git.schokokeks.org
Repositories
Help
Report an Issue
freewvs.git
Code
Commits
Branches
Tags
Suche
Strukturansicht:
b3d7e36
Branches
Tags
master
v0.1.1
v0.1.2
v0.1.3
v0.1.4
freewvs.git
freewvsdb
misc.freewvs
revive and openx critical vulnerability
Hanno Böck
commited
b3d7e36
at 2013-12-21 06:15:49
misc.freewvs
Blame
History
Raw
[phpMyAdmin] url=http://www.phpmyadmin.net/ safe=4.0.5 vuln=CVE-2013-5029 file=Config.class.php variable=PMA_VERSION subdir=1 [SquirrelMail] url=http://www.squirrelmail.org/ safe=1.4.22 vuln=CVE-2010-4554 file=strings.php variable=$version extra_match=SquirrelMail version number subdir=1 # old mantis versions behave different [Mantis-deprecated] url=http://www.mantisbt.org/ safe=1.2.15 vuln=CVE-2013-1883 file=config_defaults_inc.php variable=$g_mantis_version subdir=0 [Mantis] url=http://www.mantisbt.org/ safe=1.2.15 vuln=CVE-2013-1883 file=constant_inc.php variable=MANTIS_VERSION subdir=1 [Bugzilla3] url=http://www.bugzilla.org/ safe=4.1.3 old_safe=4.0.2,3.6.6,3.4.12 vuln=CVE-2011-2379 file=Constants.pm variable=BUGZILLA_VERSION subdir=1 [Bugzilla2] url=http://www.bugzilla.org/ safe=4.1.3 old_safe=4.0.2,3.6.6,3.4.12 vuln=CVE-2011-2379 file=Config.pm variable=$Bugzilla::Config::VERSION subdir=1 [SimpNews] url=http://www.boesch-it.de safe=2.48 vuln=CVE-2010-2858 file=global.inc.php variable=$version subdir=1 extra_match=$path_simpnews [calendarix] url=http://www.calendarix.com/ safe= vuln=CVE-2007-3183 file=cal_config.inc.php variable=$version subdir=0 [myEvent] url=http://mywebland.com/ safe= vuln=CVE-2007-0690 file=config.php variable=$version extra_match=$eventbgcolor subdir=0 [php-stats] url=http://php-stats.com/ safe= vuln=CVE-2007-5453 file=update.php variable=$version extra_match=http://php-stats.com/ subdir=0 [Ampache] url=http://ampache.org/ safe=3.5.3 vuln=http://ampache.org/2009/12/20/3-5-3-security-release/ file=init.php variable=$results['version'] subdir=1 extra_match=$ampache_path [SiteBar] url=http://sitebar.org/ safe=3.3.9 vuln=CVE-2007-5492 file=database.inc.php variable=SB_CURRENT_RELEASE subdir=1 [phpPgAdmin] url=http://phppgadmin.sourceforge.net/ safe=5.0.4 vuln=CVE-2012-1600 file=lib.inc.php variable=$appVersion subdir=1 extra_match=phpPgAdmin [FTP Admin] url=http://ftpadmin.sourceforge.net/ safe= vuln=CVE-2007-6234 file=session_start.php variable=VERSION subdir=0 extra_match=define("TITLE", "FTP Admin"); [RoundCube-deprecated] url=http://roundcube.net safe=0.9.5 vuln=CVE-2013-6172 file=index.php variable=RCMAIL_VERSION subdir=0 [RoundCube] url=http://roundcube.net safe=0.9.5 vuln=CVE-2013-6172 file=iniset.php variable=RCMAIL_VERSION subdir=2 [Moodle] url=http://www.moodle.org/ safe=2.1.2 old_safe=2.0.5,1.9.14 vuln=CVE-2011-4308 file=version.php variable=$release subdir=0 extra_match=MOODLE VERSION INFORMATION [cacti] url=http://www.cacti.net/ safe=0.8.7 vuln=CVE-2007-6035 file=global.php variable=$config["cacti_version"] subdir=1 [gnopaste] url=http://gnopaste.sf.net/ safe=0.5.4 vuln=CVE-2006-2834 file=install.php variable=$_SESSION['page_title'] = 'gnopaste subdir=0 [Flyspray] url=http://www.flyspray.org/ safe=0.9.9.5 vuln=CVE-2008-1165 file=class.flyspray.php variable=var $version subdir=1 [phpMyID] url=http://siege.org/projects/phpMyID