Browse code

add json db

Hanno Böck authored on11/12/2019 18:39:41
Showing1 changed files
1 1
deleted file mode 100644
... ...
@@ -1,418 +0,0 @@
1
-[phpMyAdmin-veryold]
2
-url=https://www.phpmyadmin.net/
3
-safe=4.9.2
4
-vuln=CVE-2019-18622
5
-file=Config.class.php
6
-variable=PMA_VERSION
7
-subdir=1
8
-
9
-[phpMyAdmin-old]
10
-url=https://www.phpmyadmin.net/
11
-safe=4.9.2
12
-vuln=CVE-2019-18622
13
-file=Config.php
14
-variable=PMA_VERSION
15
-subdir=1
16
-extra_match=namespace PMA\libraries;
17
-
18
-[phpMyAdmin]
19
-url=https://www.phpmyadmin.net/
20
-safe=4.9.2
21
-vuln=CVE-2019-18622
22
-file=Config.php
23
-variable=PMA_VERSION
24
-subdir=2
25
-extra_match=namespace PhpMyAdmin;
26
-
27
-[SquirrelMail]
28
-url=https://squirrelmail.org/
29
-safe=1.4.22
30
-vuln=CVE-2010-4554
31
-file=strings.php
32
-variable=$version
33
-extra_match=SquirrelMail version number
34
-subdir=1
35
-
36
-[Mantis-deprecated]
37
-url=https://mantisbt.org/
38
-safe=2.22.1
39
-vuln=CVE-2019-15715
40
-file=config_defaults_inc.php
41
-variable=$g_mantis_version
42
-subdir=0
43
-
44
-[Mantis]
45
-url=https://mantisbt.org/
46
-safe=2.22.1
47
-vuln=CVE-2019-15715
48
-file=constant_inc.php
49
-variable=MANTIS_VERSION
50
-subdir=1
51
-
52
-[Bugzilla3]
53
-url=https://www.bugzilla.org/
54
-safe=4.4.7
55
-old_safe=4.2.12,4.0.16
56
-vuln=CVE-2011-2379
57
-file=Constants.pm
58
-variable=BUGZILLA_VERSION
59
-subdir=1
60
-
61
-[Bugzilla2]
62
-url=https://www.bugzilla.org/
63
-safe=4.4.7
64
-old_safe=4.2.12,4.0.16
65
-vuln=CVE-2011-2379
66
-file=Config.pm
67
-variable=$Bugzilla::Config::VERSION
68
-subdir=1
69
-
70
-[SimpNews]
71
-url=http://www.boesch-it.de
72
-safe=2.48
73
-vuln=CVE-2010-2858
74
-file=global.inc.php
75
-variable=$version 
76
-subdir=1
77
-extra_match=$path_simpnews
78
-
79
-[calendarix]
80
-url=http://www.calendarix.com/
81
-safe=     
82
-vuln=CVE-2007-3183
83
-file=cal_config.inc.php
84
-variable=$version
85
-subdir=0
86
-
87
-[myEvent]
88
-url=http://mywebland.com/
89
-safe=     
90
-vuln=CVE-2007-0690
91
-file=config.php
92
-variable=$version
93
-extra_match=$eventbgcolor
94
-subdir=0
95
-
96
-[php-stats]
97
-url=http://php-stats.com/
98
-safe=
99
-vuln=CVE-2007-5453
100
-file=update.php
101
-variable=$version
102
-extra_match=http://php-stats.com/
103
-subdir=0
104
-
105
-[Ampache]
106
-url=http://ampache.org/
107
-safe=3.5.3
108
-vuln=http://ampache.org/2009/12/20/3-5-3-security-release/
109
-file=init.php
110
-variable=$results['version']
111
-subdir=1
112
-extra_match=$ampache_path
113
-
114
-[SiteBar]
115
-url=http://sitebar.org/
116
-safe=3.3.9
117
-vuln=CVE-2007-5492
118
-file=database.inc.php
119
-variable=SB_CURRENT_RELEASE
120
-subdir=1
121
-
122
-[phpPgAdmin]
123
-url=http://phppgadmin.sourceforge.net/
124
-safe=5.0.4
125
-vuln=CVE-2012-1600
126
-file=lib.inc.php
127
-variable=$appVersion
128
-subdir=1
129
-extra_match=phpPgAdmin
130
-
131
-[FTP Admin]
132
-url=http://ftpadmin.sourceforge.net/
133
-safe=
134
-vuln=CVE-2007-6234
135
-file=session_start.php
136
-variable=VERSION
137
-subdir=0
138
-extra_match=define("TITLE", "FTP Admin");
139
-
140
-[RoundCube-deprecated]
141
-url=https://roundcube.net
142
-safe=1.3.10
143
-vuln=CVE-2019-10740
144
-file=index.php
145
-variable=RCMAIL_VERSION
146
-subdir=0
147
-
148
-[RoundCube]
149
-url=https://roundcube.net
150
-safe=1.3.10
151
-vuln=CVE-2019-10740
152
-file=iniset.php
153
-variable=RCMAIL_VERSION
154
-subdir=2
155
-
156
-[Moodle]
157
-url=https://moodle.org/
158
-safe=3.2.2
159
-old_safe=3.1.5,3.0.9,2.7.19
160
-vuln=CVE-2017-2641
161
-file=version.php
162
-variable=$release
163
-subdir=0
164
-extra_match=MOODLE VERSION INFORMATION
165
-
166
-[cacti]
167
-url=http://www.cacti.net/
168
-safe=0.8.7
169
-vuln=CVE-2007-6035
170
-file=global.php
171
-variable=$config["cacti_version"]
172
-subdir=1
173
-
174
-[gnopaste]
175
-url=http://gnopaste.sf.net/
176
-safe=0.5.4
177
-vuln=CVE-2006-2834
178
-file=install.php
179
-variable=$_SESSION['page_title'] = 'gnopaste
180
-subdir=0
181
-
182
-[Flyspray]
183
-url=http://www.flyspray.org/
184
-safe=0.9.9.7
185
-vuln=CVE-2012-1058
186
-file=class.flyspray.php
187
-variable=var $version
188
-subdir=1
189
-
190
-[phpMyID]
191
-url=http://siege.org/projects/phpMyID
192
-safe=
193
-vuln=CVE-2008-4730
194
-file=MyID.php
195
-variable=@version
196
-subdir=0
197
-
198
-[phplist-old]
199
-url=http://www.phplist.com/
200
-safe=3.2.7
201
-vuln=CVE-2016-10045
202
-file=connect.php
203
-variable=define("VERSION"
204
-subdir=1
205
-
206
-[phplist]
207
-url=http://www.phplist.com/
208
-safe=3.2.7
209
-vuln=CVE-2016-10045
210
-file=init.php
211
-variable=define("VERSION"
212
-subdir=1
213
-
214
-[Piwik]
215
-url=https://matomo.org/
216
-safe=3.12.0
217
-vuln=https://matomo.org/changelog/matomo-3-12-0/
218
-file=Version.php
219
-variable=const VERSION
220
-subdir=1
221
