├── tests ├── __init__.py ├── test_freewvs_testdata.py └── test_jsonlint.py ├── .gitignore ├── SECURITY.md ├── freewvsdb ├── crm.json ├── games.json ├── link.json ├── themes.json ├── guestbook.json ├── phpcomponents.json ├── jscss.json ├── groupware.json ├── webshop.json ├── gallery.json ├── wiki.json ├── blog.json ├── bb.json ├── cms.json ├── plugins.json └── misc.json ├── COPYING ├── ISSUES ├── CONTRIBUTIONS.md ├── .github └── workflows │ └── runpyci.yml ├── misc └── create-freewvsdb ├── runpyci.sh ├── setup.py ├── update-freewvsdb ├── README.md └── freewvs /tests/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | __pycache__ 2 | *.py[cod] 3 | -------------------------------------------------------------------------------- /SECURITY.md: -------------------------------------------------------------------------------- 1 | security 2 | ======== 3 | 4 | Please report security vulnerabilities via e-mail, you can optionally PGP-encrypt them: 5 | 6 | https://schokokeks.org/kontakt 7 | -------------------------------------------------------------------------------- /freewvsdb/crm.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "vtigerCRM", 4 | "url": "http://www.vtiger.de", 5 | "safe": "5.3.0", 6 | "vuln": "CVE-2011-4670", 7 | "detection": [ 8 | { 9 | "file": "vtigerversion.php", 10 | "variable": "$vtiger_current_version", 11 | "subdir": 0 12 | } 13 | ] 14 | } 15 | ] 16 | -------------------------------------------------------------------------------- /freewvsdb/games.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "NetRisk", 4 | "url": "http://phprisk.org/", 5 | "safe": "", 6 | "vuln": "CVE-2008-0144", 7 | "latest": "1.9.7", 8 | "detection": [ 9 | { 10 | "file": "install.php", 11 | "variable": "$version", 12 | "subdir": 0, 13 | "extra_match": "NetRisk - Setup" 14 | } 15 | ] 16 | } 17 | ] 18 | -------------------------------------------------------------------------------- /freewvsdb/link.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "cpDynaLinks", 4 | "url": "https://web.archive.org/web/20160423004721/http://www.cplinks.com/cpdynalinks/", 5 | "safe": "", 6 | "vuln": "CVE-2007-5408", 7 | "latest": "1.02", 8 | "detection": [ 9 | { 10 | "file": "version.php", 11 | "variable": "$cplinks_version", 12 | "subdir": 0 13 | } 14 | ] 15 | } 16 | ] 17 | -------------------------------------------------------------------------------- /freewvsdb/themes.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "Wordpress-Theme-Twentyfifteen", 4 | "url": "https://wordpress.org/themes/twentyfifteen/", 5 | "safe": "1.2", 6 | "vuln": "CVE-2015-3429", 7 | "detection": [ 8 | { 9 | "file": "style.css", 10 | "variable": "Version:", 11 | "subdir": 0, 12 | "extra_match": "Theme Name: Twenty Fifteen" 13 | } 14 | ] 15 | } 16 | ] 17 | -------------------------------------------------------------------------------- /COPYING: -------------------------------------------------------------------------------- 1 | Copyright (C) schokokeks.org Hosting 2 | 3 | Permission to use, copy, modify, and/or distribute this software for any 4 | purpose with or without fee is hereby granted. 5 | 6 | THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 7 | WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 8 | MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 9 | ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 10 | WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 11 | ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 12 | OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 13 | -------------------------------------------------------------------------------- /ISSUES: -------------------------------------------------------------------------------- 1 | Some known issues: 2 | 3 | * phpBB-detection works only based on the CHANGELOG, which is part of the doc (and could be deleted in a live installation). 