[WebsiteBaker] url=http://www.websitebaker.org/ safe=2.6.5 vuln=CVE-2007-0527 file=version.php variable=VERSION extra_match=Website Baker Project subdir=3 [toendaCMS] url=http://www.toendacms.com/ safe= vuln=CVE-2007-1872 file=tcms_version.xml variable=release subdir=2 [Drupal] url=http://www.drupal.org/ safe=5.6 old_safe=4.7.11 vuln=CVE-2008-0272 file=system.module variable=define('VERSION' subdir=1 [PHPNuke] url=http://phpnuke.org/ # I'm not really sure about that, but 8.0 is at least vulnerable # Versions pre 8.0 aren't easily detectable safe=8.1 vuln=CVE-2007-1519 file=version.php variable=$version_number extra_match=PHP-Nuke $version_number subdir=2 [Typo3] url=http://typo3.org/ safe=4.1.4 old_safe=4.0.8 vuln=CVE-2007-6381 file=config_default.php variable=$TYPO_VERSION subdir=1 [Joomla] url=http://www.joomla.org/ safe=1.0.13 vuln=CVE-2007-4189 file=version.php variable=var $RELEASE,var $DEV_LEVEL extra_match=@package Joomla subdir=1 [Mambo] url=http://www.source.mambo-foundation.org/ safe=4.6.3 vuln=CVE-2007-6455 file=version.php variable=var $RELEASE,var $DEV_LEVEL extra_match=@package Mambo subdir=1 [w-agorsa] url=http://www.w-agora.net/ safe= vuln=CVE-2007-0607 file=misc_func.php variable=$v = subdir=1 extra_match=w-agora version $v [MODx] url=http://www.modxcms.com/ safe= # 0.9.6.1 as of 2008-02-05 vuln=CVE-2008-0094 file=version.inc.php variable=$version subdir=2 extra_match=$full_appname = 'MODx' [PostNuke] # This one is a hell to detect, not sure for how many versions this works url=http://www.postnuke.com safe= vuln=CVE-2007-0385 file=global.php variable=_MESSAGE_00_a subdir=2 extra_match=http://www.pn-cms.de