Browse code

drupal update

Hanno Böck authored on01/06/2021 08:58:15
Showing1 changed files
... ...
@@ -35,10 +35,10 @@
35 35
   {
36 36
     "name": "Drupal",
37 37
     "url": "https://www.drupal.org/",
38
-    "safe": "9.1.7",
39
-    "old_safe": "9.0.12,8.9.14,7.80",
40
-    "vuln": "https://www.drupal.org/sa-core-2021-002",
41
-    "latest": "9.1.7",
38
+    "safe": "9.1.9",
39
+    "old_safe": "9.0.14,8.9.16,7.80",
40
+    "vuln": "https://www.drupal.org/sa-core-2021-003",
41
+    "latest": "9.1.9",
42 42
     "detection": [
43 43
       {
44 44
         "file": "system.module",
Browse code

update joomla

Hanno Böck authored on01/06/2021 08:56:04
Showing1 changed files
... ...
@@ -106,8 +106,8 @@
106 106
   {
107 107
     "name": "Joomla",
108 108
     "url": "https://www.joomla.org/",
109
-    "safe": "3.9.26",
110
-    "vuln": "CVE-2021-26031",
109
+    "safe": "3.9.27",
110
+    "vuln": "CVE-2021-26034",
111 111
     "detection": [
112 112
       {
113 113
         "file": "CHANGELOG.php",
Browse code

joomla updat

Hanno Böck authored on22/04/2021 08:10:15
Showing1 changed files
... ...
@@ -106,8 +106,8 @@
106 106
   {
107 107
     "name": "Joomla",
108 108
     "url": "https://www.joomla.org/",
109
-    "safe": "3.9.25",
110
-    "vuln": "CVE-2021-23129",
109
+    "safe": "3.9.26",
110
+    "vuln": "CVE-2021-26031",
111 111
     "detection": [
112 112
       {
113 113
         "file": "CHANGELOG.php",
Browse code

drupal xss

Hanno Böck authored on22/04/2021 08:09:36
Showing1 changed files
... ...
@@ -35,10 +35,10 @@
35 35
   {
36 36
     "name": "Drupal",
37 37
     "url": "https://www.drupal.org/",
38
-    "safe": "9.1.3",
39
-    "old_safe": "9.0.11,8.9.13,7.78",
40
-    "vuln": "CVE-2020-36193",
41
-    "latest": "9.1.3",
38
+    "safe": "9.1.7",
39
+    "old_safe": "9.0.12,8.9.14,7.80",
40
+    "vuln": "https://www.drupal.org/sa-core-2021-002",
41
+    "latest": "9.1.7",
42 42
     "detection": [
43 43
       {
44 44
         "file": "system.module",
Browse code

update joomla

Hanno Böck authored on03/03/2021 21:37:03
Showing1 changed files
... ...
@@ -106,8 +106,8 @@
106 106
   {
107 107
     "name": "Joomla",
108 108
     "url": "https://www.joomla.org/",
109
-    "safe": "3.9.24",
110
-    "vuln": "CVE-2021-23125",
109
+    "safe": "3.9.25",
110
+    "vuln": "CVE-2021-23129",
111 111
     "detection": [
112 112
       {
113 113
         "file": "CHANGELOG.php",
Browse code

update drupal

Hanno Böck authored on21/01/2021 08:30:28
Showing1 changed files
... ...
@@ -35,10 +35,10 @@
35 35
   {
36 36
     "name": "Drupal",
37 37
     "url": "https://www.drupal.org/",
38
-    "safe": "9.0.9",
39
-    "old_safe": "8.9.11,8.8.12,7.77",
40
-    "vuln": "CVE-2020-28948",
41
-    "latest": "9.0.10",
38
+    "safe": "9.1.3",
39
+    "old_safe": "9.0.11,8.9.13,7.78",
40
+    "vuln": "CVE-2020-36193",
41
+    "latest": "9.1.3",
42 42
     "detection": [
43 43
       {
44 44
         "file": "system.module",
Browse code

update joomla

Hanno Böck authored on15/01/2021 09:01:58
Showing1 changed files
... ...
@@ -106,8 +106,8 @@
106 106
   {
107 107
     "name": "Joomla",
108 108
     "url": "https://www.joomla.org/",
109
-    "safe": "3.9.23",
110
-    "vuln": "https://developer.joomla.org/security-centre/834-20201107-core-write-acl-violation-in-multiple-core-views.html",
109
+    "safe": "3.9.24",
110
+    "vuln": "CVE-2021-23125",
111 111
     "detection": [
112 112
       {
113 113
         "file": "CHANGELOG.php",
Browse code

update drupal old versions

Hanno Böck authored on01/01/2021 13:12:52
Showing1 changed files
... ...
@@ -36,9 +36,9 @@
36 36
     "name": "Drupal",
37 37
     "url": "https://www.drupal.org/",
38 38
     "safe": "9.0.9",
39
-    "old_safe": "8.9.10,8.8.12,7.75",
39
+    "old_safe": "8.9.11,8.8.12,7.77",
40 40
     "vuln": "CVE-2020-28948",
41
-    "latest": "9.0.9",
41
+    "latest": "9.0.10",
42 42
     "detection": [
43 43
       {
44 44
         "file": "system.module",
Browse code