4 | Found no better way to do it, still is an ugly workaround. The other "method" of detecting the version would be the SQL-files, 5 | but they're even more likely to be deleted in live installations. Only reliable method would probably be checking the database 6 | itself, but that's outside the scope of this tool. 7 | 8 | * phpnuke versions below 8.0 aren't detected. 9 | 10 | * drbguestbook only detected via README. 11 | 12 | * egroupware only detected via setup, may be missing in live installations. 13 | 14 | * tikiwiki only detected via README. 15 | -------------------------------------------------------------------------------- /freewvsdb/guestbook.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "DRBGuestbook", 4 | "url": "http://www.dbscripts.net/guestbook/", 5 | "safe": "1.1.14", 6 | "vuln": "CVE-2007-5218", 7 | "detection": [ 8 | { 9 | "file": "README.txt", 10 | "variable": "Version", 11 | "subdir": 0, 12 | "extra_match": "DRBGuestbook" 13 | } 14 | ] 15 | }, 16 | { 17 | "name": "SimpGB", 18 | "url": "http://www.boesch-it.de/", 19 | "safe": "1.47.0", 20 | "vuln": "CVE-2007-5127", 21 | "detection": [ 22 | { 23 | "file": "global.inc.php", 24 | "variable": "$version", 25 | "subdir": 1, 26 | "extra_match": "$path_simpgb" 27 | } 28 | ] 29 | } 30 | ] 31 | -------------------------------------------------------------------------------- /CONTRIBUTIONS.md: -------------------------------------------------------------------------------- 1 | contribute 2 | ========== 3 | 4 | If you want to contribute you can use pull requests and the issue tracker on our github 5 | mirror: 6 | 7 | https://github.com/schokokeksorg/freewvs/ 8 | 9 | If you prefer you can also contact us via e-mail: 10 | 11 | https://schokokeks.org/kontakt 12 | 13 | coding style 14 | ============ 15 | 16 | Code should conform to the PEP8 coding standard. Furthermore we enable additional rules 17 | in pycodestyle and run some other linting tools (pylint, pyflakes, dlint). 18 | 19 | The freewvsdb files should be linted JSON as created by json.dumps with 2 spaces 20 | indenting. 21 | 22 | All code and JSON style requirements can be checked by running the unit tests: 23 | 24 | ``` 25 | python -m unittest 26 | ``` 27 | -------------------------------------------------------------------------------- /freewvsdb/phpcomponents.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "smarty", 4 | "url": "https://www.smarty.net/", 5 | "safe": "3.1.33", 6 | "vuln": "CVE-2018-16831", 7 | "latest": "3.1.33", 8 | "thirdparty": "yes", 9 | "detection": [ 10 | { 11 | "file": "Smarty.class.php", 12 | "variable": "@version", 13 | "subdir": 1 14 | } 15 | ] 16 | }, 17 | { 18 | "name": "PHPMailer", 19 | "url": "https://github.com/PHPMailer/PHPMailer", 20 | "safe": "6.5.0", 21 | "vuln": "CVE-2021-3603", 22 | "latest": "6.8.0", 23 | "thirdparty": "yes", 24 | "detection": [ 25 | { 26 | "file": "PHPMailer.php", 27 | "variable": "VERSION", 28 | "subdir": 1 29 | } 30 | ] 31 | } 32 | ] 33 | -------------------------------------------------------------------------------- /.github/workflows/runpyci.yml: -------------------------------------------------------------------------------- 1 | # last update: 2024-12-07 2 | # https://github.com/hannob/codingstyle 3 | --- 4 | name: runpyci 5 | "on": 6 | - pull_request 7 | - push 8 | 9 | jobs: 10 | build: 11 | strategy: 12 | matrix: 13 | python-version: [3.9, 3.x, 3.14-dev] 14 | runs-on: ubuntu-latest 15 | steps: 16 | - uses: actions/checkout@v4 17 | - name: Set up Python ${{ matrix.python-version }} ${{ matrix.os }} 18 | uses: actions/setup-python@v5 19 | with: 20 | python-version: ${{ matrix.python-version }} 21 | - name: Install dependencies and linters 22 | run: | 23 | [ -e requirements.txt ] && pip install -r requirements.txt 24 | pip install setuptools # CUSTOM: required until we move to pyproject 25 | pip install pycodestyle pyupgrade pyflakes dlint pylint ruff 26 | - name: Run tests 27 | env: 28 | RUN_ONLINETESTS: 1 29 | run: | 30 | ./runpyci.sh 31 | -------------------------------------------------------------------------------- /misc/create-freewvsdb: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # 3 | # This script is used to generate the update files for freewvs. 