garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

updated smart-flv references

Browse Source
This commit is contained in:
erwanlr
2013-02-27 10:48:27 +01:00
parent 747472a947
commit a583c61f50
1 changed files with 27 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

54
data/plugin_vulns.xml
View File

@@ -3544,7 +3544,7 @@
<type>XSS</type> <type>XSS</type>
</vulnerability> </vulnerability>
</plugin> </plugin>
<plugin name="flexi-quote-rotator"> <plugin name="flexi-quote-rotator">
<vulnerability> <vulnerability>
<title>WordPress Flexi Quote Rotator Plugin &lt; 0.9.2 Cross-Site Request Forgery and SQL Injection Vulnerabilities</title> <title>WordPress Flexi Quote Rotator Plugin &lt; 0.9.2 Cross-Site Request Forgery and SQL Injection Vulnerabilities</title>
@@ -3552,7 +3552,7 @@
<type>MULTI</type> <type>MULTI</type>
</vulnerability> </vulnerability>
</plugin> </plugin>
<plugin name="gotmls"> <plugin name="gotmls">
<vulnerability> <vulnerability>
<title>WordPress Get Off Malicious Scripts &lt; 1.2.07.20 Cross-Site Scripting Vulnerability</title> <title>WordPress Get Off Malicious Scripts &lt; 1.2.07.20 Cross-Site Scripting Vulnerability</title>
@@ -3560,7 +3560,7 @@
<type>XSS</type> <type>XSS</type>
</vulnerability> </vulnerability>
</plugin> </plugin>
<plugin name="cimy-user-extra-fields"> <plugin name="cimy-user-extra-fields">
<vulnerability> <vulnerability>
<title>WordPress Cimy User Extra Fields Plugin &lt; 2.3.9 Arbitrary File Upload Vulnerability</title> <title>WordPress Cimy User Extra Fields Plugin &lt; 2.3.9 Arbitrary File Upload Vulnerability</title>
@@ -3568,7 +3568,7 @@
<type>UPLOAD</type> <type>UPLOAD</type>
</vulnerability> </vulnerability>
</plugin> </plugin>
<plugin name="nmedia-user-file-uploader"> <plugin name="nmedia-user-file-uploader">
<vulnerability> <vulnerability>
<title>WordPress Nmedia Users File Uploader Plugin &lt; 2.0 Arbitrary File Upload Vulnerability</title> <title>WordPress Nmedia Users File Uploader Plugin &lt; 2.0 Arbitrary File Upload Vulnerability</title>
@@ -3584,7 +3584,7 @@
<type>UPLOAD</type> <type>UPLOAD</type>
</vulnerability> </vulnerability>
</plugin> </plugin>
<plugin name="accordion"> <plugin name="accordion">
<vulnerability> <vulnerability>
<title>accordion Arbitrary File Upload Vulnerability</title> <title>accordion Arbitrary File Upload Vulnerability</title>
@@ -3592,7 +3592,7 @@
<type>UPLOAD</type> <type>UPLOAD</type>
</vulnerability> </vulnerability>
</plugin> </plugin>
<plugin name="wp-catpro"> <plugin name="wp-catpro">
<vulnerability> <vulnerability>
<title>wp-catpro Arbitrary File Upload Vulnerability</title> <title>wp-catpro Arbitrary File Upload Vulnerability</title>
@@ -3600,7 +3600,7 @@
<type>UPLOAD</type> <type>UPLOAD</type>
</vulnerability> </vulnerability>
</plugin> </plugin>
<plugin name="RLSWordPressSearch"> <plugin name="RLSWordPressSearch">
<vulnerability> <vulnerability>
<title>Wordpress RLSWordPressSearch plugin SQL Injection</title> <title>Wordpress RLSWordPressSearch plugin SQL Injection</title>
@@ -3608,7 +3608,7 @@
<type>SQLI</type> <type>SQLI</type>
</vulnerability> </vulnerability>
</plugin> </plugin>
<plugin name="wordpress-simple-shout-box"> <plugin name="wordpress-simple-shout-box">
<vulnerability> <vulnerability>
<title>wordpress-simple-shout-box Plugin SQL Injection</title> <title>wordpress-simple-shout-box Plugin SQL Injection</title>