update joomla

Hanno Böck authored on26/11/2020 18:30:38
Showing1 changed files
... ...
@@ -106,8 +106,8 @@
106 106
   {
107 107
     "name": "Joomla",
108 108
     "url": "https://www.joomla.org/",
109
-    "safe": "3.9.20",
110
-    "vuln": "CVE-2020-15698",
109
+    "safe": "3.9.23",
110
+    "vuln": "https://developer.joomla.org/security-centre/834-20201107-core-write-acl-violation-in-multiple-core-views.html",
111 111
     "detection": [
112 112
       {
113 113
         "file": "CHANGELOG.php",
Browse code

update drupal

Hanno Böck authored on26/11/2020 18:29:39
Showing1 changed files
... ...
@@ -35,10 +35,10 @@
35 35
   {
36 36
     "name": "Drupal",
37 37
     "url": "https://www.drupal.org/",
38
-    "safe": "9.0.8",
39
-    "old_safe": "8.9.9,8.8.11,7.74",
40
-    "vuln": "CVE-2020-13671",
41
-    "latest": "9.0.8",
38
+    "safe": "9.0.9",
39
+    "old_safe": "8.9.10,8.8.12,7.75",
40
+    "vuln": "CVE-2020-28948",
41
+    "latest": "9.0.9",
42 42
     "detection": [
43 43
       {
44 44
         "file": "system.module",
Browse code

fix drupal latest

Hanno Böck authored on19/11/2020 11:09:40
Showing1 changed files
... ...
@@ -38,7 +38,7 @@
38 38
     "safe": "9.0.8",
39 39
     "old_safe": "8.9.9,8.8.11,7.74",
40 40
     "vuln": "CVE-2020-13671",
41
-    "latest": "9.0.6",
41
+    "latest": "9.0.8",
42 42
     "detection": [
43 43
       {
44 44
         "file": "system.module",
Browse code

drupal update

Hanno Böck authored on19/11/2020 11:03:39
Showing1 changed files
... ...
@@ -35,9 +35,9 @@
35 35
   {
36 36
     "name": "Drupal",
37 37
     "url": "https://www.drupal.org/",
38
-    "safe": "9.0.6",
39
-    "old_safe": "8.9.6,8.8.10,7.73",
40
-    "vuln": "CVE-2020-13666",
38
+    "safe": "9.0.8",
39
+    "old_safe": "8.9.9,8.8.11,7.74",
40
+    "vuln": "CVE-2020-13671",
41 41
     "latest": "9.0.6",
42 42
     "detection": [
43 43
       {
Browse code

drupal update

Hanno Böck authored on17/09/2020 08:56:50
Showing1 changed files
... ...
@@ -35,10 +35,10 @@
35 35
   {
36 36
     "name": "Drupal",
37 37
     "url": "https://www.drupal.org/",
38
-    "safe": "9.0.1",
39
-    "old_safe": "8.9.1,8.8.8,7.72",
40
-    "vuln": "CVE-2020-13663",
41
-    "latest": "9.0.1",
38
+    "safe": "9.0.6",
39
+    "old_safe": "8.9.6,8.8.10,7.73",
40
+    "vuln": "CVE-2020-13666",
41
+    "latest": "9.0.6",
42 42
     "detection": [
43 43
       {
44 44
         "file": "system.module",
Browse code

joomla update

Hanno Böck authored on18/07/2020 10:54:25
Showing1 changed files
... ...
@@ -106,8 +106,8 @@
106 106
   {
107 107
     "name": "Joomla",
108 108
     "url": "https://www.joomla.org/",
109
-    "safe": "3.9.19",
110
-    "vuln": "CVE-2020-13760",
109
+    "safe": "3.9.20",
110
+    "vuln": "CVE-2020-15698",
111 111
     "detection": [
112 112
       {
113 113
         "file": "CHANGELOG.php",
Browse code

drupal update

Hanno Böck authored on18/06/2020 09:38:00
Showing1 changed files
... ...
@@ -35,10 +35,10 @@
35 35
   {
36 36
     "name": "Drupal",
37 37
     "url": "https://www.drupal.org/",
38
-    "safe": "8.8.6",
39
-    "old_safe": "8.7.14,7.70",
40
-    "vuln": "CVE-2020-11022",
41
-    "latest": "8.8.6",
38
+    "safe": "9.0.1",
39
+    "old_safe": "8.9.1,8.8.8,7.72",
40
+    "vuln": "CVE-2020-13663",
41
+    "latest": "9.0.1",
42 42
     "detection": [
43 43
       {
44 44
         "file": "system.module",
Browse code

fix json

Hanno Böck authored on10/06/2020 10:26:28
Showing1 changed files
... ...
@@ -336,4 +336,4 @@
336 336
       }
337 337
     ]
338 338
   }
339
-]
339
+]
340 340
\ No newline at end of file
Browse code

typo3 update

Hanno Böck authored on10/06/2020 09:27:40
Showing1 changed files
... ...
@@ -78,9 +78,9 @@
78 78
   {
79 79
     "name": "TYPO3",
80 80
     "url": "https://typo3.org/",
81
-    "safe": "9.5.8",
82
-    "old_safe": "8.7.27",
83
-    "vuln": "CVE-2019-12747",
81
+    "safe": "10.4.2",
82
+    "old_safe": "9.5.17",
83
+    "vuln": "CVE-2020-11069",
84 84
     "detection": [
85 85
       {
86 86
         "file": "config_default.php",
... ...
@@ -336,4 +336,4 @@
336 336
       }
337 337
     ]
338 338
   }
339
-]
340 339
\ No newline at end of file
340
+]
Browse code

