garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
1,165 Commits 17 Branches 73 Tags
d4892c19b4a7c67a4cb3daaedbcecab901b6b216
Commit Graph

359 Commits

Author SHA1 Message Date
Christian Mehlmauer
d95d72cf15 added vuln 2013-01-20 23:49:34 +01:00
Christian Mehlmauer
ebaf4378f2 added vuln 2013-01-20 23:23:45 +01:00
Christian Mehlmauer
e6b3d83ef5 added vuln 2013-01-20 22:39:30 +01:00
Christian Mehlmauer
11bd0df347 added vuln 2013-01-20 22:31:26 +01:00
Christian Mehlmauer
8d232a8c39 Added w3-total-cache exploit and rspec tests for errors on loading the main script (issue #110) 2013-01-14 23:31:05 +01:00
Christian Mehlmauer
1377ee2653 added metasploit references 2013-01-13 21:08:07 +01:00
Christian Mehlmauer
22fb817fe3 typo 2013-01-12 18:22:27 +01:00
Charlie Eriksen
650550363d Fixing line ending 
This is getting annoying. But for some reason, my local line ending and
remote line ending were different. That's fixed now.
 2013-01-12 17:06:25 +00:00
Charlie Eriksen
3d0b236c80 Adding a bunch of vulns 
Add all the vulns. Or something.
 2013-01-12 17:02:43 +00:00
Christian Mehlmauer
b9b86e18da Seems to be a false positive: 
http://seclists.org/bugtraq/2013/Jan/50
Cannot reproduce it on my site too. Also the google dork in the advisory is for nextgen-gallery
 2013-01-11 21:40:01 +01:00
Christian Mehlmauer
9f53000e89 Gallery 3.8.3 Arbitrary File Read 2013-01-11 07:03:53 +01:00
Ryan Dewhurst
8726cba0b9 Merge pull request #103 from FireFart/xml 
Xml
 2013-01-10 01:50:09 -08:00
Christian Mehlmauer
a6ad818496 Support multiple references 2013-01-09 22:48:24 +01:00
Christian Mehlmauer
320e419518 Added new vulns (verified them with WP3.5 and the latest Plugin version) 2013-01-09 22:10:43 +01:00
erwanlr
cf102a04b1 Added google-document-embedder Arbitrary File Disclosure 2013-01-08 17:00:17 +01:00
erwanlr
95bab0546e Added extended-user-profile FPD 2013-01-08 16:51:21 +01:00
erwanlr
9254e809fc Added superslider-show FPD 2013-01-08 16:49:47 +01:00
erwanlr
140cc4882f Adedd multibox FPD 2013-01-08 16:48:24 +01:00
erwanlr
f23a5abf60 Added OpenInviter Information Disclosure <- hot one xD) 2013-01-07 18:21:46 +01:00
erwanlr
8894e42adf missing xml encoding & tag added 2013-01-07 14:29:40 +01:00
erwanlr
db7416c5a6 Added plugin wp-superb-slideshow FPD 2013-01-06 15:45:14 +01:00
erwanlr
2742500df5 Added RokBox multiple vulns 2013-01-06 15:42:50 +01:00
erwanlr
192b5862b4 grou-random-image-widget FPD 2013-01-06 15:25:49 +01:00
erwanlr
6f406fe807 Sintic_gallery FPD & file upload 2013-01-06 15:23:21 +01:00
erwanlr
f8ba2b71f8 Added Moneymasters FDP & File upload 2013-01-06 15:02:39 +01:00
erwanlr
2f76277a28 Added wp-useronline Persistent XSS & FPD 2013-01-04 16:35:51 +01:00
erwanlr
e2bb5dc24f Added Shopping cart multi (SQLi & file upload) 2013-01-03 16:35:07 +01:00
erwanlr
473a2446ae Added Reflex Gallery file upload 2013-01-03 16:33:08 +01:00
erwanlr
a91c45e548 Added uploader 1.0.4 file upload 2013-01-03 16:19:54 +01:00
erwanlr
716ff61ff9 Added xerte-online upload file 2013-01-03 15:50:57 +01:00
erwanlr
c850b231e0 Added advanced-custom-fields <= 3.5.1 RFI 2013-01-03 15:01:46 +01:00
erwanlr
b95110375e sitepress-multilingual-cms FPD added 2013-01-01 16:09:12 +01:00
Mark Stanislav
56e96dc97b Addition of an AUTHBYPASS type for plugins that will operate without a valid WordPress session and/or adequate privilege, creating a vulnerability due to its functionality. Also, added a portable-phpMyAdmin vulnerability to the plugin vulnerability listing utilizing the aforementioned new type. 2012-12-13 14:07:22 -05:00
ethicalhack3r
19bcc9263c Fixed typo 2012-12-12 20:34:09 +01:00
ethicalhack3r
194645eb5d Added asset-manager plugin vuln to db 2012-12-12 20:20:17 +01:00
Gianluca Brindisi
dda043d7f7 Added http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html 2012-11-22 11:31:14 +01:00
Erwan
4b2acde84a Fix #64 (closing <vulnerability> tag) 2012-11-13 14:21:30 +01:00
Gianluca Brindisi
ed9dc03ddb Added http://seclists.org/bugtraq/2012/Nov/33 2012-11-07 17:50:36 +01:00
Gianluca Brindisi
9b8b573f83 Added http://www.securityfocus.com/archive/1/524625/30/0/threaded 2012-11-05 17:04:51 +01:00
Gianluca Brindisi
dcc2320ad6 http://packetstormsecurity.org/files/117820/wpcatalog-xss.txt 2012-11-03 18:19:57 +01:00
Gianluca Brindisi
783d95c56d Fixed slug in Wordfence XSS vulnerability 2012-11-03 18:18:41 +01:00
Gianluca Brindisi
9785c815c0 Added http://packetstormsecurity.org/files/117768 2012-10-31 10:24:25 +01:00
Gianluca Brindisi
ad8b5e78ba Added http://packetstormsecurity.org/files/117665/ 2012-10-26 10:56:11 +02:00
ethicalhack3r
38d335193f Added wordfence plugin vuln. 2012-10-23 10:25:49 +02:00
ethicalhack3r
ea77b431da Added Better WP Security v3.4.3 plugin vuln 2012-10-19 00:47:17 +02:00
Gianluca Brindisi
f576f7ee18 Added http://www.waraxe.us/advisory-92.html and http://www.waraxe.us/advisory-93.html 2012-10-18 15:44:19 +02:00
Gianluca Brindisi
249616ab3a Fixed typo Issue 38 2012-10-16 18:02:27 +02:00
Gianluca Brindisi
b3cfd08718 Added Issue 38 2012-10-16 15:39:17 +02:00
Gianluca Brindisi
7f92fa0c1b Added http://www.reactionpenetrationtesting.co.uk/wordpress-download-monitor-xss.html 2012-09-11 18:13:30 +02:00
Gianluca Brindisi
013ef9d117 Fix #16 2012-09-06 11:44:10 +02:00