From b16ea75dd601d224ebfb8ddffcd639966cb39b30 Mon Sep 17 00:00:00 2001 From: Peter van der Laan Date: Mon, 7 Oct 2013 23:44:36 +0200 Subject: [PATCH 01/18] Added Secunia #55182 --- data/plugin_vulns.xml | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/data/plugin_vulns.xml b/data/plugin_vulns.xml index b0d7bf1f..38a31758 100644 --- a/data/plugin_vulns.xml +++ b/data/plugin_vulns.xml @@ -4474,7 +4474,7 @@ - WordPress Events Manager Plugin Multiple Cross-Site Scripting Vulnerabilities + Events Manager - Multiple XSS Vulnerabilities 51869 @@ -4482,7 +4482,7 @@ 5.3.4 - WordPress Events Manager Multiple Cross Site Scripting Vulnerabilities + Events Manager - Multiple XSS Vulnerabilities http://www.securityfocus.com/bid/60078 53478 @@ -4491,6 +4491,14 @@ XSS 5.3.9 + + Events Manager - Multiple Unspecified XSS Vulnerabilities + + 55182 + + XSS + 5.5.2 + From 556b2f3d21e2f8abfdf40ff8fe4bee36793c341e Mon Sep 17 00:00:00 2001 From: Peter van der Laan Date: Mon, 7 Oct 2013 23:59:16 +0200 Subject: [PATCH 02/18] Added Secunia #55160 --- data/plugin_vulns.xml | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/data/plugin_vulns.xml b/data/plugin_vulns.xml index 38a31758..1bcda8a5 100644 --- a/data/plugin_vulns.xml +++ b/data/plugin_vulns.xml @@ -4400,6 +4400,17 @@ + + + WP-SlimStat-Ex - Open Flash Chart Arbitrary File Creation Vulnerability + + 55160 + http://packetstormsecurity.com/files/123494/wpslimstatex-exec.txt + + UPLOAD + + + browser-rejector Remote and Local File Inclusion From 861841ef86c7f2e4d38b7f754183dadf6c66f6e6 Mon Sep 17 00:00:00 2001 From: Peter van der Laan Date: Tue, 8 Oct 2013 00:17:56 +0200 Subject: [PATCH 03/18] Added Secunia #54924 (Theme vuln.) --- data/theme_vulns.xml | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/data/theme_vulns.xml b/data/theme_vulns.xml index 7923a981..227d9f77 100644 --- a/data/theme_vulns.xml +++ b/data/theme_vulns.xml @@ -1704,4 +1704,15 @@ + + + MORE+ Theme: prettyPhoto XSS Vulnerability + + 54924 + http://archives.neohapsis.com/archives/fulldisclosure/2013-09/0177.html + + XSS + + + From 3494bc47cf4e4a3499b2fa2b9cb21cc29e7d96f0 Mon Sep 17 00:00:00 2001 From: Peter van der Laan Date: Tue, 8 Oct 2013 07:58:04 +0200 Subject: [PATCH 04/18] Update Lazy SEO Plugin --- data/plugin_vulns.xml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/data/plugin_vulns.xml b/data/plugin_vulns.xml index 1bcda8a5..eb430b52 100644 --- a/data/plugin_vulns.xml +++ b/data/plugin_vulns.xml @@ -6585,9 +6585,10 @@ - Lazy SEO lazyseo.php File Upload Arbitrary Code Execution + Lazy SEO 1.1.9 - lazyseo.php File Upload Arbitrary Code Execution http://packetstormsecurity.com/files/123349/wplazyseo-shell.txt + http://xforce.iss.net/xforce/xfdb/87384 97662 2013-5961 28452 From 584c930858ee62dff107d8e35ca7684655c0810b Mon Sep 17 00:00:00 2001 From: Peter van der Laan Date: Tue, 8 Oct 2013 09:00:26 +0200 Subject: [PATCH 05/18] Added Secunia #54894 --- data/plugin_vulns.xml | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/data/plugin_vulns.xml b/data/plugin_vulns.xml index eb430b52..79f1a99a 100644 --- a/data/plugin_vulns.xml +++ b/data/plugin_vulns.xml @@ -6665,4 +6665,19 @@ + + + Complete Gallery Manager 3.3.3 - Arbitrary File Upload Vulnerability + + 97481 + 54894 + 2013-5962 + 28377 + http://packetstormsecurity.com/files/123303 + http://xforce.iss.net/xforce/xfdb/87172 + + UPLOAD + + + From 5112bea51149288581eb9af61941d904556b6d63 Mon Sep 17 00:00:00 2001 From: Peter van der Laan Date: Tue, 8 Oct 2013 10:20:06 +0200 Subject: [PATCH 06/18] Added Secunia #54801 --- data/plugin_vulns.xml | 54 ++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 53 insertions(+), 1 deletion(-) diff --git a/data/plugin_vulns.xml b/data/plugin_vulns.xml index 79f1a99a..e94a05c0 100644 --- a/data/plugin_vulns.xml +++ b/data/plugin_vulns.xml @@ -329,7 +329,7 @@ - + RokBox Multiple Vulnerabilities @@ -337,6 +337,58 @@ MULTI + + RokBox <= 2.13 - XSS,DoS,Disclosure,Upload Vulnerabilities + + 54801 + http://packetstormsecurity.com/files/118884/ + + MULTI + + + + + + RokIntroScroller <= 1.8 - XSS,DoS,Disclosure,Upload Vulnerabilities + + 54801 + http://packetstormsecurity.com/files/123302/ + + MULTI + + + + + + RokMicroNews <= 1.5 - XSS,DoS,Disclosure,Upload Vulnerabilities + + 54801 + http://packetstormsecurity.com/files/123312/ + + MULTI + + + + + + RokNewsPager <= 1.17 - XSS,DoS,Disclosure,Upload Vulnerabilities + + 54801 + http://packetstormsecurity.com/files/123271/ + + MULTI + + + + + + RokStories <= 1.25 - XSS,DoS,Disclosure,Upload Vulnerabilities + + 54801 + http://packetstormsecurity.com/files/123270/ + + MULTI + From fb95754e6588e0bb0223c6f340d5910c2894b619 Mon Sep 17 00:00:00 2001 From: Peter van der Laan Date: Tue, 8 Oct 2013 10:32:09 +0200 Subject: [PATCH 07/18] Update timthumb due to Secunia #54801 --- data/timthumbs.txt | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/data/timthumbs.txt