-extra_match=@link http://piwik.org
222
-
223
-[Matomo]
224
-url=https://matomo.org/
225
-safe=3.12.0
226
-latest=3.13.0
227
-vuln=https://matomo.org/changelog/matomo-3-12-0/
228
-file=Version.php
229
-variable=const VERSION
230
-subdir=1
231
-extra_match=@link https://matomo.org
232
-
233
-[phpWishlist]
234
-url=http://phpwishlist.sourceforge.net/
235
-safe=0.1.15
236
-vuln=CVE-2005-2203
237
-file=header.inc.php
238
-variable=$version
239
-subdir=1
240
-extra_match=* Wishlist -
241
-
242
-[awstats]
243
-url=http://awstats.sourceforge.net/
244
-safe=7.1
245
-vuln=CVE-2012-4547
246
-file=awstats.pl
247
-variable=$VERSION  =
248
-subdir=0
249
-
250
-[phpMyFAQ]
251
-url=http://www.phpmyfaq.de/
252
-safe=2.5.5
253
-vuln=http://www.phpmyfaq.de/advisory_2009-12-01.php
254
-file=phpmyfaq.spec
255
-variable=version
256
-subdir=1
257
-
258
-[Horde-webmail]
259
-url=http://www.horde.org/
260
-file=bundle.php
261
-variable=BUNDLE_VERSION
262
-extra_match='Horde Groupware Webmail Edition'
263
-safe=1.2.7
264
-vuln=http://secunia.com/advisories/39860
265
-subdir=1
266
-
267
-[ResourceSpace]
268
-url=http://www.resourcespace.org/
269
-file=version.php
270
-variable=$productname='ResourceSpace';$productversion
271
-safe=4.2.2833
272
-latest=4.3.2912
273
-vuln=CVE-2011-4311
274
-subdir=1
275
-
276
-[apc.php]
277
-url=http://pecl.php.net/package/APC
278
-file=apc.php
279
-# this does not contain it's "real" version number, using the CVS id
280
-# instead - there's been an XSS pre 3.1.4.
281
-variable=$VERSION='$Id: apc.php
282
-safe=301867
283
-vuln=CVE-2010-3294
284
-subdir=0
285
-
286
-[webtrees]
287
-url=http://webtrees.net/
288
-file=session.php
289
-variable=define('WT_VERSION'
290
-safe=1.2.4
291
-latest=1.2.4
292
-vuln=http://webtrees.net/en/forums/2-open-discussion/16423-webtrees-124
293
-subdir=1
294
-
295
-[PhpGedView]
296
-url=http://phpgedview.sourceforge.net/
297
-file=session.php
298
-variable=define('PGV_VERSION'
299
-safe=
300
-vuln=CVE-2011-0405
301
-subdir=1
302
-
303
-[status.net]
304
-url=http://status.net
305
-file=common.php
306
-variable=define('STATUSNET_BASE_VERSION'
307
-safe=0.9.9
308
-vuln=CVE-2011-3370
309
-subdir=1
310
-
311
-[limesurvey18]
312
-url=http://www.limesurvey.org/
313
-file=common.php
314
-variable=$versionnumber
315
-extra_match=LimeSurvey
316
-safe=2.07
317
-vuln=CVE-2015-5078
318
-subdir=0
319
-
320
-[limesurvey19]
321
-url=http://www.limesurvey.org/
322
-file=version.php
323
-variable=$versionnumber
324
-extra_match=$dbversionnumber
325
-safe=2.07
326
-vuln=CVE-2015-5078
327
-subdir=0
328
-
329
-[limesurvey]
330
-url=http://www.limesurvey.org/
331
-file=version.php
332
-variable=$config['versionnumber']
333
-extra_match=LimeSurvey
334
-safe=2.07
335
-vuln=CVE-2015-5078
336
-subdir=2
337
-
338
-[webcalendar]
339
-url=http://www.k5n.us/webcalendar.php
340
-file=config.php
341
-variable=$PROGRAM_VERSION
342
-extra_match=@package WebCalendar
343
-safe=1.2.7
344
-vuln=CVE-2013-1422
345
-subdir=1
346
-
347
-[nextcloud]
348
-url=https://nextcloud.com
349
-file=version.php
350
-variable=$OC_VersionString
351
-vuln=CVE-2019-5449
352
-safe=15.0.1
353
-old_safe=14.0.5,13.0.9
354
-subdir=0
355
-extra_match=$vendor = 'nextcloud';
356
-
357
-[owncloud]
358
-url=https://owncloud.org/
359
-file=version.php
360
-variable=$OC_VersionString
361
-subdir=0
362
-extra_nomatch=nextcloud
363
-vuln=https://owncloud.org/security/advisories/possibility-to-extend-internal-share-permissions-using-the-api/
364
-safe=10.2.1
365
-
366
-[owncloud5]
367
-url=https://owncloud.org/
368
-file=util.php
369
-variable=return '
370
-subdir=1
371
-extra_match=class OC_Util
372
-vuln=https://owncloud.org/security/advisories/possibility-to-extend-internal-share-permissions-using-the-api/
373
-safe=10.2.1
374
-
375
-[videodb]
376
-url=http://www.videodb.net/
377
-file=constants.php
378
-variable=('VERSION',
379
-extra_match=TBL_
380
-safe=4.0
381
-vuln=http://www.exploit-db.com/exploits/17660/
382
-subdir=1
383
-
384
-[OpenX]
385
-url=http://www.openx.com/
386
-file=constants.php
387
-variable=OA_VERSION
388
-extra_match=OpenX
389
-safe=
390
-vuln=http://www.kreativrauschen.com/blog/2013/12/18/zero-day-vulnerability-in-openx-source-2-8-11-and-revive-adserver-3-0-1/
391
-subdir=0
392
-
393
-[revive]
394
-url=http://www.revive-adserver.com/
395
-file=constants.php
396
-variable=VERSION
397
-extra_match=Revive Adserver
398
-safe=3.0.5
399
-vuln=CVE-2013-5954
400
-subdir=0
401
-
402
-[osTicket]
403
-url=http://osticket.com/
404
-file=bootstrap.php
405
-variable=define('THIS_VERSION',
406
-safe=1.8.12
407
-latest=1.9.12
408
-vuln=https://github.com/osTicket/osTicket-1.8/releases/tag/v1.8.12
409
-subdir=0
410
-
411
-[Gitlist]
412
-url=https://gitlist.org/
413
-file=footer.twig
414
-variable=Powered by
415
-safe=0.7.0
416
-latest=1.0.2
417
-vuln=CVE-2018-1000533
418
-subdir=3
Browse code

