freewvsdb/misc.freewvs
1384ad33
 [phpMyAdmin-veryold]
cb10b7f6
 url=http://www.phpmyadmin.net/
7881a99d
 safe=4.8.3
 vuln=CVE-2018-15605
cb10b7f6
 file=Config.class.php
 variable=PMA_VERSION
 subdir=1
 
b1d11ed7
 [phpMyAdmin-old]
dff015d6
 url=http://www.phpmyadmin.net/
7881a99d
 safe=4.8.3
 vuln=CVE-2018-15605
dff015d6
 file=Config.php
 variable=PMA_VERSION
 subdir=1
1384ad33
 extra_match=namespace PMA\libraries;
 
b1d11ed7
 [phpMyAdmin]
1384ad33
 url=http://www.phpmyadmin.net/
7881a99d
 safe=4.8.3
 vuln=CVE-2018-15605
1384ad33
 file=Config.php
 variable=PMA_VERSION
 subdir=2
 extra_match=namespace PhpMyAdmin;
dff015d6
 
cb10b7f6
 [SquirrelMail]
 url=http://www.squirrelmail.org/
c6a55853
 safe=1.4.22
 vuln=CVE-2010-4554
cb10b7f6
 file=strings.php
 variable=$version
 extra_match=SquirrelMail version number
 subdir=1
 
4f13e802
 # old mantis versions behave different
7cce04cd
 [Mantis-deprecated]
a39d3f0b
 url=https://mantisbt.org/
25490111
 safe=2.15.1
 vuln=CVE-2018-13055
cb10b7f6
 file=config_defaults_inc.php
 variable=$g_mantis_version
 subdir=0
 
2d53e8e8
 [Mantis]
a39d3f0b
 url=https://mantisbt.org/
25490111
 safe=2.15.1
 vuln=CVE-2018-13055
2d53e8e8
 file=constant_inc.php
 variable=MANTIS_VERSION
 subdir=1
 
cb10b7f6
 [Bugzilla3]
 url=http://www.bugzilla.org/
73254dea
 safe=4.4.7
 old_safe=4.2.12,4.0.16
e6eab157
 vuln=CVE-2011-2379
cb10b7f6
 file=Constants.pm
 variable=BUGZILLA_VERSION
 subdir=1
 
 [Bugzilla2]
 url=http://www.bugzilla.org/
73254dea
 safe=4.4.7
 old_safe=4.2.12,4.0.16
e6eab157
 vuln=CVE-2011-2379
cb10b7f6
 file=Config.pm
 variable=$Bugzilla::Config::VERSION
 subdir=1
 
 [SimpNews]
 url=http://www.boesch-it.de
e6eab157
 safe=2.48
 vuln=CVE-2010-2858
cb10b7f6
 file=global.inc.php
 variable=$version 
 subdir=1
 extra_match=$path_simpnews
 
 [calendarix]
 url=http://www.calendarix.com/
 safe=     
 vuln=CVE-2007-3183
 file=cal_config.inc.php
 variable=$version
 subdir=0
 
 [myEvent]
 url=http://mywebland.com/
 safe=     
 vuln=CVE-2007-0690
 file=config.php
 variable=$version
 extra_match=$eventbgcolor
 subdir=0
 
 [php-stats]
 url=http://php-stats.com/
 safe=
 vuln=CVE-2007-5453
 file=update.php
 variable=$version
 extra_match=http://php-stats.com/
 subdir=0
 
 [Ampache]
 url=http://ampache.org/
7e9cccf4
 safe=3.5.3
 vuln=http://ampache.org/2009/12/20/3-5-3-security-release/
cb10b7f6
 file=init.php
 variable=$results['version']
 subdir=1
 extra_match=$ampache_path
 
 [SiteBar]
 url=http://sitebar.org/
 safe=3.3.9
 vuln=CVE-2007-5492
 file=database.inc.php
 variable=SB_CURRENT_RELEASE
 subdir=1
 
 [phpPgAdmin]
 url=http://phppgadmin.sourceforge.net/
c927fa1b
 safe=5.0.4
 vuln=CVE-2012-1600
cb10b7f6
 file=lib.inc.php
 variable=$appVersion
 subdir=1
 extra_match=phpPgAdmin
7cec0e44
 
 [FTP Admin]
 url=http://ftpadmin.sourceforge.net/
 safe=
 vuln=CVE-2007-6234
 file=session_start.php
 variable=VERSION
 subdir=0
 extra_match=define("TITLE", "FTP Admin");
a2103d83
 
