more reference tags, fixes issue #268

spec/samples/common/models/vulnerability/xml_node.xml

@@ -1,9 +1,14 @@
 <vulnerability>
   <title>Vuln Title</title>
-  <reference>Ref 1</reference>
-  <reference>Ref 2</reference>
-  <cve>2011-001</cve>
+  <references>
+    <metasploit>exploit/ex1</metasploit>
+    <url>Ref 1</url>
+    <url>Ref 2</url>
+    <cve>2011-001</cve>
+    <secunia>secunia</secunia>
+    <osvdb>osvdb</osvdb>
+    <exploitdb>exploitdb</exploitdb>
+  </references>
   <type>CSRF</type>
-  <metasploit>exploit/ex1</metasploit>
   <fixed_in>1.0</fixed_in>
 </vulnerability>

spec/samples/common/models/wp_item/vulnerable/items_vulns.xml

@@ -5,7 +5,15 @@
   <item name="not-this-one">
     <vulnerability>
       <title>I should not appear in the results</title>
-      <reference>http://ref1.com</reference>
+      <references>
+        <metasploit>exploit/ex1</metasploit>
+        <url>Ref 1</url>
+        <url>Ref 2</url>
+        <cve>2011-001</cve>
+        <secunia>secunia</secunia>
+        <osvdb>osvdb</osvdb>
+        <exploitdb>exploitdb</exploitdb>
+      </references>
       <type>RFI</type>
     </vulnerability>
   </item>
@@ -13,7 +21,15 @@
   <item name="neo">
     <vulnerability>
       <title>I'm the one</title>
-      <reference>http://ref1.com</reference>
+      <references>
+        <metasploit>exploit/ex1</metasploit>
+        <url>Ref 1</url>
+        <url>Ref 2</url>
+        <cve>2011-001</cve>
+        <secunia>secunia</secunia>
+        <osvdb>osvdb</osvdb>
+        <exploitdb>exploitdb</exploitdb>
+      </references>
       <type>XSS</type>
     </vulnerability>
   </item>

spec/samples/common/models/wp_plugin/vulnerable/plugins_vulns.xml

@@ -4,12 +4,28 @@
   <plugin name="mr-smith">
     <vulnerability>
       <title>I should not appear in the results</title>
-      <reference>http://ref1.com</reference>
+      <references>
+        <metasploit>exploit/ex1</metasploit>
+        <url>Ref 1</url>
+        <url>Ref 2</url>
+        <cve>2011-001</cve>
+        <secunia>secunia</secunia>
+        <osvdb>osvdb</osvdb>
+        <exploitdb>exploitdb</exploitdb>
+      </references>
       <type>RCE</type>
     </vulnerability>
     <vulnerability>
       <title>Neither do I</title>
-      <reference>http://ref3.com</reference>
+      <references>
+        <metasploit>exploit/ex1</metasploit>
+        <url>Ref 1</url>
+        <url>Ref 2</url>
+        <cve>2011-001</cve>
+        <secunia>secunia</secunia>
+        <osvdb>osvdb</osvdb>
+        <exploitdb>exploitdb</exploitdb>
+      </references>
       <type>FPD</type>
     </vulnerability>
   </plugin>
@@ -17,7 +33,15 @@
   <plugin name="white-rabbit">
     <vulnerability>
       <title>Follow me!</title>
-      <reference>http://ref2.com</reference>
+      <references>
+        <metasploit>exploit/ex1</metasploit>
+        <url>Ref 1</url>
+        <url>Ref 2</url>
+        <cve>2011-001</cve>
+        <secunia>secunia</secunia>
+        <osvdb>osvdb</osvdb>
+        <exploitdb>exploitdb</exploitdb>
+      </references>
       <type>REDIRECT</type>
     </vulnerability>
   </plugin>

spec/samples/common/models/wp_theme/vulnerable/themes_vulns.xml

@@ -4,12 +4,28 @@
   <theme name="not-this-one">
     <vulnerability>
       <title>I should not appear in the results</title>
-      <reference>http://some-ref.com</reference>
+      <references>
+        <metasploit>exploit/ex1</metasploit>
+        <url>Ref 1</url>
+        <url>Ref 2</url>
+        <cve>2011-001</cve>
+        <secunia>secunia</secunia>
+        <osvdb>osvdb</osvdb>
+        <exploitdb>exploitdb</exploitdb>
+      </references>
       <type>SQLI</type>
     </vulnerability>
     <vulnerability>
       <title>Neither do I</title>
-      <reference>http://some-other-ref.com</reference>
+      <references>
+        <metasploit>exploit/ex1</metasploit>
+        <url>Ref 1</url>
+        <url>Ref 2</url>
+        <cve>2011-001</cve>
+        <secunia>secunia</secunia>
+        <osvdb>osvdb</osvdb>
+        <exploitdb>exploitdb</exploitdb>
+      </references>
       <type>XSS</type>
     </vulnerability>
   </theme>
@@ -17,7 +33,15 @@
   <theme name="the-oracle">
     <vulnerability>
       <title>I see you</title>
-      <reference>http://ref.com</reference>
+      <references>
+        <metasploit>exploit/ex1</metasploit>
+        <url>Ref 1</url>
+        <url>Ref 2</url>
+        <cve>2011-001</cve>
+        <secunia>secunia</secunia>
+        <osvdb>osvdb</osvdb>
+        <exploitdb>exploitdb</exploitdb>
+      </references>
       <type>FPD</type>
     </vulnerability>
   </theme>

spec/samples/common/models/wp_version/vulnerable/versions_vulns.xml

@@ -4,7 +4,15 @@
   <wordpress version="3.5">
     <vulnerability>
       <title>I should not appear in the results</title>
-      <reference>http://ref2.com</reference>
+      <references>
+        <metasploit>exploit/ex1</metasploit>
+        <url>Ref 1</url>
+        <url>Ref 2</url>
+        <cve>2011-001</cve>
+        <secunia>secunia</secunia>
+        <osvdb>osvdb</osvdb>
+        <exploitdb>exploitdb</exploitdb>
+      </references>
       <type>XSS</type>
     </vulnerability>
   </wordpress>
@@ -12,7 +20,15 @@
   <wordpress version="3.2">
     <vulnerability>
       <title>Here I Am</title>
-      <reference>http://ref1.com</reference>
+      <references>
+        <metasploit>exploit/ex1</metasploit>
+        <url>Ref 1</url>
+        <url>Ref 2</url>
+        <cve>2011-001</cve>
+        <secunia>secunia</secunia>
+        <osvdb>osvdb</osvdb>
+        <exploitdb>exploitdb</exploitdb>
+      </references>
       <type>SQLI</type>
     </vulnerability>
   </wordpress>