garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update vuln db

Browse Source
This commit is contained in:
Peter van der Laan
2014-02-02 11:32:43 +01:00
parent 6c62b06e46
commit fd880da057
2 changed files with 55 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

48
data/plugin_vulns.xml
View File

@@ -2620,13 +2620,22 @@
<plugin name="better-wp-security"> <plugin name="better-wp-security">
<vulnerability> <vulnerability>
<title>Better WP Security &lt;= 3.5.3 - Stored XSS</title> <title>Better WP Security 3.5.5 - inc/admin/content.php id_specialfile Parameter Stored XSS</title>
<references>
<osvdb>101788</osvdb>
</references>
<type>XSS</type>
<fixed_in>3.5.6</fixed_in>
</vulnerability>
<vulnerability>
<title>Better WP Security &lt;= 3.5.3 - inc/secure.php logevent Function URL Handling Stored XSS</title>
<references> <references>
<url>https://github.com/wpscanteam/wpscan/issues/251</url>
<url>http://www.securityfocus.com/archive/1/527634/30/0/threaded</url>
<osvdb>95884</osvdb> <osvdb>95884</osvdb>
<secunia>54299</secunia> <secunia>54299</secunia>
<exploitdb>27290</exploitdb> <exploitdb>27290</exploitdb>
<url>http://packetstormsecurity.com/files/122615/</url>
<url>https://github.com/wpscanteam/wpscan/issues/251</url>
<url>http://www.securityfocus.com/archive/1/527634/30/0/threaded</url>
</references> </references>
<type>XSS</type> <type>XSS</type>
<fixed_in>3.5.4</fixed_in> <fixed_in>3.5.4</fixed_in>
@@ -8208,6 +8217,7 @@
<osvdb>96111</osvdb> <osvdb>96111</osvdb>
<secunia>54402</secunia> <secunia>54402</secunia>
<exploitdb>27531</exploitdb> <exploitdb>27531</exploitdb>
<url>http://packetstormsecurity.com/files/122761/</url>
</references> </references>
<fixed_in>2.0.11</fixed_in> <fixed_in>2.0.11</fixed_in>
</vulnerability> </vulnerability>
@@ -8223,6 +8233,7 @@
<osvdb>96111</osvdb> <osvdb>96111</osvdb>
<secunia>54402</secunia> <secunia>54402</secunia>
<exploitdb>27531</exploitdb> <exploitdb>27531</exploitdb>
<url>http://packetstormsecurity.com/files/122761/</url>
</references> </references>
<fixed_in>2.0.11</fixed_in> <fixed_in>2.0.11</fixed_in>
</vulnerability> </vulnerability>
@@ -8780,6 +8791,7 @@
<title>Booking System - events_facualty_list.php eid Parameter Reflected XSS</title> <title>Booking System - events_facualty_list.php eid Parameter Reflected XSS</title>
<references> <references>
<osvdb>96740</osvdb> <osvdb>96740</osvdb>
<url>http://packetstormsecurity.com/files/122289/</url>
</references> </references>
<type>XSS</type> <type>XSS</type>
</vulnerability> </vulnerability>
@@ -10610,4 +10622,34 @@
</vulnerability> </vulnerability>
</plugin> </plugin>
<plugin name="comment-control">
<vulnerability>
<title>Comment Control 0.3.0 - comment-control.php type Parameter SQL Injection</title>
<references>
<osvdb>102581</osvdb>
</references>
<type>SQLI</type>
<fixed_in>0.3.1</fixed_in>
</vulnerability>
</plugin>
<plugin name="wptouch">
<vulnerability>
<title>WPtouch 1.9.8 - ajax/file_upload.php Crafted Content-Type File Upload Remote Code Execution</title>
<references>
<osvdb>102582</osvdb>
</references>
<type>RCE</type>
<fixed_in>1.9.8.1</fixed_in>
</vulnerability>
<vulnerability>
<title>WPtouch 1.9.8 - include/submit.php Multiple Parameter SQL Injection</title>
<references>
<osvdb>102583</osvdb>
</references>
<type>SQLI</type>
<fixed_in>1.9.8.1</fixed_in>
</vulnerability>
</plugin>
</vulnerabilities> </vulnerabilities>

10
data/theme_vulns.xml
View File

@@ -2948,4 +2948,14 @@
</vulnerability> </vulnerability>
</theme> </theme>
<theme name="iloveit">
<vulnerability>
<title> Love It - XSS / Content Spoofing / Path Disclosure</title>
<references>
<url>http://packetstormsecurity.com/files/122386/</url>
</references>
<type>MULTI</type>
</vulnerability>
</theme>
</vulnerabilities> </vulnerabilities>