Browse code
avoid old URL and remove useless markdown link
Hanno Böck authored on22/12/2019 12:36:47 Showing1 changed files
Browse code
add cleaned up version of FAQ from wiki
Hanno Böck authored on07/12/2019 13:30:52 Showing1 changed files
| 1 | 1 |
new file mode 100644 |
| ... | ... |
@@ -0,0 +1,38 @@ |
| 1 |
+# freewvs |
|
| 2 |
+ |
|
| 3 |
+A local web vulnerability scanner. |
|
| 4 |
+ |
|
| 5 |
+freewvs is a tool to search webroots for know vulnerable versions of web applications. |
|
| 6 |
+ |
|
| 7 |
+## faq |
|
| 8 |
+ |
|
| 9 |
+#### What does freewvs do? |
|
| 10 |
+ |
|
| 11 |
+It scans your webroot for known vulnerable versions of popular web applications. |
|
| 12 |
+ |
|
| 13 |
+#### What does the output tell me? |
|
| 14 |
+ |
|
| 15 |
+Output looks like this: |
|
| 16 |
+ |
|
| 17 |
+``` |
|
| 18 |
+Joomla-3 3.9.11 (3.9.13) CVE-2019-18674 /home/joe/websites/joessite/ |
|
| 19 |
+``` |
|
| 20 |
+ |
|
| 21 |
+This says that in /home/joe/websites/joessite/, there's a Joomla installation of version 3.9.11. This version is |
|
| 22 |
+vulnerable to CVE-2019-18674 and you should update to version 3.9.13. |
|
| 23 |
+ |
|
| 24 |
+#### CVE-2019-XXXX seems to be very minor, at least it doesn't affect me. Am I safe? |
|
| 25 |
+ |
|
| 26 |
+No, as freewvs only checks for the latest vulnerabilities. There may be other vulnerabilities in your version not listed by freewvs. The only way to be sure is to check the upstream changelog. |
|
| 27 |
+ |
|
| 28 |
+#### There is no version inside the brackets, what does that mean? |
|
| 29 |
+ |
|
| 30 |
+It means your web application has not released a security update. Often this means the software is no longer developed. |
|
| 31 |
+ |
|
| 32 |
+## misc |
|
| 33 |
+ |
|
| 34 |
+freewvs was developed by [schokokeks.org hosting](https://schokokeks.org/). |
|
| 35 |
+ |
|
| 36 |
+It's licensed as CC0. |
|
| 37 |
+ |
|
| 38 |
+[https://source.schokokeks.org/freewvs/](https://source.schokokeks.org/freewvs/) |