4 | # You do not need it if you merely want to use freewvs. 5 | # 6 | # SPDX-License-Identifier: 0BSD 7 | 8 | TARGETDIR="$HOME/websites/freewvsdb.schokokeks.org/htdocs/" 9 | GITDIR="$HOME/gitmirror/freewvs/" 10 | 11 | TIMESTAMP=$(git --git-dir $GITDIR.git --no-pager log --format=%ct -1) 12 | 13 | TIMESTAMP_OLD=0 14 | if [ -e "$TARGETDIR/freewvsdb.timestamp" ]; then 15 | TIMESTAMP_OLD=$(cat "$TARGETDIR/freewvsdb.timestamp") 16 | fi 17 | 18 | if [ "$TIMESTAMP" -lt "$TIMESTAMP_OLD" ]; then 19 | echo "ERROR: New timestamp is smaller than old timestamp" 20 | exit 1 21 | fi 22 | 23 | if [ "$TIMESTAMP" -eq "$TIMESTAMP_OLD" ]; then 24 | # nothing to do 25 | exit 0 26 | fi 27 | 28 | # We try to be as reproducible as possible, see 29 | # https://h2.jaguarpaw.co.uk/posts/reproducible-tar/ 30 | pushd $GITDIR/freewvsdb >/dev/null 31 | tar --sort=name --mtime="@$TIMESTAMP" --owner=0 --group=0 --numeric-owner \ 32 | --strip-components=99 \ 33 | -cJf $TARGETDIR/$TIMESTAMP.tar.xz \ 34 | *.json 35 | popd >/dev/null 36 | echo -n $TIMESTAMP >$TARGETDIR/freewvsdb.timestamp 37 | -------------------------------------------------------------------------------- /runpyci.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # last update: 2025-07-02 3 | # https://github.com/hannob/codingstyle 4 | set -euo pipefail 5 | 6 | PYLINTIG="consider-using-with,design,fixme,invalid-name,missing-docstring,modified-iterating-list,no-member,possibly-used-before-assignment,protected-access,too-many-lines,unused-argument,broad-exception-caught,c-extension-no-member,duplicate-code,global-statement,global-variable-not-assigned,import-error,import-outside-toplevel,inconsistent-return-statements,redefined-outer-name,unspecified-encoding" 7 | RUFFIG="ANN,C90,D,FIX001,FIX002,ICN001,PLR0911,PLR0912,PLR0913,PLR0915,PTH,S314,S501,S603,SLF001,T201,TD002,TD003,B008,BLE001,COM812,FBT002,I001,N802,N806,PERF203,PERF401,PLC0415,PLR2004,PLW0602,PLW0603,PT009,RET505,RUF100,S202,S310,S607,S608,SIM102,SIM105,SIM108,SIM113,SIM114,SIM115,TD001,TD004,TRY300" 8 | 9 | pyfind=$(find -name \*.py) 10 | pygrep=$(grep -rl --exclude-dir=.ruff_cache '^#!/usr/bin/python\|^#!/usr/bin/env python' .) 11 | pyfiles=$(echo "$pyfind" "$pygrep" | sort -u) 12 | 13 | pycodestyle --max-line-length=100 --ignore=W503,E203 $pyfiles 14 | pyupgrade --py313-plus $pyfiles 15 | pyflakes $pyfiles 16 | flake8 --select=DUO --ignore=DUO107,DUO123,DUO131 $pyfiles 17 | pylint --disable=$PYLINTIG $pyfiles 18 | ruff check --line-length=100 --select=ALL --ignore=$RUFFIG $pyfiles 19 | 20 | if [ -d tests ]; then 21 | python -m unittest -v 22 | fi 23 | -------------------------------------------------------------------------------- /freewvsdb/jscss.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "jquery", 4 | "url": "https://jquery.com/", 5 | "safe": "3.5.1", 6 | "vuln": "CVE-2020-11022", 7 | "latest": "3.5.1", 8 | "thirdparty": "yes", 9 | "detection": [ 10 | { 11 | "file": "jquery.js", 12 | "variable": "/*! jQuery", 13 | "subdir": 0 14 | }, 15 | { 16 | "file": "jquery.min.js", 17 | "variable": "/*! jQuery", 18 | "subdir": 0 19 | } 20 | ] 21 | }, 22 | { 23 | "name": "bootstrap", 24 | "url": "https://getbootstrap.com/", 25 | "safe": "4.3.1", 26 | "old_safe": "3.4.1", 27 | "vuln": "CVE-2019-8331", 28 | "latest": "4.4.1", 29 | "thirdparty": "yes", 30 | "detection": [ 31 | { 32 | "file": "bootstrap.min.css", 33 | "variable": "* Bootstrap v", 34 | "subdir": 0 35 | } 36 | ] 37 | }, 38 | { 39 | "name": "Moment.js", 40 | "url": "https://momentjs.com/", 41 | "safe": "2.19.3", 42 | "vuln": "CVE-2017-18214", 43 | "latest": "2.24.0", 44 | "thirdparty": "yes", 45 | "detection": [ 46 | { 47 | "file": "moment.js", 48 | "variable": ".version", 49 | "subdir": 0 50 | }, 51 | { 52 | "file": "moment.min.js", 53 | "variable": ".version", 54 | "subdir": 0 55 | } 56 | ] 57 | } 58 | ] 59 | -------------------------------------------------------------------------------- /setup.