nextcloud/owncloud update

Hanno Böck authored on11/12/2019 09:01:40
Showing1 changed files
... ...
@@ -348,31 +348,29 @@ subdir=1
348 348
 url=https://nextcloud.com
349 349
 file=version.php
350 350
 variable=$OC_VersionString
351
-vuln=https://nextcloud.com/security/advisory/?id=NC-SA-2019-003
352
-safe=15.0.0
351
+vuln=CVE-2019-5449
352
+safe=15.0.1
353 353
 old_safe=14.0.5,13.0.9
354 354
 subdir=0
355 355
 extra_match=$vendor = 'nextcloud';
356 356
 
357 357
 [owncloud]
358
-url=http://owncloud.org/
358
+url=https://owncloud.org/
359 359
 file=version.php
360 360
 variable=$OC_VersionString
361
-vuln=CVE-2017-8896
362
-safe=10.0.2
363
-old_safe=9.1.6,9.0.10,8.2.12
364 361
 subdir=0
365 362
 extra_nomatch=nextcloud
363
+vuln=https://owncloud.org/security/advisories/possibility-to-extend-internal-share-permissions-using-the-api/
364
+safe=10.2.1
366 365
 
367 366
 [owncloud5]
368
-url=http://owncloud.org/
367
+url=https://owncloud.org/
369 368
 file=util.php
370 369
 variable=return '
371 370
 subdir=1
372 371
 extra_match=class OC_Util
373
-vuln=CVE-2017-8896
374
-safe=10.0.2
375
-old_safe=9.1.6,9.0.10,8.2.12
372
+vuln=https://owncloud.org/security/advisories/possibility-to-extend-internal-share-permissions-using-the-api/
373
+safe=10.2.1
376 374
 
377 375
 [videodb]
378 376
 url=http://www.videodb.net/
Browse code

add matomo, update piwik

Hanno Böck authored on11/12/2019 08:50:50
Showing1 changed files
... ...
@@ -212,14 +212,24 @@ variable=define("VERSION"
212 212
 subdir=1
213 213
 
214 214
 [Piwik]
215
-url=http://piwik.org/
216
-safe=3.0.3
217
-vuln=https://piwik.org/changelog/piwik-3-0-3/
215
+url=https://matomo.org/
216
+safe=3.12.0
217
+vuln=https://matomo.org/changelog/matomo-3-12-0/
218 218
 file=Version.php
219 219
 variable=const VERSION
220 220
 subdir=1
221 221
 extra_match=@link http://piwik.org
222 222
 
223
+[Matomo]
224
+url=https://matomo.org/
225
+safe=3.12.0
226
+latest=3.13.0
227
+vuln=https://matomo.org/changelog/matomo-3-12-0/
228
+file=Version.php
229
+variable=const VERSION
230
+subdir=1
231
+extra_match=@link https://matomo.org
232
+
223 233
 [phpWishlist]
224 234
 url=http://phpwishlist.sourceforge.net/
225 235
 safe=0.1.15
Browse code

update movable type, avoid unneeded comments, fix CVEs, add latest, fix urls

Hanno Böck authored on11/12/2019 08:33:21
Showing1 changed files
... ...
@@ -33,7 +33,6 @@ variable=$version
33 33
 extra_match=SquirrelMail version number
34 34
 subdir=1
35 35
 
36
-# old mantis versions behave different
37 36
 [Mantis-deprecated]
38 37
 url=https://mantisbt.org/
39 38
 safe=2.22.1
... ...
@@ -288,7 +287,7 @@ url=http://phpgedview.sourceforge.net/
288 287
 file=session.php
289 288
 variable=define('PGV_VERSION'
290 289
 safe=
291
-vuln=2011-0405
290
+vuln=CVE-2011-0405
292 291
 subdir=1
293 292
 
294 293
 [status.net]
Browse code

update gitlist to CVE and https

Hanno Böck authored on09/12/2019 21:32:16
Showing1 changed files
... ...
@@ -402,10 +402,10 @@ vuln=https://github.com/osTicket/osTicket-1.8/releases/tag/v1.8.12
402 402
 subdir=0
403 403
 
404 404
 [Gitlist]
405
-url=http://gitlist.org/
405
+url=https://gitlist.org/
406 406
 file=footer.twig
407 407
 variable=Powered by
408 408
 safe=0.7.0
409 409
 latest=1.0.2
410
-vuln=https://security.szurek.pl/exploit-bypass-php-escapeshellarg-escapeshellcmd.html
410
+vuln=CVE-2018-1000533
411 411
 subdir=3
Browse code

pma update

Hanno Böck authored on24/11/2019 15:15:32
Showing1 changed files
... ...
@@ -1,15 +1,15 @@
1 1
 [phpMyAdmin-veryold]
2 2
 url=https://www.phpmyadmin.net/
3
-safe=4.9.1
4
-vuln=CVE-2019-12922
3
+safe=4.9.2
4
+vuln=CVE-2019-18622
5 5
 file=Config.class.php
6 6
 variable=PMA_VERSION
7 7
 subdir=1
8 8
 
9 9
 [phpMyAdmin-old]
10 10
 url=https://www.phpmyadmin.net/
11
-safe=4.9.1
12
-vuln=CVE-2019-12922
11
+safe=4.9.2
12
+vuln=CVE-2019-18622
13 13
 file=Config.php
14 14
 variable=PMA_VERSION
15 15
 subdir=1
... ...
@@ -17,8 +17,8 @@ extra_match=namespace PMA\libraries;
17 17
 
18 18
 [phpMyAdmin]
19 19
 url=https://www.phpmyadmin.net/
20
-safe=4.9.1
21
-vuln=CVE-2019-12922
20
+safe=4.9.2
21
+vuln=CVE-2019-18622
22 22
 file=Config.php
23 23
 variable=PMA_VERSION
24 24
 subdir=2
Browse code

mantis update

Hanno authored on27/09/2019 09:11:08
Showing1 changed files
... ...
@@ -36,16 +36,16 @@ subdir=1
36 36
 # old mantis versions behave different
37 37
 [Mantis-deprecated]
38 38
 url=https://mantisbt.org/
39
-safe=2.20.1
40
-vuln=CVE-2019-10905
39
+safe=2.22.1
40
+vuln=CVE-2019-15715
41 41
 file=config_defaults_inc.php
42 42
 variable=$g_mantis_version
43 43
 subdir=0
44 44
 
45 45
 [Mantis]
46 46
 url=https://mantisbt.org/
47
-safe=2.20.1
48
-vuln=CVE-2019-10905
47
+safe=2.22.1
48
+vuln=CVE-2019-15715
49 49
 file=constant_inc.php
50 50
 variable=MANTIS_VERSION
51 51
 subdir=1
Browse code

pma update

Hanno authored on22/09/2019 18:55:13
Showing1 changed files
... ...
@@ -1,15 +1,15 @@
1 1
 [phpMyAdmin-veryold]
2 2
 url=https://www.phpmyadmin.net/
3
-safe=4.9.0
4
-vuln=CVE-2019-12616
3
+safe=4.9.1
4
+vuln=CVE-2019-12922
5 5
 file=Config.class.php
6 6
 variable=PMA_VERSION
7 7
 subdir=1
8 8
 
9 9
 [phpMyAdmin-old]
10 10
 url=https://www.phpmyadmin.net/
11
-safe=4.9.0
12
-vuln=CVE-2019-12616
11
+safe=4.9.1
12
+vuln=CVE-2019-12922
13 13
 file=Config.php
14 14
 variable=PMA_VERSION
15 15
 subdir=1
... ...
@@ -17,8 +17,8 @@ extra_match=namespace PMA\libraries;
17 17
 
