diff --git a/data/plugin_vulns.xml b/data/plugin_vulns.xml index 46daea39..94adde69 100644 --- a/data/plugin_vulns.xml +++ b/data/plugin_vulns.xml @@ -5,7 +5,7 @@ - Content Slide Plugin Cross-Site Requst Forgery Vulnerability + Content Slide - Cross-Site Requst Forgery Vulnerability CSRF 93871 @@ -16,7 +16,7 @@ - Simple Paypal Shopping Cart Plugin Cross-Site Request Forgery Vulnerability + Simple Paypal Shopping Cart - Cross-Site Request Forgery Vulnerability 52963 93953 @@ -28,7 +28,7 @@ - WP-SendSMS Plugin for WordPress Setting Manipulation CSRF + WP-SendSMS - Setting Manipulation CSRF 53796 94209 @@ -37,7 +37,7 @@ CSRF - WP-SendSMS Plugin for WordPress wp-admin/admin.php Multiple Parameter XSS + WP-SendSMS - wp-admin/admin.php Multiple Parameter XSS 94210 @@ -47,7 +47,7 @@ - Mail Subscribe List Plugin Script Insertion Vulnerability + Mail Subscribe List - Script Insertion Vulnerability 53732 94197 @@ -59,7 +59,7 @@ - VideoJS Cross-Site Scripting Vulnerability + VideoJS Cross - Site Scripting Vulnerability 53437 http://seclists.org/fulldisclosure/2013/May/66 @@ -71,7 +71,7 @@ - VideoJS Cross-Site Scripting Vulnerability + VideoJS Cross - Site Scripting Vulnerability 53426 http://seclists.org/fulldisclosure/2013/May/66 @@ -83,7 +83,7 @@ - VideoJS Cross-Site Scripting Vulnerability + VideoJS Cross - Site Scripting Vulnerability 53445 http://seclists.org/fulldisclosure/2013/May/66 @@ -95,7 +95,7 @@ - VideoJS Cross-Site Scripting Vulnerability + VideoJS Cross - Site Scripting Vulnerability 53396 http://seclists.org/fulldisclosure/2013/May/66 @@ -107,7 +107,7 @@ - VideoJS Cross-Site Scripting Vulnerability + VideoJS Cross - Site Scripting Vulnerability http://seclists.org/fulldisclosure/2013/May/66 @@ -117,7 +117,7 @@ - Crayon Syntax Highlighter Remote File Inclusion Vulnerability + Crayon Syntax Highlighter - Remote File Inclusion Vulnerability 50804 http://ceriksen.com/2012/10/15/wordpress-crayon-syntax-highlighter-remote-file-inclusion-vulnerability/ @@ -130,14 +130,14 @@ - UnGallery plugin <= 1.5.8 Local File Disclosure Vulnerability + UnGallery <= 1.5.8 - Local File Disclosure Vulnerability 17704 LFI - UnGallery Arbitrary Command Execution + UnGallery - Arbitrary Command Execution 50875 http://ceriksen.com/2012/10/23/wordpress-ungallery-remote-command-injection-vulnerability/ @@ -149,7 +149,7 @@ - Thank You Counter Button XSS + Thank You Counter Button - XSS 50977 @@ -160,7 +160,7 @@ - Bookings XSS + Bookings - XSS 50975 @@ -171,7 +171,7 @@ - Cimy User Manager Arbitrary File Disclosure + Cimy User Manager - Arbitrary File Disclosure 50834 http://ceriksen.com/2012/10/24/wordpress-cimy-user-manager-arbitrary-file-disclosure/ @@ -182,7 +182,7 @@ - WordPress FireStorm Professional Real Estate Plugin "id" SQL Injection Vulnerability + FireStorm Professional Real Estate - "id" SQL Injection Vulnerability 51107 @@ -190,7 +190,7 @@ 2.06.04 - FireStorm Professional Real Estate Plugin Multiple SQL Injection + FireStorm Professional Real Estate - Multiple SQL Injection 50873 @@ -204,14 +204,14 @@ - WP125 Multiple XSS + WP125 Multiple - XSS 50976 XSS - WordPress WP125 Plugin CSRF + WP125 - CSRF http://www.securityfocus.com/bid/58934 @@ -222,7 +222,7 @@ - Wordpress All Video Gallery Plugin Multiple SQL Injection Vulnerabilities + All Video Gallery - Multiple SQL Injection Vulnerabilities 50874 http://ceriksen.com/2012/11/04/wordpress-all-video-gallery-plugin-sql-injection/ @@ -233,7 +233,7 @@ - BuddyStream XSS + BuddyStream - XSS 50972 @@ -243,7 +243,7 @@ - post-views XSS + post-views - XSS 50982 @@ -313,7 +313,7 @@ - multibox plugin Full Path Disclosure vulnerability + multibox - Full Path Disclosure vulnerability http://1337day.com/exploit/20119 @@ -429,7 +429,7 @@ FPD - Wp-UserOnline <= 0.62 Persistent XSS + Wp-UserOnline <= 0.62 - Persistent XSS http://seclists.org/fulldisclosure/2010/Jul/8 @@ -502,7 +502,7 @@ - Wordpress sitepress-multilingual-cms Full Path Disclosure + sitepress-multilingual-cms Full Path Disclosure http://1337day.com/exploit/20067 @@ -519,7 +519,7 @@ UPLOAD - WordPress plugin Asset manager upload.php Arbitrary Code Execution + plugin Asset manager upload.php Arbitrary Code Execution http://www.ethicalhack3r.co.uk/security/wordpress-plugin-asset-manager-upload-php-arbitrary-code-execution/ @@ -754,7 +754,7 @@ XSS - WordPress Carousel Slideshow Plugin Unspecified Vulnerabilities + Carousel Slideshow - Unspecified Vulnerabilities 50377 @@ -836,7 +836,7 @@ XSS - WordPress Image News slider Plugin Unspecified Vulnerabilities + Image News slider - Unspecified Vulnerabilities 50390 @@ -958,7 +958,7 @@ - Answer My Question 1.1 Multiple XSS + Answer My Question 1.1 - Multiple XSS http://www.securityfocus.com/archive/1/524625/30/0/threaded 50655 @@ -984,7 +984,7 @@ MULTI - Spider