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3 2 | 3 | import os 4 | 5 | import setuptools 6 | import setuptools.command.install 7 | 8 | f = open( 9 | os.path.join(os.path.abspath(os.path.dirname(__file__)), "README.md"), 10 | encoding="ascii", 11 | ) 12 | readme = f.read() 13 | f.close() 14 | 15 | setuptools.setup( 16 | name="freewvs", 17 | version="0.1.4", 18 | description="A free web vulnerability scanner", 19 | long_description=readme, 20 | long_description_content_type="text/markdown", 21 | url="https://freewvs.schokokeks.org/", 22 | packages=[], 23 | scripts=["freewvs", "update-freewvsdb"], 24 | python_requires=">=3", 25 | license="0BSD", 26 | keywords=["security", "vulnerability", "web"], 27 | classifiers=[ 28 | "Development Status :: 4 - Beta", 29 | "Intended Audience :: System Administrators", 30 | "License :: OSI Approved :: Zero-Clause BSD (0BSD)", 31 | "Natural Language :: English", 32 | "Programming Language :: Python :: 3", 33 | "Programming Language :: Python :: 3 :: Only", 34 | "Programming Language :: Python :: 3.7", 35 | "Programming Language :: Python :: 3.8", 36 | "Programming Language :: Python :: 3.9", 37 | "Programming Language :: Python :: 3.10", 38 | "Programming Language :: Python :: 3.11", 39 | "Programming Language :: Python :: 3.12", 40 | ], 41 | ) 42 | -------------------------------------------------------------------------------- /update-freewvsdb: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3 2 | 3 | import argparse 4 | import io 5 | import os 6 | import pathlib 7 | import sys 8 | import tarfile 9 | import urllib.request 10 | 11 | DBURL = "https://freewvsdb.schokokeks.org/" 12 | dbpaths = ["/var/lib/freewvs/", str(pathlib.Path.home()) + "/.cache/freewvs/"] 13 | 14 | ap = argparse.ArgumentParser() 15 | ap.add_argument("-f", "--force", action="store_true", help="Force update") 16 | args = ap.parse_args() 17 | 18 | target = False 19 | for dbpath in dbpaths: 20 | if not os.path.isdir(dbpath): 21 | try: 22 | os.makedirs(dbpath) 23 | except PermissionError: 24 | continue 25 | if os.access(dbpath, os.W_OK): 26 | target = dbpath 27 | break 28 | 29 | if not target: 30 | sys.exit("Can't write to " + " or ".join(dbpaths)) 31 | 32 | old = 0 33 | if os.path.isfile(target + "timestamp"): 34 | with open(target + "timestamp", encoding="ascii") as f: 35 | old = int(f.read()) 36 | 37 | new = int(urllib.request.urlopen(DBURL + "freewvsdb.timestamp").read()) 38 | 39 | if new == old and not args.force: 40 | # nothing to do 41 | sys.exit() 42 | 43 | tarball = urllib.request.urlopen(DBURL + str(new) + ".tar.xz").read() 44 | 45 | tf = tarfile.open(fileobj=io.BytesIO(tarball)) 46 | if sys.version_info < (3, 11, 4): 47 | tf.extractall(path=target) 48 | else: 49 | tf.extractall(path=target, filter="data") 50 | with open(target + "timestamp", "w", encoding="ascii") as f: 51 | f.write(str(new)) 52 | -------------------------------------------------------------------------------- /freewvsdb/groupware.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "Horde-groupware", 4 | "url": "https://www.horde.org/", 5 | "safe": "1.2.5", 6 | "vuln": "CVE-2009-3701", 7 | "detection": [ 8 | { 9 | "file": "bundle.php", 10 | "variable": "BUNDLE_VERSION", 11 | "subdir": 1, 12 | "extra_match": "'Horde Groupware'" 13 | } 14 | ] 15 | }, 16 | { 17 | "name": "EGroupware", 18 | "url": "https://www.egroupware.org/", 19 | "safe": "16.1.20170922", 20 | "vuln": "CVE-2017-14920", 21 | "detection": [ 22 | { 23 | "file": "setup.inc.php", 24 | "variable": "$setup_info['phpgwapi']['version']", 25 | "subdir": 2 26 | }, 27 | { 28 | "file": "composer.json", 29 | "variable": "version", 30 | "extra_match": "\"name\": \"egroupware/egroupware\"", 31 | "subdir": 0 32 | } 33 | ] 