Hotfix for #429

2014-03-21 09:32:26 +01:00
parent dc22ad1ca1 010df5a081
commit a1add0cfdb
1 changed files with 100 additions and 0 deletions
--- a/data/plugin_vulns.xml
+++ b/data/plugin_vulns.xml
@@ -11516,4 +11516,104 @@
    </vulnerability>
  </plugin>

+  <plugin name="duplicate-post">
+    <vulnerability>
+      <title>Duplicate Post 2.5 - duplicate-post-admin.php User Login Cookie Value SQL Injection</title>
+      <references>
+        <osvdb>104669</osvdb>
+      </references>
+      <type>SQLI</type>
+      <fixed_in>2.6</fixed_in>
+    </vulnerability>
+    <vulnerability>
+      <title>Duplicate Post 2.5 - options-general.php post Parameter Reflected XSS</title>
+      <references>
+        <osvdb>104670</osvdb>
+      </references>
+      <type>XSS</type>
+      <fixed_in>2.6</fixed_in>
+    </vulnerability>
+  </plugin>
+
+  <plugin name="mtouch-quiz">
+    <vulnerability>
+      <title>mTouch Quiz 3.0.6 - question.php quiz Parameter Reflected XSS</title>
+      <references>
+        <osvdb>104667</osvdb>
+        <url>http://www.securityfocus.com/bid/66306</url>
+      </references>
+      <type>XSS</type>
+      <fixed_in>3.0.7</fixed_in>
+    </vulnerability>
+    <vulnerability>
+      <title>mTouch Quiz 3.0.6 - question.php quiz Parameter SQL Injection</title>
+      <references>
+        <osvdb>104668</osvdb>
+        <url>http://www.securityfocus.com/bid/66306</url>
+      </references>
+      <type>SQLI</type>
+      <fixed_in>3.0.7</fixed_in>
+    </vulnerability>
+  </plugin>
+
+  <plugin name="simple-retail-menus">
+    <vulnerability>
+      <title>Simple Retail Menus 4.0.1 - includes/actions.php targetmenu Parameter SQL Injection</title>
+      <references>
+        <osvdb>104680</osvdb>
+      </references>
+      <type>SQLI</type>
+      <fixed_in>4.1</fixed_in>
+    </vulnerability>
+    <vulnerability>
+      <title>Simple Retail Menus 4.0.1 - includes/mode-edit.php targetmenu Parameter SQL Injection</title>
+      <references>
+        <osvdb>104682</osvdb>
+      </references>
+      <type>SQLI</type>
+      <fixed_in>4.1</fixed_in>
+    </vulnerability>
+  </plugin>
+
+  <plugin name="user-domain-whitelist">
+    <vulnerability>
+      <title>User Domain Whitelist 1.4 - user-domain-whitelist.php domain_whitelist Parameter Stored XSS</title>
+      <references>
+        <osvdb>104681</osvdb>
+      </references>
+      <type>XSS</type>
+    </vulnerability>
+    <vulnerability>
+      <title>User Domain Whitelist 1.4 -  user-domain-whitelist.php Domain Whitelisting Manipulation CSRF</title>
+      <references>
+        <osvdb>104683</osvdb>
+      </references>
+      <type>CSRF</type>
+      <fixed_in>1.5</fixed_in>
+    </vulnerability>
+  </plugin>
+
+  <plugin name="subscribe-to-comments-reloaded">
+    <vulnerability>
+      <title>Subscribe To Comments Reloaded 140204 - options/index.php manager_page Parameter Stored XSS Weakness</title>
+      <references>
+        <osvdb>104698</osvdb>
+        <secunia>57015</secunia>
+        <url>http://www.securityfocus.com/bid/66288</url>
+      </references>
+      <type>XSS</type>
+      <fixed_in>140219</fixed_in>
+    </vulnerability>
+    <vulnerability>
+      <title>Subscribe To Comments Reloaded 140204 - options/index.php Admin Settings Manipulation CSRF</title>
+      <references>
+        <osvdb>104699</osvdb>
+        <secunia>57015</secunia>
+        <url>http://www.securityfocus.com/bid/66288</url>
+      </references>
+      <type>CSRF</type>
+      <fixed_in>140219</fixed_in>
+    </vulnerability>
+  </plugin>
+
 </vulnerabilities>