Catalog Plugin 1.4.6 - Multiple Vulnerabilities + Spider Catalog 1.4.6 - Multiple Vulnerabilities 25724 93591 @@ -995,7 +995,7 @@ - Wordfence 3.3.5 XSS and IAA + Wordfence 3.3.5 - XSS and IAA http://seclists.org/fulldisclosure/2012/Oct/139 51055 @@ -1020,7 +1020,7 @@ MULTI - WordPress Slideshow Plugin Multiple Script Insertion Vulnerabilities + Slideshow - Multiple Script Insertion Vulnerabilities 51135 @@ -1105,7 +1105,7 @@ - ThreeWP Email Reflector 1.13 Stored XSS + ThreeWP Email Reflector 1.13 - Stored XSS 20365 @@ -1115,7 +1115,7 @@ - SimpleMail 1.0.6 Stored XSS + SimpleMail 1.0.6 - Stored XSS 20361 50208 @@ -1180,7 +1180,7 @@ - Backup Plugin Information Disclosure + Backup - Information Disclosure 19524 50038 @@ -1212,7 +1212,7 @@ - Website FAQ Plugin v1.0 SQL Injection + Website FAQ 1.0 - SQL Injection 19400 @@ -1262,7 +1262,7 @@ - Wordpress Automatic 2.0.3 CSRF + Automatic 2.0.3 CSRF http://packetstormsecurity.com/files/113763/ @@ -1289,7 +1289,7 @@ - Auctions Plugin 2.0.1.3 Arbitrary + <title>Auctions - 2.0.1.3 Arbitrary File Upload Vulnerability @@ -1363,7 +1363,7 @@ - Contus HD FLV Player plugin <= 1.3 SQL Injection Vulnerability + Contus HD FLV Player <= 1.3 - SQL Injection Vulnerability 17678 @@ -1444,14 +1444,14 @@ XSS - WordPress Mac Photo Gallery Plugin Two Security Bypass Security Issues + Mac Photo Gallery - Two Security Bypass Security Issues 49923 AUTHBYPASS - WordPress Mac Photo Gallery Plugin Multiple Script Insertion Vulnerabilities + Mac Photo Gallery - Multiple Script Insertion Vulnerabilities 49836 @@ -1499,7 +1499,7 @@ - Front File Manager Plugin 0.1 Arbitrary File Upload + Front File Manager 0.1 - Arbitrary File Upload 19012 @@ -1596,7 +1596,7 @@ - wpStoreCart Plugin 2.5.27-2.5.29 Arbitrary File Upload + wpStoreCart 2.5.27-2.5.29 - Arbitrary File Upload 19023 @@ -1841,7 +1841,7 @@ XSS - WordPress pretty-link plugin XSS in SWF + pretty-link - XSS in SWF http://seclists.org/bugtraq/2013/Feb/100 http://packetstormsecurity.com/files/120433/ @@ -2091,7 +2091,7 @@ - Login With Ajax plugin Cross Site Scripting + Login With Ajax - Cross Site Scripting 49013 @@ -2099,7 +2099,7 @@ 3.0.4.1 - WordPress Login With Ajax Plugin Cross-Site Request Forgery Vulnerability + Login With Ajax - Cross-Site Request Forgery Vulnerability 52950 @@ -2110,14 +2110,14 @@ - Media Library Categories plugin <= 1.0.6 SQL Injection Vulnerability + Media Library Categories <= 1.0.6 - SQL Injection Vulnerability 17628 SQLI - Media Library Categories plugin <= 1.1.1 Cross Site Scripting + Media Library Categories <= 1.1.1 - Cross Site Scripting http://packetstormsecurity.com/files/112697/ @@ -2137,7 +2137,7 @@ - WordPress Zingiri Web Shop Plugin Cookie SQL Injection Vulnerability + Zingiri Web Shop - Cookie SQL Injection Vulnerability 49398 @@ -2181,7 +2181,7 @@ - Zingiri Tickets plugin File Disclosure + Zingiri Tickets - File Disclosure http://packetstormsecurity.com/files/111904/ @@ -2296,7 +2296,7 @@ - uCan Post plugin <= 1.0.09 Stored XSS + uCan Post <= 1.0.09 - Stored XSS 18390 @@ -2306,7 +2306,7 @@ - WP Cycle Playlist plugin Multiple Vulnerabilities + WP Cycle Playlist - Multiple Vulnerabilities http://1337day.com/exploits/17396 @@ -2367,7 +2367,7 @@ - WP-AutoYoutube plugin <= 0.1 Blind SQL Injection Vulnerability + WP-AutoYoutube <= 0.1 - Blind SQL Injection Vulnerability http://1337day.com/exploits/17368 @@ -2377,7 +2377,7 @@ - Age Verification plugin <= 0.4 Open Redirect + Age Verification <= 0.4 - Open Redirect 18350 @@ -2397,7 +2397,7 @@ - Pay With Tweet plugin <= 1.1 Multiple Vulnerabilities + Pay With Tweet <= 1.1 - Multiple Vulnerabilities 18330 @@ -2417,7 +2417,7 @@ - BLIND SQL injection UPM-POLLS plugin 1.0.4 + UPM-POLLS 1.0.4 - BLIND SQL injection 18231 @@ -2447,7 +2447,7 @@ - Link Library plugin <= 5.2.1 SQL Injection + Link Library <= 5.2.1 - SQL Injection 17887 @@ -2457,7 +2457,7 @@ - CevherShare 2.0 plugin SQL Injection Vulnerability + CevherShare 2.0 - SQL Injection Vulnerability 17891 @@ -2467,7 +2467,7 @@ - meenews 5.1 plugin Cross-Site Scripting Vulnerabilities + meenews 5.1 - Cross-Site Scripting Vulnerabilities http://seclists.org/bugtraq/2011/Nov/151 @@ -2508,7 +2508,7 @@ - MM Duplicate plugin <= 1.2 SQL Injection Vulnerability + MM Duplicate <= 1.2 - SQL Injection Vulnerability 17707 @@ -2518,7 +2518,7 @@ - Menu Creator plugin <= 1.1.7 SQL Injection Vulnerability + Menu Creator <= 1.1.7 - SQL Injection Vulnerability 17689 @@ -2528,7 +2528,7 @@ - Allow PHP in Posts and Pages plugin <= 2.0.0.RC1 SQL Injection Vulnerability + Allow PHP in Posts and Pages <= 2.0.0.RC1 - SQL Injection Vulnerability 17688 @@ -2538,7 +2538,7 @@ - Global Content Blocks plugin <= 1.2 SQL Injection Vulnerability + Global Content Blocks <= 1.2 SQL - Injection Vulnerability 17687 @@ -2548,7 +2548,7 @@ - Ajax Gallery plugin <= 3.0 SQL Injection Vulnerability + Ajax Gallery <= 3.0 SQL - Injection Vulnerability 17686 @@ -2558,7 +2558,7 @@ - WP DS FAQ plugin <= 1.3.2 SQL Injection Vulnerability + WP DS FAQ <= 1.3.2 SQL - Injection Vulnerability 17683 @@ -2568,7 +2568,7 @@ - OdiHost Newsletter plugin <= 1.0 SQL Injection Vulnerability + OdiHost Newsletter <= 1.0 SQL - Injection Vulnerability 17681 @@ -2578,7 +2578,7 @@ - Easy Contact Form Lite plugin <= 1.0.7 SQL Injection Vulnerability + Easy Contact Form Lite <= 1.0.7 - SQL Injection Vulnerability 17680 @@ -2588,14 +2588,14 @@ - WP Symposium plugin <= 0.64 SQL Injection Vulnerability + WP Symposium <= 0.64 - SQL Injection Vulnerability 17679 SQLI - WP Symposium plugin <= 12.12 Multiple SQL Injection Vulnerabilities + WP Symposium <= 12.12 - Multiple SQL Injection Vulnerabilities 50674 http://ceriksen.com/2013/02/18/wp-symposium-multiple-sql-injection/ @@ -2603,7 +2603,7 @@ SQLI - WordPress WP Symposium Plugin "u" XSS + WP Symposium "u" XSS 52864 @@ -2611,7 +2611,7 @@ 13.04 - WordPress WP Symposium Plugin "u" Redirection Weakness + WP Symposium "u" Redirection Weakness 52925 @@ -2621,7 +2621,7 @@ - File Groups plugin <= 1.1.2 SQL Injection Vulnerability + File Groups <= 1.1.2 SQL Injection Vulnerability 17677 @@ -2631,7 +2631,7 @@ - IP-Logger plugin <= 3.0 SQL Injection Vulnerability + IP-Logger <= 3.0 SQL Injection Vulnerability 17673 @@ -2661,7 +2661,7 @@ - EditorMonkey plugin (FCKeditor) Arbitrary File Upload + EditorMonkey (FCKeditor) Arbitrary File Upload 17284 @@ -2701,7 +2701,7 @@ - WordPress GRAND FlAGallery Plugin Multiple Vulnerabilities + GRAND FlAGallery - Multiple Vulnerabilities 51100 @@ -2745,7 +2745,7 @@ XSS - WordPress GRAND FlAGallery Plugin "gid" SQL Injection Vulnerability + GRAND FlAGallery - "gid" SQL Injection Vulnerability 53356 @@ -2753,7 +2753,7 @@ 2.56 - GRAND FlAGallery Plugin "s" Cross-Site Scripting Vulnerability + GRAND FlAGallery - "s" Cross-Site Scripting Vulnerability 53111 93714 @@ -2812,14 +2812,14 @@ SQLI - WP Forum Server plugin <= 1.7 SQL Injection Vulnerability + WP Forum Server <= 1.7 SQL Injection Vulnerability 17828 SQLI - WP Forum Server plugin <= 1.7.3 SQL Injection / XSS Vulnerabilities + WP Forum Server <= 1.7.3 SQL Injection / XSS Vulnerabilities http://packetstormsecurity.com/files/112703/ @@ -2849,7 +2849,7 @@ - WordPress Comment Rating 2.9.32 SQL Injection / Bypass + Comment Rating 2.9.32 SQL Injection / Bypass http://packetstormsecurity.com/files/120569/ @@ -3012,7 +3012,7 @@ - Vulnerabilities in Cimy Counter for WordPress + Cimy Counter - Vulnerabilities 14057 @@ -3099,7 +3099,7 @@ - Vulnerabilities in WP-Cumulus <= 1.20 for WordPress + WP-Cumulus <= 1.20 - Vulnerabilities 10228 @@ -3178,14 +3178,14 @@ SQLI - Photoracer plugin <= 1.0 SQL Injection Vulnerability + Photoracer <= 1.0 SQL Injection Vulnerability 17720 SQLI - Photoracer plugin <= 1.0 Multiple Vulnerabilities + Photoracer <= 1.0 Multiple Vulnerabilities 17731 @@ -3481,7 +3481,7 @@ - SendIt plugin <= 1.5.9 Blind SQL Injection Vulnerability + SendIt <= 1.5.9 Blind SQL Injection Vulnerability 17716 @@ -3491,7 +3491,7 @@ - Js-appointment plugin <= 1.5 SQL Injection Vulnerability + Js-appointment <= 1.5 SQL Injection Vulnerability 17724 @@ -3518,7 +3518,7 @@ - Super CAPTCHA plugin <= 2.2.4 SQL Injection Vulnerability + Super CAPTCHA <= 2.2.4 SQL Injection Vulnerability 17728 @@ -3528,7 +3528,7 @@ - Collision Testimonials plugin <= 3.0 SQL Injection Vulnerability + Collision Testimonials <= 3.0 SQL Injection Vulnerability 17729 @@ -3538,7 +3538,7 @@ - Oqey Headers plugin <= 0.3 SQL Injection Vulnerability + Oqey Headers <= 0.3 SQL Injection Vulnerability 17730 @@ -3548,7 +3548,7 @@ - Facebook Promotions plugin <= 1.3.3 SQL Injection Vulnerability + Facebook Promotions <= 1.3.3 SQL Injection Vulnerability 17737 @@ -3558,7 +3558,7 @@ - Evarisk plugin <= 5.1.3.6 SQL Injection Vulnerability + Evarisk <= 5.1.3.6 SQL Injection Vulnerability 17738 @@ -3575,7 +3575,7 @@ - Profiles plugin <= 2.0 RC1 SQL Injection Vulnerability + Profiles <= 2.0 RC1 SQL Injection Vulnerability 17739 @@ -3585,7 +3585,7 @@ - mySTAT plugin <= 2.6 SQL Injection Vulnerability + mySTAT <= 2.6 SQL Injection Vulnerability 17740 @@ -3595,7 +3595,7 @@ - SH Slideshow plugin <= 3.1.4 SQL Injection Vulnerability + SH Slideshow <= 3.1.4 SQL Injection Vulnerability 17748 @@ -3605,7 +3605,7 @@ - iCopyright(R) Article Tools plugin <= 1.1.4 SQL Injection Vulnerability + iCopyright(R) Article Tools <= 1.1.4 SQL Injection Vulnerability 17749 @@ -3615,7 +3615,7 @@ - Advertizer plugin <= 1.0 SQL Injection Vulnerability + Advertizer <= 1.0 SQL Injection Vulnerability 17750 @@ -3625,14 +3625,14 @@ - Event Registration plugin <= 5.44 SQL Injection Vulnerability + Event