From cbcb696cfd18e5fbd64bdff60afa70a1a293f606 Mon Sep 17 00:00:00 2001 From: Christian Mehlmauer Date: Wed, 26 Mar 2014 00:54:37 +0100 Subject: [PATCH] added leaflet-maps-marker vulnerabilities (sorry there are no details on the last one it was a pentest at work) --- data/plugin_vulns.xml | 23 ++++++++++++++++++++++- 1 file changed, 22 insertions(+), 1 deletion(-) diff --git a/data/plugin_vulns.xml b/data/plugin_vulns.xml index 74fe9c91..518ef274 100644 --- a/data/plugin_vulns.xml +++ b/data/plugin_vulns.xml @@ -8543,14 +8543,35 @@ + - Leaflet Maps Marker - Tag Multiple Parameter SQL Injection + Leaflet Maps Marker - Multiple security issues (this plugin was replaced by a "pro version" with new version numbers so this entry might be a false positive on your system) + + 49845 + http://www.mapsmarker.com/2012/06/06/leaflet-maps-marker-v2-4-is-available/ + + MULTI + 2.4 + + + Leaflet Maps Marker - Tag Multiple Parameter SQL Injection (this plugin was replaced by a "pro version" with new version numbers so this entry might be a false positive on your system) 94388 + 53855 + http://www.mapsmarker.com/2013/05/24/v3-5-4-with-lots-of-translation-updates-bugfixes-is-available/ SQLI 3.5.4 + + + Leaflet Maps Marker Pro - SQLI, XSS, Shell Upload, file delete + + http://www.mapsmarker.com/2014/03/26/pro-v1-5-8-with-wordpress-3-9-compatibility-improvements-based-on-a-security-audit-by-the-city-of-vienna-is-available/ + + MULTI + 1.5.8 +