<vulnerability>
|
<vulnerability>
|
||||||
<title>SQL Injection Vulnerability in Wysija Newsletters WordPress Plugin</title>
|
<title>Wysija Newsletters - SQL Injection Vulnerability</title>
|
||||||
<references>
|
<references>
|
||||||
<url>https://www.htbridge.com/advisory/HTB23140</url>
|
<url>https://www.htbridge.com/advisory/HTB23140</url>
|
||||||
<url>http://packetstormsecurity.com/files/120089/</url>
|
<url>http://packetstormsecurity.com/files/120089/</url>
|
||||||
@@ -4805,7 +4805,7 @@
|
|||||||
<fixed_in>2.2.1</fixed_in>
|
<fixed_in>2.2.1</fixed_in>
|
||||||
</vulnerability>
|
</vulnerability>
|
||||||
<vulnerability>
|
<vulnerability>
|
||||||
<title>Wysija Newsletters swfupload Cross-Site Scripting Vulnerability</title>
|
<title>Wysija Newsletters - swfupload Cross-Site Scripting Vulnerability</title>
|
||||||
<references>
|
<references>
|
||||||
<secunia>51249</secunia>
|
<secunia>51249</secunia>
|
||||||
<url>http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html</url>
|
<url>http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html</url>
|
||||||
@@ -6780,7 +6780,7 @@
|
|||||||
|
|
||||||
<plugin name="simple-flickr-display">
|
<plugin name="simple-flickr-display">
|
||||||
<vulnerability>
|
<vulnerability>
|
||||||
<title>Simple Flickr Display Username Field Stored XSS</title>
|
<title>Simple Flickr Display - Username Field Stored XSS</title>
|
||||||
<references>
|
<references>
|
||||||
<osvdb>97991</osvdb>
|
<osvdb>97991</osvdb>
|
||||||
</references>
|
</references>
|
||||||
@@ -7036,6 +7036,7 @@
|
|||||||
<vulnerability>
|
<vulnerability>
|
||||||
<title>Quick Contact Form 6.0 - Persistent XSS</title>
|
<title>Quick Contact Form 6.0 - Persistent XSS</title>
|
||||||
<references>
|
<references>
|
||||||
|
<osvdb>98279</osvdb>
|
||||||
<exploitdb>28808</exploitdb>
|
<exploitdb>28808</exploitdb>
|
||||||
<url>http://packetstormsecurity.com/files/123549/</url>
|
<url>http://packetstormsecurity.com/files/123549/</url>
|
||||||
<url>http://quick-plugins.com/quick-contact-form/</url>
|
<url>http://quick-plugins.com/quick-contact-form/</url>
|
||||||
@@ -7167,6 +7168,7 @@
|
|||||||
<vulnerability>
|
<vulnerability>
|
||||||
<title>Simple Flash Video 1.7 - Cross Site Scripting</title>
|
<title>Simple Flash Video 1.7 - Cross Site Scripting</title>
|
||||||
<references>
|
<references>
|
||||||
|
<osvdb>98371</osvdb>
|
||||||
<url>http://packetstormsecurity.com/files/123562/</url>
|
<url>http://packetstormsecurity.com/files/123562/</url>
|
||||||
</references>
|
</references>
|
||||||
<type>XSS</type>
|
<type>XSS</type>
|
||||||
@@ -7186,4 +7188,25 @@
|
|||||||
</vulnerability>
|
</vulnerability>
|
||||||
</plugin>
|
</plugin>
|
||||||
|
|
||||||
|
<plugin name="cart66-lite">
|
||||||
|
<vulnerability>
|
||||||
|
<title>Cart66 1.5.1.14 - admin.php cart66-products Page Product Manipulation CSRF</title>
|
||||||
|
<references>
|
||||||
|
<osvdb>98352</osvdb>
|
||||||
|
<cve>2013-5977</cve>
|
||||||
|
</references>
|
||||||
|
<type>CSRF</type>
|
||||||
|
<fixed_in>1.5.1.15</fixed_in>
|
||||||
|
</vulnerability>
|
||||||
|
<vulnerability>
|
||||||
|
<title>Cart66 - admin.php cart66-products Page Multiple Field Stored XSS</title>
|
||||||
|
<references>
|
||||||
|
<osvdb>98353</osvdb>
|
||||||
|
<cve>2013-5978</cve>
|
||||||
|
</references>
|
||||||
|
<type>XSS</type>
|
||||||
|
<fixed_in>1.5.1.15</fixed_in>
|
||||||
|
</vulnerability>
|
||||||
|
</plugin>
|
||||||
|
|
||||||
</vulnerabilities>
|
</vulnerabilities>
|
||||||
|
|||||||
Reference in New Issue
Block a user