18 18
 [phpMyAdmin]
19 19
 url=https://www.phpmyadmin.net/
20
-safe=4.9.0
21
-vuln=CVE-2019-12616
20
+safe=4.9.1
21
+vuln=CVE-2019-12922
22 22
 file=Config.php
23 23
 variable=PMA_VERSION
24 24
 subdir=2
Browse code

roundcube update

Hanno authored on31/08/2019 10:08:34
Showing1 changed files
... ...
@@ -140,16 +140,16 @@ extra_match=define("TITLE", "FTP Admin");
140 140
 
141 141
 [RoundCube-deprecated]
142 142
 url=https://roundcube.net
143
-safe=1.3.8
144
-vuln=CVE-2018-19206
143
+safe=1.3.10
144
+vuln=CVE-2019-10740
145 145
 file=index.php
146 146
 variable=RCMAIL_VERSION
147 147
 subdir=0
148 148
 
149 149
 [RoundCube]
150 150
 url=https://roundcube.net
151
-safe=1.3.8
152
-vuln=CVE-2018-19206
151
+safe=1.3.10
152
+vuln=CVE-2019-10740
153 153
 file=iniset.php
154 154
 variable=RCMAIL_VERSION
155 155
 subdir=2
Browse code

update gitlist / RCE

Hanno authored on01/08/2019 15:22:32
Showing1 changed files
... ...
@@ -405,7 +405,7 @@ subdir=0
405 405
 url=http://gitlist.org/
406 406
 file=footer.twig
407 407
 variable=Powered by
408
-safe=0.5.0
409
-latest=0.6.0
410
-vuln=CVE-2014-4511
408
+safe=0.7.0
409
+latest=1.0.2
410
+vuln=https://security.szurek.pl/exploit-bypass-php-escapeshellarg-escapeshellcmd.html
411 411
 subdir=3
Browse code

mantis update

Hanno authored on14/06/2019 10:18:28
Showing1 changed files
... ...
@@ -36,16 +36,16 @@ subdir=1
36 36
 # old mantis versions behave different
37 37
 [Mantis-deprecated]
38 38
 url=https://mantisbt.org/
39
-safe=2.17.1
40
-vuln=CVE-2018-16514
39
+safe=2.20.1
40
+vuln=CVE-2019-10905
41 41
 file=config_defaults_inc.php
42 42
 variable=$g_mantis_version
43 43
 subdir=0
44 44
 
45 45
 [Mantis]
46 46
 url=https://mantisbt.org/
47
-safe=2.17.1
48
-vuln=CVE-2018-16514
47
+safe=2.20.1
48
+vuln=CVE-2019-10905
49 49
 file=constant_inc.php
50 50
 variable=MANTIS_VERSION
51 51
 subdir=1
Browse code

pma update

Hanno authored on14/06/2019 10:01:10
Showing1 changed files
... ...
@@ -1,15 +1,15 @@
1 1
 [phpMyAdmin-veryold]
2 2
 url=https://www.phpmyadmin.net/
3
-safe=4.8.5
4
-vuln=CVE-2019-6798
3
+safe=4.9.0
4
+vuln=CVE-2019-12616
5 5
 file=Config.class.php
6 6
 variable=PMA_VERSION
7 7
 subdir=1
8 8
 
9 9
 [phpMyAdmin-old]
10 10
 url=https://www.phpmyadmin.net/
11
-safe=4.8.5
12
-vuln=CVE-2019-6798
11
+safe=4.9.0
12
+vuln=CVE-2019-12616
13 13
 file=Config.php
14 14
 variable=PMA_VERSION
15 15
 subdir=1
... ...
@@ -17,8 +17,8 @@ extra_match=namespace PMA\libraries;
17 17
 
18 18
 [phpMyAdmin]
19 19
 url=https://www.phpmyadmin.net/
20
-safe=4.8.5
21
-vuln=CVE-2019-6798
20
+safe=4.9.0
21
+vuln=CVE-2019-12616
22 22
 file=Config.php
23 23
 variable=PMA_VERSION
24 24
 subdir=2
Browse code

nextcloud udpate

Hanno authored on23/04/2019 10:35:06
Showing1 changed files
... ...
@@ -339,8 +339,9 @@ subdir=1
339 339
 url=https://nextcloud.com
340 340
 file=version.php
341 341
 variable=$OC_VersionString
342
-vuln=CVE-2018-3780
343
-safe=13.0.5
342
+vuln=https://nextcloud.com/security/advisory/?id=NC-SA-2019-003
343
+safe=15.0.0
344
+old_safe=14.0.5,13.0.9
344 345
 subdir=0
345 346
 extra_match=$vendor = 'nextcloud';
346 347
 
Browse code

change some more URLs to https

Hanno authored on23/03/2019 21:52:45
Showing1 changed files
... ...
@@ -1,5 +1,5 @@
1 1
 [phpMyAdmin-veryold]
2
-url=http://www.phpmyadmin.net/
2
+url=https://www.phpmyadmin.net/
3 3
 safe=4.8.5
4 4
 vuln=CVE-2019-6798
5 5
 file=Config.class.php
... ...
@@ -7,7 +7,7 @@ variable=PMA_VERSION
7 7
 subdir=1
8 8
 
9 9
 [phpMyAdmin-old]
10
-url=http://www.phpmyadmin.net/
10
+url=https://www.phpmyadmin.net/
11 11
 safe=4.8.5
12 12
 vuln=CVE-2019-6798
13 13
 file=Config.php
... ...
@@ -16,7 +16,7 @@ subdir=1
16 16
 extra_match=namespace PMA\libraries;
17 17
 
18 18
 [phpMyAdmin]
19
-url=http://www.phpmyadmin.net/
19
+url=https://www.phpmyadmin.net/
20 20
 safe=4.8.5
21 21
 vuln=CVE-2019-6798
22 22
 file=Config.php
... ...
@@ -25,7 +25,7 @@ subdir=2
25 25
 extra_match=namespace PhpMyAdmin;
26 26
 
27 27
 [SquirrelMail]
28
-url=http://www.squirrelmail.org/
28
+url=https://squirrelmail.org/
29 29
 safe=1.4.22
30 30
 vuln=CVE-2010-4554
31 31
 file=strings.php
... ...
@@ -51,7 +51,7 @@ variable=MANTIS_VERSION
51 51
 subdir=1
52 52
 
53 53
 [Bugzilla3]
54
-url=http://www.bugzilla.org/
54
+url=https://www.bugzilla.org/
55 55
 safe=4.4.7
56 56
 old_safe=4.2.12,4.0.16
57 57
 vuln=CVE-2011-2379
... ...
@@ -60,7 +60,7 @@ variable=BUGZILLA_VERSION
60 60
 subdir=1
61 61
 
62 62
 [Bugzilla2]
63
-url=http://www.bugzilla.org/
63
+url=https://www.bugzilla.org/
64 64
 safe=4.4.7
65 65
 old_safe=4.2.12,4.0.16
66 66
 vuln=CVE-2011-2379
... ...
@@ -139,7 +139,7 @@ subdir=0
139 139
 extra_match=define("TITLE", "FTP Admin");
140 140
 
141 141
 [RoundCube-deprecated]
142
-url=http://roundcube.net
142
+url=https://roundcube.net
143 143
 safe=1.3.8
144 144
 vuln=CVE-2018-19206
145 145
 file=index.php
... ...
@@ -147,7 +147,7 @@ variable=RCMAIL_VERSION
147 147
 subdir=0
148 148
 
