garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Added "Module Configuration Security Bypass" to more versions of WP, see issue #126

Browse Source
This commit is contained in:
ethicalhack3r
2013-04-28 18:59:45 +02:00
parent fb16a8a43d
commit dca987b64b
1 changed files with 126 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

127
data/wp_vulns.xml
View File

@@ -695,7 +695,7 @@
<wordpress version="2.7.1">
<vulnerability>
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
<reference>http://www.exploit-db.com/exploits/10088/</reference>
<reference>http://www.securityfocus.com/bid/35584/</reference>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
@@ -716,6 +716,11 @@
</wordpress>
<wordpress version="2.7">
<vulnerability>
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
<reference>http://www.securityfocus.com/bid/35584/</reference>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>XSS vulnerability in swfupload in WordPress</title>
<reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
@@ -734,6 +739,11 @@
</wordpress>
<wordpress version="2.6.5">
<vulnerability>
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
<reference>http://www.securityfocus.com/bid/35584/</reference>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>XSS vulnerability in swfupload in WordPress</title>
<reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
@@ -788,6 +798,11 @@
</wordpress>
<wordpress version="2.6.2">
<vulnerability>
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
<reference>http://www.securityfocus.com/bid/35584/</reference>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>XSS vulnerability in swfupload in WordPress</title>
<reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
@@ -806,6 +821,11 @@
</wordpress>
<wordpress version="2.6.1">
<vulnerability>
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
<reference>http://www.securityfocus.com/bid/35584/</reference>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>Wordpress 2.6.1 (SQL Column Truncation) Admin Takeover Exploit</title>
<reference>http://www.exploit-db.com/exploits/6421/</reference>
@@ -847,6 +867,11 @@
</wordpress>
<wordpress version="2.5.1">
<vulnerability>
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
<reference>http://www.securityfocus.com/bid/35584/</reference>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>XSS vulnerability in swfupload in WordPress</title>
<reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
@@ -883,6 +908,11 @@
</wordpress>
<wordpress version="2.3.3">
<vulnerability>
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
<reference>http://www.securityfocus.com/bid/35584/</reference>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
@@ -896,6 +926,11 @@
</wordpress>
<wordpress version="2.3.2">
<vulnerability>
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
<reference>http://www.securityfocus.com/bid/35584/</reference>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
@@ -909,6 +944,11 @@
</wordpress>
<wordpress version="2.3.1">
<vulnerability>
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
<reference>http://www.securityfocus.com/bid/35584/</reference>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>Wordpress &lt;= 2.3.1 Charset Remote SQL Injection Vulnerability</title>
<reference>http://www.exploit-db.com/exploits/4721/</reference>
@@ -940,6 +980,11 @@
</wordpress>
<wordpress version="2.2.3">
<vulnerability>
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
<reference>http://www.securityfocus.com/bid/35584/</reference>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
@@ -953,6 +998,11 @@
</wordpress>
<wordpress version="2.2.2">
<vulnerability>
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
<reference>http://www.securityfocus.com/bid/35584/</reference>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
@@ -966,6 +1016,11 @@
</wordpress>
<wordpress version="2.2.1">
<vulnerability>
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
<reference>http://www.securityfocus.com/bid/35584/</reference>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
@@ -979,6 +1034,11 @@
</wordpress>
<wordpress version="2.2">
<vulnerability>
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
<reference>http://www.securityfocus.com/bid/35584/</reference>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress 2.2 (wp-app.php) Arbitrary File Upload Exploit</title>
<reference>http://www.exploit-db.com/exploits/4113/</reference>
@@ -1002,6 +1062,11 @@
</wordpress>
<wordpress version="2.1.3">
<vulnerability>
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
<reference>http://www.securityfocus.com/bid/35584/</reference>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>Wordpress 2.1.3 admin-ajax.php SQL Injection Blind Fishing Exploit</title>
<reference>http://www.exploit-db.com/exploits/3960/</reference>
@@ -1020,6 +1085,11 @@
</wordpress>
<wordpress version="2.1.2">
<vulnerability>
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
<reference>http://www.securityfocus.com/bid/35584/</reference>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress "year" Cross-Site Scripting Vulnerability</title>
<reference>http://secunia.com/advisories/24485/</reference>
@@ -1044,6 +1114,11 @@
</wordpress>
<wordpress version="2.1.1">
<vulnerability>
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
<reference>http://www.securityfocus.com/bid/35584/</reference>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
@@ -1070,6 +1145,11 @@
</wordpress>
<wordpress version="2.0.11">
<vulnerability>
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
<reference>http://www.securityfocus.com/bid/35584/</reference>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
@@ -1083,6 +1163,11 @@
</wordpress>
<wordpress version="2.0.10">
<vulnerability>
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
<reference>http://www.securityfocus.com/bid/35584/</reference>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
@@ -1122,6 +1207,11 @@
</wordpress>
<wordpress version="2.0.7">
<vulnerability>
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
<reference>http://www.securityfocus.com/bid/35584/</reference>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
@@ -1135,6 +1225,11 @@
</wordpress>
<wordpress version="2.0.6">
<vulnerability>
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
<reference>http://www.securityfocus.com/bid/35584/</reference>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>Wordpress &lt;= 2.0.6 wp-trackback.php Remote SQL Injection Exploit</title>
<reference>http://www.exploit-db.com/exploits/3109/</reference>
@@ -1153,6 +1248,11 @@
</wordpress>
<wordpress version="2.0.5">
<vulnerability>
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
<reference>http://www.securityfocus.com/bid/35584/</reference>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>Wordpress 2.0.5 Trackback UTF-7 Remote SQL Injection Exploit</title>
<reference>http://www.exploit-db.com/exploits/3095/</reference>
@@ -1171,6 +1271,11 @@
</wordpress>
<wordpress version="2.0.4">
<vulnerability>
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
<reference>http://www.securityfocus.com/bid/35584/</reference>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
@@ -1184,6 +1289,11 @@
</wordpress>
<wordpress version="2.0.3">
<vulnerability>
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
<reference>http://www.securityfocus.com/bid/35584/</reference>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
@@ -1197,6 +1307,11 @@
</wordpress>
<wordpress version="2.0.2">
<vulnerability>
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
<reference>http://www.securityfocus.com/bid/35584/</reference>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress &lt;= 2.0.2 (cache) Remote Shell Injection Exploit</title>
<reference>http://www.exploit-db.com/exploits/6/</reference>
@@ -1215,6 +1330,11 @@
</wordpress>
<wordpress version="2.0.1">
<vulnerability>
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
<reference>http://www.securityfocus.com/bid/35584/</reference>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
@@ -1228,6 +1348,11 @@
</wordpress>
<wordpress version="2.0">
<vulnerability>
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
<reference>http://www.securityfocus.com/bid/35584/</reference>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>