garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update vuln db

Browse Source
This commit is contained in:
Peter van der Laan
2014-02-28 13:35:46 +01:00
parent 1b63d514ac
commit af3b3f4ee5
1 changed files with 156 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

156
data/plugin_vulns.xml
View File

@@ -173,6 +173,15 @@
</plugin> </plugin>
<plugin name="thanks-you-counter-button"> <plugin name="thanks-you-counter-button">
<vulnerability>
<title>Thank You Counter Button 1.8.7 - wp-admin/options.php Multiple Parameter Stored XSS</title>
<references>
<osvdb>103778</osvdb>
<url>http://packetstormsecurity.com/files/125397/</url>
<url>http://www.securityfocus.com/bid/65805</url>
</references>
<type>XSS</type>
</vulnerability>
<vulnerability> <vulnerability>
<title>Thank You Counter Button &lt;= 1.8.2 - XSS</title> <title>Thank You Counter Button &lt;= 1.8.2 - XSS</title>
<references> <references>
@@ -1645,6 +1654,87 @@
</plugin> </plugin>
<plugin name="videowhisper-live-streaming-integration"> <plugin name="videowhisper-live-streaming-integration">
<vulnerability>
<title>VideoWhisper Live Streaming Integration 4.27.3 - ls/vc_chatlog.php msg Parameter Stored XSS</title>
<references>
<osvdb>103821</osvdb>
<cve>2014-1906</cve>
<url>https://www.htbridge.com/advisory/HTB23199</url>
</references>
<type>XSS</type>
<fixed_in>4.29.5</fixed_in>
</vulnerability>
<vulnerability>
<title>VideoWhisper Live Streaming Integration 4.27.3 - ls/v_status.php ct Parameter Reflected XSS</title>
<references>
<osvdb>103820</osvdb>
<cve>2014-1906</cve>
<url>https://www.htbridge.com/advisory/HTB23199</url>
</references>
<type>XSS</type>
<fixed_in>4.29.5</fixed_in>
</vulnerability>
<vulnerability>
<title>VideoWhisper Live Streaming Integration 4.27.3 - ls/lb_logout.php message Parameter Reflected XSS</title>
<references>
<osvdb>103819</osvdb>
<cve>2014-1906</cve>
<url>https://www.htbridge.com/advisory/HTB23199</url>
</references>
<type>XSS</type>
<fixed_in>4.29.5</fixed_in>
</vulnerability>
<vulnerability>
<title>VideoWhisper Live Streaming Integration 4.27.3 - ls/videotext.php n Parameter Reflected XSS</title>
<references>
<osvdb>103818</osvdb>
<cve>2014-1906</cve>
<url>https://www.htbridge.com/advisory/HTB23199</url>
</references>
<type>XSS</type>
<fixed_in>4.29.5</fixed_in>
</vulnerability>
<vulnerability>
<title>VideoWhisper Live Streaming Integration 4.27.3 - ls/video.php n Parameter Reflected XSS</title>
<references>
<osvdb>103817</osvdb>
<cve>2014-1906</cve>
<url>https://www.htbridge.com/advisory/HTB23199</url>
</references>
<type>XSS</type>
<fixed_in>4.29.5</fixed_in>
</vulnerability>
<vulnerability>
<title>VideoWhisper Live Streaming Integration 4.27.3 - ls/htmlchat.php n Parameter Reflected XSS</title>
<references>
<osvdb>103816</osvdb>
<cve>2014-1906</cve>
<url>https://www.htbridge.com/advisory/HTB23199</url>
</references>
<type>XSS</type>
<fixed_in>4.29.5</fixed_in>
</vulnerability>
<vulnerability>
<title>VideoWhisper Live Streaming Integration 4.27.3 - ls/rtmp_logout.php s Parameter Path Traversal Remote File Deletion</title>
<references>
<osvdb>103815</osvdb>
<cve>2014-1907</cve>
<url>http://packetstormsecurity.com/files/125454/</url>
<url>https://www.htbridge.com/advisory/HTB23199</url>
</references>
<type>UNKNOWN</type>
<fixed_in>4.29.5</fixed_in>
