freewvs.git

@@ -135,7 +135,7 @@

     "name": "wBB",

     "url": "http://www.woltlab.com/",

     "safe": "3.0.9",

-    "vuln": "http://www.securityfocus.com/archive/1/503867/30/60/threaded",

+    "vuln": "https://www.securityfocus.com/archive/1/503867/30/60/threaded",

     "detection": [

       {

         "file": "config.inc.php",

@@ -148,7 +148,7 @@

     "name": "WBBLite",

     "url": "http://wbblite.com/",

     "safe": "2.1",

-    "vuln": "http://www.securityfocus.com/archive/1/503867/30/60/threaded",

+    "vuln": "https://www.securityfocus.com/archive/1/503867/30/60/threaded",

     "detection": [

       {

         "file": "package.xml",

@@ -192,15 +192,20 @@

   {

     "name": "Contenido",

     "url": "https://www.contenido.org/",

-    "safe": "4.8.15",

-    "vuln": "http://www.contenido.org/de/front_content.php?idcat=107&idart=1789&client=6&lang=3",

-    "latest": "4.8.15",

+    "safe": "4.9.12",

+    "vuln": "https://devwerks.net/advisories/DW-2016-008_CONTENIDO_XSS.txt",

+    "latest": "4.10.1",

     "detection": [

       {

         "file": "config.misc.php",

         "variable": "$cfg['version']",

         "subdir": 1,

         "extra_match": "Contenido Misc Configurations"

+      },

+      {

+        "file": "startup.php",

+        "variable": "CON_VERSION",

+        "subdir": 1

       }

     ]

   },

@@ -221,8 +226,8 @@

   {

     "name": "CMSMadeSimple",

     "url": "https://www.cmsmadesimple.org/",

-    "safe": "1.11.13",

-    "vuln": "http://www.cmsmadesimple.org/2015/02/Announcing-CMS-Made-Simple-1-11-13-Security-Release/",

+    "safe": "2.2.12",

+    "vuln": "CVE-2019-17226",

     "detection": [

       {

         "file": "version.php",

@@ -247,9 +252,9 @@

   {

     "name": "SPIP",

     "url": "https://www.spip.net/",

-    "safe": "2.1.13",

-    "old_safe": "2.0.18",

-    "vuln": "http://archives.rezo.net/archives/spip-en.mbox/U5QUZ6WJRAJC7H5BR7W5SQG6WCD3PXL7/",

+    "safe": "3.2.5",

+    "old_safe": "3.1.11",

+    "vuln": "CVE-2019-16392",

     "detection": [

       {

         "file": "inc_version.php",

@@ -17,7 +17,7 @@

     "url": "http://galleryproject.org/",

     "safe": "3.0.9",

     "old_safe": "2.3.2",

-    "vuln": "http://galleryproject.org/gallery_3_0_9",

+    "vuln": "CVE-2013-2241",

     "detection": [

       {

         "file": "module.inc",

@@ -41,10 +41,10 @@

   },

   {

     "name": "SimpleGroupware",

-    "url": "http://www.simple-groupware.de/",

-    "safe": "0.607",

-    "vuln": "http://www.simple-groupware.de/cms/Release-0-607",

-    "latest": "0.724",

+    "url": "https://web.archive.org/web/20130810201721/http://www.simple-groupware.de/",

+    "safe": "0.742",

+    "vuln": "CVE-2012-1028",

+    "latest": "0.745",

     "detection": [

       {

         "file": "setup.php",

@@ -370,14 +370,20 @@

   {

     "name": "Horde-webmail",

     "url": "http://www.horde.org/",

-    "safe": "1.2.7",

-    "vuln": "http://secunia.com/advisories/39860",

+    "safe": "",

+    "vuln": "CVE-2019-12094",

     "detection": [

       {

         "file": "bundle.php",

         "variable": "BUNDLE_VERSION",

         "subdir": 1,

         "extra_match": "'Horde Groupware Webmail Edition'"

+      },

+      {

+        "file": "Bundle.php",

+        "variable": "VERSION",

+        "subdir": 1,

+        "extra_match": "'Horde Groupware Webmail Edition'"

       }

     ]

   },

@@ -532,7 +538,7 @@

     "name": "videodb",

     "url": "http://www.videodb.net/",

     "safe": "4.0",

-    "vuln": "http://www.exploit-db.com/exploits/17660/",

+    "vuln": "https://www.exploit-db.com/exploits/17660",

     "detection": [

       {

         "file": "constants.php",

@@ -546,7 +552,7 @@

     "name": "OpenX",

     "url": "http://www.openx.com/",

     "safe": "",

-    "vuln": "http://www.kreativrauschen.com/blog/2013/12/18/zero-day-vulnerability-in-openx-source-2-8-11-and-revive-adserver-3-0-1/",

+    "vuln": "https://www.kreativrauschen.com/blog/2013/12/18/zero-day-vulnerability-in-openx-source-2-8-11-and-revive-adserver-3-0-1/",

     "detection": [

       {

         "file": "constants.php",

@@ -166,7 +166,7 @@

     "name": "Wordpress-CustomContact",

     "url": "https://wordpress.org/plugins/custom-contact-forms/",

     "safe": "5.1.0.4",

-    "vuln": "http://blog.sucuri.net/2014/08/database-takeover-in-custom-contact-forms.html",

+    "vuln": "https://blog.sucuri.net/2014/08/database-takeover-in-custom-contact-forms.html",

     "detection": [

       {

         "file": "custom-contact-forms.php",

@@ -231,8 +231,8 @@

   {

     "name": "Wordpress-DownloadManager",

     "url": "https://wordpress.org/plugins/download-manager/",

-    "safe": "2.7.5",

-    "vuln": "http://blog.sucuri.net/2014/12/security-advisory-high-severity-wordpress-download-manager.html",

+    "safe": "2.9.61",

+    "vuln": "https://www.exploit-db.com/exploits/43487",

     "detection": [

       {

         "file": "download-manager.php",

@@ -258,7 +258,7 @@

     "name": "Joomla-Googlemaps",

     "url": "http://joomlacode.org/gf/project/mambot_google1/",

     "safe": "3.1",

-    "vuln": "http://joomlacode.org/gf/project/mambot_google1/news/?id=4119",

+    "vuln": "CVE-2013-7428",

     "detection": [

       {

         "file": "plugin_googlemap3.perm",