[WebsiteBaker]
url=http://www.websitebaker.org/
safe=2.8.2
vuln=CVE-2011-4322
file=version.php
variable=VERSION
extra_match=Website Baker Project
subdir=3

[toendaCMS]
url=http://www.toendacms.com/
safe=
vuln=CVE-2007-1872
file=tcms_version.xml
variable=release
subdir=2

[Drupal6]
url=http://www.drupal.org/
safe=6.23
latest=6.24
vuln=DRUPAL-SA-CORE-2012-001
file=system.module
variable=define('VERSION'
subdir=2

[PHPNuke]
url=http://phpnuke.org/
# I'm not really sure about that, but 8.0 is at least vulnerable
# Versions pre 8.0 aren't easily detectable
safe=8.1
vuln=CVE-2007-1519
file=version.php
variable=$version_number
extra_match=PHP-Nuke $version_number
subdir=2

[Typo3]
url=http://typo3.org/
safe=4.6.2
old_safe=4.5.9
vuln=CVE-2011-4614
file=config_default.php
variable=$TYPO_VERSION
subdir=1

[Joomla-1]
url=http://www.joomla.org/
safe=1.5.25
vuln=CVE-2011-4321
file=version.php
variable=var $RELEASE,var $DEV_LEVEL
extra_match=@package Joomla
subdir=1

# 1.5 has changed identification
[Joomla-1_5]
url=http://www.joomla.org/
safe=1.5.25
vuln=http://developer.joomla.org/security/news/9-security/10-core-security/375-20111103-core-password-change
file=version.php
variable=var $RELEASE,var $DEV_LEVEL
extra_match=@package	Joomla.Framework
subdir=2

[Joomla-2]
url=http://www.joomla.org/
safe=2.5.3
vuln=CVE-2012-9999
file=joomla.xml
variable=<version>
#extra_match=@package	Joomla.Framework
extra_match=<name>files_joomla</name>
subdir=0

[Mambo]
url=http://www.source.mambo-foundation.org/
safe=4.6.5
vuln=CVE-2008-2905
file=version.php
variable=var $RELEASE,var $DEV_LEVEL
extra_match=@package Mambo
subdir=1

[w-Agora]
url=http://www.w-agora.net/
# last release 4.2.1 in 2006-07-12
safe=
vuln=CVE-2007-0607
file=misc_func.php
variable=$v =
subdir=1
extra_match=w-agora version $v

[MODx]
url=http://www.modxcms.com/
safe=0.9.6.3
vuln=http://modxcms.com/about/blog/rthrash/another-year-for-modx-and-a-new-release.html
file=version.inc.php
variable=$version
subdir=2
extra_match=$full_appname = 'MODx'

[PostNuke]
# This one is a hell to detect, not sure for how many versions this works
url=http://www.postnuke.com
# 0.764 last stable in 2006-11-20, 0.8.0.0 rcs available
safe=
vuln=CVE-2007-0385
file=global.php
variable=_MESSAGE_00_a
subdir=2
extra_match=http://www.pn-cms.de

[Contenido]
url=http://www.contenido.org/
safe=4.8.11
latest=4.8.13
vuln=http://forum.contenido.org/viewtopic.php?f=25&t=23254
file=config.misc.php
variable=$cfg['version']
subdir=1
extra_match=Contenido Misc Configurations

[SilverStripe]
url=http://www.silverstripe.com
safe=2.4.6
vuln=http://doc.silverstripe.org/sapphire/en/trunk/changelogs/2.4.6
file=silverstripe_version
variable=/open/modules/cms/
subdir=1
extra_match=/open/modules/cms/

[CMSMadeSimple]
url=http://www.cmsmadesimple.org/
safe=1.9.4.3
vuln=CVE-2011-4310
file=version.php
variable=$CMS_VERSION
subdir=0

[e107]
url=http://e107.org/
safe=1.0.0
vuln=CVE-2011-4920
file=ver.php
variable=$e107info['e107_version']
subdir=0

[SPIP]
url=http://www.spip.net/
safe=2.0.9
vuln=CVE-2009-3041
file=inc_version.php
variable=$spip_version_branche
subdir=1