@@ -3616,7 +3616,7 @@
<type>SQLI</type> <type>SQLI</type>
</vulnerability> </vulnerability>
</plugin> </plugin>
<plugin name="portfolio-slideshow-pro"> <plugin name="portfolio-slideshow-pro">
<vulnerability> <vulnerability>
<title>Wordpress portfolio-slideshow-pro v3 Plugin SQL Injection </title> <title>Wordpress portfolio-slideshow-pro v3 Plugin SQL Injection </title>
@@ -3624,7 +3624,7 @@
<type>SQLI</type> <type>SQLI</type>
</vulnerability> </vulnerability>
</plugin> </plugin>
<plugin name="simple-history"> <plugin name="simple-history">
<vulnerability> <vulnerability>
<title>WordPress Simple History Plugin &lt; 1.0.8 RSS Feed "rss_secret" Disclosure Weakness</title> <title>WordPress Simple History Plugin &lt; 1.0.8 RSS Feed "rss_secret" Disclosure Weakness</title>
@@ -3632,7 +3632,7 @@
<type>UNKNOWN</type> <type>UNKNOWN</type>
</vulnerability> </vulnerability>
</plugin> </plugin>
<plugin name="p1m-media-manager"> <plugin name="p1m-media-manager">
<vulnerability> <vulnerability>
<title>WordPress p1m media manager plugin SQL Injection Vulnerability</title> <title>WordPress p1m media manager plugin SQL Injection Vulnerability</title>
@@ -3640,7 +3640,7 @@
<type>SQLI</type> <type>SQLI</type>
</vulnerability> </vulnerability>
</plugin> </plugin>
<plugin name="wp-table-reloaded"> <plugin name="wp-table-reloaded">
<vulnerability> <vulnerability>
<title>Wordpress wp-table-reloaded plugin &lt; 1.9.4 cross-site scripting in SWF</title> <title>Wordpress wp-table-reloaded plugin &lt; 1.9.4 cross-site scripting in SWF</title>
@@ -3650,7 +3650,7 @@
<type>XSS</type> <type>XSS</type>
</vulnerability> </vulnerability>
</plugin> </plugin>
<plugin name="wordpress-gallery"> <plugin name="wordpress-gallery">
<vulnerability> <vulnerability>
<title>WordPress Gallery Plugin "load" Remote File Inclusion Vulnerability</title> <title>WordPress Gallery Plugin "load" Remote File Inclusion Vulnerability</title>
@@ -3658,7 +3658,7 @@
<type>RFI</type> <type>RFI</type>
</vulnerability> </vulnerability>
</plugin> </plugin>
<plugin name="forumconverter"> <plugin name="forumconverter">
<vulnerability> <vulnerability>
<title>Wordpress plugins ForumConverter SQL Injection Vulnerability</title> <title>Wordpress plugins ForumConverter SQL Injection Vulnerability</title>
@@ -3666,7 +3666,7 @@
<type>SQLI</type> <type>SQLI</type>
</vulnerability> </vulnerability>
</plugin> </plugin>
<plugin name="newsletter"> <plugin name="newsletter">
<vulnerability> <vulnerability>
<title>WordPress plugins Newsletter SQL Injection Vulnerability</title> <title>WordPress plugins Newsletter SQL Injection Vulnerability</title>
@@ -3674,7 +3674,7 @@
<type>SQLI</type> <type>SQLI</type>
</vulnerability> </vulnerability>
</plugin> </plugin>
<plugin name="commentluv"> <plugin name="commentluv">
<vulnerability> <vulnerability>
<title>Cross-Site Scripting (XSS) Vulnerability in CommentLuv WordPress Plugin &lt; 2.92.4</title> <title>Cross-Site Scripting (XSS) Vulnerability in CommentLuv WordPress Plugin &lt; 2.92.4</title>
@@ -3686,7 +3686,7 @@
<type>XSS</type> <type>XSS</type>
</vulnerability> </vulnerability>
</plugin> </plugin>
<plugin name="wp-forum"> <plugin name="wp-forum">
<vulnerability> <vulnerability>
<title>Wordpress wp-forum plugin SQL Injection</title> <title>Wordpress wp-forum plugin SQL Injection</title>