3c11b178
 [RoundCube-deprecated]
a2103d83
 url=http://roundcube.net
25490111
 safe=1.3.7
 vuln=https://roundcube.net/news/2018/07/27/update-1.3.7-released
a2103d83
 file=index.php
 variable=RCMAIL_VERSION
 subdir=0
3cb8af84
 
3c11b178
 [RoundCube]
 url=http://roundcube.net
25490111
 safe=1.3.7
 vuln=https://roundcube.net/news/2018/07/27/update-1.3.7-released
3c11b178
 file=iniset.php
 variable=RCMAIL_VERSION
 subdir=2
 
3cb8af84
 [Moodle]
 url=http://www.moodle.org/
0517a2f2
 safe=3.2.2
 old_safe=3.1.5,3.0.9,2.7.19
 vuln=CVE-2017-2641
3cb8af84
 file=version.php
 variable=$release
 subdir=0
 extra_match=MOODLE VERSION INFORMATION
70f76458
 
 [cacti]
 url=http://www.cacti.net/
 safe=0.8.7
 vuln=CVE-2007-6035
 file=global.php
 variable=$config["cacti_version"]
 subdir=1
346c80d4
 
 [gnopaste]
 url=http://gnopaste.sf.net/
 safe=0.5.4
 vuln=CVE-2006-2834
 file=install.php
 variable=$_SESSION['page_title'] = 'gnopaste
 subdir=0
f32cfb30
 
 [Flyspray]
 url=http://www.flyspray.org/
284cf2e6
 safe=0.9.9.7
 vuln=CVE-2012-1058
f32cfb30
 file=class.flyspray.php
 variable=var $version
 subdir=1
0df714cb
 
 [phpMyID]
 url=http://siege.org/projects/phpMyID
 safe=
881cb3d6
 vuln=CVE-2008-4730
0df714cb
 file=MyID.php
 variable=@version
 subdir=0
5aa66f64
 
3c476c8f
 [phplist-old]
5aa66f64
 url=http://www.phplist.com/
3c476c8f
 safe=3.2.7
 vuln=CVE-2016-10045
5aa66f64
 file=connect.php
 variable=define("VERSION"
 subdir=1
4e67ea29
 
3c476c8f
 [phplist]
 url=http://www.phplist.com/
 safe=3.2.7
 vuln=CVE-2016-10045
 file=init.php
 variable=define("VERSION"
 subdir=1
 
4e67ea29
 [Piwik]
 url=http://piwik.org/
9562e74d
 safe=3.0.3
 vuln=https://piwik.org/changelog/piwik-3-0-3/
4e67ea29
 file=Version.php
 variable=const VERSION
 subdir=1
ffa456ac
 extra_match=@link http://piwik.org
c2c3d7c0
 
 [phpWishlist]
 url=http://phpwishlist.sourceforge.net/
 safe=0.1.15
 vuln=CVE-2005-2203
 file=header.inc.php
 variable=$version
 subdir=1
 extra_match=* Wishlist -
6372561f
 
 [awstats]
 url=http://awstats.sourceforge.net/
d27c6524
 safe=7.1
 vuln=CVE-2012-4547
6372561f
 file=awstats.pl
 variable=$VERSION  =
 subdir=0
1ee654ce
 
 [phpMyFAQ]
 url=http://www.phpmyfaq.de/
 safe=2.5.5
 vuln=http://www.phpmyfaq.de/advisory_2009-12-01.php
 file=phpmyfaq.spec
 variable=version
 subdir=1
68f5bb9d
 
 [Horde-webmail]
 url=http://www.horde.org/
 file=bundle.php
 variable=BUNDLE_VERSION
 extra_match='Horde Groupware Webmail Edition'
14e2e0b7
 safe=1.2.7
 vuln=http://secunia.com/advisories/39860
68f5bb9d
 subdir=1
14d87fac
 
 [ResourceSpace]
 url=http://www.resourcespace.org/
 file=version.php
 variable=$productname='ResourceSpace';$productversion
5bd3dfd6
 safe=4.2.2833
 latest=4.3.2912
d5b34cd8
 vuln=CVE-2011-4311
14d87fac
 subdir=1
328246c1
 
8d06c0c3
 [apc.php]
 url=http://pecl.php.net/package/APC
 file=apc.php
 # this does not contain it's "real" version number, using the CVS id
 # instead - there's been an XSS pre 3.1.4.
 variable=$VERSION='$Id: apc.php
 safe=301867
 vuln=CVE-2010-3294
 subdir=0
5809811b
 