safe= vuln=CVE-2008-4730 file=MyID.php variable=@version subdir=0 [phplist] url=http://www.phplist.com/ safe=2.10.18 vuln=CVE-2012-2740 file=connect.php variable=define("VERSION" subdir=1 [Piwik] url=http://piwik.org/ safe=1.11 vuln=CVE-2013-1844 file=Version.php variable=const VERSION subdir=1 extra_match=final class Piwik_Version [phpWishlist] url=http://phpwishlist.sourceforge.net/ safe=0.1.15 vuln=CVE-2005-2203 file=header.inc.php variable=$version subdir=1 extra_match=* Wishlist - [awstats] url=http://awstats.sourceforge.net/ safe=7.1 vuln=CVE-2012-4547 file=awstats.pl variable=$VERSION = subdir=0 [phpMyFAQ] url=http://www.phpmyfaq.de/ safe=2.5.5 vuln=http://www.phpmyfaq.de/advisory_2009-12-01.php file=phpmyfaq.spec variable=version subdir=1 [Horde-webmail] url=http://www.horde.org/ file=bundle.php variable=BUNDLE_VERSION extra_match='Horde Groupware Webmail Edition' safe=1.2.7 vuln=http://secunia.com/advisories/39860 subdir=1 [ResourceSpace] url=http://www.resourcespace.org/ file=version.php variable=$productname='ResourceSpace';$productversion safe=4.2.2833 latest=4.3.2912 vuln=CVE-2011-4311 subdir=1 [apc.php] url=http://pecl.php.net/package/APC file=apc.php # this does not contain it's "real" version number, using the CVS id # instead - there's been an XSS pre 3.1.4. variable=$VERSION='$Id: apc.php safe=301867 vuln=CVE-2010-3294 subdir=0 [webtrees] url=http://webtrees.net/ file=session.php variable=define('WT_VERSION' safe=1.2.4 latest=1.2.4 vuln=http://webtrees.net/en/forums/2-open-discussion/16423-webtrees-124 subdir=1 [PhpGedView] url=http://phpgedview.sourceforge.net/ file=session.php variable=define('PGV_VERSION' safe= vuln=2011-0405 subdir=1 [status.net] url=http://status.net file=common.php variable=define('STATUSNET_BASE_VERSION' safe=0.9.9 vuln=CVE-2011-3370 subdir=1 [limesurvey18] url=http://www.limesurvey.org/ file=common.php variable=$versionnumber extra_match=LimeSurvey safe=1.91 vuln=CVE-2011-3752 subdir=0 [limesurvey] url=http://www.limesurvey.org/ file=version.php variable=$versionnumber extra_match=$dbversionnumber safe=1.91 vuln=CVE-2011-3752 subdir=0 [webcalendar] url=http://www.k5n.us/webcalendar.php file=config.php variable=$PROGRAM_VERSION extra_match=@package WebCalendar safe=1.2.7 vuln=CVE-2013-1422 subdir=1 [owncloud6] url=http://owncloud.org/ file=version.php variable=$OC_VersionString vuln= safe=6.0 subdir=0 [owncloud] url=http://owncloud.org/ file=util.php variable=return ' extra_match=OC_Util subdir=1 vuln=http://seclists.org/oss-sec/2013/q3/278 safe=5.0.8 old_safe=4.5.13 [videodb] url=http://www.videodb.net/ file=constants.php variable=('VERSION', extra_match=TBL_ safe=4.0 vuln=http://www.exploit-db.com/exploits/17660/ subdir=1 [OpenX] url=http://www.openx.com/ file=constants.php variable=OA_VERSION extra_match=OpenX safe= vuln=http://www.kreativrauschen.com/blog/2013/12/18/zero-day-vulnerability-in-openx-source-2-8-11-and-revive-adserver-3-0-1/ subdir=0 [revive] url=http://www.revive-adserver.com/ file=constants.php variable=VERSION extra_match=Revive Adserver safe=3.0.2 vuln=http://www.kreativrauschen.com/blog/2013/12/18/zero-day-vulnerability-in-openx-source-2-8-11-and-revive-adserver-3-0-1/ subdir=0
