garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update plugin_vulns.xml

Browse Source
This commit is contained in:
Peter van der Laan
2013-10-08 22:49:02 +02:00
parent 0ba35e41b5
commit a1a68dfd11
1 changed files with 58 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

67
data/plugin_vulns.xml
View File

@@ -982,6 +982,13 @@
</references>
<type>MULTI</type>
</vulnerability>
<vulnerability>
<title>Wordfence 3.8.1 - XSS</title>
<references>
<url>http://packetstormsecurity.com/files/122993/<url>
</references>
<type>XSS</type>
</vulnerability>
</plugin>
<plugin name="slideshow-jquery-image-gallery">
@@ -1242,14 +1249,19 @@
<plugin name="videowhisper-video-conference-integration">
<vulnerability>
<title>VideoWhisper Video Conference
4.51 Arbitrary File Upload Vulnerability
</title>
<title>VideoWhisper Video Conference 4.51 - Arbitrary File Upload Vulnerability</title>
<references>
<url>http://packetstormsecurity.com/files/113580/</url>
</references>
<type>UPLOAD</type>
</vulnerability>
<vulnerability>
<title>Video Whisper - XSS</title>
<references>
<url>http://packetstormsecurity.com/files/122943/<url>
</references>
<type>XSS</type>
</vulnerability>
</plugin>
<plugin name="auctionplugin">
@@ -4288,26 +4300,27 @@
<plugin name="backwpup">
<vulnerability>
<title>BackWPUp 2.1.4 Code Execution</title>
<title>BackWPUp 2.1.4 - Code Execution</title>
<references>
<exploitdb>17987</exploitdb>
</references>
<type>RCE</type>
</vulnerability>
<vulnerability>
<title>plugin BackWPup 1.5.2, 1.6.1, 1.7.1 Remote and Local Code Execution Vulnerability</title>
<title>plugin BackWPup 1.5.2, 1.6.1, 1.7.1 - Remote and Local Code Execution Vulnerability</title>
<references>
<osvdb>71481</osvdb>
</references>
<type>RCE</type>
</vulnerability>
<vulnerability>
<title>BackWPup wp-admin/admin.php tab Parameter XSS</title>
<title>BackWPup 3.0.12 - wp-admin/admin.php tab Parameter XSS</title>
<references>
<cve>2013-4626</cve>
<url>https://www.htbridge.com/advisory/HTB23161</url>
<osvdb>96505</osvdb>
<secunia>54515</secunia>
<url>http://packetstormsecurity.com/files/122916/<url>
</references>
<type>XSS</type>
<fixed_in>3.0.13</fixed_in>
@@ -6536,27 +6549,33 @@
<plugin name="indianic-testimonial">
<vulnerability>
<title>CSRF vulnerability in IndiaNIC Testimonial 2.2</title>
<title>IndiaNIC Testimonial 2.2 - CSRF vulnerability</title>
<references>
<url>http://seclists.org/fulldisclosure/2013/Sep/5</url>
<cve>2013-5672</cve>
<exploitdb>28054</exploitdb>
<url>http://packetstormsecurity.com/files/123036/<url>
</references>
<type>CSRF</type>
</vulnerability>
<vulnerability>
<title>SQL Injection vulnerability in IndiaNIC Testimonial 2.2</title>
<title>IndiaNIC Testimonial 2.2 - SQL Injection vulnerability</title>
<references>
<url>http://seclists.org/fulldisclosure/2013/Sep/5</url>
<cve>2013-5673</cve>
<exploitdb>28054</exploitdb>
<url>http://packetstormsecurity.com/files/123036/<url>
</references>
<type>SQLI</type>
</vulnerability>
<vulnerability>
<title>XSS vulnerability in IndiaNIC Testimonial 2.2</title>
<title>IndiaNIC Testimonial 2.2 - XSS vulnerability</title>
<references>
<url>http://seclists.org/fulldisclosure/2013/Sep/5</url>
<exploitdb>28054</exploitdb>
<url>http://packetstormsecurity.com/files/123036/<url>
</references>
<type>XSS</type>
</vulnerability>
</plugin>
@@ -6806,4 +6825,34 @@
</vulnerability>
</plugin>
<plugin name="encrypted-blog">
<vulnerability>
<title>Encrypted Blog 0.0.6.2 - XSS, Open Redirect</title>
<references>
<url>http://packetstormsecurity.com/files/122992/<url>
</references>
<type>XSS</type>
</vulnerability>
</plugin>
<plugin name="wp-simple-login-registration-plugin">
<vulnerability>
<title>Simple Login Registration 1.0.1 - XSS</title>
<references>
<url>http://packetstormsecurity.com/files/122963/<url>
</references>
<type>XSS</type>
</vulnerability>
</plugin>
<plugin name="post-gallery">
<vulnerability>
<title>Post Gallery - XSS</title>
<references>
<url>http://packetstormsecurity.com/files/122957/<url>
</references>
<type>XSS</type>
</vulnerability>
</plugin>
</vulnerabilities>