 [webtrees]
 url=http://webtrees.net/
 file=session.php
 variable=define('WT_VERSION'
7e9cccf4
 safe=1.2.4
 latest=1.2.4
 vuln=http://webtrees.net/en/forums/2-open-discussion/16423-webtrees-124
5809811b
 subdir=1
547ea761
 
 [PhpGedView]
 url=http://phpgedview.sourceforge.net/
 file=session.php
 variable=define('PGV_VERSION'
 safe=
5cf98bb3
 vuln=2011-0405
547ea761
 subdir=1
dad4bac3
 
 [status.net]
 url=http://status.net
 file=common.php
 variable=define('STATUSNET_BASE_VERSION'
fad1c0c2
 safe=0.9.9
95df89db
 vuln=CVE-2011-3370
dad4bac3
 subdir=1
4b04f146
 
 [limesurvey18]
 url=http://www.limesurvey.org/
 file=common.php
 variable=$versionnumber
 extra_match=LimeSurvey
bb4e127e
 safe=2.07
 vuln=CVE-2015-5078
4b04f146
 subdir=0
 
e12230b2
 [limesurvey19]
4b04f146
 url=http://www.limesurvey.org/
 file=version.php
 variable=$versionnumber
 extra_match=$dbversionnumber
bb4e127e
 safe=2.07
 vuln=CVE-2015-5078
4b04f146
 subdir=0
b9ffaa52
 
e12230b2
 [limesurvey]
 url=http://www.limesurvey.org/
 file=version.php
 variable=$config['versionnumber']
 extra_match=LimeSurvey
bb4e127e
 safe=2.07
 vuln=CVE-2015-5078
e12230b2
 subdir=2
 
b9ffaa52
 [webcalendar]
 url=http://www.k5n.us/webcalendar.php
 file=config.php
 variable=$PROGRAM_VERSION
 extra_match=@package WebCalendar
437a488a
 safe=1.2.7
 vuln=CVE-2013-1422
b9ffaa52
 subdir=1
b448014f
 
0d1da2ba
 [nextcloud]
 url=https://nextcloud.com
 file=version.php
 variable=$OC_VersionString
eecd812a
 vuln=CVE-2017-0936
 safe=12.0.5
 old_safe=11.0.7
0d1da2ba
 subdir=0
 extra_match=$vendor = 'nextcloud';
 
a4896b7e
 [owncloud]
39cc55f1
 url=http://owncloud.org/
 file=version.php
 variable=$OC_VersionString
b6f9daf5
 vuln=https://owncloud.org/security/advisory/?id=oc-sa-2017-003
8d0178b8
 safe=9.1.3
fcab2255
 old_safe=9.0.8,8.2.10,8.1.12
39cc55f1
 subdir=0
35a9bab2
 extra_nomatch=nextcloud
39cc55f1
 
a4896b7e
 [owncloud5]
b448014f
 url=http://owncloud.org/
 file=util.php
 variable=return '
 subdir=1
0f0c67da
 extra_match=class OC_Util
b6f9daf5
 vuln=https://owncloud.org/security/advisory/?id=oc-sa-2017-003
 safe=9.1.3
fcab2255
 old_safe=9.0.8,8.2.10,8.1.12
83df92d8
 
 [videodb]
 url=http://www.videodb.net/
 file=constants.php
 variable=('VERSION',
 extra_match=TBL_
 safe=4.0
 vuln=http://www.exploit-db.com/exploits/17660/
 subdir=1
2d2ce53a
 
 [OpenX]
 url=http://www.openx.com/
 file=constants.php
 variable=OA_VERSION
 extra_match=OpenX
b3d7e364
 safe=
 vuln=http://www.kreativrauschen.com/blog/2013/12/18/zero-day-vulnerability-in-openx-source-2-8-11-and-revive-adserver-3-0-1/
 subdir=0
 
 [revive]
 url=http://www.revive-adserver.com/
 file=constants.php
 variable=VERSION
 extra_match=Revive Adserver
ac58aac7
 safe=3.0.5
 vuln=CVE-2013-5954
2d2ce53a
 subdir=0
4044fd16
 
 [osTicket]
 url=http://osticket.com/
 file=bootstrap.php
 variable=define('THIS_VERSION',
 safe=1.8.12
 latest=1.9.12
 vuln=https://github.com/osTicket/osTicket-1.8/releases/tag/v1.8.12
 subdir=0
c252716d
 
 [Gitlist]
 url=http://gitlist.org/
 file=footer.twig
ba40c23c
 variable=Powered by
c252716d
 safe=0.5.0
 latest=0.6.0
 vuln=CVE-2014-4511
 subdir=3