update joomla

Hanno Böck authored on05/06/2020 11:05:41
Showing1 changed files
... ...
@@ -106,8 +106,8 @@
106 106
   {
107 107
     "name": "Joomla",
108 108
     "url": "https://www.joomla.org/",
109
-    "safe": "3.9.17",
110
-    "vuln": "CVE-2020-11889",
109
+    "safe": "3.9.19",
110
+    "vuln": "CVE-2020-13760",
111 111
     "detection": [
112 112
       {
113 113
         "file": "CHANGELOG.php",
Browse code

fix json

Hanno Böck authored on23/05/2020 09:25:23
Showing1 changed files
... ...
@@ -336,4 +336,4 @@
336 336
       }
337 337
     ]
338 338
   }
339
-]
339
+]
340 340
\ No newline at end of file
Browse code

drupal update

Hanno Böck authored on22/05/2020 07:45:26
Showing1 changed files
... ...
@@ -35,10 +35,10 @@
35 35
   {
36 36
     "name": "Drupal",
37 37
     "url": "https://www.drupal.org/",
38
-    "safe": "8.8.4",
39
-    "old_safe": "8.7.12,7.69",
40
-    "vuln": "https://www.drupal.org/sa-core-2020-001",
41
-    "latest": "8.8.4",
38
+    "safe": "8.8.6",
39
+    "old_safe": "8.7.14,7.70",
40
+    "vuln": "CVE-2020-11022",
41
+    "latest": "8.8.6",
42 42
     "detection": [
43 43
       {
44 44
         "file": "system.module",
... ...
@@ -336,4 +336,4 @@
336 336
       }
337 337
     ]
338 338
   }
339
-]
340 339
\ No newline at end of file
340
+]
Browse code

fix newline

Hanno Böck authored on10/05/2020 09:47:21
Showing1 changed files
... ...
@@ -336,4 +336,4 @@
336 336
       }
337 337
     ]
338 338
   }
339
-]
339
+]
340 340
\ No newline at end of file
Browse code

joomla update

Hanno Böck authored on10/05/2020 09:38:09
Showing1 changed files
... ...
@@ -106,8 +106,8 @@
106 106
   {
107 107
     "name": "Joomla",
108 108
     "url": "https://www.joomla.org/",
109
-    "safe": "3.9.16",
110
-    "vuln": "CVE-2020-10243",
109
+    "safe": "3.9.17",
110
+    "vuln": "CVE-2020-11889",
111 111
     "detection": [
112 112
       {
113 113
         "file": "CHANGELOG.php",
... ...
@@ -336,4 +336,4 @@
336 336
       }
337 337
     ]
338 338
   }
339
-]
340 339
\ No newline at end of file
340
+]
Browse code

typo3 update

Hanno Böck authored on03/05/2020 13:22:14
Showing1 changed files
... ...
@@ -90,8 +90,16 @@
90 90
       },
91 91
       {
92 92
         "file": "SystemEnvironmentBuilder.php",
93
+        "extra_nomatch": "TYPO3\\CMS\\Core\\Utility\\PathUtility",
93 94
         "variable": "define('TYPO3_version",
94
-        "subdir": 4
95
+        "subdir": 4,
96
+        "note": "6.x to 8.x"
97
+      },
98
+      {
99
+        "file": "Typo3Version.php",
100
+        "variable": "VERSION =",
101
+        "subdir": 4,
102
+        "note": "9.x and newer"
95 103
       }
96 104
     ]
97 105
   },
Browse code

drupal update

Hanno Böck authored on19/03/2020 08:56:38
Showing1 changed files
... ...
@@ -35,10 +35,10 @@
35 35
   {
36 36
     "name": "Drupal",
37 37
     "url": "https://www.drupal.org/",
38
-    "safe": "8.8.1",
39
-    "old_safe": "8.7.11,7.69",
40
-    "vuln": "https://www.drupal.org/sa-core-2019-012",
41
-    "latest": "7.67",
38
+    "safe": "8.8.4",
39
+    "old_safe": "8.7.12,7.69",
40
+    "vuln": "https://www.drupal.org/sa-core-2020-001",
41
+    "latest": "8.8.4",
42 42
     "detection": [
43 43
       {
44 44
         "file": "system.module",
Browse code

update joomla

Hanno Böck authored on12/03/2020 08:40:26
Showing1 changed files
... ...
@@ -98,8 +98,8 @@
98 98
   {
99 99
     "name": "Joomla",
100 100
     "url": "https://www.joomla.org/",
101
-    "safe": "3.9.15",
102
-    "vuln": "CVE-2020-8421",
101
+    "safe": "3.9.16",
102
+    "vuln": "CVE-2020-10243",
103 103
     "detection": [
104 104
       {
105 105
         "file": "CHANGELOG.php",
Browse code

joomla update

Hanno Böck authored on30/01/2020 16:28:42
Showing1 changed files
... ...
@@ -98,8 +98,8 @@
98 98
   {
99 99
     "name": "Joomla",
100 100
     "url": "https://www.joomla.org/",
101
-    "safe": "3.9.14",
102
-    "vuln": "CVE-2019-19846",
101
+    "safe": "3.9.15",
102
+    "vuln": "CVE-2020-8421",
103 103
     "detection": [
104 104
       {
105 105
         "file": "CHANGELOG.php",
Browse code