@@ -3694,7 +3694,7 @@
<type>SQLI</type> <type>SQLI</type>
</vulnerability> </vulnerability>
</plugin> </plugin>
<plugin name="wp-ecommerce-shop-styling"> <plugin name="wp-ecommerce-shop-styling">
<vulnerability> <vulnerability>
<title>WordPress WP ecommerce Shop Styling Plugin &lt; 1.8 "dompdf" Remote File Inclusion Vulnerability</title> <title>WordPress WP ecommerce Shop Styling Plugin &lt; 1.8 "dompdf" Remote File Inclusion Vulnerability</title>
@@ -3702,7 +3702,7 @@
<type>RFI</type> <type>RFI</type>
</vulnerability> </vulnerability>
</plugin> </plugin>
<plugin name="audio-player"> <plugin name="audio-player">
<vulnerability> <vulnerability>
<title>Wordpress Audio Player Plugin &lt; 2.0.4.6 XSS in SWF</title> <title>Wordpress Audio Player Plugin &lt; 2.0.4.6 XSS in SWF</title>
@@ -3711,7 +3711,7 @@
<type>XSS</type> <type>XSS</type>
</vulnerability> </vulnerability>
</plugin> </plugin>
<plugin name="ckeditor-for-wordpress"> <plugin name="ckeditor-for-wordpress">
<vulnerability> <vulnerability>
<title>Wordpress plugin CKEditor 4.0 Arbitrary File Upload Exploit</title> <title>Wordpress plugin CKEditor 4.0 Arbitrary File Upload Exploit</title>
@@ -3719,7 +3719,7 @@
<type>UPLOAD</type> <type>UPLOAD</type>
</vulnerability> </vulnerability>
</plugin> </plugin>
<plugin name="myftp-ftp-like-plugin-for-wordpress"> <plugin name="myftp-ftp-like-plugin-for-wordpress">
<vulnerability> <vulnerability>
<title>wordpress myftp-ftp-like-plugin-for-wordpress plugin v2 Plugin SQL Injection</title> <title>wordpress myftp-ftp-like-plugin-for-wordpress plugin v2 Plugin SQL Injection</title>
@@ -3727,7 +3727,7 @@
<type>SQLI</type> <type>SQLI</type>
</vulnerability> </vulnerability>
</plugin> </plugin>
<plugin name="wp-online-store"> <plugin name="wp-online-store">
<vulnerability> <vulnerability>
<title>WordPress WP Online Store Plugin 1.3.1 downloaded before 2013-01-17 File Disclosure and File Inclusion Vulnerabilities</title> <title>WordPress WP Online Store Plugin 1.3.1 downloaded before 2013-01-17 File Disclosure and File Inclusion Vulnerabilities</title>
@@ -3753,17 +3753,17 @@
<type>XSS</type> <type>XSS</type>
</vulnerability> </vulnerability>
</plugin> </plugin>
<plugin name="smart-flv"> <plugin name="smart-flv">
<vulnerability> <vulnerability>
<title>smart-flv jwplayer.swf XSS</title> <title>smart-flv jwplayer.swf XSS</title>
<reference>http://www.openwall.com/lists/oss-security/2013/02/24/7</reference> <reference>http://www.openwall.com/lists/oss-security/2013/02/24/7</reference>
<reference>http://packetstormsecurity.com/files/115100/jwplayer-xss.txt</reference> <reference>http://packetstormsecurity.com/files/115100/jwplayer-xss.txt</reference>
<reference>http://osvdb.org/72794</reference> <reference>http://osvdb.org/90606</reference>
<type>XSS</type> <type>XSS</type>
</vulnerability> </vulnerability>
</plugin> </plugin>
<plugin name="GoogleAlertandtwitterplugin"> <plugin name="GoogleAlertandtwitterplugin">
<vulnerability> <vulnerability>
<title>Google Alert And Twitter v.3.1.5 XSS Exploit, SQL Injection</title> <title>Google Alert And Twitter v.3.1.5 XSS Exploit, SQL Injection</title>
@@ -3771,5 +3771,5 @@
<type>MULTI</type> <type>MULTI</type>
</vulnerability> </vulnerability>
</plugin> </plugin>
</vulnerabilities> </vulnerabilities>