149 149
 [RoundCube]
150
-url=http://roundcube.net
150
+url=https://roundcube.net
151 151
 safe=1.3.8
152 152
 vuln=CVE-2018-19206
153 153
 file=iniset.php
... ...
@@ -155,7 +155,7 @@ variable=RCMAIL_VERSION
155 155
 subdir=2
156 156
 
157 157
 [Moodle]
158
-url=http://www.moodle.org/
158
+url=https://moodle.org/
159 159
 safe=3.2.2
160 160
 old_safe=3.1.5,3.0.9,2.7.19
161 161
 vuln=CVE-2017-2641
Browse code

phpmyadmin update

Hanno authored on27/01/2019 09:11:48
Showing1 changed files
... ...
@@ -1,15 +1,15 @@
1 1
 [phpMyAdmin-veryold]
2 2
 url=http://www.phpmyadmin.net/
3
-safe=4.8.4
4
-vuln=CVE-2018-19968
3
+safe=4.8.5
4
+vuln=CVE-2019-6798
5 5
 file=Config.class.php
6 6
 variable=PMA_VERSION
7 7
 subdir=1
8 8
 
9 9
 [phpMyAdmin-old]
10 10
 url=http://www.phpmyadmin.net/
11
-safe=4.8.4
12
-vuln=CVE-2018-19968
11
+safe=4.8.5
12
+vuln=CVE-2019-6798
13 13
 file=Config.php
14 14
 variable=PMA_VERSION
15 15
 subdir=1
... ...
@@ -17,8 +17,8 @@ extra_match=namespace PMA\libraries;
17 17
 
18 18
 [phpMyAdmin]
19 19
 url=http://www.phpmyadmin.net/
20
-safe=4.8.4
21
-vuln=CVE-2018-19968
20
+safe=4.8.5
21
+vuln=CVE-2019-6798
22 22
 file=Config.php
23 23
 variable=PMA_VERSION
24 24
 subdir=2
Browse code

pma update

Hanno authored on11/12/2018 16:29:51
Showing1 changed files
... ...
@@ -1,15 +1,15 @@
1 1
 [phpMyAdmin-veryold]
2 2
 url=http://www.phpmyadmin.net/
3
-safe=4.8.3
4
-vuln=CVE-2018-15605
3
+safe=4.8.4
4
+vuln=CVE-2018-19968
5 5
 file=Config.class.php
6 6
 variable=PMA_VERSION
7 7
 subdir=1
8 8
 
9 9
 [phpMyAdmin-old]
10 10
 url=http://www.phpmyadmin.net/
11
-safe=4.8.3
12
-vuln=CVE-2018-15605
11
+safe=4.8.4
12
+vuln=CVE-2018-19968
13 13
 file=Config.php
14 14
 variable=PMA_VERSION
15 15
 subdir=1
... ...
@@ -17,8 +17,8 @@ extra_match=namespace PMA\libraries;
17 17
 
18 18
 [phpMyAdmin]
19 19
 url=http://www.phpmyadmin.net/
20
-safe=4.8.3
21
-vuln=CVE-2018-15605
20
+safe=4.8.4
21
+vuln=CVE-2018-19968
22 22
 file=Config.php
23 23
 variable=PMA_VERSION
24 24
 subdir=2
Browse code

roundcube xss

Hanno authored on27/11/2018 17:08:00
Showing1 changed files
... ...
@@ -140,16 +140,16 @@ extra_match=define("TITLE", "FTP Admin");
140 140
 
141 141
 [RoundCube-deprecated]
142 142
 url=http://roundcube.net
143
-safe=1.3.7
144
-vuln=https://roundcube.net/news/2018/07/27/update-1.3.7-released
143
+safe=1.3.8
144
+vuln=CVE-2018-19206
145 145
 file=index.php
146 146
 variable=RCMAIL_VERSION
147 147
 subdir=0
148 148
 
149 149
 [RoundCube]
150 150
 url=http://roundcube.net
151
-safe=1.3.7
152
-vuln=https://roundcube.net/news/2018/07/27/update-1.3.7-released
151
+safe=1.3.8
152
+vuln=CVE-2018-19206
153 153
 file=iniset.php
154 154
 variable=RCMAIL_VERSION
155 155
 subdir=2
Browse code

nextcloud update

Hanno authored on27/09/2018 16:13:48
Showing1 changed files
... ...
@@ -339,9 +339,8 @@ subdir=1
339 339
 url=https://nextcloud.com
340 340
 file=version.php
341 341
 variable=$OC_VersionString
342
-vuln=CVE-2017-0936
343
-safe=12.0.5
344
-old_safe=11.0.7
342
+vuln=CVE-2018-3780
343
+safe=13.0.5
345 344
 subdir=0
346 345
 extra_match=$vendor = 'nextcloud';
347 346
 
Browse code

owncloud update

Hanno authored on27/09/2018 16:12:33
Showing1 changed files
... ...
@@ -349,9 +349,9 @@ extra_match=$vendor = 'nextcloud';
349 349
 url=http://owncloud.org/
350 350
 file=version.php
351 351
 variable=$OC_VersionString
352
-vuln=https://owncloud.org/security/advisory/?id=oc-sa-2017-003
353
-safe=9.1.3
354
-old_safe=9.0.8,8.2.10,8.1.12
352
+vuln=CVE-2017-8896
353
+safe=10.0.2
354
+old_safe=9.1.6,9.0.10,8.2.12
355 355
 subdir=0
356 356
 extra_nomatch=nextcloud
357 357
 
... ...
@@ -361,9 +361,9 @@ file=util.php
361 361
 variable=return '
362 362
 subdir=1
363 363
 extra_match=class OC_Util
364
-vuln=https://owncloud.org/security/advisory/?id=oc-sa-2017-003
365
-safe=9.1.3
366
-old_safe=9.0.8,8.2.10,8.1.12
364
+vuln=CVE-2017-8896
365
+safe=10.0.2
366
+old_safe=9.1.6,9.0.10,8.2.12
367 367
 
368 368
 [videodb]
369 369
 url=http://www.videodb.net/
Browse code

mantis update

Hanno authored on27/09/2018 09:13:14
Showing1 changed files
... ...
@@ -36,16 +36,16 @@ subdir=1
36 36
 # old mantis versions behave different
37 37
 [Mantis-deprecated]
38 38
 url=https://mantisbt.org/
39
-safe=2.15.1
40
-vuln=CVE-2018-13055
39
+safe=2.17.1
40
+vuln=CVE-2018-16514
41 41
 file=config_defaults_inc.php
42 42
 variable=$g_mantis_version
43 43
 subdir=0
44 44
 
45 45
 [Mantis]
46 46
 url=https://mantisbt.org/
47
-safe=2.15.1
48
-vuln=CVE-2018-13055
47
+safe=2.17.1
48
+vuln=CVE-2018-16514
49 49
 file=constant_inc.php
50 50
 variable=MANTIS_VERSION
51 51
 subdir=1
Browse code

pma update

Hanno authored on23/08/2018 08:36:05
Showing1 changed files
... ...
@@ -1,15 +1,15 @@
1 1
 [phpMyAdmin-veryold]
2 2
 url=http://www.phpmyadmin.net/
3
-safe=4.8.2
4
-vuln=CVE-2018-12613
3
+safe=4.8.3
4
+vuln=CVE-2018-15605
5 5
 file=Config.class.php
6 6
 variable=PMA_VERSION
7 7
 subdir=1
8 8
 