Registration <= 5.44 SQL Injection Vulnerability 17814 SQLI - Event Registration plugin <= 5.43 SQL Injection Vulnerability + Event Registration <= 5.43 SQL Injection Vulnerability 17751 @@ -3649,7 +3649,7 @@ - Craw Rate Tracker plugin <= 2.0.2 SQL Injection Vulnerability + Craw Rate Tracker <= 2.0.2 SQL Injection Vulnerability 17755 @@ -3659,7 +3659,7 @@ - wp audio gallery playlist plugin <= 0.12 SQL Injection Vulnerability + wp audio gallery playlist <= 0.12 SQL Injection Vulnerability 17756 @@ -3669,7 +3669,7 @@ - WordPress yolink Search Plugin "s" Cross-Site Scripting Vulnerability + yolink Search "s" Cross-Site Scripting Vulnerability 52030 @@ -3677,7 +3677,7 @@ 2.6 - yolink Search plugin <= 1.1.4 SQL Injection Vulnerability + yolink Search <= 1.1.4 SQL Injection Vulnerability 17757 @@ -3687,7 +3687,7 @@ - PureHTML plugin <= 1.0.0 SQL Injection Vulnerability + PureHTML <= 1.0.0 SQL Injection Vulnerability 17758 @@ -3697,7 +3697,7 @@ - Couponer plugin <= 1.2 SQL Injection Vulnerability + Couponer <= 1.2 SQL Injection Vulnerability 17759 @@ -3707,7 +3707,7 @@ - grapefile plugin <= 1.1 Arbitrary File Upload + grapefile <= 1.1 Arbitrary File Upload 17760 @@ -3717,7 +3717,7 @@ - image-gallery-with-slideshow plugin <= 1.5 Arbitrary File Upload / SQL Injection + image-gallery-with-slideshow <= 1.5 Arbitrary File Upload / SQL Injection 17761 @@ -3727,7 +3727,7 @@ - Donation plugin <= 1.0 SQL Injection Vulnerability + Donation <= 1.0 SQL Injection Vulnerability 17763 @@ -3737,14 +3737,14 @@ - WP Bannerize plugin <= 2.8.6 SQL Injection Vulnerability + WP Bannerize <= 2.8.6 SQL Injection Vulnerability 17764 SQLI - WP Bannerize plugin <= 2.8.7 SQL Injection Vulnerability + WP Bannerize <= 2.8.7 SQL Injection Vulnerability 17906 @@ -3754,7 +3754,7 @@ - SearchAutocomplete plugin <= 1.0.8 SQL Injection Vulnerability + SearchAutocomplete <= 1.0.8 SQL Injection Vulnerability 17767 @@ -3764,7 +3764,7 @@ - VideoWhisper Video Presentation plugin <= 1.1 SQL Injection Vulnerability + VideoWhisper Video Presentation <= 1.1 SQL Injection Vulnerability 17771 @@ -3781,7 +3781,7 @@ - Facebook Opengraph Meta plugin <= 1.0 SQL Injection Vulnerability + Facebook Opengraph Meta <= 1.0 SQL Injection Vulnerability 17773 @@ -3791,7 +3791,7 @@ - Zotpress plugin <= 4.4 SQL Injection Vulnerability + Zotpress <= 4.4 SQL Injection Vulnerability 17778 @@ -3801,7 +3801,7 @@ - oQey Gallery plugin <= 0.4.8 SQL Injection Vulnerability + oQey Gallery <= 0.4.8 SQL Injection Vulnerability 17779 @@ -3811,7 +3811,7 @@ - Tweet Old Post plugin <= 3.2.5 SQL Injection Vulnerability + Tweet Old Post <= 3.2.5 SQL Injection Vulnerability 17789 @@ -3821,7 +3821,7 @@ - post highlights plugin <= 2.2 SQL Injection Vulnerability + post highlights <= 2.2 SQL Injection Vulnerability 17790 @@ -3831,7 +3831,7 @@ - KNR Author List Widget plugin <= 2.0.0 SQL Injection Vulnerability + KNR Author List Widget <= 2.0.0 SQL Injection Vulnerability 17791 @@ -3841,7 +3841,7 @@ - SCORM Cloud plugin <= 1.0.6.6 SQL Injection Vulnerability + SCORM Cloud <= 1.0.6.6 SQL Injection Vulnerability 17793 @@ -3851,7 +3851,7 @@ - Eventify - Simple Events plugin <= 1.7.f SQL Injection Vulnerability + Eventify - Simple Events <= 1.7.f SQL Injection Vulnerability 17794 @@ -3861,7 +3861,7 @@ - Paid Downloads plugin <= 2.01 SQL Injection Vulnerability + Paid Downloads <= 2.01 SQL Injection Vulnerability 17797 @@ -3871,7 +3871,7 @@ - Community Events plugin <= 1.2.1 SQL Injection Vulnerability + Community Events <= 1.2.1 SQL Injection Vulnerability 17798 @@ -3898,14 +3898,14 @@ - WP-Filebase Download Manager plugin <= 0.2.9 SQL Injection Vulnerability + WP-Filebase Download Manager <= 0.2.9 SQL Injection Vulnerability 17808 SQLI - WordPress WP-Filebase Plugin Unspecified Vulnerabilities + WP-Filebase Unspecified Vulnerabilities 51269 @@ -3916,7 +3916,7 @@ - A to Z Category Listing plugin <= 1.3 SQL Injection Vulnerability + A to Z Category Listing <= 1.3 SQL Injection Vulnerability 17809 @@ -3926,14 +3926,14 @@ - WP e-Commerce plugin <= 3.8.6 SQL Injection Vulnerability + WP e-Commerce <= 3.8.6 SQL Injection Vulnerability 17832 SQLI - WP-e-Commerce plugin v3.8.9.5 Cross Site Scripting Vulnerability + WP-e-Commerce v3.8.9.5 Cross Site Scripting Vulnerability http://1337day.com/exploit/20517 @@ -4072,7 +4072,7 @@ - Category Grid View Gallery plugin 0.1.1 Shell Upload vulnerability + Category Grid View Gallery 0.1.1 Shell Upload vulnerability 17872 @@ -4089,7 +4089,7 @@ - Auto Attachments plugin 0.2.9 Shell Upload vulnerability + Auto Attachments 0.2.9 Shell Upload vulnerability 17872 @@ -4099,7 +4099,7 @@ - WP Marketplace plugin 1.1.0 Shell Upload vulnerability + WP Marketplace 1.1.0 Shell Upload vulnerability 17872 @@ -4109,7 +4109,7 @@ - DP Thumbnail plugin 1.0 Shell