34 | }, 35 | { 36 | "name": "more.groupware", 37 | "url": "https://web.archive.org/web/20070310040146/http://www.moregroupware.com/", 38 | "safe": "", 39 | "latest": "0.7.4", 40 | "vuln": "CVE-2006-4906", 41 | "detection": [ 42 | { 43 | "file": "version.inc.php", 44 | "variable": "$gwversion_number", 45 | "subdir": 1 46 | } 47 | ] 48 | }, 49 | { 50 | "name": "SimpleGroupware", 51 | "url": "https://web.archive.org/web/20130810201721/http://www.simple-groupware.de/", 52 | "safe": "0.742", 53 | "vuln": "CVE-2012-1028", 54 | "latest": "0.745", 55 | "detection": [ 56 | { 57 | "file": "setup.php", 58 | "variable": "define(\"CORE_VERSION_STRING\"", 59 | "subdir": 2 60 | } 61 | ] 62 | } 63 | ] 64 | -------------------------------------------------------------------------------- /freewvsdb/webshop.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "Gambio", 4 | "url": "https://www.gambio.com/", 5 | "safe": "4.9.4.1", 6 | "vuln": "CVE-2024-23759", 7 | "detection": [ 8 | { 9 | "file": "Application.php", 10 | "variable": "public const VERSION", 11 | "subdir": 2, 12 | "extra_match": "Gambio\\Core\\Application" 13 | } 14 | ] 15 | }, 16 | { 17 | "name": "FreeWebshop", 18 | "url": "http://www.freewebshop.org/", 19 | "safe": "2.2.7", 20 | "vuln": "CVE-2007-6711", 21 | "detection": [ 22 | { 23 | "file": "subs.inc.php", 24 | "variable": "$version", 25 | "subdir": 1 26 | } 27 | ] 28 | }, 29 | { 30 | "name": "Magento", 31 | "url": "https://magento.com/", 32 | "safe": "2.3.4", 33 | "vuln": "CVE-2020-3716", 34 | "detection": [ 35 | { 36 | "file": "Mage.php", 37 | "variable": "return '", 38 | "subdir": 1, 39 | "note": "old 1.x" 40 | }, 41 | { 42 | "file": "RELEASE_NOTES.txt", 43 | "variable": "====", 44 | "subdir": 0, 45 | "note": "1.9.x" 46 | }, 47 | { 48 | "file": "composer.json", 49 | "variable": "\"version\":", 50 | "subdir": 0, 51 | "extra_match": "\"name\": \"magento/magento2ce\",", 52 | "note": "2.x" 53 | } 54 | ] 55 | }, 56 | { 57 | "name": "zencart", 58 | "url": "http://www.zen-cart.com/", 59 | "safe": "1.3.9", 60 | "vuln": "CVE-2009-2254", 61 | "detection": [ 62 | { 63 | "file": "paypaldp.php", 64 | "variable": "$this->codeVersion", 65 | "subdir": 3 66 | } 67 | ] 68 | }, 69 | { 70 | "name": "litecart", 71 | "url": "https://www.litecart.net/", 72 | "safe": "2.2.2", 73 | "vuln": "CVE-2020-9018", 74 | "detection": [ 75 | { 76 | "file": "app_header.inc.php", 77 | "variable": "PLATFORM_VERSION", 78 | "subdir": 1 79 | } 80 | ] 81 | } 82 | ] 83 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # freewvs 2 | 3 | A local web vulnerability scanner. 4 | 5 | freewvs is a tool to search webroots for known vulnerable versions of web applications. 6 | 7 | ## install 8 | 9 | You can install [freewvs via pip](https://pypi.org/project/freewvs/): 10 | 11 | ``` 12 | pip install freewvs 13 | ``` 14 | 15 | Alternatively, you can run freewvs directly from the git source. 16 | 17 | If you install via pip, you need to update the freewvs database first: 18 | 19 | ``` 20 | update-freewvsdb 21 | ``` 22 | 23 | ## usage 24 | 25 | Just run freewvs with a path, e.g.: 26 | 27 | ``` 28 | freewvs /var/www 29 | ``` 30 | 31 | The output will be something like this: 32 | 33 | ``` 34 | Joomla 3.9.11 (3.9.14) CVE-2019-19846 /var/www/example.org 35 | nextcloud 14.0.1 (14.0.5) CVE-2019-5449 /var/www/cloud.example.org 36 | MediaWiki 1.31.1 (1.31.6) CVE-2019-19709 /var/www/wiki.example.org 37 | ``` 38 | 39 | ## faq 40 | 41 | #### What does freewvs do? 42 | 43 | It scans your webroot for known vulnerable versions of popular web applications. 44 | 45 | #### What does the output tell me? 46 | 47 | The output looks like this: 48 | 49 | ``` 50 | Joomla-3 3.9.11 (3.9.13) CVE-2019-18674 /home/joe/websites/joessite/ 51 | ``` 52 | 53 | This says that in /home/joe/websites/joessite/, there's a Joomla installation of version 54 | 3.9.11. This version is vulnerable to CVE-2019-18674, and you should update it to 55 | version 3.9.13. 