update joomla+drupal

Hanno Böck authored on19/12/2019 15:06:15
Showing1 changed files
... ...
@@ -35,9 +35,9 @@
35 35
   {
36 36
     "name": "Drupal",
37 37
     "url": "https://www.drupal.org/",
38
-    "safe": "8.7.5",
39
-    "old_safe": "8.6.18,7.68,7.67",
40
-    "vuln": "CVE-2019-6342",
38
+    "safe": "8.8.1",
39
+    "old_safe": "8.7.11,7.69",
40
+    "vuln": "https://www.drupal.org/sa-core-2019-012",
41 41
     "latest": "7.67",
42 42
     "detection": [
43 43
       {
... ...
@@ -98,8 +98,8 @@
98 98
   {
99 99
     "name": "Joomla",
100 100
     "url": "https://www.joomla.org/",
101
-    "safe": "3.9.13",
102
-    "vuln": "CVE-2019-18674",
101
+    "safe": "3.9.14",
102
+    "vuln": "CVE-2019-19846",
103 103
     "detection": [
104 104
       {
105 105
         "file": "CHANGELOG.php",
Browse code

update various URLs to https and CVEs, update a few packages

Hanno Böck authored on16/12/2019 20:44:09
Showing1 changed files
... ...
@@ -192,15 +192,20 @@
192 192
   {
193 193
     "name": "Contenido",
194 194
     "url": "https://www.contenido.org/",
195
-    "safe": "4.8.15",
196
-    "vuln": "http://www.contenido.org/de/front_content.php?idcat=107&idart=1789&client=6&lang=3",
197
-    "latest": "4.8.15",
195
+    "safe": "4.9.12",
196
+    "vuln": "https://devwerks.net/advisories/DW-2016-008_CONTENIDO_XSS.txt",
197
+    "latest": "4.10.1",
198 198
     "detection": [
199 199
       {
200 200
         "file": "config.misc.php",
201 201
         "variable": "$cfg['version']",
202 202
         "subdir": 1,
203 203
         "extra_match": "Contenido Misc Configurations"
204
+      },
205
+      {
206
+        "file": "startup.php",
207
+        "variable": "CON_VERSION",
208
+        "subdir": 1
204 209
       }
205 210
     ]
206 211
   },
... ...
@@ -221,8 +226,8 @@
221 226
   {
222 227
     "name": "CMSMadeSimple",
223 228
     "url": "https://www.cmsmadesimple.org/",
224
-    "safe": "1.11.13",
225
-    "vuln": "http://www.cmsmadesimple.org/2015/02/Announcing-CMS-Made-Simple-1-11-13-Security-Release/",
229
+    "safe": "2.2.12",
230
+    "vuln": "CVE-2019-17226",
226 231
     "detection": [
227 232
       {
228 233
         "file": "version.php",
... ...
@@ -247,9 +252,9 @@
247 252
   {
248 253
     "name": "SPIP",
249 254
     "url": "https://www.spip.net/",
250
-    "safe": "2.1.13",
251
-    "old_safe": "2.0.18",
252
-    "vuln": "http://archives.rezo.net/archives/spip-en.mbox/U5QUZ6WJRAJC7H5BR7W5SQG6WCD3PXL7/",
255
+    "safe": "3.2.5",
256
+    "old_safe": "3.1.11",
257
+    "vuln": "CVE-2019-16392",
253 258
     "detection": [
254 259
       {
255 260
         "file": "inc_version.php",
Browse code

modx update and merge

Hanno Böck authored on13/12/2019 19:56:42
Showing1 changed files
... ...
@@ -147,38 +147,25 @@
147 147
     ]
148 148
   },
149 149
   {
150
-    "name": "MODx",
150
+    "name": "MODX",
151 151
     "url": "https://modx.com/",
152
-    "safe": "1.0.15",
153
-    "vuln": "http://forums.modx.com/thread/94952/multiple-vulnerabilities-xss-remote-command-injection",
152
+    "safe": "2.7.1",
153
+    "latest": "2.7.2",
154
+    "vuln": "CVE-2018-17556",
154 155
     "detection": [
155 156
       {
156 157
         "file": "version.inc.php",
157 158
         "variable": "$version",
158 159
         "subdir": 2,
159
-        "extra_match": "$full_appname = 'MODx'"
160
-      }
161
-    ]
162
-  },
163
-  {
164
-    "name": "MODX-1.x",
165
-    "url": "https://modx.com/",
166
-    "safe": "1.0.15",
167
-    "vuln": "http://forums.modx.com/thread/94952/multiple-vulnerabilities-xss-remote-command-injection",
168
-    "detection": [
160
+        "extra_match": "$full_appname = 'MODx'",
161
+        "note": "0.x"
162
+      },
169 163
       {
170 164
         "file": "version.inc.php",
171 165
         "variable": "$modx_version",
172
-        "subdir": 2
173
-      }
174
-    ]
175
-  },
176
-  {
177
-    "name": "MODX-2.x",
178
-    "url": "https://modx.com/",
179
-    "safe": "2.2.11",
180
-    "vuln": "http://modx.com/blog/2014/07/15/revolution-2.2.15/",
181
-    "detection": [
166
+        "subdir": 2,
167
+        "note": "1.x"
168
+      },
182 169
       {
183 170
         "file": "changelog.txt",
184 171
         "variable": "MODX Revolution",
Browse code