Upload vulnerability + DP Thumbnail 1.0 Shell Upload vulnerability 17872 @@ -4119,7 +4119,7 @@ - Vk Gallery plugin 1.1.0 Shell Upload vulnerability + Vk Gallery 1.1.0 Shell Upload vulnerability 17872 @@ -4129,7 +4129,7 @@ - Rekt Slideshow plugin 1.0.5 Shell Upload vulnerability + Rekt Slideshow 1.0.5 Shell Upload vulnerability 17872 @@ -4139,7 +4139,7 @@ - CAC Featured Content plugin 0.8 Shell Upload vulnerability + CAC Featured Content 0.8 Shell Upload vulnerability 17872 @@ -4149,7 +4149,7 @@ - Rent A Car plugin 1.0 Shell Upload vulnerability + Rent A Car 1.0 Shell Upload vulnerability 17872 @@ -4159,7 +4159,7 @@ - LISL Last Image Slider plugin 1.0 Shell Upload vulnerability + LISL Last Image Slider 1.0 Shell Upload vulnerability 17872 @@ -4169,7 +4169,7 @@ - Islidex plugin 2.7 Shell Upload vulnerability + Islidex 2.7 Shell Upload vulnerability 17872 @@ -4179,7 +4179,7 @@ - Kino Gallery plugin 1.0 Shell Upload vulnerability + Kino Gallery 1.0 Shell Upload vulnerability 17872 @@ -4189,7 +4189,7 @@ - Cms Pack plugin 1.3 Shell Upload vulnerability + Cms Pack 1.3 Shell Upload vulnerability 17872 @@ -4199,7 +4199,7 @@ - A Gallery plugin 0.9 Shell Upload vulnerability + A Gallery 0.9 Shell Upload vulnerability 17872 @@ -4209,7 +4209,7 @@ - Category List Portfolio Page plugin 0.9 Shell Upload vulnerability + Category List Portfolio Page 0.9 Shell Upload vulnerability 17872 @@ -4219,7 +4219,7 @@ - Really Easy Slider plugin 0.1 Shell Upload vulnerability + Really Easy Slider 0.1 Shell Upload vulnerability 17872 @@ -4229,7 +4229,7 @@ - Verve Meta Boxes plugin 1.2.8 Shell Upload vulnerability + Verve Meta Boxes 1.2.8 Shell Upload vulnerability 17872 @@ -4239,7 +4239,7 @@ - User Avatar plugin 1.3.7 shell upload vulnerability + User Avatar 1.3.7 shell upload vulnerability 17872 @@ -4249,7 +4249,7 @@ - Extend plugin 1.3.7 Shell Upload vulnerability + Extend 1.3.7 Shell Upload vulnerability 17872 @@ -4259,14 +4259,14 @@ - AdRotate plugin <= 3.6.5 SQL Injection Vulnerability + AdRotate <= 3.6.5 SQL Injection Vulnerability http://unconciousmind.blogspot.com/2011/09/wordpress-adrotate-plugin-365-sql.html SQLI - AdRotate plugin <= 3.6.6 SQL Injection Vulnerability + AdRotate <= 3.6.6 SQL Injection Vulnerability 18114 @@ -4286,7 +4286,7 @@ - WordPress GD Star Rating Plugin Export Security Bypass Security Issue + GD Star Rating Export Security Bypass Security Issue 49850 @@ -4294,14 +4294,14 @@ 1.9.19 - GD Star Rating plugin <= 1.9.16 Cross Site Scripting + GD Star Rating <= 1.9.16 Cross Site Scripting http://packetstormsecurity.com/files/112702/ XSS - GD Star Rating plugin <= 1.9.10 SQL Injection + GD Star Rating <= 1.9.10 SQL Injection 17973 @@ -4311,7 +4311,7 @@ - Contact Form plugin <= 2.7.5 SQL Injection + Contact Form <= 2.7.5 SQL Injection 17980 @@ -4354,7 +4354,7 @@ 4.9.3 - WordPress WP Photo Album Plus "commentid" Cross-Site Scripting Vulnerability + WP Photo Album Plus "commentid" Cross-Site Scripting Vulnerability 93033 2013-3254 @@ -4527,7 +4527,7 @@ - Simple Login Log Plugin XSS + Simple Login Log XSS 51780 @@ -4535,7 +4535,7 @@ 0.9.4 - Simple Login Log Plugin SQL Injection + Simple Login Log SQL Injection 51780 @@ -4579,7 +4579,7 @@ - WordPress File Uploader Plugin PHP File Upload Vulnerability + File Uploader PHP File Upload Vulnerability http://la.usch.io/2013/01/21/wordpress-file-uploader-plugin-php-file-upload-vulnerability/ @@ -4589,7 +4589,7 @@ - WordPress Poll Plugin Cross-Site Request Forgery Vulnerability + Poll Cross-Site Request Forgery Vulnerability 51925 @@ -4606,7 +4606,7 @@ SQLI - WordPress Poll Plugin Multiple SQL Injection Vulnerabilities + Poll Multiple SQL Injection Vulnerabilities 50910 @@ -4617,7 +4617,7 @@ - Wordpress Developer Formatter CSRF and XSS Vulnerability + Developer Formatter CSRF and XSS Vulnerability http://illsecure.com/code/Wordpress-DevFormatter-CSRF-Vulnerability.txt http://1337day.com/exploits/20210 @@ -4629,7 +4629,7 @@ - WordPress DVS Custom Notification Plugin Cross-Site Request Forgery Vulnerability + DVS Custom Notification Cross-Site Request Forgery Vulnerability 51531 @@ -4684,7 +4684,7 @@ - WordPress Welcart e-Commerce Plugin Cross-Site Scripting and Request Forgery Vulnerabilities + Welcart e-Commerce Cross-Site Scripting and Request Forgery Vulnerabilities 51581 @@ -4694,7 +4694,7 @@ - WordPress Knews Multilingual Newsletters Plugin Cross-Site Request Forgery Vulnerability + Knews Multilingual Newsletters Cross-Site Request Forgery Vulnerability 51543 @@ -4704,7 +4704,7 @@ - WordPress Video Lead Form Plugin "errMsg" Cross-Site Scripting Vulnerability + Video Lead Form "errMsg" Cross-Site Scripting Vulnerability 51419 @@ -4714,7 +4714,7 @@ - WordPress WooCommerce Predictive Search Plugin "rs" Cross-Site Scripting Vulnerability + WooCommerce