b/data/timthumbs.txt index 23571a00..b25a87f1 100644 --- a/data/timthumbs.txt +++ b/data/timthumbs.txt @@ -180,11 +180,24 @@ $wp-plugins$/wp-pagenavi/scripts/timthumb.php $wp-plugins$/wp-pagenavi/thumb.php $wp-plugins$/wp-pagenavi/timthumb.php $wp-plugins$/wp-pagenavi/timthumb.phptimthumb.php +$wp-plugins$/wp_rokbox/thumb.php +$wp-plugins$/wp_rokbox/thumb.phpthumb.php +$wp-plugins$/wp_rokbox/thumb.phptimthumb.php +$wp-plugins$/wp_rokbox/timthumb.php +$wp-plugins$/wp_rokintroscroller/thumb.php +$wp-plugins$/wp_rokintroscroller/thumb.phpthumb.php +$wp-plugins$/wp_rokintroscroller/thumb.phptimthumb.php +$wp-plugins$/wp_rokintroscroller/timthumb.php +$wp-plugins$/wp_rokmicronews/thumb.php +$wp-plugins$/wp_rokmicronews/thumb.phpthumb.php +$wp-plugins$/wp_rokmicronews/thumb.phptimthumb.php +$wp-plugins$/wp_rokmicronews/timthumb.php $wp-plugins$/wp_roknewspager/thumb.php $wp-plugins$/wp_roknewspager/thumb.phpthumb.php $wp-plugins$/wp_roknewspager/thumb.phptimthumb.php $wp-plugins$/wp_roknewspager/timthumb.php $wp-plugins$/wp_rokstories/thumb.php +$wp-plugins$/wp_rokstories/thumb.phpthumb.php $wp-plugins$/wp_rokstories/thumb.phptimthumb.php $wp-plugins$/wp_rokstories/timthumb.php $wp-plugins$/wps3slider/scripts/timthumb.php From 75b3ea0bc4c5ab4d5201ea3bd57872d0fb525b80 Mon Sep 17 00:00:00 2001 From: Peter van der Laan Date: Tue, 8 Oct 2013 11:24:03 +0200 Subject: [PATCH 08/18] Same URL syntax for all Packet Storm Security URL's Packet Storm Security URL's don't need the 'friendly part' of the URL. So it can be neglected. --- data/plugin_vulns.xml | 93 +++++++++++++++++++++---------------------- 1 file changed, 45 insertions(+), 48 deletions(-) diff --git a/data/plugin_vulns.xml b/data/plugin_vulns.xml index e94a05c0..dbeffc38 100644 --- a/data/plugin_vulns.xml +++ b/data/plugin_vulns.xml @@ -322,8 +322,7 @@ OpenInviter Information Disclosure - http://packetstormsecurity.com/files/119265/WordPress-OpenInviter-Information-Disclosure.html - + http://packetstormsecurity.com/files/119265/ UNKNOWN @@ -439,7 +438,7 @@ Shopping Cart Shell Upload / SQL Injection - http://packetstormsecurity.com/files/119217/wplevelfour-sqlshell.txt + http://packetstormsecurity.com/files/119217/ 51690 MULTI @@ -451,7 +450,7 @@ ReFlex Gallery Shell Upload - http://packetstormsecurity.com/files/119218/wpreflexgallery-shell.txt + http://packetstormsecurity.com/files/119218/ UPLOAD @@ -461,7 +460,7 @@ Uploader 1.0.4 Shell Upload - http://packetstormsecurity.com/files/119219/wpuploader104-shell.txt + http://packetstormsecurity.com/files/119219/ UPLOAD @@ -471,7 +470,7 @@ Xerte Online 0.32 Shell Upload - http://packetstormsecurity.com/files/119220/wpxerteonline-shell.txt + http://packetstormsecurity.com/files/119220/ UPLOAD @@ -481,7 +480,7 @@ Advanced Custom Fields <= 3.5.1 Remote File Inclusion - http://packetstormsecurity.com/files/119221/wp_advanced_custom_fields_exec.rb.txt + http://packetstormsecurity.com/files/119221/ 51037 exploit/unix/webapp/wp_advanced_custom_fields_exec @@ -960,7 +959,7 @@ Catalog HTML Code Injection and Cross-site scripting - http://packetstormsecurity.org/files/117820/wpcatalog-xss.txt + http://packetstormsecurity.org/files/117820/ 51143 MULTI @@ -1028,7 +1027,7 @@ BBPress SQL Injection / Path Disclosure - http://packetstormsecurity.org/files/116123 + http://packetstormsecurity.org/files/116123/ MULTI @@ -1038,7 +1037,7 @@ NextGen Cu3er Gallery Information Disclosure - http://packetstormsecurity.org/files/116150 + http://packetstormsecurity.org/files/116150/ UNKNOWN @@ -1048,7 +1047,7 @@ Rich Widget File Upload - http://packetstormsecurity.org/files/115787/wprichwidget-shell.txt + http://packetstormsecurity.org/files/115787/ UPLOAD @@ -1058,7 +1057,7 @@ Monsters Editor Shell Upload - http://packetstormsecurity.org/files/115788/wpmonsters-shell.txt + http://packetstormsecurity.org/files/115788/ UPLOAD @@ -1132,7 +1131,7 @@ Resume Submissions Job Posting v2.5.1 Unrestricted File Upload - http://www.packetstormsecurity.org/files/114716 + http://packetstormsecurity.org/files/114716/ UPLOAD @@ -1652,7 +1651,7 @@ FoxyPress 0.4.2.5 XSS / CSRF / SQL Injection - http://packetstormsecurity.org/files/117768 + http://packetstormsecurity.org/files/117768/ 51109 MULTI @@ -1801,7 +1800,7 @@ WordPress pretty-link plugin XSS in SWF http://seclists.org/bugtraq/2013/Feb/100 - http://packetstormsecurity.com/files/120433/wpprettylink163-xss.txt + http://packetstormsecurity.com/files/120433/ 2013-1636 XSS @@ -2116,8 +2115,8 @@ Organizer 1.2.1 Cross Site Scripting / Path Disclosure - http://packetstormsecurity.org/files/112086 - http://packetstormsecurity.org/files/113800 + http://packetstormsecurity.org/files/112086/ + http://packetstormsecurity.org/files/113800/ MULTI @@ -2127,7 +2126,7 @@ Zingiri Tickets plugin File Disclosure - http://packetstormsecurity.org/files/111904 + http://packetstormsecurity.org/files/111904/ UNKNOWN @@ -2167,7 +2166,7 @@ Register Plus Redux <= 3.8.3 Cross Site Scripting - http://packetstormsecurity.org/files/111367 + http://packetstormsecurity.org/files/111367/ XSS @@ -2177,7 +2176,7 @@ Magn WP Drag and Drop <= 1.1.4 Upload Shell Upload Vulnerability - http://packetstormsecurity.org/files/110103 + http://packetstormsecurity.org/files/110103/ UPLOAD @@ -2244,7 +2243,7 @@ myEASYbackup 1.0.8.1 Directory Traversal - http://packetstormsecurity.org/files/108711 + http://packetstormsecurity.org/files/108711/ UNKNOWN @@ -2261,14 +2260,14 @@ Count Per Day 3.2.3 Cross Site Scripting - http://packetstormsecurity.org/files/115904 + http://packetstormsecurity.org/files/115904/ XSS Count Per Day 3.1.1 Cross Site Scripting - http://packetstormsecurity.org/files/114787/SSCHADV2012-015.txt + http://packetstormsecurity.org/files/114787/ XSS @@ -2312,7 +2311,7 @@ Yousaytoo Auto Publishing <= 1.0 Cross Site Scripting - http://packetstormsecurity.org/files/108470 + http://packetstormsecurity.org/files/108470/ XSS @@ -2332,7 +2331,7 @@ Whois Search <= 1.4.2 Cross Site Scripting - http://packetstormsecurity.org/files/108271 + http://packetstormsecurity.org/files/108271/ XSS @@ -2663,7 +2662,7 @@ GRAND Flash Album Gallery <= 1.71 XSS Vulnerability - http://packetstormsecurity.org/files/112704 + http://packetstormsecurity.org/files/112704/ XSS @@ -2744,7 +2743,7 @@ WP Forum Server plugin <= 1.7.3 SQL Injection / XSS Vulnerabilities - http://www.packetstormsecurity.org/files/112703 + http://packetstormsecurity.org/files/112703/ MULTI @@ -2774,7 +2773,7 @@ WordPress Comment Rating 2.9.32 SQL Injection / Bypass - http://packetstormsecurity.com/files/120569/wpcomment2932-sqlbypass.txt + http://packetstormsecurity.com/files/120569/ MULTI @@ -4203,7 +4202,7 @@ GD Star Rating plugin <= 1.9.16 Cross Site Scripting - http://www.packetstormsecurity.org/files/112702 + http://packetstormsecurity.org/files/112702/ XSS @@ -4396,7 +4395,7 @@ floating-tweets persistent XSS - http://packetstormsecurity.com/files/119499/floatingtweets-xsstraversal.txt + http://packetstormsecurity.com/files/119499/ http://websecurity.com.ua/6023/ XSS @@ -4404,7 +4403,7 @@ floating-tweets directory traversal - http://packetstormsecurity.com/files/119499/floatingtweets-xsstraversal.txt + http://packetstormsecurity.com/files/119499/ http://websecurity.com.ua/6023/ UNKNOWN @@ -4457,7 +4456,7 @@ WP-SlimStat-Ex - Open Flash Chart Arbitrary File Creation Vulnerability 55160 - http://packetstormsecurity.com/files/123494/wpslimstatex-exec.txt + http://packetstormsecurity.com/files/123494/ UPLOAD @@ -4681,7 +4680,7 @@ SQL Injection Vulnerability in Wysija Newsletters WordPress Plugin https://www.htbridge.com/advisory/HTB23140 - http://packetstormsecurity.com/files/120089/wpwysijanl-sql.txt + http://packetstormsecurity.com/files/120089/ http://seclists.org/bugtraq/2013/Feb/29 http://cxsecurity.com/issue/WLB-2013020039 @@ -5096,7 +5095,7 @@ Wordpress wp-table-reloaded plugin cross-site scripting in SWF - http://packetstormsecurity.com/files/119968/wptablereloaded-xss.txt + http://packetstormsecurity.com/files/119968/ 52027 http://seclists.org/bugtraq/2013/Feb/28 @@ -5149,7 +5148,7 @@ Cross-Site Scripting (XSS) Vulnerability in CommentLuv WordPress Plugin https://www.htbridge.com/advisory/HTB23138 - http://packetstormsecurity.com/files/120090/wpcommentluv-xss.txt + http://packetstormsecurity.com/files/120090/ http://seclists.org/bugtraq/2013/Feb/30 http://cxsecurity.com/issue/WLB-2013020040 52092 @@ -5251,7 +5250,7 @@ smart-flv jwplayer.swf XSS http://www.openwall.com/lists/oss-security/2013/02/24/7 - http://packetstormsecurity.com/files/115100/jwplayer-xss.txt + http://packetstormsecurity.com/files/115100/ 90606 XSS @@ -5284,7 +5283,7 @@ Marekkis Watermark Cross Site Scripting - http://packetstormsecurity.com/files/120378/wpmarekkiswatermark-xss.txt + http://packetstormsecurity.com/files/120378/ XSS @@ -5294,7 +5293,7 @@ Responsive Logo Slideshow Cross Site Scripting - http://packetstormsecurity.com/files/120379/wpresponsivelogo-xss.txt + http://packetstormsecurity.com/files/120379/ XSS @@ -5605,7 +5604,7 @@ Terillion Reviews Cross Site Scripting - http://packetstormsecurity.com/files/120730/wpterillionreviews-xss.txt + http://packetstormsecurity.com/files/120730/ XSS @@ -5761,8 +5760,7 @@ podPress 8.8.10.13 Cross Site Scripting - http://packetstormsecurity.com/files/121011/WordPress-podPress-8.8.10.13-Cross-Site-Scripting.html - + http://packetstormsecurity.com/files/121011/ XSS @@ -6191,8 +6189,7 @@ ADIF Log Search Widget XSS Arbitrary Vulnerability - http://packetstormsecurity.com/files/121777/ADIF-Log-Search-Widget-1.0e-Cross-Site-Scripting.html - + http://packetstormsecurity.com/files/121777/ 53599 93721 @@ -6639,7 +6636,7 @@ Lazy SEO 1.1.9 - lazyseo.php File Upload Arbitrary Code Execution - http://packetstormsecurity.com/files/123349/wplazyseo-shell.txt + http://packetstormsecurity.com/files/123349/ http://xforce.iss.net/xforce/xfdb/87384 97662 2013-5961 @@ -6653,7 +6650,7 @@ SEO Watcher - Open Flash Chart Arbitrary File Creation Vulnerability - http://packetstormsecurity.com/files/123493/wpseowatcher-exec.txt + http://packetstormsecurity.com/files/123493/ 55162 UPLOAD @@ -6676,7 +6673,7 @@ Simple Dropbox Upload - Arbitrary File Upload Vulnerability - http://packetstormsecurity.com/files/123235/wpsdu-shell.txt + http://packetstormsecurity.com/files/123235/ http://xforce.iss.net/xforce/xfdb/87166 54856 2013-5963 @@ -6701,7 +6698,7 @@ miniAudioPlayer - Two XSS Vulnerabilities 54979 - http://packetstormsecurity.com/files/123372/wpminiaudioplayer-xss.txt + http://packetstormsecurity.com/files/123372/ XSS @@ -6725,7 +6722,7 @@ 54894 2013-5962 28377 - http://packetstormsecurity.com/files/123303 + http://packetstormsecurity.com/files/123303/ http://xforce.iss.net/xforce/xfdb/87172 UPLOAD From ab65571ee5586414402a1070e172e7fa63b4c232 Mon Sep 17 00:00:00 2001 From: Peter van der Laan Date: Tue, 8 Oct 2013 11:40:38 +0200 Subject: [PATCH 09/18] Replace packetstormsecurity.org to packetstormsecurity.com --- data/plugin_vulns.xml | 150 +++++++++++++++++++++--------------------- 1 file changed, 75 insertions(+), 75 deletions(-) diff --git a/data/plugin_vulns.xml b/data/plugin_vulns.xml index dbeffc38..79775224 100644 --- a/data/plugin_vulns.xml +++ b/data/plugin_vulns.xml @@ -959,7 +959,7 @@ Catalog HTML Code Injection and Cross-site scripting - http://packetstormsecurity.org/files/117820/ + http://packetstormsecurity.com/files/117820/ 51143 MULTI @@ -1027,7 +1027,7 @@ BBPress SQL Injection / Path Disclosure - http://packetstormsecurity.org/files/116123/ + http://packetstormsecurity.com/files/116123/ MULTI @@ -1037,7 +1037,7 @@ NextGen Cu3er Gallery Information Disclosure - http://packetstormsecurity.org/files/116150/ + http://packetstormsecurity.com/files/116150/ UNKNOWN @@ -1047,7 +1047,7 @@ Rich Widget File Upload - http://packetstormsecurity.org/files/115787/ + http://packetstormsecurity.com/files/115787/ UPLOAD @@ -1057,7 +1057,7 @@ Monsters Editor Shell Upload - http://packetstormsecurity.org/files/115788/ + http://packetstormsecurity.com/files/115788/ UPLOAD @@ -1131,7 +1131,7 @@ Resume Submissions Job Posting v2.5.1 Unrestricted File Upload - http://packetstormsecurity.org/files/114716/ + http://packetstormsecurity.com/files/114716/ UPLOAD @@ -1194,7 +1194,7 @@ Fancy Gallery 1.2.4 Shell Upload - http://packetstormsecurity.org/files/114114/ + http://packetstormsecurity.com/files/114114/ UPLOAD @@ -1204,7 +1204,7 @@ Flip Book 1.0 Shell Upload - http://packetstormsecurity.org/files/114112/ + http://packetstormsecurity.com/files/114112/ UPLOAD @@ -1214,7 +1214,7 @@ Ajax Multi Upload 1.1 Shell Upload - http://packetstormsecurity.org/files/114109/ + http://packetstormsecurity.com/files/114109/ UPLOAD @@ -1234,7 +1234,7 @@ Wordpress Automatic 2.0.3 CSRF - http://packetstormsecurity.org/files/113763/ + http://packetstormsecurity.com/files/113763/ CSRF @@ -1246,7 +1246,7 @@ 4.51 Arbitrary File Upload Vulnerability - http://packetstormsecurity.org/files/113580/ + http://packetstormsecurity.com/files/113580/ UPLOAD @@ -1258,7 +1258,7 @@ File Upload Vulnerability - http://packetstormsecurity.org/files/113568/ + http://packetstormsecurity.com/files/113568/ UPLOAD @@ -1268,7 +1268,7 @@ LB Mixed Slideshow 1.0 Arbitrary File Upload Vulnerability - http://packetstormsecurity.org/files/113844/ + http://packetstormsecurity.com/files/113844/ UPLOAD @@ -1278,7 +1278,7 @@ Lim4wp 1.1.1 Arbitrary File Upload Vulnerability - http://packetstormsecurity.org/files/113846/ + http://packetstormsecurity.com/files/113846/ UPLOAD @@ -1288,7 +1288,7 @@ Wp-ImageZoom 1.0.3 Remote File Disclosure - http://packetstormsecurity.org/files/113845/ + http://packetstormsecurity.com/files/113845/ UNKNOWN @@ -1298,7 +1298,7 @@ Invit0r 0.22 Shell Upload - http://packetstormsecurity.org/files/113639/ + http://packetstormsecurity.com/files/113639/ UPLOAD @@ -1308,7 +1308,7 @@ Annonces 1.2.0.1 Shell Upload - http://packetstormsecurity.org/files/113637/ + http://packetstormsecurity.com/files/113637/ UPLOAD @@ -1320,7 +1320,7 @@ File Upload Vulnerability - http://packetstormsecurity.org/files/113571/ + http://packetstormsecurity.com/files/113571/ UPLOAD @@ -1339,7 +1339,7 @@ File Upload Vulnerability - http://packetstormsecurity.org/files/113570/ + http://packetstormsecurity.com/files/113570/ UPLOAD @@ -1641,7 +1641,7 @@ Foxypress 0.4.1.1 - 0.4.2.1 Arbitrary File Upload - http://packetstormsecurity.org/files/113576/ + http://packetstormsecurity.com/files/113576/ 18991 19100 @@ -1651,7 +1651,7 @@ FoxyPress 0.4.2.5 XSS / CSRF / SQL Injection - http://packetstormsecurity.org/files/117768/ + http://packetstormsecurity.com/files/117768/ 