contao update and merge

Hanno Böck authored on13/12/2019 18:38:04
Showing1 changed files
... ...
@@ -274,32 +274,22 @@
274 274
   {
275 275
     "name": "contao",
276 276
     "url": "https://contao.org/",
277
-    "safe": "3.2.5",
278
-    "old_safe": "2.11.14",
279
-    "vuln": "CVE-2014-1860",
280
-    "latest": "3.2.5",
277
+    "safe": "4.7.5",
278
+    "old_safe": "4.4.39",
279
+    "vuln": "CVE-2019-11512",
281 280
     "detection": [
282 281
       {
283
-        "file": "CHANGELOG.md",
282
+        "file": "CHANGELOG.txt",
284 283
         "variable": "Version",
285 284
         "subdir": 0,
286
-        "extra_match": "Contao Open Source CMS"
287
-      }
288
-    ]
289
-  },
290
-  {
291
-    "name": "contao-old",
292
-    "url": "https://contao.org/",
293
-    "safe": "3.2.5",
294
-    "old_safe": "2.11.14",
295
-    "vuln": "CVE-2014-1860",
296
-    "latest": "3.2.5",
297
-    "detection": [
285
+        "extra_match": "Contao Open Source CMS Changelog",
286
+        "note": "very old versions"
287
+      },
298 288
       {
299
-        "file": "CHANGELOG.txt",
289
+        "file": "CHANGELOG.md",
300 290
         "variable": "Version",
301 291
         "subdir": 0,
302
-        "extra_match": "Contao Open Source CMS Changelog"
292
+        "extra_match": "Contao Open Source CMS"
303 293
       }
304 294
     ]
305 295
   },
Browse code

drupal update

Hanno Böck authored on13/12/2019 11:09:51
Showing1 changed files
... ...
@@ -35,8 +35,8 @@
35 35
   {
36 36
     "name": "Drupal",
37 37
     "url": "https://www.drupal.org/",
38
-    "safe": "8.7.4",
39
-    "old_safe": "8.6.16,7.67",
38
+    "safe": "8.7.5",
39
+    "old_safe": "8.6.18,7.68,7.67",
40 40
     "vuln": "CVE-2019-6342",
41 41
     "latest": "7.67",
42 42
     "detection": [
Browse code

merge+update multidet limesurvey, websitebaker, roundcube

Hanno Böck authored on12/12/2019 12:18:16
Showing1 changed files
... ...
@@ -2,28 +2,20 @@
2 2
   {
3 3
     "name": "WebsiteBaker",
4 4
     "url": "https://websitebaker.org/",
5
-    "safe": "2.8.4",
6
-    "vuln": "CVE-2015-0553",
5
+    "safe": "2.11.0",
6
+    "vuln": "CVE-2017-16514",
7 7
     "detection": [
8 8
       {
9 9
         "file": "version.php",
10 10
         "variable": "VERSION",
11 11
         "subdir": 3,
12 12
         "extra_match": "Website Baker Project"
13
-      }
14
-    ]
15
-  },
16
-  {
17
-    "name": "WebsiteBaker28",
18
-    "url": "https://websitebaker.org/",
19
-    "safe": "2.8.4",
20
-    "vuln": "CVE-2015-0553",
21
-    "detection": [
13
+      },
22 14
       {
23
-        "file": "info.php",
24
-        "variable": "$template_platform",
25
-        "subdir": 3,
26
-        "extra_match": "wb_theme"
15
+        "file": "version.php",
16
+        "variable": "VERSION",
17
+        "subdir": 2,
18
+        "extra_match": "isteam"
27 19
       }
28 20
     ]
29 21
   },
Browse code

merge old multidetections and update joomla,bugzilla,drupal,typo3,mantis,phpmyadmin