Predictive Search "rs" Cross-Site Scripting Vulnerability 51385 @@ -4735,7 +4735,7 @@ - WordPress WP e-Commerce Predictive Search Plugin "rs" Cross-Site Scripting Vulnerability + WP e-Commerce Predictive Search "rs" Cross-Site Scripting Vulnerability 51384 @@ -4745,7 +4745,7 @@ - WordPress vTiger CRM Lead Capture Plugin Unspecified Vulnerability + vTiger CRM Lead Capture Unspecified Vulnerability 51305 @@ -4756,14 +4756,14 @@ - WordPress post-views Plugin "search_input" Cross-Site Scripting Vulnerability + WP-PostViews "search_input" Cross-Site Scripting Vulnerability 50982 XSS - WordPress WP-PostViews Plugin Cross-Site Request Forgery Vulnerability + WP-PostViews Cross-Site Request Forgery Vulnerability 53127 @@ -4774,7 +4774,7 @@ - WordPress DX-Contribute Plugin Cross-Site Request Forgery Vulnerability + DX-Contribute Cross-Site Request Forgery Vulnerability 51082 @@ -4795,7 +4795,7 @@ 2.2.1 - WordPress Wysija Newsletters Plugin swfupload Cross-Site Scripting Vulnerability + Wysija Newsletters swfupload Cross-Site Scripting Vulnerability 51249 http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html @@ -4807,7 +4807,7 @@ - WordPress Hitasoft FLV Player Plugin "id" SQL Injection Vulnerability + Hitasoft FLV Player - "id" SQL Injection Vulnerability 51179 @@ -4817,7 +4817,7 @@ - Spider Calendar Plugin "many_sp_calendar" Cross-Site Scripting Vulnerability + Spider Calendar - "many_sp_calendar" Cross-Site Scripting Vulnerability 50981 @@ -4836,7 +4836,7 @@ - Wordpress Dynamic Font Replacement 1.3 plugin SQL Injection Vulnerability + Dynamic Font Replacement 1.3 - SQL Injection Vulnerability http://1337day.com/exploit/20239 @@ -4846,7 +4846,7 @@ - WordPress Zingiri Form Builder Plugin "error" Cross-Site Scripting Vulnerability + Zingiri Form Builder - "error" Cross-Site Scripting Vulnerability 50983 @@ -4857,7 +4857,7 @@ - WordPress White Label CMS Plugin Cross-Site Request Forgery Vulnerability + White Label CMS - Cross-Site Request Forgery Vulnerability 50487 @@ -4868,7 +4868,7 @@ - Wordpress Download Shortcode Plugin "file" Arbitrary File Disclosure Vulnerability + Download Shortcode - "file" Arbitrary File Disclosure Vulnerability 50924 @@ -4879,7 +4879,7 @@ - WordPress eShop Magic Plugin "file" Arbitrary File Disclosure Vulnerability + eShop Magic - "file" Arbitrary File Disclosure Vulnerability 50933 @@ -4890,7 +4890,7 @@ - WordPress Pinterest "Pin It" Button Lite Plugin Multiple Unspecified Vulnerabilities + Pinterest "Pin It" Button Lite - Multiple Unspecified Vulnerabilities 50868 @@ -4901,7 +4901,7 @@ - WordPress CSS Plus Plugin Unspecified Vulnerabilities + CSS Plus - Unspecified Vulnerabilities 50793 @@ -4912,7 +4912,7 @@ - WordPress Multisite Plugin Manager Plugin Two Cross-Site Scripting Vulnerabilities + Multisite plugin Manager - Two Cross-Site Scripting Vulnerabilities 50762 @@ -4923,7 +4923,7 @@ - WordPress ABC Test Plugin "id" Cross-Site Scripting Vulnerability + ABC Test - "id" Cross-Site Scripting Vulnerability 50608 @@ -4933,7 +4933,7 @@ - Wordpress Token Manager Plugin "tid" Cross-Site Scripting Vulnerabilities + Token Manager - "tid" Cross-Site Scripting Vulnerabilities 50722 @@ -4943,7 +4943,7 @@ - WordPress Sexy Add Template Plugin Cross-Site Request Forgery Vulnerability + Sexy Add Template - Cross-Site Request Forgery Vulnerability 50709 @@ -4953,7 +4953,7 @@ - WordPress Notices Ticker Plugin Cross-Site Request Forgery Vulnerability + Notices Ticker - Cross-Site Request Forgery Vulnerability 50717 @@ -4963,7 +4963,7 @@ - WordPress MF Gig Calendar Plugin URL Cross-Site Scripting Vulnerability + MF Gig Calendar - URL Cross-Site Scripting Vulnerability 50571 @@ -4973,14 +4973,14 @@ - wp-topbar <= 3.04 XSS in ZeroClipboard.swf + wp-topbar <= 3.04 - XSS in ZeroClipboard.swf http://1337day.com/exploit/20396 XSS - WordPress WP-TopBar Plugin Cross-Site Request Forgery Vulnerability + WP-TopBar - Cross-Site Request Forgery Vulnerability 50693 @@ -4991,7 +4991,7 @@ - WordPress HD Webplayer Plugin Two SQL Injection Vulnerabilities + HD Webplayer - Two SQL Injection Vulnerabilities 50466 @@ -5001,7 +5001,7 @@ - WordPress Cloudsafe365 Plugin Multiple Vulnerabilities + Cloudsafe365 - Multiple Vulnerabilities 50392 @@ -5012,7 +5012,7 @@ - WordPress Vitamin Plugin Two Arbitrary File Disclosure Vulnerabilities + Vitamin - Two Arbitrary File Disclosure Vulnerabilities 50176 @@ -5023,7 +5023,7 @@ - WordPress Featured Post with thumbnail Plugin Unspecified timthumb Vulnerability + Featured Post with thumbnail - Unspecified timthumb Vulnerability 50161 @@ -5034,7 +5034,7 @@ - WordPress WP Lead Management Plugin Script Insertion Vulnerabilities + WP Lead Management - Script Insertion Vulnerabilities 50166 @@ -5044,7 +5044,7 @@ - WordPress XVE Various Embed Plugin JW Player