[
{
"name": "WebsiteBaker",
"url": "https://websitebaker.org/",
"safe": "2.11.0",
"vuln": "CVE-2017-16514",
"detection": [
{
"file": "version.php",
"variable": "VERSION",
"subdir": 3,
"extra_match": "Website Baker Project"
},
{
"file": "version.php",
"variable": "VERSION",
"subdir": 2,
"extra_match": "isteam"
}
]
},
{
"name": "toendaCMS",
"url": "http://www.toendacms.com/",
"safe": "",
"vuln": "CVE-2007-1872",
"detection": [
{
"file": "tcms_version.xml",
"variable": "release",
"subdir": 2
}
]
},
{
"name": "Drupal",
"url": "https://www.drupal.org/",
"safe": "10.0.5",
"old_safe": "9.5.5,9.4.12,7.95",
"vuln": "https://www.drupal.org/sa-core-2023-004",
"latest": "10.0.5",
"detection": [
{
"file": "system.module",
"variable": "define('VERSION'",
"subdir": 2,
"note": "6.x and older"
},
{
"file": "bootstrap.inc",
"variable": "define('VERSION'",
"subdir": 1,
"note": "7.x"
},
{
"file": "Drupal.php",
"variable": "const VERSION",
"subdir": 2,
"note": "8.x"
}
]
},
{
"name": "PHPNuke",
"url": "https://www.phpnuke.org/",
"safe": "8.1",
"vuln": "CVE-2007-1519",
"note": "I'm not really sure about that, but 8.0 is at least vulnerable, pre 8.0 aren't easily detectable",
"detection": [
{
"file": "version.php",
"variable": "$version_number",
"subdir": 2,
"extra_match": "PHP-Nuke $version_number"
}
]
},
{
"name": "TYPO3",
"url": "https://typo3.org/",
"safe": "10.4.2",
"old_safe": "9.5.17",
"vuln": "CVE-2020-11069",
"detection": [
{
"file": "config_default.php",
"variable": "$TYPO_VERSION",
"subdir": 1,
"note": "4.x and older"
},
{
"file": "SystemEnvironmentBuilder.php",
"extra_nomatch": "TYPO3\\CMS\\Core\\Utility\\PathUtility",
"variable": "define('TYPO3_version",
"subdir": 4,
"note": "6.x to 8.x"
},
{
"file": "Typo3Version.php",
"variable": "VERSION =",
"subdir": 4,
"note": "9.x and newer"
}
]
},
{
"name": "Joomla",
"url": "https://www.joomla.org/",
"safe": "4.2.8",
"old_safe": "3.10.8",
"vuln": "CVE-2023-23752",
"detection": [
{
"file": "CHANGELOG.php",
"variable": "---------------",
"subdir": 0,
"extra_match": "Joomla! is free software.",
"note": "1.5 and older"
},
{
"file": "joomla.xml",
"variable": "<version>",
"subdir": 3,
"extra_match": "FILES_JOOMLA_XML_DESCRIPTION",
"path_match": "administrator/manifests/files"
}
]
},
{
"name": "Mambo",
"url": "http://www.source.mambo-foundation.org/",
"safe": "",
"vuln": "CVE-2008-2905",
"detection": [
{
"file": "version.php",
"variable": "var $RELEASE,var $DEV_LEVEL",
"subdir": 1,
"extra_match": "@package Mambo"
}
]
},
{
"name": "w-Agora",
"url": "http://www.w-agora.net/",
"safe": "",
"vuln": "CVE-2007-0607",
"latest": "4.2.1",
"detection": [
{
"file": "misc_func.php",
"variable": "$v =",
"subdir": 1,
"extra_match": "w-agora version $v"
}
]
},
{
"name": "MODX",
"url": "https://modx.com/",
"safe": "2.7.1",
"latest": "2.7.2",
"vuln": "CVE-2018-17556",