Hanno Böck authored on12/12/2019 09:10:29
Showing1 changed files
... ...
@@ -41,45 +41,30 @@
41 41
     ]
42 42
   },
43 43
   {
44
-    "name": "Drupal6",
44
+    "name": "Drupal",
45 45
     "url": "https://www.drupal.org/",
46
-    "safe": "7.67",
47
-    "vuln": "https://www.drupal.org/sa-core-2019-007",
46
+    "safe": "8.7.4",
47
+    "old_safe": "8.6.16,7.67",
48
+    "vuln": "CVE-2019-6342",
48 49
     "latest": "7.67",
49 50
     "detection": [
50 51
       {
51 52
         "file": "system.module",
52 53
         "variable": "define('VERSION'",
53
-        "subdir": 2
54
-      }
55
-    ]
56
-  },
57
-  {
58
-    "name": "Drupal7",
59
-    "url": "https://www.drupal.org/",
60
-    "safe": "7.67",
61
-    "vuln": "https://www.drupal.org/sa-core-2019-007",
62
-    "latest": "7.67",
63
-    "detection": [
54
+        "subdir": 2,
55
+        "note": "6.x and older"
56
+      },
64 57
       {
65 58
         "file": "bootstrap.inc",
66 59
         "variable": "define('VERSION'",
67
-        "subdir": 1
68
-      }
69
-    ]
70
-  },
71
-  {
72
-    "name": "Drupal8",
73
-    "url": "https://www.drupal.org/",
74
-    "safe": "8.7.1",
75
-    "old_safe": "8.6.16",
76
-    "vuln": "https://www.drupal.org/sa-core-2019-007",
77
-    "latest": "8.7.1",
78
-    "detection": [
60
+        "subdir": 1,
61
+        "note": "7.x"
62
+      },
79 63
       {
80 64
         "file": "Drupal.php",
81 65
         "variable": "const VERSION",
82
-        "subdir": 2
66
+        "subdir": 2,
67
+        "note": "8.x"
83 68
       }
84 69
     ]
85 70
   },
... ...
@@ -99,26 +84,18 @@
99 84
     ]
100 85
   },
101 86
   {
102
-    "name": "Typo3",
87
+    "name": "TYPO3",
103 88
     "url": "https://typo3.org/",
104
-    "safe": "9.5.6",
105
-    "old_safe": "8.7.25",
106
-    "vuln": "https://typo3.org/article/typo3-956-and-8725-security-releases-published/",
89
+    "safe": "9.5.8",
90
+    "old_safe": "8.7.27",
91
+    "vuln": "CVE-2019-12747",
107 92
     "detection": [
108 93
       {
109 94
         "file": "config_default.php",
110 95
         "variable": "$TYPO_VERSION",
111
-        "subdir": 1
112
-      }
113
-    ]
114
-  },
115
-  {
116
-    "name": "typo3-6",
117
-    "url": "https://typo3.org/",
118
-    "safe": "9.5.6",
119
-    "old_safe": "8.7.25",
120
-    "vuln": "https://typo3.org/article/typo3-956-and-8725-security-releases-published/",
121
-    "detection": [
96
+        "subdir": 1,
97
+        "note": "4.x and older"
98
+      },
122 99
       {
123 100
         "file": "SystemEnvironmentBuilder.php",
124 101
         "variable": "define('TYPO3_version",
... ...
@@ -127,7 +104,7 @@
127 104
     ]
128 105
   },
129 106
   {
130
-    "name": "Joomla-1",
107
+    "name": "Joomla",
131 108
     "url": "https://www.joomla.org/",
132 109
     "safe": "3.9.13",
133 110
     "vuln": "CVE-2019-18674",
... ...
@@ -136,16 +113,9 @@
136 113
         "file": "CHANGELOG.php",
137 114
         "variable": "---------------",
138 115
         "subdir": 0,
139
-        "extra_match": "Joomla! is free software."
140
-      }
141
-    ]
142
-  },
143
-  {
144
-    "name": "Joomla",
145
-    "url": "https://www.joomla.org/",
146
-    "safe": "3.9.13",
147
-    "vuln": "CVE-2019-18674",
148
-    "detection": [
116
+        "extra_match": "Joomla! is free software.",
117
+        "note": "1.5 and older"
118
+      },
149 119
       {
150 120
         "file": "joomla.xml",
151 121
         "variable": "<version>",
Browse code