9 9
 [phpMyAdmin-old]
10 10
 url=http://www.phpmyadmin.net/
11
-safe=4.8.2
12
-vuln=CVE-2018-12613
11
+safe=4.8.3
12
+vuln=CVE-2018-15605
13 13
 file=Config.php
14 14
 variable=PMA_VERSION
15 15
 subdir=1
... ...
@@ -17,8 +17,8 @@ extra_match=namespace PMA\libraries;
17 17
 
18 18
 [phpMyAdmin]
19 19
 url=http://www.phpmyadmin.net/
20
-safe=4.8.2
21
-vuln=CVE-2018-12613
20
+safe=4.8.3
21
+vuln=CVE-2018-15605
22 22
 file=Config.php
23 23
 variable=PMA_VERSION
24 24
 subdir=2
Browse code

swap phpMyAdmin/phpMyAdmin-old, they were mixed up

Hanno authored on30/07/2018 20:20:32
Showing1 changed files
... ...
@@ -6,7 +6,7 @@ file=Config.class.php
6 6
 variable=PMA_VERSION
7 7
 subdir=1
8 8
 
9
-[phpMyAdmin]
9
+[phpMyAdmin-old]
10 10
 url=http://www.phpmyadmin.net/
11 11
 safe=4.8.2
12 12
 vuln=CVE-2018-12613
... ...
@@ -15,7 +15,7 @@ variable=PMA_VERSION
15 15
 subdir=1
16 16
 extra_match=namespace PMA\libraries;
17 17
 
18
-[phpMyAdmin-old]
18
+[phpMyAdmin]
19 19
 url=http://www.phpmyadmin.net/
20 20
 safe=4.8.2
21 21
 vuln=CVE-2018-12613
Browse code

update mantis + roundcube

Hanno authored on30/07/2018 08:49:06
Showing1 changed files
... ...
@@ -36,18 +36,16 @@ subdir=1
36 36
 # old mantis versions behave different
37 37
 [Mantis-deprecated]
38 38
 url=https://mantisbt.org/
39
-safe=2.10.1
40
-old_safe=1.3.14
41
-vuln=https://mantisbt.org/blog/archives/mantisbt/572
39
+safe=2.15.1
40
+vuln=CVE-2018-13055
42 41
 file=config_defaults_inc.php
43 42
 variable=$g_mantis_version
44 43
 subdir=0
45 44
 
46 45
 [Mantis]
47 46
 url=https://mantisbt.org/
48
-safe=2.10.1
49
-old_safe=1.3.14
50
-vuln=https://mantisbt.org/blog/archives/mantisbt/572
47
+safe=2.15.1
48
+vuln=CVE-2018-13055
51 49
 file=constant_inc.php
52 50
 variable=MANTIS_VERSION
53 51
 subdir=1
... ...
@@ -142,16 +140,16 @@ extra_match=define("TITLE", "FTP Admin");
142 140
 
143 141
 [RoundCube-deprecated]
144 142
 url=http://roundcube.net
145
-safe=1.3.6
146
-vuln=CVE-2018-9846
143
+safe=1.3.7
144
+vuln=https://roundcube.net/news/2018/07/27/update-1.3.7-released
147 145
 file=index.php
148 146
 variable=RCMAIL_VERSION
149 147
 subdir=0
150 148
 
151 149
 [RoundCube]
152 150
 url=http://roundcube.net
153
-safe=1.3.6
154
-vuln=CVE-2018-9846
151
+safe=1.3.7
152
+vuln=https://roundcube.net/news/2018/07/27/update-1.3.7-released
155 153
 file=iniset.php
156 154
 variable=RCMAIL_VERSION
157 155
 subdir=2
Browse code

phpmyadmin update

Hanno Böck authored on24/06/2018 20:38:46
Showing1 changed files
... ...
@@ -1,15 +1,15 @@
1 1
 [phpMyAdmin-veryold]
2 2
 url=http://www.phpmyadmin.net/
3
-safe=4.7.8
4
-vuln=CVE-2018-7260
3
+safe=4.8.2
4
+vuln=CVE-2018-12613
5 5
 file=Config.class.php
6 6
 variable=PMA_VERSION
7 7
 subdir=1
8 8
 
9 9
 [phpMyAdmin]
10 10
 url=http://www.phpmyadmin.net/
11
-safe=4.7.8
12
-vuln=CVE-2018-7260
11
+safe=4.8.2
12
+vuln=CVE-2018-12613
13 13
 file=Config.php
14 14
 variable=PMA_VERSION
15 15
 subdir=1
... ...
@@ -17,8 +17,8 @@ extra_match=namespace PMA\libraries;
17 17
 
18 18
 [phpMyAdmin-old]
19 19
 url=http://www.phpmyadmin.net/
20
-safe=4.7.8
21
-vuln=CVE-2018-7260
20
+safe=4.8.2
21
+vuln=CVE-2018-12613
22 22
 file=Config.php
23 23
 variable=PMA_VERSION
24 24
 subdir=2
Browse code

properly detect subdir of phpMyAdmin 4.8 and above

Hanno Böck authored on24/06/2018 20:37:51
Showing1 changed files
... ...
@@ -1,4 +1,4 @@
1
-[phpMyAdmin-old]
1
+[phpMyAdmin-veryold]
2 2
 url=http://www.phpmyadmin.net/
3 3
 safe=4.7.8
4 4
 vuln=CVE-2018-7260
... ...
@@ -13,6 +13,16 @@ vuln=CVE-2018-7260
13 13
 file=Config.php
14 14
 variable=PMA_VERSION
15 15
 subdir=1
16
+extra_match=namespace PMA\libraries;
17
+
18
+[phpMyAdmin-old]
19
+url=http://www.phpmyadmin.net/
20
+safe=4.7.8
21
+vuln=CVE-2018-7260
22
+file=Config.php
23
+variable=PMA_VERSION
24
+subdir=2
25
+extra_match=namespace PhpMyAdmin;
16 26
 
17 27
 [SquirrelMail]
18 28
 url=http://www.squirrelmail.org/
Browse code

nextcloud update

Hanno Böck authored on16/06/2018 13:04:47
Showing1 changed files
... ...
@@ -331,9 +331,9 @@ subdir=1
331 331
 url=https://nextcloud.com
332 332
 file=version.php
333 333
 variable=$OC_VersionString
334
-vuln=CVE-2017-0891
335
-safe=11.0.3
336
-old_safe=10.0.5,9.0.58
334
+vuln=CVE-2017-0936
335
+safe=12.0.5
336
+old_safe=11.0.7
337 337
 subdir=0
338 338
 extra_match=$vendor = 'nextcloud';
339 339
 
Browse code

roundcube CVE-2018-9846

Hanno authored on19/04/2018 10:50:06
Showing1 changed files
... ...
@@ -132,16 +132,16 @@ extra_match=define("TITLE", "FTP Admin");
132 132
 