</vulnerability>
<vulnerability>
<title>VideoWhisper Live Streaming Integration 4.27.3 - ls/channel.php n Parameter Reflected XSS</title>
<references>
<osvdb>103814</osvdb>
<cve>2014-1906</cve>
<url>https://www.htbridge.com/advisory/HTB23199</url>
</references>
<type>XSS</type>
<fixed_in>4.29.5</fixed_in>
</vulnerability>
<vulnerability> <vulnerability>
<title>VideoWhisper Live Streaming Integration 4.27.3 - Error Message Unspecified Remote Information Disclosure</title> <title>VideoWhisper Live Streaming Integration 4.27.3 - Error Message Unspecified Remote Information Disclosure</title>
<references> <references>
@@ -7932,6 +8022,15 @@
</plugin> </plugin>
<plugin name="feedweb"> <plugin name="feedweb">
<vulnerability>
<title>Feedweb 2.4 - feedweb_settings.php _wp_http_referer Parameter DOM-based XSS</title>
<references>
<osvdb>103788</osvdb>
<secunia>57108</secunia>
<url>http://www.securityfocus.com/bid/65800</url>
</references>
<type>XSS</type>
</vulnerability>
<vulnerability> <vulnerability>
<title>Feedweb 1.8.8 - widget_remove.php wp_post_id Parameter XSS</title> <title>Feedweb 1.8.8 - widget_remove.php wp_post_id Parameter XSS</title>
<references> <references>
@@ -10511,6 +10610,15 @@
</plugin> </plugin>
<plugin name="easy-media-gallery"> <plugin name="easy-media-gallery">
<vulnerability>
<title>Easy Media Gallery 1.2.29 - wp-admin/edit.php Multiple Parameter Stored XSS</title>
<references>
<osvdb>103779</osvdb>
<url>http://packetstormsecurity.com/files/125396/</url>
<url>http://www.securityfocus.com/bid/65804</url>
</references>
<type>XSS</type>
</vulnerability>
<vulnerability> <vulnerability>
<title>Easy Media Gallery 1.2.25 - includes/emg-settings.php spg_add_admin Function Admin User Creation CSRF</title> <title>Easy Media Gallery 1.2.25 - includes/emg-settings.php spg_add_admin Function Admin User Creation CSRF</title>
<references> <references>
@@ -11095,4 +11203,52 @@
</vulnerability> </vulnerability>
</plugin> </plugin>
<plugin name="alpine-photo-tile-for-instagram">
<vulnerability>
<title>Alpine PhotoTile For Instagram 1.2.6.5 - wp-admin/options-general.php general_lightbox_params Parameter XSS Weakness</title>
<references>
<osvdb>103822</osvdb>
<secunia>57198</secunia>
<url>http://packetstormsecurity.com/files/125418/</url>
</references>
<type>XSS</type>
</vulnerability>
</plugin>
<plugin name="widget-control-powered-by-everyblock">
<vulnerability>
<title>Widget Control Powered By Everyblock 1.0.1 - wp-admin/admin.php idDropdown Parameter XSS Weakness</title>
<references>
<osvdb>103831</osvdb>
<secunia>57203</secunia>
</references>
<type>XSS</type>
</vulnerability>
</plugin>
<plugin name="search-everything">
<vulnerability>
<title>Search Everything 7.0.2 - search-everything.php s Parameter SQL Injection</title>
<references>
<osvdb>103718</osvdb>
<secunia>56802</secunia>
<url>http://www.securityfocus.com/bid/65765</url>
</references>
<type>SQLI</type>
<fixed_in>7.0.3</fixed_in>
</vulnerability>
</plugin>
<plugin name="zedity">
<vulnerability>
<title>Zedity 2.5 - wp-admin/admin-ajax.php zedity_ajax Action zaction Parameter XSS</title>
<references>
<osvdb>103789</osvdb>
<secunia>57026</secunia>
<url>http://www.securityfocus.com/bid/65799</url>
</references>
<type>XSS</type>
</vulnerability>
</plugin>
</vulnerabilities> </vulnerabilities>