"detection": [
{
"file": "version.inc.php",
"variable": "$version",
"subdir": 2,
"extra_match": "$full_appname = 'MODx'",
"note": "0.x"
},
{
"file": "version.inc.php",
"variable": "$modx_version",
"subdir": 2,
"note": "1.x"
},
{
"file": "changelog.txt",
"variable": "MODX Revolution",
"subdir": 2,
"extra_match": "MODX"
}
]
},
{
"name": "PostNuke",
"url": "http://www.postnuke.com",
"safe": "",
"vuln": "CVE-2007-0385",
"latest": "0.764",
"detection": [
{
"file": "global.php",
"variable": "_MESSAGE_00_a",
"subdir": 2,
"extra_match": "http://www.pn-cms.de"
}
]
},
{
"name": "Contenido",
"url": "https://www.contenido.org/",
"safe": "4.9.12",
"vuln": "https://devwerks.net/advisories/DW-2016-008_CONTENIDO_XSS.txt",
"latest": "4.10.1",
"detection": [
{
"file": "config.misc.php",
"variable": "$cfg['version']",
"subdir": 1,
"extra_match": "Contenido Misc Configurations"
},
{
"file": "startup.php",
"variable": "CON_VERSION",
"subdir": 1
}
]
},
{
"name": "SilverStripe",
"url": "https://www.silverstripe.com",
"safe": "2.4.7",
"vuln": "CVE-2012-0976",
"detection": [
{
"file": "silverstripe_version",
"variable": "/open/modules/cms/",
"subdir": 1,
"extra_match": "/open/modules/cms/"
}
]
},
{
"name": "CMSMadeSimple",
"url": "https://www.cmsmadesimple.org/",
"safe": "2.2.12",
"vuln": "CVE-2019-17226",
"detection": [
{
"file": "version.php",
"variable": "$CMS_VERSION",
"subdir": 0
}
]
},
{
"name": "e107",
"url": "https://e107.org/",
"safe": "1.0.0",
"vuln": "CVE-2011-4920",
"detection": [
{
"file": "ver.php",
"variable": "$e107info['e107_version']",
"subdir": 0
}
]
},
{
"name": "SPIP",
"url": "https://www.spip.net/",
"safe": "3.2.5",
"old_safe": "3.1.11",
"vuln": "CVE-2019-16392",
"detection": [
{
"file": "inc_version.php",
"variable": "$spip_version_branche",
"subdir": 1
}
]
},
{
"name": "contao",
"url": "https://contao.org/",
"safe": "4.7.5",
"old_safe": "4.4.39",
"vuln": "CVE-2019-11512",
"detection": [
{
"file": "CHANGELOG.txt",
"variable": "Version",
"subdir": 0,
"extra_match": "Contao Open Source CMS Changelog",
"note": "very old versions"
},
{
"file": "CHANGELOG.md",
"variable": "Version",
"subdir": 0,
"extra_match": "Contao Open Source CMS"
}
]
},
{
"name": "redaxo",
"url": "https://redaxo.org/",
"safe": "4.5",
"vuln": "CVE-2012-3869",
"latest": "4.5",
"detection": [
{
"file": "en_gb.lang",
"variable": "setup_037",
"subdir": 3
}
]
},
{
"name": "textpattern",
"url": "https://textpattern.com/",
"safe": "4.8.8",
"vuln": "CVE-2021-44082",
"latest": "4.8.8",
"detection": [
{
"file": "index.php",
"variable": "$thisversion",
"subdir": 1
}
]
},
{
"name": "bolt",
"url": "https://bolt.cm/",
"safe": "3.5.3",
"vuln": "https://github.com/bolt/bolt/blob/v3.5.4/changelog.md#bolt-353",
"latest": "3.5.3",
"detection": [
{
"file": "Version.php",
"variable": "const VERSION",
"subdir": 4,
"extra_match": "Bolt's"
}
]
}
]