add json db

Hanno Böck authored on11/12/2019 18:39:41
Showing1 changed files
1 1
new file mode 100644
... ...
@@ -0,0 +1,387 @@
1
+[
2
+  {
3
+    "name": "WebsiteBaker",
4
+    "url": "https://websitebaker.org/",
5
+    "safe": "2.8.4",
6
+    "vuln": "CVE-2015-0553",
7
+    "detection": [
8
+      {
9
+        "file": "version.php",
10
+        "variable": "VERSION",
11
+        "subdir": 3,
12
+        "extra_match": "Website Baker Project"
13
+      }
14
+    ]
15
+  },
16
+  {
17
+    "name": "WebsiteBaker28",
18
+    "url": "https://websitebaker.org/",
19
+    "safe": "2.8.4",
20
+    "vuln": "CVE-2015-0553",
21
+    "detection": [
22
+      {
23
+        "file": "info.php",
24
+        "variable": "$template_platform",
25
+        "subdir": 3,
26
+        "extra_match": "wb_theme"
27
+      }
28
+    ]
29
+  },
30
+  {
31
+    "name": "toendaCMS",
32
+    "url": "http://www.toendacms.com/",
33
+    "safe": "",
34
+    "vuln": "CVE-2007-1872",
35
+    "detection": [
36
+      {
37
+        "file": "tcms_version.xml",
38
+        "variable": "release",
39
+        "subdir": 2
40
+      }
41
+    ]
42
+  },
43
+  {
44
+    "name": "Drupal6",
45
+    "url": "https://www.drupal.org/",
46
+    "safe": "7.67",
47
+    "vuln": "https://www.drupal.org/sa-core-2019-007",
48
+    "latest": "7.67",
49
+    "detection": [
50
+      {
51
+        "file": "system.module",
52
+        "variable": "define('VERSION'",
53
+        "subdir": 2
54
+      }
55
+    ]
56
+  },
57
+  {
58
+    "name": "Drupal7",
59
+    "url": "https://www.drupal.org/",
60
+    "safe": "7.67",
61
+    "vuln": "https://www.drupal.org/sa-core-2019-007",
62
+    "latest": "7.67",
63
+    "detection": [
64
+      {
65
+        "file": "bootstrap.inc",
66
+        "variable": "define('VERSION'",
67
+        "subdir": 1
68
+      }
69
+    ]
70
+  },
71
+  {
72
+    "name": "Drupal8",
73
+    "url": "https://www.drupal.org/",
74
+    "safe": "8.7.1",
75
+    "old_safe": "8.6.16",
76
+    "vuln": "https://www.drupal.org/sa-core-2019-007",
77
+    "latest": "8.7.1",
78
+    "detection": [
79
+      {
80
+        "file": "Drupal.php",
81
+        "variable": "const VERSION",
82
+        "subdir": 2
83
+      }
84
+    ]
85
+  },
86
+  {
87
+    "name": "PHPNuke",
88
+    "url": "https://www.phpnuke.org/",
89
+    "safe": "8.1",
90
+    "vuln": "CVE-2007-1519",
91
+    "note": "I'm not really sure about that, but 8.0 is at least vulnerable, pre 8.0 aren't easily detectable",
92
+    "detection": [
93
+      {
94
+        "file": "version.php",
95
+        "variable": "$version_number",
96
+        "subdir": 2,
97
+        "extra_match": "PHP-Nuke $version_number"
98
+      }
99
+    ]
100
+  },
101
+  {
102
+    "name": "Typo3",
103
+    "url": "https://typo3.org/",
104
+    "safe": "9.5.6",
105
+    "old_safe": "8.7.25",
106
+    "vuln": "https://typo3.org/article/typo3-956-and-8725-security-releases-published/",
107
+    "detection": [
108
+      {
109
+        "file": "config_default.php",
110
+        "variable": "$TYPO_VERSION",
111
+        "subdir": 1
112
+      }
113
+    ]
114
+  },
115
+  {
116
+    "name": "typo3-6",
117
+    "url": "https://typo3.org/",
118
+    "safe": "9.5.6",
119
+    "old_safe": "8.7.25",
120
+    "vuln": "https://typo3.org/article/typo3-956-and-8725-security-releases-published/",
121
+    "detection": [
122
+      {
123
+        "file": "SystemEnvironmentBuilder.php",
124
+        "variable": "define('TYPO3_version",
125
+        "subdir": 4
126
+      }
127
+    ]
128
+  },
129
+  {
130
+    "name": "Joomla-1",
131
+    "url": "https://www.joomla.org/",
132
+    "safe": "3.9.13",
133
+    "vuln": "CVE-2019-18674",
134
+    "detection": [
135
+      {
136
+        "file": "CHANGELOG.php",
137
+        "variable": "---------------",
138
+        "subdir": 0,
139
+        "extra_match": "Joomla! is free software."
140
+      }
141
+    ]
142
+  },
143
+  {
144
+    "name": "Joomla",
145
+    "url": "https://www.joomla.org/",
146
+    "safe": "3.9.13",
147
+    "vuln": "CVE-2019-18674",
148
+    "detection": [
149
+      {
150
+        "file": "joomla.xml",
151
+        "variable": "<version>",
152
+        "subdir": 3,
153
+        "extra_match": "FILES_JOOMLA_XML_DESCRIPTION",
154
+        "path_match": "administrator/manifests/files"
155
+      }
156
+    ]
157
+  },
158
+  {
159
+    "name": "Mambo",
160
+    "url": "http://www.source.mambo-foundation.org/",
161
+    "safe": "",
162
+    "vuln": "CVE-2008-2905",
163
+    "detection": [
164
+      {
165
+        "file": "version.php",
166
+        "variable": "var $RELEASE,var $DEV_LEVEL",
167
+        "subdir": 1,
168
+        "extra_match": "@package Mambo"
169
+      }
170
+    ]
171
+  },
172
+  {
173
+    "name": "w-Agora",
174
+    "url": "http://www.w-agora.net/",
175
+    "safe": "",
176
+    "vuln": "CVE-2007-0607",
177
+    "latest": "4.2.1",
178
+    "detection": [
179
+      {
180
+        "file": "misc_func.php",
181
+        "variable": "$v =",
182
+        "subdir": 1,
183
+        "extra_match": "w-agora version $v"
184
+      }
185
+    ]
186
+  },
187
+  {
188
+    "name": "MODx",
189
+    "url": "https://modx.com/",
190
+    "safe": "1.0.15",
191
+    "vuln": "http://forums.modx.com/thread/94952/multiple-vulnerabilities-xss-remote-command-injection",
192
+    "detection": [
193
+      {