133 133
 [RoundCube-deprecated]
134 134
 url=http://roundcube.net
135
-safe=1.3.5
136
-vuln=https://roundcube.net/news/2018/03/15/update-1.3.5-released
135
+safe=1.3.6
136
+vuln=CVE-2018-9846
137 137
 file=index.php
138 138
 variable=RCMAIL_VERSION
139 139
 subdir=0
140 140
 
141 141
 [RoundCube]
142 142
 url=http://roundcube.net
143
-safe=1.3.5
144
-vuln=https://roundcube.net/news/2018/03/15/update-1.3.5-released
143
+safe=1.3.6
144
+vuln=CVE-2018-9846
145 145
 file=iniset.php
146 146
 variable=RCMAIL_VERSION
147 147
 subdir=2
Browse code

roundcube update

Hanno Böck authored on31/03/2018 10:30:25
Showing1 changed files
... ...
@@ -132,16 +132,16 @@ extra_match=define("TITLE", "FTP Admin");
132 132
 
133 133
 [RoundCube-deprecated]
134 134
 url=http://roundcube.net
135
-safe=1.3.3
136
-vuln=CVE-2017-16651
135
+safe=1.3.5
136
+vuln=https://roundcube.net/news/2018/03/15/update-1.3.5-released
137 137
 file=index.php
138 138
 variable=RCMAIL_VERSION
139 139
 subdir=0
140 140
 
141 141
 [RoundCube]
142 142
 url=http://roundcube.net
143
-safe=1.3.3
144
-vuln=CVE-2017-16651
143
+safe=1.3.5
144
+vuln=https://roundcube.net/news/2018/03/15/update-1.3.5-released
145 145
 file=iniset.php
146 146
 variable=RCMAIL_VERSION
147 147
 subdir=2
Browse code

mantis update

Hanno Böck authored on24/02/2018 06:39:32
Showing1 changed files
... ...
@@ -26,18 +26,18 @@ subdir=1
26 26
 # old mantis versions behave different
27 27
 [Mantis-deprecated]
28 28
 url=https://mantisbt.org/
29
-safe=2.5.2
30
-old_safe=1.3.12
31
-vuln=CVE-2017-12061
29
+safe=2.10.1
30
+old_safe=1.3.14
31
+vuln=https://mantisbt.org/blog/archives/mantisbt/572
32 32
 file=config_defaults_inc.php
33 33
 variable=$g_mantis_version
34 34
 subdir=0
35 35
 
36 36
 [Mantis]
37 37
 url=https://mantisbt.org/
38
-safe=2.5.2
39
-old_safe=1.3.12
40
-vuln=CVE-2017-12061
38
+safe=2.10.1
39
+old_safe=1.3.14
40
+vuln=https://mantisbt.org/blog/archives/mantisbt/572
41 41
 file=constant_inc.php
42 42
 variable=MANTIS_VERSION
43 43
 subdir=1
Browse code

pma update

Hanno Böck authored on20/02/2018 18:18:05
Showing1 changed files
... ...
@@ -1,15 +1,15 @@
1 1
 [phpMyAdmin-old]
2 2
 url=http://www.phpmyadmin.net/
3
-safe=4.7.7
4
-vuln=https://www.phpmyadmin.net/security/PMASA-2017-8/
3
+safe=4.7.8
4
+vuln=CVE-2018-7260
5 5
 file=Config.class.php
6 6
 variable=PMA_VERSION
7 7
 subdir=1
8 8
 
9 9
 [phpMyAdmin]
10 10
 url=http://www.phpmyadmin.net/
11
-safe=4.7.7
12
-vuln=https://www.phpmyadmin.net/security/PMASA-2017-8/
11
+safe=4.7.8
12
+vuln=CVE-2018-7260
13 13
 file=Config.php
14 14
 variable=PMA_VERSION
15 15
 subdir=1
Browse code

pma update

Hanno Böck authored on24/12/2017 00:15:36
Showing1 changed files
... ...
@@ -1,6 +1,6 @@
1 1
 [phpMyAdmin-old]
2 2
 url=http://www.phpmyadmin.net/
3
-safe=4.7.0
3
+safe=4.7.7
4 4
 vuln=https://www.phpmyadmin.net/security/PMASA-2017-8/
5 5
 file=Config.class.php
6 6
 variable=PMA_VERSION
... ...
@@ -8,7 +8,7 @@ subdir=1
8 8
 
9 9
 [phpMyAdmin]
10 10
 url=http://www.phpmyadmin.net/
11
-safe=4.7.0
11
+safe=4.7.7
12 12
 vuln=https://www.phpmyadmin.net/security/PMASA-2017-8/
13 13
 file=Config.php
14 14
 variable=PMA_VERSION
Browse code

nextcloud update

Hanno Böck authored on10/12/2017 10:06:10
Showing1 changed files
... ...
@@ -331,9 +331,9 @@ subdir=1
331 331
 url=https://nextcloud.com
332 332
 file=version.php
333 333
 variable=$OC_VersionString
334
-vuln=https://nextcloud.com/security/advisory/?id=nc-sa-2017-001
335
-safe=10.0.2
336
-old_safe=9.0.57,9.0.56
334
+vuln=CVE-2017-0891
335
+safe=11.0.3
336
+old_safe=10.0.5,9.0.58
337 337
 subdir=0
338 338
 extra_match=$vendor = 'nextcloud';
339 339
 
Browse code

roundcube update

Hanno Böck authored on18/11/2017 02:21:44
Showing1 changed files
... ...
@@ -132,16 +132,16 @@ extra_match=define("TITLE", "FTP Admin");
132 132
 
133 133
 [RoundCube-deprecated]
134 134
 url=http://roundcube.net
135
-safe=1.2.6
136
-vuln=https://github.com/roundcube/roundcubemail/releases/tag/1.2.6
135
+safe=1.3.3
136
+vuln=CVE-2017-16651
137 137
 file=index.php
138 138
 variable=RCMAIL_VERSION
139 139
 subdir=0
140 140
 
141 141
 [RoundCube]
142 142
 url=http://roundcube.net
143
-safe=1.2.6
144
-vuln=https://github.com/roundcube/roundcubemail/releases/tag/1.2.6
143
+safe=1.3.3
144
+vuln=CVE-2017-16651
145 145
 file=iniset.php
146 146
 variable=RCMAIL_VERSION
147 147
 subdir=2
Browse code

fix regexp somewhat, this should be reviewed again

Hanno Böck authored on17/11/2017 20:04:57
Showing1 changed files
... ...
@@ -396,7 +396,7 @@ subdir=0
396 396
 [Gitlist]
397 397
 url=http://gitlist.org/
398 398
 file=footer.twig
399
-variable="Powered by"
399
+variable=Powered by
400 400
 safe=0.5.0
401 401
 latest=0.6.0
402 402
 vuln=CVE-2014-4511
Browse code

add gitlist

Hanno Böck authored on16/11/2017 19:49:37
Showing1 changed files
... ...
@@ -392,3 +392,12 @@ safe=1.8.12
392 392
 latest=1.9.12
393 393
 vuln=https://github.com/osTicket/osTicket-1.8/releases/tag/v1.8.12
394 394
 subdir=0
395
+
396
+[Gitlist]
397
+url=http://gitlist.org/
398
+file=footer.twig
399
+variable="Powered by"
400
+safe=0.5.0
401
+latest=0.6.0
402
+vuln=CVE-2014-4511
403
+subdir=3
Browse code

pma update

Hanno Böck authored on24/09/2017 15:53:26
Showing1 changed files
... ...
@@ -1,15 +1,15 @@
1 1
 [phpMyAdmin-old]
2 2
 url=http://www.phpmyadmin.net/
3
-safe=4.6.6
4
-vuln=https://www.phpmyadmin.net/security/PMASA-2017-7/
3
+safe=4.7.0
4
+vuln=https://www.phpmyadmin.net/security/PMASA-2017-8/
5 5
 file=Config.class.php
6 6
 variable=PMA_VERSION
7 7
 subdir=1
8 8
 