56 | 57 | #### CVE-2019-XXXX seems to be very minor, at least it doesn't affect me. Am I safe? 58 | 59 | No, as freewvs only checks for the latest vulnerabilities. There may be other 60 | vulnerabilities in your version not listed by freewvs. The only way to be sure is to 61 | check the upstream changelog. 62 | 63 | #### There is no version inside the brackets. What does that mean? 64 | 65 | It means your web application has not released a security update. Often, this means the 66 | software is no longer developed. 67 | 68 | ## contributions 69 | 70 | See [CONTRIBUTIONS.md](CONTRIBUTIONS.md). 71 | 72 | ## misc 73 | 74 | freewvs was developed by [schokokeks.org hosting](https://schokokeks.org/). 75 | 76 | It's licensed under the 0BSD license. 77 | 78 | [https://freewvs.schokokeks.org](https://freewvs.schokokeks.org) 79 | -------------------------------------------------------------------------------- /tests/test_freewvs_testdata.py: -------------------------------------------------------------------------------- 1 | import difflib 2 | import glob 3 | import os 4 | import re 5 | import shutil 6 | import subprocess 7 | import sys 8 | import tempfile 9 | import unittest 10 | 11 | TESTDATA_REPO = "https://github.com/schokokeksorg/freewvs-testdata" 12 | 13 | 14 | class TestFreewvsData(unittest.TestCase): 15 | @unittest.skipUnless(os.environ.get("RUN_ONLINETESTS"), "Not running online tests") 16 | def test_freewvs_testdata(self): 17 | tmp = tempfile.mkdtemp(prefix="testdata") 18 | if os.environ.get("TESTDATA_REPOSITORY"): 19 | os.symlink(os.environ.get("TESTDATA_REPOSITORY"), tmp + "/testdata") 20 | else: 21 | subprocess.run( 22 | ["git", "clone", "--depth=1", TESTDATA_REPO, tmp + "/testdata"], 23 | check=True, 24 | ) 25 | 26 | for tdir in glob.glob(tmp + "/testdata/webapps/*"): 27 | bdir = os.path.basename(tdir) 28 | for tarball in glob.glob(tdir + "/dist/*"): 29 | tname = os.path.basename(tarball) 30 | if sys.version_info < (3, 12) or tarball.endswith(".zip"): 31 | shutil.unpack_archive(tarball, f"{tmp}/{bdir}/{tname}-src") 32 | else: 33 | shutil.unpack_archive( 34 | tarball, f"{tmp}/{bdir}/{tname}-src", filter="data" 35 | ) 36 | fwrun = subprocess.run( 37 | ["./freewvs", "-a", tmp + "/" + bdir], 38 | stdout=subprocess.PIPE, 39 | check=True, 40 | ) 41 | fwdata = re.sub(tmp, "[dir]", fwrun.stdout.decode("utf-8")) 42 | fwclean = re.sub(r" \(.* ", " ", fwdata) 43 | f = open(tdir + "/refdata-a.txt", encoding="ascii") 44 | refdata = f.read() 45 | f.close() 46 | refclean = re.sub(r" \(.* ", " ", refdata) 47 | fwclean = sorted(fwclean.split("\n")) 48 | refclean = sorted(refclean.split("\n")) 49 | if refclean != fwclean: 50 | print("\n".join(difflib.ndiff(refclean, fwclean))) 51 | self.assertEqual(refclean, fwclean, msg=f"Output in {bdir} does not match") 52 | 53 | # misc tests, for read errors, garbage data etc. 54 | subprocess.run( 55 | ["./freewvs", "-a", tmp + "/testdata/misc/"], 56 | stdout=subprocess.PIPE, 57 | check=True, 58 | ) 59 | 60 | 61 | if __name__ == "__main__": 62 | unittest.main() 63 | -------------------------------------------------------------------------------- /freewvsdb/gallery.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "Phormer", 4 | "url": "http://p.horm.org/er/", 5 | "safe": "", 6 | "vuln": "CVE-2007-5013", 7 | "detection": [ 8 | { 9 | "file": "funcs.php", 10 | "variable": "PHORMER_VERSION", 11 | "subdir": 0 12 | } 13 | ] 14 | }, 15 | { 16 | "name": "Gallery", 17 | "url": "http://galleryproject.org/", 18 | "safe": "3.0.9", 19 | "old_safe": "2.3.2", 20 | "vuln": "CVE-2013-2241", 21 | "detection": [ 22 | { 23 | "file": "module.inc", 24 | "variable": "setGalleryVersion", 25 | "subdir": 2, 26 | "note": "2.x, earlier vulnerable to CVE-2012-1113" 27 | }, 28 | { 29 | "file": "gallery.php", 30 | "variable": "const VERSION", 31 | "subdir": 3 32 | } 33 | ] 34 | }, 35 | { 36 | "name": "Coppermine", 37 | "url": "https://coppermine-gallery.net/", 38 | "safe": "1.5.48", 39 | "vuln": "CVE-2018-14478", 40 | "detection": [ 41 | { 42 | "file": "versioncheck.php", 43 | "variable": "Coppermine version", 44 | "subdir": 0 45 | } 46 | ] 47 | }, 48 | { 49 | "name": "Piwigo/PhpWebGallery", 50 | "url": "http://www.phpwebgallery.net/", 51 | "safe": "2.6.3", 52 | "vuln": "CVE-2014-4648", 53 | "detection": [ 54 | { 55 | "file": "constants.php", 56 | "variable": "PHPWG_VERSION", 57 | "subdir": 1 58 | } 59 | ] 60 | }, 61 | { 62 | "name": "LinPHA", 63 | "url": "http://linpha.sourceforge.net", 64 | "safe": "1.3.4", 65 | "vuln": "CVE-2008-1856", 66 | "detection": [ 67 | { 68 | "file": "upgrade.php", 69 | "variable": "$version", 70 | "subdir": 1, 71 | "extra_match": "$inst_linpha_not_work_correctly" 72 | } 73 | ] 74 | }, 75 | { 76 | "name": "mig", 77 | "url": "http://mig.sourceforge.net/", 78 | "safe": "1.5.0", 79 | "vuln": "CVE-2005-2603", 80 | "detection": [ 81 | { 82 | "file": "index.php", 83 | "variable": "$version", 84 | "subdir": 0, 85 | "extra_match": "Mig - A general purpose photo gallery management system." 86 | } 87 | ] 88 | }, 89 | { 90 | "name": "zenphoto", 91 | "url": "http://www.zenphoto.org/", 92 | "safe": "1.4.5.4", 93 | "vuln": "CVE-2013-7242", 94 | "detection": [ 95 | { 96 | "file": "version.php", 97 | "variable": "define('ZENPHOTO_VERSION'", 98 | "subdir": 1 99 | } 100 | ] 101 | } 102 | ] 103 | -------------------------------------------------------------------------------- /freewvsdb/wiki.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "MediaWiki", 4 | "url": "https://www.mediawiki.org/", 5 | "safe": "1.45.1", 6 | "old_safe": "1.44.3,1.43.6,1.39.16", 7 | "vuln": "CVE-2025-67475", 8 | "latest": "1.45.1", 9 | "detection": [ 10 | { 11 | "file": "DefaultSettings.php", 12 | "variable": "$wgVersion", 13 | "subdir": 1 14 | }, 15 | { 16 | "file": "Defines.php", 17 | "variable": "MW_VERSION", 18 | "subdir": 1 19 | } 20 | ] 21 | }, 22 | { 23 | "name": "TWiki", 24 | "url": "http://twiki.org/", 25 | "safe": "5.0.1", 26 | "vuln": "CVE-2010-3841", 27 | "detection": [ 28 | { 29 | "file": "TWiki.pm", 30 | "variable": "$RELEASE", 31 | "subdir": 1 32 | } 33 | ] 34 | }, 35 | { 36 | "name": "PmWiki", 37 | "url": "https://pmwiki.org/", 38 | "safe": "2.2.96", 39 | "vuln": "https://pmwiki.org/wiki/PmWiki/ChangeLog#v2296", 40 | "latest": "2.2.122", 41 | "detection": [ 42 | { 43 | "file": "version.php", 44 | "variable": "$Version", 45 | "subdir": 1, 46 | "extra_match": "pmwiki" 47 | } 48 | ] 49 | }, 50 | { 51 | "name": "Tiki", 52 | "url": "https://tiki.org/", 53 | "safe": "21.3", 54 | "vuln": "CVE-2020-29254", 55 | "detection": [ 56 | { 57 | "file": "README", 58 | "variable": "version", 59 | "subdir": 0, 60 | "extra_match": "Tiki! The wiki", 61 | "extra_nomatch": "version 2", 62 | "note": "1.x" 63 | }, 64 | { 65 | "file": "twversion.class.php", 66 | "variable": "$this->version", 67 | "subdir": 2, 68 | "note": "2.x and above" 69 | } 70 | ] 71 | }, 72 | { 73 | "name": "phpwiki", 74 | "url": "http://phpwiki.sourceforge.net/", 75 | "safe": "", 76 | "vuln": "https://www.exploit-db.com/exploits/38027", 77 | "detection": [ 78 | { 79 | "file": "config.php", 80 | "variable": "PHPWIKI_VERSION", 81 | "subdir": 1, 82 | "note": "1.2.x" 83 | }, 84 | { 85 | "file": "prepend.php", 86 | "variable": "PHPWIKI_VERSION", 87 | "subdir": 1 88 | } 89 | ] 90 | }, 91 | { 92 | "name": "etherpad-lite", 93 | "url": "https://etherpad.org/", 94 | "safe": "1.6.4", 95 | "vuln": "CVE-2018-9326", 96 | "detection": [ 97 | { 98 | "file": "package.json", 99 | "variable": "version", 100 | "subdir": 0, 101 | "extra_match": "ep_etherpad-lite" 102 | } 103 | ] 104 | } 105 | ] 106 | -------------------------------------------------------------------------------- /tests/test_jsonlint.py: -------------------------------------------------------------------------------- 1 | import difflib 2 | import glob 3 | import json 4 | import re 5 | import sys 6 | import unittest 7 | 8 | 9 | def versioncompare(safe_version, find_version): 10 | safe_version_tup = [int(x) for x in safe_version.split(".")] 