garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
1,669 Commits 17 Branches 73 Tags
a68c1f1cf7a4ae022a6c91ddd817ddabdcb9f903
Commit Graph

1669 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
erwanlr
79f07b7350 Properly removes the colour sequence from log. Fixes #480 2014-05-14 18:33:23 +02:00
Peter
c1c8829536 Update vuln db 2014-05-13 22:42:28 +02:00
Peter
ef20371562 Timthumb in MoneyTheme 
See also: http://packetstormsecurity.com/files/123819/
 2014-05-12 20:34:31 +02:00
ethicalhack3r
c08f275cf7 Updated Gemfile 2014-05-12 16:57:34 +02:00
ethicalhack3r
6f995fe350 Updated ruby-progressbar to 1.5.0 2014-05-12 16:23:08 +02:00
Peter
68aec92d3a Update vuln db 2014-05-11 00:04:37 +02:00
erwanlr
dda328210c Bumps the version 2.4.1 2014-05-10 16:10:57 +02:00
erwanlr
c3f4f232e3 Updates the plugin & theme lists 2014-05-10 16:09:54 +02:00
erwanlr
302f1da066 Ensures a clean abort of Hydra, Ref #461 2014-05-10 10:23:24 +02:00
erwanlr
a6e65d33dd Updates ruby-progressbar constraint 2014-05-10 10:02:14 +02:00
Christian Mehlmauer
7b0cb29466 XML check rspecs 
Example output:
  1) XML content each plugin vuln needs a type node
     Failure/Error: @result.should have(0).items, "Items:\n#{@result.join("\n")}"
       Items:
       ReFlex Gallery 1.4 - reflex-gallery.php Direct Request Path Disclosure
       Gallery Plugin 3.8.3 - gallery-plugin.php filename_1 Parameter Arbitrary File Access
       EZPZ One Click Backup <= 12.03.10 - OS Command Injection
       BulletProof Security - Security Log Script Insertion Vulnerability
       Portable phpMyAdmin - /pma/phpinfo.php Direct Request System Information Disclosure
       HMS Testimonials 2.0.10 - CSRF
       HMS Testimonials 2.0.10 - XSS
       platinum_seo_pack.php - s Parameter Reflected XSS
       Email Newsletter 8.0 - 'option' Parameter Information Disclosure Vulnerability
 2014-05-09 17:58:04 +02:00
ethicalhack3r
a3eedb14f4 Added missing type nodes 2014-05-09 15:38:30 +02:00
ethicalhack3r
74d73a1d17 Added missing type node 2014-05-09 15:29:18 +02:00
ethicalhack3r
92e7e8516c Added missing type node 2014-05-09 15:25:26 +02:00
ethicalhack3r
61ac0b7d20 Added missing type node 2014-05-09 15:22:30 +02:00
ethicalhack3r
8b4ea7fd7c Added missing type 2014-05-09 15:15:47 +02:00
ethicalhack3r
90846cf770 Added missing type to vuln 2014-05-09 15:05:01 +02:00
ethicalhack3r
a9e33ea282 Added missing type 2014-05-09 14:58:57 +02:00
ethicalhack3r
eea006e787 Added missing type node 2014-05-09 14:53:27 +02:00
Peter
9e58098e5c Merge branch 'master' of https://github.com/wpscanteam/wpscan 2014-05-09 08:32:08 +02:00
Peter
ff49f574d4 Merge branch 'droope-patch-1' 2014-05-09 08:30:18 +02:00
Peter
599d816a88 Solve Git Merge conflict 2014-05-09 08:13:33 +02:00
Pedro Worcel
4b0dd04114 Update plugin_vulns.xml 
add <vulnerability> tag
 2014-05-09 10:49:55 +12:00
erwanlr
36a0fbf181 Adds 3.9.1 fingerprints 2014-05-08 21:20:36 +02:00
erwanlr
3cfd8f40da Removes the Travis failure allowed for ruby-2.1.0 2014-05-08 15:06:27 +02:00
Christian Mehlmauer
23173c4bf4 Merge pull request #476 from droope/patch-2 
Update plugin_vulns.xml
 2014-05-08 09:21:10 +02:00
Pedro Worcel
722c31ccd9 Update plugin_vulns.xml 
Hi there,

adding http://packetstormsecurity.com/files/126521/wpphotogallery-xsrf.txt to the list, security researcher was a bad boy and didn't specify version or anything.

Ta,
Pedro
 2014-05-08 17:40:15 +12:00
Pedro Worcel
7623a01272 Update plugin_vulns.xml 
Added code exec + others in iMember360is. I assume the name of the plugin is "infusion4wp" due to the fact that you can download a zip file from here http://docs.imember360.com/welcome/ which has that as the zip root folder.
 2014-05-08 17:23:22 +12:00
Peter
1b90fdce73 Update vuln db 2014-05-06 09:14:29 +02:00
Peter
ce57db9526 Fixed vulnerabilities in statistics 2014-05-05 18:42:36 +02:00
Peter
8b9e47cd11 Update vuln db 2014-05-05 00:24:37 +02:00
Peter
a87a261b80 Markup the command help 2014-05-02 15:31:09 +02:00
Peter
989d561679 Small updates for the --no-color argument switch 2014-05-02 15:04:59 +02:00
Peter
b349990b19 Added a --no-color argument switch 2014-05-02 14:43:16 +02:00
Peter
2104b49cee Output: Give 'Fixed in' an informational tag' 2014-05-02 13:42:10 +02:00
Peter
77606efb77 Merge branch 'master' of https://github.com/wpscanteam/wpscan 2014-05-01 12:09:04 +02:00
Peter
6164ad2ab1 Fix #472. WPScan stops after redirection if not WordPress website 2014-05-01 12:08:03 +02:00
erwanlr
a60d58dcb0 Merge pull request #473 from fgeek/master 
CVE-2014-3114
 2014-05-01 11:47:02 +02:00
Henri Salo
4e45d17ad2 CVE-2014-3114 2014-05-01 12:13:43 +03:00
erwanlr
c8e614d064 Allows ruby-2.1.0 to fail until a solution is found 2014-04-30 23:22:09 +02:00
Peter
544beeb078 Update vuln db 2014-04-30 22:25:00 +02:00
erwanlr
a00f0d8367 Fixes #464 - Readmes updated to reflect recent changes about the config file & batch mode 2014-04-30 16:59:17 +02:00
Peter
ea57290792 Added ArchAssault distro - WPScan comes pre-installed with this distro 2014-04-27 16:56:01 +02:00
Peter
603a4afaf3 Merge pull request #470 from wpscanteam/layout-423 
New improved Layout (see #423)
 2014-04-27 16:02:54 +02:00
Peter
19e2772729 Update wpscan.rb 2014-04-27 15:49:15 +02:00
Peter
82ebb82a5f Small change in code 2014-04-27 15:40:12 +02:00
Peter
516ae6b68c Fix git merge problem 2014-04-27 15:32:10 +02:00
Peter
59225a4b9c Update vuln db 2014-04-25 15:43:55 +02:00
Peter
1da9d36ecc Update vuln db 2014-04-22 21:11:15 +02:00
Peter
0787e5c738 Update vuln db - #467 2014-04-22 13:04:51 +02:00