9 9
 [phpMyAdmin]
10 10
 url=http://www.phpmyadmin.net/
11
-safe=4.6.6
12
-vuln=https://www.phpmyadmin.net/security/PMASA-2017-7/
11
+safe=4.7.0
12
+vuln=https://www.phpmyadmin.net/security/PMASA-2017-8/
13 13
 file=Config.php
14 14
 variable=PMA_VERSION
15 15
 subdir=1
Browse code

roundcube update

Hanno Böck authored on24/09/2017 15:50:47
Showing1 changed files
... ...
@@ -132,18 +132,16 @@ extra_match=define("TITLE", "FTP Admin");
132 132
 
133 133
 [RoundCube-deprecated]
134 134
 url=http://roundcube.net
135
-safe=1.2.5
136
-old_safe=1.1.9
137
-vuln=CVE-2017-8114
135
+safe=1.2.6
136
+vuln=https://github.com/roundcube/roundcubemail/releases/tag/1.2.6
138 137
 file=index.php
139 138
 variable=RCMAIL_VERSION
140 139
 subdir=0
141 140
 
142 141
 [RoundCube]
143 142
 url=http://roundcube.net
144
-safe=1.2.5
145
-old_safe=1.1.9
146
-vuln=CVE-2017-8114
143
+safe=1.2.6
144
+vuln=https://github.com/roundcube/roundcubemail/releases/tag/1.2.6
147 145
 file=iniset.php
148 146
 variable=RCMAIL_VERSION
149 147
 subdir=2
Browse code

mantis update

Hanno Böck authored on23/09/2017 12:58:58
Showing1 changed files
... ...
@@ -26,18 +26,18 @@ subdir=1
26 26
 # old mantis versions behave different
27 27
 [Mantis-deprecated]
28 28
 url=https://mantisbt.org/
29
-safe=2.3.1
30
-old_safe=2.2.4,1.3.10
31
-vuln=CVE-2017-7615
29
+safe=2.5.2
30
+old_safe=1.3.12
31
+vuln=CVE-2017-12061
32 32
 file=config_defaults_inc.php
33 33
 variable=$g_mantis_version
34 34
 subdir=0
35 35
 
36 36
 [Mantis]
37 37
 url=https://mantisbt.org/
38
-safe=2.3.1
39
-old_safe=2.2.4,1.3.10
40
-vuln=CVE-2017-7615
38
+safe=2.5.2
39
+old_safe=1.3.12
40
+vuln=CVE-2017-12061
41 41
 file=constant_inc.php
42 42
 variable=MANTIS_VERSION
43 43
 subdir=1
Browse code

roundcube update

Hanno Böck authored on20/05/2017 23:13:51
Showing1 changed files
... ...
@@ -132,18 +132,18 @@ extra_match=define("TITLE", "FTP Admin");
132 132
 
133 133
 [RoundCube-deprecated]
134 134
 url=http://roundcube.net
135
-safe=1.2.4
136
-old_safe=1.1.8
137
-vuln=CVE-2017-6820
135
+safe=1.2.5
136
+old_safe=1.1.9
137
+vuln=CVE-2017-8114
138 138
 file=index.php
139 139
 variable=RCMAIL_VERSION
140 140
 subdir=0
141 141
 
142 142
 [RoundCube]
143 143
 url=http://roundcube.net
144
-safe=1.2.3
145
-old_safe=1.1.7
146
-vuln=https://blog.ripstech.com/2016/roundcube-command-execution-via-email/
144
+safe=1.2.5
145
+old_safe=1.1.9
146
+vuln=CVE-2017-8114
147 147
 file=iniset.php
148 148
 variable=RCMAIL_VERSION
149 149
 subdir=2
Browse code

mantis update

Hanno Böck authored on17/04/2017 20:35:10
Showing1 changed files
... ...
@@ -25,19 +25,19 @@ subdir=1
25 25
 
26 26
 # old mantis versions behave different
27 27
 [Mantis-deprecated]
28
-url=http://www.mantisbt.org/
29
-safe=2.3.0
30
-old_safe=2.2.3,1.3.9
31
-vuln=CVE-2017-7309
28
+url=https://mantisbt.org/
29
+safe=2.3.1
30
+old_safe=2.2.4,1.3.10
31
+vuln=CVE-2017-7615
32 32
 file=config_defaults_inc.php
33 33
 variable=$g_mantis_version
34 34
 subdir=0
35 35
 
36 36
 [Mantis]
37
-url=http://www.mantisbt.org/
38
-safe=2.3.0
39
-old_safe=2.2.3,1.3.9
40
-vuln=CVE-2017-7309
37
+url=https://mantisbt.org/
38
+safe=2.3.1
39
+old_safe=2.2.4,1.3.10
40
+vuln=CVE-2017-7615
41 41
 file=constant_inc.php
42 42
 variable=MANTIS_VERSION
43 43
 subdir=1
Browse code

piwik xss

Hanno Böck authored on12/04/2017 18:47:16
Showing1 changed files
... ...
@@ -208,8 +208,8 @@ subdir=1
208 208
 
209 209
 [Piwik]
210 210
 url=http://piwik.org/
211
-safe=2.15.0
212
-vuln=CVE-2015-7816
211
+safe=3.0.3
212
+vuln=https://piwik.org/changelog/piwik-3-0-3/
213 213
 file=Version.php
214 214
 variable=const VERSION
215 215
 subdir=1
Browse code

mantis update

Hanno Böck authored on01/04/2017 10:19:49
Showing1 changed files
... ...
@@ -26,16 +26,18 @@ subdir=1
26 26
 # old mantis versions behave different
27 27
 [Mantis-deprecated]
28 28
 url=http://www.mantisbt.org/
29
-safe=1.3.5
30
-vuln=CVE-2016-10033
29
+safe=2.3.0
30
+old_safe=2.2.3,1.3.9
31
+vuln=CVE-2017-7309
31 32
 file=config_defaults_inc.php
32 33
 variable=$g_mantis_version
33 34
 subdir=0
34 35
 
35 36
 [Mantis]
36 37
 url=http://www.mantisbt.org/
37
-safe=1.3.5
38
-vuln=CVE-2016-10033
38
+safe=2.3.0
39
+old_safe=2.2.3,1.3.9
40