194
+        "file": "version.inc.php",
195
+        "variable": "$version",
196
+        "subdir": 2,
197
+        "extra_match": "$full_appname = 'MODx'"
198
+      }
199
+    ]
200
+  },
201
+  {
202
+    "name": "MODX-1.x",
203
+    "url": "https://modx.com/",
204
+    "safe": "1.0.15",
205
+    "vuln": "http://forums.modx.com/thread/94952/multiple-vulnerabilities-xss-remote-command-injection",
206
+    "detection": [
207
+      {
208
+        "file": "version.inc.php",
209
+        "variable": "$modx_version",
210
+        "subdir": 2
211
+      }
212
+    ]
213
+  },
214
+  {
215
+    "name": "MODX-2.x",
216
+    "url": "https://modx.com/",
217
+    "safe": "2.2.11",
218
+    "vuln": "http://modx.com/blog/2014/07/15/revolution-2.2.15/",
219
+    "detection": [
220
+      {
221
+        "file": "changelog.txt",
222
+        "variable": "MODX Revolution",
223
+        "subdir": 2,
224
+        "extra_match": "MODX"
225
+      }
226
+    ]
227
+  },
228
+  {
229
+    "name": "PostNuke",
230
+    "url": "http://www.postnuke.com",
231
+    "safe": "",
232
+    "vuln": "CVE-2007-0385",
233
+    "latest": "0.764",
234
+    "detection": [
235
+      {
236
+        "file": "global.php",
237
+        "variable": "_MESSAGE_00_a",
238
+        "subdir": 2,
239
+        "extra_match": "http://www.pn-cms.de"
240
+      }
241
+    ]
242
+  },
243
+  {
244
+    "name": "Contenido",
245
+    "url": "https://www.contenido.org/",
246
+    "safe": "4.8.15",
247
+    "vuln": "http://www.contenido.org/de/front_content.php?idcat=107&idart=1789&client=6&lang=3",
248
+    "latest": "4.8.15",
249
+    "detection": [
250
+      {
251
+        "file": "config.misc.php",
252
+        "variable": "$cfg['version']",
253
+        "subdir": 1,
254
+        "extra_match": "Contenido Misc Configurations"
255
+      }
256
+    ]
257
+  },
258
+  {
259
+    "name": "SilverStripe",
260
+    "url": "https://www.silverstripe.com",
261
+    "safe": "2.4.7",
262
+    "vuln": "CVE-2012-0976",
263
+    "detection": [
264
+      {
265
+        "file": "silverstripe_version",
266
+        "variable": "/open/modules/cms/",
267
+        "subdir": 1,
268
+        "extra_match": "/open/modules/cms/"
269
+      }
270
+    ]
271
+  },
272
+  {
273
+    "name": "CMSMadeSimple",
274
+    "url": "https://www.cmsmadesimple.org/",
275
+    "safe": "1.11.13",
276
+    "vuln": "http://www.cmsmadesimple.org/2015/02/Announcing-CMS-Made-Simple-1-11-13-Security-Release/",
277
+    "detection": [
278
+      {
279
+        "file": "version.php",
280
+        "variable": "$CMS_VERSION",
281
+        "subdir": 0
282
+      }
283
+    ]
284
+  },
285
+  {
286
+    "name": "e107",
287
+    "url": "https://e107.org/",
288
+    "safe": "1.0.0",
289
+    "vuln": "CVE-2011-4920",
290
+    "detection": [
291
+      {
292
+        "file": "ver.php",
293
+        "variable": "$e107info['e107_version']",
294
+        "subdir": 0
295
+      }
296
+    ]
297
+  },
298
+  {
299
+    "name": "SPIP",
300
+    "url": "https://www.spip.net/",
301
+    "safe": "2.1.13",
302
+    "old_safe": "2.0.18",
303
+    "vuln": "http://archives.rezo.net/archives/spip-en.mbox/U5QUZ6WJRAJC7H5BR7W5SQG6WCD3PXL7/",
304
+    "detection": [
305
+      {
306
+        "file": "inc_version.php",
307
+        "variable": "$spip_version_branche",
308
+        "subdir": 1
309
+      }
310
+    ]
311
+  },
312
+  {
313
+    "name": "contao",
314
+    "url": "https://contao.org/",
315
+    "safe": "3.2.5",
316
+    "old_safe": "2.11.14",
317
+    "vuln": "CVE-2014-1860",
318
+    "latest": "3.2.5",
319
+    "detection": [
320
+      {
321
+        "file": "CHANGELOG.md",
322
+        "variable": "Version",
323
+        "subdir": 0,
324
+        "extra_match": "Contao Open Source CMS"
325
+      }
326
+    ]
327
+  },
328
+  {
329
+    "name": "contao-old",
330
+    "url": "https://contao.org/",
331
+    "safe": "3.2.5",
332
+    "old_safe": "2.11.14",
333
+    "vuln": "CVE-2014-1860",
334
+    "latest": "3.2.5",
335
+    "detection": [
336
+      {
337
+        "file": "CHANGELOG.txt",
338
+        "variable": "Version",
339
+        "subdir": 0,
340
+        "extra_match": "Contao Open Source CMS Changelog"
341
+      }
342
+    ]
343
+  },
344
+  {
345
+    "name": "redaxo",
346
+    "url": "https://redaxo.org/",
347
+    "safe": "4.5",
348
+    "vuln": "CVE-2012-3869",
349
+    "latest": "4.5",
350
+    "detection": [
351
+      {
352
+        "file": "en_gb.lang",
353
+        "variable": "setup_037",
354
+        "subdir": 3
355
+      }
356
+    ]
357
+  },
358
+  {
359
+    "name": "textpattern",
360
+    "url": "https://textpattern.com/",
361
+    "safe": "4.7.0",
362
+    "vuln": "CVE-2018-7474",
363
+    "latest": "4.7.3",
364
+    "detection": [
365
+      {
366
+        "file": "index.php",
367
+        "variable": "$thisversion",
368
+        "subdir": 1
369
+      }
370
+    ]
371
+  },
372
+  {
373
+    "name": "bolt",
374
+    "url": "https://bolt.cm/",
375
+    "safe": "3.5.3",
376
+    "vuln": "https://github.com/bolt/bolt/blob/v3.5.4/changelog.md#bolt-353",
377
+    "latest": "3.5.3",
378
+    "detection": [
379
+      {
380
+        "file": "Version.php",
381
+        "variable": "const VERSION",
382
+        "subdir": 4,
383
+        "extra_match": "Bolt's"
384
+      }
385
+    ]
386
+  }
387
+]
0 388
\ No newline at end of file