51109 MULTI @@ -1662,7 +1662,7 @@ Track That Stat <= 1.0.8 Cross Site Scripting - http://packetstormsecurity.org/files/112722/ + http://packetstormsecurity.com/files/112722/ XSS @@ -1672,7 +1672,7 @@ WP-Facethumb Gallery <= 0.1 Reflected Cross Site Scripting - http://packetstormsecurity.org/files/112658/ + http://packetstormsecurity.com/files/112658/ XSS @@ -1682,7 +1682,7 @@ Survey And Quiz Tool <= 2.9.2 Cross Site Scripting - http://packetstormsecurity.org/files/112685/ + http://packetstormsecurity.com/files/112685/ XSS @@ -1692,7 +1692,7 @@ WP Statistics <= 2.2.4 Cross Site Scripting - http://packetstormsecurity.org/files/112686/ + http://packetstormsecurity.com/files/112686/ XSS @@ -1702,7 +1702,7 @@ WP Easy Gallery <= 1.7 Cross Site Scripting - http://packetstormsecurity.org/files/112687/ + http://packetstormsecurity.com/files/112687/ XSS @@ -1719,7 +1719,7 @@ Subscribe2 <= 8.0 Cross Site Scripting - http://packetstormsecurity.org/files/112688/ + http://packetstormsecurity.com/files/112688/ XSS @@ -1729,7 +1729,7 @@ Soundcloud Is Gold <= 2.1 Cross Site Scripting - http://packetstormsecurity.org/files/112689/ + http://packetstormsecurity.com/files/112689/ XSS @@ -1740,7 +1740,7 @@ Sharebar <= 1.2.5 sharebar-admin.php page Parameter XSS 98078 - http://packetstormsecurity.org/files/123365/ + http://packetstormsecurity.com/files/123365/ XSS @@ -1754,7 +1754,7 @@ Sharebar <= 1.2.1 SQL Injection / Cross Site Scripting - http://packetstormsecurity.org/files/112690/ + http://packetstormsecurity.com/files/112690/ MULTI 1.2.2 @@ -1765,7 +1765,7 @@ Share And Follow <= 1.80.3 Cross Site Scripting - http://packetstormsecurity.org/files/112691/ + http://packetstormsecurity.com/files/112691/ XSS @@ -1775,7 +1775,7 @@ SABRE <= 1.2.0 Cross Site Scripting - http://packetstormsecurity.org/files/112692/ + http://packetstormsecurity.com/files/112692/ XSS @@ -1785,7 +1785,7 @@ Pretty Link Lite <= 1.5.2 Cross Site Scripting - http://packetstormsecurity.org/files/112693/ + http://packetstormsecurity.com/files/112693/ XSS @@ -1811,7 +1811,7 @@ Newsletter Manager <= 1.0 Cross Site Scripting - http://packetstormsecurity.org/files/112694/ + http://packetstormsecurity.com/files/112694/ XSS @@ -1821,7 +1821,7 @@ Network Publisher <= 5.0.1 Cross Site Scripting - http://packetstormsecurity.org/files/112695/ + http://packetstormsecurity.com/files/112695/ XSS @@ -1831,7 +1831,7 @@ LeagueManager <= 3.7 Cross Site Scripting - http://packetstormsecurity.org/files/112698/ + http://packetstormsecurity.com/files/112698/ 49949 XSS @@ -1849,7 +1849,7 @@ Leaflet <= 0.0.1 Cross Site Scripting - http://packetstormsecurity.org/files/112699/ + http://packetstormsecurity.com/files/112699/ XSS @@ -1859,7 +1859,7 @@ PDF And Print Button Joliprint <= 1.3.0 Cross Site Scripting - http://packetstormsecurity.org/files/112700/ + http://packetstormsecurity.com/files/112700/ XSS @@ -1869,7 +1869,7 @@ IFrame Admin Pages <= 0.1 Cross Site Scripting - http://packetstormsecurity.org/files/112701/ + http://packetstormsecurity.com/files/112701/ XSS @@ -1879,7 +1879,7 @@ EZPZ One Click Backup <= 12.03.10 Cross Site Scripting - http://packetstormsecurity.org/files/112705/ + http://packetstormsecurity.com/files/112705/ XSS @@ -1889,7 +1889,7 @@ Dynamic Widgets <= 1.5.1 Cross Site Scripting - http://packetstormsecurity.org/files/112706/ + http://packetstormsecurity.com/files/112706/ XSS @@ -1918,7 +1918,7 @@ Download Monitor <= 3.3.5.4 Cross Site Scripting - http://packetstormsecurity.org/files/112707/ + http://packetstormsecurity.com/files/112707/ XSS @@ -1928,7 +1928,7 @@ Download Manager <= 2.2 Cross Site Scripting - http://packetstormsecurity.org/files/112708/ + http://packetstormsecurity.com/files/112708/ XSS @@ -1938,7 +1938,7 @@ Code Styling Localization <= 1.99.16 Cross Site Scripting - http://packetstormsecurity.org/files/112709/ + http://packetstormsecurity.com/files/112709/ XSS @@ -1948,7 +1948,7 @@ Catablog <= 1.6 Cross Site Scripting - http://packetstormsecurity.org/files/112619/ + http://packetstormsecurity.com/files/112619/ XSS @@ -1958,7 +1958,7 @@ Bad Behavior <= 2.24 Cross Site Scripting - http://packetstormsecurity.org/files/112619/ + http://packetstormsecurity.com/files/112619/ XSS @@ -1968,7 +1968,7 @@ BulletProof Security <= 0.47 Cross Site Scripting - http://packetstormsecurity.org/files/112618/ + http://packetstormsecurity.com/files/112618/ XSS @@ -1998,7 +1998,7 @@ Better WP Security <= 3.2.4 Cross Site Scripting - http://packetstormsecurity.org/files/112617/ + http://packetstormsecurity.com/files/112617/ XSS 3.2.5 @@ -2009,7 +2009,7 @@ Custom Contact Forms <= 5.0.0.1 Cross Site Scripting - http://packetstormsecurity.org/files/112616/ + http://packetstormsecurity.com/files/112616/ XSS @@ -2019,14 +2019,14 @@ 2-Click-Socialmedia-Buttons <= 0.34 Cross Site Scripting - http://packetstormsecurity.org/files/112615/ + http://packetstormsecurity.com/files/112615/ XSS 2-Click-Socialmedia-Buttons <= 0.32.2 Cross Site Scripting - http://packetstormsecurity.org/files/112711/ + http://packetstormsecurity.com/files/112711/ XSS @@ -2062,7 +2062,7 @@ Media Library Categories plugin <= 1.1.1 Cross Site Scripting - http://packetstormsecurity.org/files/112697/ + http://packetstormsecurity.com/files/112697/ SQLI @@ -2072,7 +2072,7 @@ FCKeditor Deans With Pwwangs Code <= 1.0.0 Remote Shell Upload - http://packetstormsecurity.org/files/111319/ + http://packetstormsecurity.com/files/111319/ RFI @@ -2098,14 +2098,14 @@ Zingiri Web Shop <= 2.3.5 Cross Site Scripting - http://packetstormsecurity.org/files/112684/ + http://packetstormsecurity.com/files/112684/ XSS Zingiri Web Shop 2.4.3 Shell Upload - http://packetstormsecurity.org/files/113668/ + http://packetstormsecurity.com/files/113668/ UPLOAD @@ -2115,8 +2115,8 @@ Organizer 1.2.1 Cross Site Scripting / Path Disclosure - http://packetstormsecurity.org/files/112086/ - http://packetstormsecurity.org/files/113800/ + http://packetstormsecurity.com/files/112086/ + http://packetstormsecurity.com/files/113800/ MULTI @@ -2126,7 +2126,7 @@ Zingiri Tickets plugin File Disclosure - http://packetstormsecurity.org/files/111904/ + http://packetstormsecurity.com/files/111904/ UNKNOWN @@ -2166,7 +2166,7 @@ Register Plus Redux <= 3.8.3 Cross Site Scripting - http://packetstormsecurity.org/files/111367/ + http://packetstormsecurity.com/files/111367/ XSS @@ -2176,7 +2176,7 @@ Magn WP Drag and Drop <= 1.1.4 Upload Shell Upload Vulnerability - http://packetstormsecurity.org/files/110103/ + http://packetstormsecurity.com/files/110103/ UPLOAD @@ -2196,7 +2196,7 @@ AllWebMenus Shell Upload <= 1.1.9 Shell Upload - http://packetstormsecurity.org/files/108946/ + http://packetstormsecurity.com/files/108946/ RFI @@ -2213,7 +2213,7 @@ Shortcode Redirect <= 1.0.01 Stored Cross Site Scripting - http://packetstormsecurity.org/files/108914/ + http://packetstormsecurity.com/files/108914/ XSS @@ -2243,7 +2243,7 @@ myEASYbackup 1.0.8.1 Directory Traversal - http://packetstormsecurity.org/files/108711/ + http://packetstormsecurity.com/files/108711/ UNKNOWN @@ -2260,14 +2260,14 @@ Count Per Day 3.2.3 Cross Site Scripting - http://packetstormsecurity.org/files/115904/ + http://packetstormsecurity.com/files/115904/ XSS Count Per Day 3.1.1 Cross Site Scripting - http://packetstormsecurity.org/files/114787/ + http://packetstormsecurity.com/files/114787/ XSS @@ -2311,7 +2311,7 @@ Yousaytoo Auto Publishing <= 1.0 Cross Site Scripting - http://packetstormsecurity.org/files/108470/ + http://packetstormsecurity.com/files/108470/ XSS @@ -2331,7 +2331,7 @@ Whois Search <= 1.4.2 Cross Site Scripting - http://packetstormsecurity.org/files/108271/ + http://packetstormsecurity.com/files/108271/ XSS @@ -2639,7 +2639,7 @@ GRAND Flash Album Gallery 1.9.0 and 2.0.0 Multiple Vulnerabilities - http://packetstormsecurity.org/files/117665/ + http://packetstormsecurity.com/files/117665/ http://www.waraxe.us/advisory-94.html 51601 @@ -2662,7 +2662,7 @@ GRAND Flash Album Gallery <= 1.71 XSS Vulnerability - http://packetstormsecurity.org/files/112704/ + http://packetstormsecurity.com/files/112704/ XSS @@ -2743,7 +2743,7 @@ WP Forum Server plugin <= 1.7.3 SQL Injection / XSS Vulnerabilities - http://packetstormsecurity.org/files/112703/ + http://packetstormsecurity.com/files/112703/ MULTI @@ -2822,7 +2822,7 @@ Mingle Forum <= 1.0.32.1 Cross Site Scripting / SQL Injection - http://packetstormsecurity.org/files/108915/ + http://packetstormsecurity.com/files/108915/ MULTI @@ -2843,7 +2843,7 @@ Mingle Forum <= 1.0.33 Cross Site Scripting - http://packetstormsecurity.org/files/112696/ + http://packetstormsecurity.com/files/112696/ MULTI @@ -3480,7 +3480,7 @@ Evarisk 5.1.5.4 Shell Upload - http://packetstormsecurity.org/files/113638/ + http://packetstormsecurity.com/files/113638/ UPLOAD @@ -3861,7 +3861,7 @@ TheCartPress <= 1.6 Cross Site Sripting - http://packetstormsecurity.org/files/108272/ + http://packetstormsecurity.com/files/108272/ XSS @@ -4202,7 +4202,7 @@ GD Star Rating plugin <= 1.9.16 Cross Site Scripting - http://packetstormsecurity.org/files/112702/ + http://packetstormsecurity.com/files/112702/ XSS From 971f7e21cc396f1a96cfd3cf206d42972367a1f6 Mon Sep 17 00:00:00 2001 From: Peter van der Laan Date: Tue, 8 Oct 2013 16:48:43 +0200 Subject: [PATCH 10/18] Update plugin_vulns.xml --- data/plugin_vulns.xml | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/data/plugin_vulns.xml b/data/plugin_vulns.xml index 79775224..4423281f 100644 --- a/data/plugin_vulns.xml +++ b/data/plugin_vulns.xml @@ -1737,7 +1737,7 @@ - Sharebar <= 1.2.5 sharebar-admin.php page Parameter XSS + Sharebar <= 1.2.5 - sharebar-admin.php page Parameter XSS 98078 http://packetstormsecurity.com/files/123365/ @@ -1745,14 +1745,14 @@ XSS - Sharebar <= 1.2.5 Button Manipulation CSRF + Sharebar <= 1.2.5 - Button Manipulation CSRF 94843 CSRF - Sharebar <= 1.2.1 SQL Injection / Cross Site Scripting + Sharebar <= 1.2.1 - SQL Injection / Cross Site Scripting http://packetstormsecurity.com/files/112690/ @@ -4453,7 +4453,7 @@ - WP-SlimStat-Ex - Open Flash Chart Arbitrary File Creation Vulnerability + SlimStat-Ex - Open Flash Chart Arbitrary File Creation Vulnerability 55160 http://packetstormsecurity.com/files/123494/ @@ -6614,9 +6614,10 @@ - New Post Title Field Stored XSS + Social Hashtags 2.0.0 - New Post Title Field Stored XSS 98027 + http://packetstormsecurity.com/files/123485/ XSS @@ -6662,6 +6663,7 @@ All in One SEO Pack <= 2.3.0 - XSS Vulnerability http://archives.neohapsis.com/archives/bugtraq/2013-10/0006.html + http://packetstormsecurity.com/files/123490/ 55133 2.3.0.1 @@ -6725,6 +6727,7 @@ http://packetstormsecurity.com/files/123303/ http://xforce.iss.net/xforce/xfdb/87172 + 3.3.4 UPLOAD From 9c53273d1c9fc55e3e0b21de0166471bcdde5957 Mon Sep 17 00:00:00 2001 From: Peter van der Laan Date: Tue, 8 Oct 2013 17:27:42 +0200 Subject: [PATCH 11/18] Added Packetstorm #123367 --- data/plugin_vulns.xml | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/data/plugin_vulns.xml b/data/plugin_vulns.xml index 4423281f..435eb2ac 100644 --- a/data/plugin_vulns.xml +++ b/data/plugin_vulns.xml @@ -6732,4 +6732,14 @@ + + + LBG Zoominoutslider - XSS Vulnerability + + http://packetstormsecurity.com/files/123367/ + + XSS + + + From 0ba35e41b54ad18bff6534b3b54db0e7ad5f7b1d Mon Sep 17 00:00:00 2001 From: Peter van der Laan Date: Tue, 8 Oct 2013 20:35:38 +0200 Subject: [PATCH 12/18] Update plugin_vulns.xml --- data/plugin_vulns.xml | 78 +++++++++++++++++++++++++++++++++++++++---- 1 file changed, 71 insertions(+), 7 deletions(-) diff --git a/data/plugin_vulns.xml b/data/plugin_vulns.xml index 435eb2ac..50fed326 100644 --- a/data/plugin_vulns.xml +++ b/data/plugin_vulns.xml @@ -2887,12 +2887,18 @@ - NextGEN Smooth Gallery Blind SQL Injection Vulnerability + NextGEN Smooth Gallery - Blind SQL Injection Vulnerability 14541 SQLI + + NextGen Smooth Gallery - XSS + + http://packetstormsecurity.com/files/123074/ + + XSS @@ -3279,7 +3285,7 @@ - plugin fGallery 2.4.1 fimrss.php SQL Injection Vulnerability + fGallery 2.4.1 - fimrss.php SQL Injection Vulnerability 4993 @@ -6577,38 +6583,46 @@ - /admin/walkthrough/walkthrough.php step Parameter Reflected XSS + Design Approval System 3.6 - XSS Vulnerability http://seclists.org/bugtraq/2013/Sep/54 + http://packetstormsecurity.com/files/123227/ 2013-5711 97279 3.7 - + XSS + - Multiple Administrator Action CSRF + Event Easy Calendar 1.0.0 - Multiple Administrator Action CSRF 97042 + http://packetstormsecurity.com/files/123132/ + CSRF - Multiple Unspecified XSS + Event Easy Calendar 1.0.0 - Multiple Unspecified XSS 97041 + http://packetstormsecurity.com/files/123132/ + XSS - falha.php URI Reflected XSS + Bradesco - falha.php URI Reflected XSS 97624 2013-5916 + http://packetstormsecurity.com/files/123356/ + XSS @@ -6742,4 +6756,54 @@ + + + Woopra - Remote Code Execution + + http://packetstormsecurity.com/files/123525/ + + RCE + + + + + + fGallery_Plus - XSS + + http://packetstormsecurity.com/files/123347/ + + XSS + + + + + + NOSpamPTI 2.1 - Blind SQL Injection + + http://packetstormsecurity.com/files/123331/ + + SQLI + + + + + + Comment Attachment 1.0 - XSS Vulnerability + + http://packetstormsecurity.com/files/123327/ + + XSS + + + + + + Mukioplayer 1.6 - SQL Injection + + http://packetstormsecurity.com/files/123231/ + + SQLI + + + From a1a68dfd11ee9053e941ff3bf8ec56a66c17ea56 Mon Sep 17 00:00:00 2001 From: Peter van der Laan Date: Tue, 8 Oct 2013 22:49:02 +0200 Subject: [PATCH 13/18] Update plugin_vulns.xml --- data/plugin_vulns.xml | 67 +++++++++++++++++++++++++++++++++++++------ 1 file changed, 58 insertions(+), 9 deletions(-) diff --git a/data/plugin_vulns.xml b/data/plugin_vulns.xml index 50fed326..da75bd78 100644 --- a/data/plugin_vulns.xml +++ b/data/plugin_vulns.xml @@ -982,6 +982,13 @@ MULTI + + Wordfence 3.8.1 - XSS + + http://packetstormsecurity.com/files/122993/ + + XSS + @@ -1242,14 +1249,19 @@ - VideoWhisper Video Conference - 4.51 Arbitrary File Upload Vulnerability - + VideoWhisper Video Conference 4.51 - Arbitrary File Upload Vulnerability http://packetstormsecurity.com/files/113580/ UPLOAD + + Video Whisper - XSS + + http://packetstormsecurity.com/files/122943/ + + XSS + @@ -4288,26 +4300,27 @@ - BackWPUp 2.1.4 Code Execution + BackWPUp 2.1.4 - Code Execution 17987 RCE - plugin BackWPup 1.5.2, 1.6.1, 1.7.1 Remote and Local Code Execution Vulnerability + plugin BackWPup 1.5.2, 1.6.1, 1.7.1 - Remote and Local Code Execution Vulnerability 71481 RCE - BackWPup wp-admin/admin.php tab Parameter XSS + BackWPup 3.0.12 - wp-admin/admin.php tab Parameter XSS 2013-4626 https://www.htbridge.com/advisory/HTB23161 