Multiple Cross-Site Scripting Vulnerabilities + <title>XVE Various Embed - JW Player Multiple Cross-Site Scripting Vulnerabilities 50173 @@ -5056,7 +5056,7 @@ - WordPress G-Lock Double Opt-in Manager Plugin Two Security Bypass Vulnerabilities + G-Lock Double Opt-in Manager - Two Security Bypass Vulnerabilities 50100 @@ -5066,7 +5066,7 @@ - WordPress Backend Localization Plugin Cross-Site Scripting Vulnerabilities + Backend Localization - Cross-Site Scripting Vulnerabilities 50099 @@ -5077,7 +5077,7 @@ - WordPress Flexi Quote Rotator Plugin Cross-Site Request Forgery and SQL Injection Vulnerabilities + Flexi Quote Rotator - Cross-Site Request Forgery and SQL Injection Vulnerabilities 49910 @@ -5088,7 +5088,7 @@ - WordPress Get Off Malicious Scripts Cross-Site Scripting Vulnerability + Get Off Malicious Scripts Cross-Site Scripting Vulnerability 50030 @@ -5099,7 +5099,7 @@ - WordPress Cimy User Extra Fields Plugin Arbitrary File Upload Vulnerability + Cimy User Extra Fields - Arbitrary File Upload Vulnerability 49975 @@ -5110,7 +5110,7 @@ - WordPress Nmedia Users File Uploader Plugin Arbitrary File Upload Vulnerability + Nmedia Users File Uploader - Arbitrary File Upload Vulnerability 49996 @@ -5151,7 +5151,7 @@ - Wordpress RLSWordPressSearch plugin SQL Injection + RLSWordPressSearch - SQL Injection 24440 @@ -5161,7 +5161,7 @@ - wordpress-simple-shout-box Plugin SQL Injection + wordpress-simple-shout-box - SQL Injection http://cxsecurity.com/issue/WLB-2013010235 @@ -5171,7 +5171,7 @@ - Wordpress portfolio-slideshow-pro v3 Plugin SQL Injection + portfolio-slideshow-pro v3 - SQL Injection http://cxsecurity.com/issue/WLB-2013010236 @@ -5181,7 +5181,7 @@ - WordPress Simple History Plugin RSS Feed "rss_secret" Disclosure Weakness + Simple History - RSS Feed "rss_secret" Disclosure Weakness 51998 @@ -5192,7 +5192,7 @@ - WordPress p1m media manager plugin SQL Injection Vulnerability + p1m media manager - SQL Injection Vulnerability http://www.1337day.com/exploit/20270 @@ -5209,7 +5209,7 @@ XSS - Wordpress wp-table-reloaded plugin cross-site scripting in SWF + wp-table-reloaded - cross-site scripting in SWF http://packetstormsecurity.com/files/119968/ 52027 @@ -5222,7 +5222,7 @@ - WordPress Gallery Plugin "load" Remote File Inclusion Vulnerability + Gallery - "load" Remote File Inclusion Vulnerability 51347 @@ -5232,7 +5232,7 @@ - Wordpress plugins ForumConverter SQL Injection Vulnerability + ForumConverter SQL Injection Vulnerability http://www.1337day.com/exploit/20275 @@ -5242,14 +5242,14 @@ - WordPress plugins Newsletter SQL Injection Vulnerability + Newsletter SQL Injection Vulnerability http://www.1337day.com/exploit/20287 SQLI - WordPress Newsletter Plugin "alert" Cross-Site Scripting Vulnerability + Newsletter - "alert" Cross-Site Scripting Vulnerability 53398 http://www.zeroscience.mk/en/vulnerabilities/ZSL-2013-5141.php @@ -5276,7 +5276,7 @@ - Wordpress wp-forum plugin SQL Injection + wp-forum - SQL Injection http://cxsecurity.com/issue/WLB-2013020035 @@ -5286,7 +5286,7 @@ - WordPress WP ecommerce Shop Styling Plugin "dompdf" Remote File Inclusion Vulnerability + WP ecommerce Shop Styling - "dompdf" Remote File Inclusion Vulnerability 51707 @@ -5297,7 +5297,7 @@ - Wordpress Audio Player Plugin XSS in SWF + Audio Player - XSS in SWF http://seclists.org/bugtraq/2013/Feb/35 52083 @@ -5309,7 +5309,7 @@ - Wordpress plugin CKEditor 4.0 Arbitrary File Upload Exploit + CKEditor 4.0 Arbitrary File Upload Exploit http://1337day.com/exploit/20318 @@ -5319,7 +5319,7 @@ - wordpress myftp-ftp-like-plugin-for-wordpress plugin v2 Plugin SQL Injection + myftp-ftp-like-plugin-for-wordpress v2 - SQL Injection http://cxsecurity.com/issue/WLB-2013020061 @@ -5329,7 +5329,7 @@ - WordPress WP Online Store Plugin 1.3.1 downloaded before 2013-01-17 File Disclosure and File Inclusion + <title>WP Online Store 1.3.1 - downloaded before 2013-01-17 File Disclosure and File Inclusion Vulnerabilities @@ -5353,7 +5353,7 @@ - Contact Form Plugin XSS + Contact Form - XSS 90503 @@ -5728,7 +5728,7 @@ - o2s-gallery plugin Cross Site Scripting Vulnerability + o2s-gallery - Cross Site Scripting Vulnerability http://1337day.com/exploit/20516 @@ -5738,7 +5738,7 @@ - bp-gallery plugin v1.2.5 Cross Site Scripting Vulnerability + bp-gallery 1.2.5 - Cross Site Scripting Vulnerability http://1337day.com/exploit/20518 @@ -5748,7 +5748,7 @@ - Simply Poll Plugin 1.4.1 - Multiple Vulnerabilities + Simply Poll 1.4.1 - Multiple Vulnerabilities 24850 91446 @@ -5759,7 +5759,7 @@ - Occasions Plugin 1.0.4 - CSRF Vulnerability + Occasions 1.0.4 - CSRF Vulnerability 24858 91490 @@ -5770,7 +5770,7 @@ - Mathjax Latex 1.1 CSRF Vulnerability + Mathjax Latex 1.1 - CSRF Vulnerability 24889 91737 @@ -6067,7 +6067,7 @@ - uk-cookie plugin XSS + uk-cookie - XSS 87561 http://seclists.org/bugtraq/2012/Nov/50 @@ -6105,7 +6105,7 @@ - mail-on-update plugin CSRF + mail-on-update - CSRF 53449 http://www.openwall.com/lists/oss-security/2013/05/16/8 @@ -6116,8 +6116,7 @@ - Advanced XML Reader Plugin for WordPress XML External Entity (XXE) Data Parsing Arbitrary File Disclosure - + Advanced XML Reader - XML External Entity (XXE) Data Parsing Arbitrary File Disclosure http://seclists.org/bugtraq/2013/May/5 92904 @@ -6128,7 +6127,7 @@ - WordPress Related Posts by Zemanta Plugin Cross-Site Request Forgery Vulnerability + Related Posts by Zemanta - Cross-Site Request Forgery Vulnerability 53321 @@ -6139,7 +6138,7 @@ - WordPress WordPress Related Posts Plugin Cross-Site Request Forgery Vulnerability + WordPress Related Posts - Cross-Site Request Forgery Vulnerability 53279 @@ -6150,7 +6149,7 @@ - WordPress Related Posts Plugin Cross-Site Request Forgery Vulnerability + Related Posts - Cross-Site Request Forgery Vulnerability 53122 @@ -6161,7 +6160,7 @@ - WordPress WP Print Friendly Plugin Security Bypass Vulnerability + WP Print Friendly - Security Bypass Vulnerability 53371 @@ -6172,7 +6171,7 @@ - WordPress Contextual Related Posts Plugin Cross-Site Request Forgery Vulnerability + Contextual Related Posts - Cross-Site Request Forgery Vulnerability 52960 @@ -6183,7 +6182,7 @@ - WordPress Calendar Plugin Cross-Site Request Forgery Vulnerability + Calendar - Cross-Site Request Forgery Vulnerability 52841 @@ -6194,7 +6193,7 @@ - WordPress Feedweb Plugin 'wp_post_id' Parameter XSS + Feedweb - 'wp_post_id' Parameter XSS http://www.securityfocus.com/bid/58771 @@ -6205,7 +6204,7 @@ - WordPress WP-Print Plugin CSRF + WP-Print - CSRF http://www.securityfocus.com/bid/58900 @@ -6216,7 +6215,7 @@ - WordPress WP-Print Plugin CSRF + WP-Print - CSRF http://packetstorm.wowhacker.com/1304-exploits/wptrafficanalyzer-xss.txt @@ -6226,7 +6225,7 @@ - WordPress WP-DownloadManager Plugin CSRF + WP-DownloadManager - CSRF http://www.securityfocus.com/bid/58937 @@ -6250,7 +6249,7 @@ - SS Quiz Plugin Multiple Unspecified Vulnerabilities + SS Quiz - Multiple Unspecified Vulnerabilities http://wordpress.org/plugins/ssquiz/changelog/ 53378 @@ -6322,7 +6321,7 @@ - FPD and Security bypass vulnerabilities in Exploit Scanner for WordPress + Exploit Scanner - FPD and Security bypass vulnerabilities http://seclists.org/fulldisclosure/2013/May/216 93799 @@ -6333,11 +6332,12 @@ - FPD and Security bypass vulnerabilities in Exploit Scanner for WordPress + GA Universal - Cross-Site Request Forgery Vulnerability + 52976 http://wordpress.org/plugins/ga-universal/changelog/ - XSS + CSRF 1.0.1 @@ -6356,7 +6356,7 @@ - WordPress qTranslate Plugin Cross-Site Request Forgery Vulnerability + qTranslate - Cross-Site Request Forgery Vulnerability 53126 93873 @@ -6367,7 +6367,7 @@ - Image slider with description Plugin Unspecified Vulnerability + Image slider with description - Unspecified Vulnerability 53588 93691 @@ -6379,7 +6379,7 @@ - User Role Editor Plugin Cross-Site Request Forgery Vulnerability + User Role Editor - Cross-Site Request Forgery Vulnerability 53593 93699 @@ -6392,7 +6392,7 @@ - EELV Newsletter Plugin Cross-Site Scripting Vulnerability + EELV Newsletter - Cross-Site Scripting Vulnerability 53546 93685 @@ -6404,7 +6404,7 @@ - Frontier Post Plugin Publishing Posts Security Bypass + Frontier Post - Publishing Posts Security Bypass 53474 93639 @@ -6415,7 +6415,7 @@ - Spider Catalog Plugin Cross-Site Scripting and SQL Injection Vulnerabilities + Spider Catalog - Cross-Site Scripting and SQL Injection Vulnerabilities 53491 93591 @@ -6432,7 +6432,7 @@ - Spider Event Calendar Plugin Security Bypass, Cross-Site Scripting and SQLi Vulnerabilities + Spider Event Calendar - Security Bypass, Cross-Site Scripting and SQLi Vulnerabilities 53481 93584 @@ -6448,7 +6448,7 @@ - FPD and Security bypass vulnerabilities in AntiVirus for WordPress + AntiVirus - FPD and Security bypass vulnerabilities http://seclists.org/fulldisclosure/2013/Jun/0 @@ -6544,7 +6544,7 @@ - Stream Video Player Plugin for WordPress Setting Manipulation CSRF + Stream Video Player - - Setting Manipulation CSRF 94466 @@ -7022,7 +7022,7 @@ - Quick Contact Form Plugin 6.0 - Persistent XSS + Quick Contact Form 6.0 - Persistent XSS 28808 http://packetstormsecurity.com/files/123549/ @@ -7043,7 +7043,7 @@ - IndiaNIC FAQs Manager Plugin 1.0 - Multiple Vulnerabilities + IndiaNIC FAQs Manager 1.0 - Multiple Vulnerabilities 24867 91625 @@ -7051,7 +7051,7 @@ MULTI - IndiaNIC FAQs Manager Plugin 1.0 - Blind SQL Injection + IndiaNIC FAQs Manager 1.0 - Blind SQL Injection 24868 91623 @@ -7083,7 +7083,7 @@ - FlagEm Plugin - flagit.php cID Parameter XSS + FlagEm - flagit.php cID Parameter XSS 98226 http://www.securityfocus.com/bid/61401