96505 54515 + http://packetstormsecurity.com/files/122916/ XSS 3.0.13 @@ -6536,27 +6549,33 @@ - CSRF vulnerability in IndiaNIC Testimonial 2.2 + IndiaNIC Testimonial 2.2 - CSRF vulnerability http://seclists.org/fulldisclosure/2013/Sep/5 2013-5672 28054 + http://packetstormsecurity.com/files/123036/ + CSRF - SQL Injection vulnerability in IndiaNIC Testimonial 2.2 + IndiaNIC Testimonial 2.2 - SQL Injection vulnerability http://seclists.org/fulldisclosure/2013/Sep/5 2013-5673 28054 + http://packetstormsecurity.com/files/123036/ + SQLI - XSS vulnerability in IndiaNIC Testimonial 2.2 + IndiaNIC Testimonial 2.2 - XSS vulnerability http://seclists.org/fulldisclosure/2013/Sep/5 28054 + http://packetstormsecurity.com/files/123036/ + XSS @@ -6806,4 +6825,34 @@ + + + Encrypted Blog 0.0.6.2 - XSS, Open Redirect + + http://packetstormsecurity.com/files/122992/ + + XSS + + + + + + Simple Login Registration 1.0.1 - XSS + + http://packetstormsecurity.com/files/122963/ + + XSS + + + + + + Post Gallery - XSS + + http://packetstormsecurity.com/files/122957/ + + XSS + + + From 053d83df2bf63ba71e92e1f5f40ddd5fc93c1da6 Mon Sep 17 00:00:00 2001 From: Peter van der Laan Date: Tue, 8 Oct 2013 22:49:24 +0200 Subject: [PATCH 14/18] Update theme_vulns.xml --- data/theme_vulns.xml | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/data/theme_vulns.xml b/data/theme_vulns.xml index 227d9f77..c8074376 100644 --- a/data/theme_vulns.xml +++ b/data/theme_vulns.xml @@ -1715,4 +1715,14 @@ + + + silverOrchid - XSS Vulnerability + + http://packetstormsecurity.com/files/122986/ + + XSS + + + From c4985b406dbabfe491cd71b75619559b9b312625 Mon Sep 17 00:00:00 2001 From: Peter van der Laan Date: Tue, 8 Oct 2013 23:02:35 +0200 Subject: [PATCH 15/18] Fixed some tag errors --- data/plugin_vulns.xml | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/data/plugin_vulns.xml b/data/plugin_vulns.xml index da75bd78..8e236faf 100644 --- a/data/plugin_vulns.xml +++ b/data/plugin_vulns.xml @@ -985,7 +985,7 @@ Wordfence 3.8.1 - XSS - http://packetstormsecurity.com/files/122993/ + http://packetstormsecurity.com/files/122993/ XSS @@ -1258,7 +1258,7 @@ Video Whisper - XSS - http://packetstormsecurity.com/files/122943/ + http://packetstormsecurity.com/files/122943/ XSS @@ -4320,7 +4320,7 @@ https://www.htbridge.com/advisory/HTB23161 96505 54515 - http://packetstormsecurity.com/files/122916/ + http://packetstormsecurity.com/files/122916/ XSS 3.0.13 @@ -6554,7 +6554,7 @@ http://seclists.org/fulldisclosure/2013/Sep/5 2013-5672 28054 - http://packetstormsecurity.com/files/123036/ + http://packetstormsecurity.com/files/123036/ CSRF @@ -6564,7 +6564,7 @@ http://seclists.org/fulldisclosure/2013/Sep/5 2013-5673 28054 - http://packetstormsecurity.com/files/123036/ + http://packetstormsecurity.com/files/123036/ SQLI @@ -6573,7 +6573,7 @@ http://seclists.org/fulldisclosure/2013/Sep/5 28054 - http://packetstormsecurity.com/files/123036/ + http://packetstormsecurity.com/files/123036/ XSS @@ -6829,7 +6829,7 @@ Encrypted Blog 0.0.6.2 - XSS, Open Redirect - http://packetstormsecurity.com/files/122992/ + http://packetstormsecurity.com/files/122992/ XSS @@ -6839,7 +6839,7 @@ Simple Login Registration 1.0.1 - XSS - http://packetstormsecurity.com/files/122963/ + http://packetstormsecurity.com/files/122963/ XSS @@ -6849,7 +6849,7 @@ Post Gallery - XSS - http://packetstormsecurity.com/files/122957/ + http://packetstormsecurity.com/files/122957/ XSS From 76444d2b3a8d143c8335a283fd5f42926ec6dcbd Mon Sep 17 00:00:00 2001 From: Peter van der Laan Date: Tue, 8 Oct 2013 23:05:03 +0200 Subject: [PATCH 16/18] Fixed tag error --- data/theme_vulns.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/data/theme_vulns.xml b/data/theme_vulns.xml index c8074376..0b40a53c 100644 --- a/data/theme_vulns.xml +++ b/data/theme_vulns.xml @@ -1719,7 +1719,7 @@ silverOrchid - XSS Vulnerability - http://packetstormsecurity.com/files/122986/ + http://packetstormsecurity.com/files/122986/ XSS From 5ebbf2392b24610abf71c321f8078962bcb2c515 Mon Sep 17 00:00:00 2001 From: Peter van der Laan Date: Tue, 8 Oct 2013 23:16:07 +0200 Subject: [PATCH 17/18] Update plugin_vulns.xml --- data/plugin_vulns.xml | 1 + 1 file changed, 1 insertion(+) diff --git a/data/plugin_vulns.xml b/data/plugin_vulns.xml index 8e236faf..2aedcde6 100644 --- a/data/plugin_vulns.xml +++ b/data/plugin_vulns.xml @@ -2911,6 +2911,7 @@ http://packetstormsecurity.com/files/123074/ XSS + From fccd093ea63e9bb04faa5f2941b6ba53b9368639 Mon Sep 17 00:00:00 2001 From: Peter van der Laan Date: Tue, 8 Oct 2013 23:24:00 +0200 Subject: [PATCH 18/18] Update plugin_vulns.xml --- data/plugin_vulns.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/data/plugin_vulns.xml b/data/plugin_vulns.xml index 2aedcde6..c2a91c6c 100644 --- a/data/plugin_vulns.xml +++ b/data/plugin_vulns.xml @@ -6612,7 +6612,7 @@ 3.7 XSS - +