11 | find_version_tup = [int(x) for x in find_version.split(".")] 12 | return find_version_tup < safe_version_tup 13 | 14 | 15 | class TestJsonLint(unittest.TestCase): 16 | @unittest.skipIf( 17 | sys.version_info < (3, 6, 0), "json.dumps force-sorts on python 3.5" 18 | ) 19 | def test_json_lint(self): 20 | valid = True 21 | for f in glob.glob("freewvsdb/*.json"): 22 | fp = open(f, encoding="ascii") 23 | orig = fp.read() 24 | fp.close() 25 | tmp = json.loads(orig) 26 | new = json.dumps(tmp, indent=2) + "\n" 27 | if orig != new: 28 | print(f"json {f} not valid") 29 | sys.stdout.writelines(difflib.unified_diff(orig, new)) 30 | valid = False 31 | self.assertTrue(valid) 32 | 33 | def test_json_values(self): 34 | jconfig = [] 35 | for cfile in glob.glob("freewvsdb/*.json"): 36 | with open(cfile, encoding="ascii") as json_file: 37 | jconfig += json.load(json_file) 38 | 39 | mkeys = {"name", "url", "safe", "vuln", "detection"} 40 | for item in jconfig: 41 | # check for all mandatory keys 42 | self.assertEqual( 43 | mkeys.intersection(item.keys()), 44 | mkeys, 45 | msg=f"Missing key in {item['name']}", 46 | ) 47 | 48 | # check we have at least one detection 49 | self.assertTrue( 50 | len(item["detection"]) >= 1, msg=f"No detection in {item['name']}" 51 | ) 52 | 53 | # vuln needs to be CVE or HTTPS URL 54 | self.assertTrue( 55 | re.match("^CVE-[0-9]*-[0-9]*$", item["vuln"]) 56 | or item["vuln"].startswith("https://"), 57 | msg=f"{item['name']}: Invalid vuln {item['vuln']}", 58 | ) 59 | 60 | # make sure safe is a version 61 | if item["safe"] != "": 62 | # we have a theoretical reDoS here, but 63 | # this is no external data, therefore ok 64 | self.assertTrue( 65 | re.match(r"^([0-9]+\.)*[0-9]+$", item["safe"]), # noqa: DUO138 66 | msg=f"{item['name']}: Invalid safe version {item['safe']}", 67 | ) 68 | 69 | # make sure old_safe is properly sorted 70 | if "old_safe" in item: 71 | old_safe = item["old_safe"].split(",") 72 | for i in range(1, len(old_safe)): 73 | self.assertTrue( 74 | versioncompare(old_safe[i - 1], old_safe[i]), 75 | msg=f"{item['name']}: Invalid old_safe" 76 | " ordering {item['old_safe']}", 77 | ) 78 | 79 | # make sure latest is not outdated 80 | if "latest" in item and item["safe"] != "": 81 | self.assertTrue( 82 | not versioncompare(item["safe"], item["latest"]), 83 | msg=f"{item['name']}: Safe version " 84 | "{item['safe']} newer than latest" 85 | " {item['latest']}", 86 | ) 87 | 88 | # subdir needs to be integer 89 | for det in item["detection"]: 90 | self.assertTrue( 91 | isinstance(det["subdir"], int), 92 | msg=f"{item['name']}: subdir not int", 93 | ) 94 | 95 | 96 | if __name__ == "__main__": 97 | unittest.main() 98 | -------------------------------------------------------------------------------- /freewvsdb/blog.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "Serendipity", 4 | "url": "https://docs.s9y.org/", 5 | "safe": "2.5.0", 6 | "vuln": "CVE-2023-43655", 7 | "detection": [ 8 | { 9 | "file": "serendipity_config.inc.php", 10 | "variable": "$serendipity['version']", 11 | "subdir": 0 12 | } 13 | ] 14 | }, 15 | { 16 | "name": "Wordpress", 17 | "url": "https://wordpress.org/", 18 | "safe": "6.8.3", 19 | "latest": "6.8.3", 20 | "vuln": "CVE-2025-58674", 21 | "detection": [ 22 | { 23 | "file": "version.php", 24 | "variable": "$wp_version", 25 | "subdir": 1, 26 | "extra_nomatch": "$cp_version" 27 | } 28 | ] 29 | }, 30 | { 31 | "name": "ClassicPress", 32 | "url": "https://www.classicpress.net/", 33 | "safe": "1.1.3", 34 | "vuln": "https://forums.classicpress.net/t/classicpress-1-1-3-release-notes/2301", 35 | "detection": [ 36 | { 37 | "file": "version.php", 38 | "variable": "$cp_version", 39 | "subdir": 1, 40 | "extra_match": "The ClassicPress version string" 41 | } 42 | ] 43 | }, 44 | { 45 | "name": "SimplePHPBlog", 46 | "url": "http://www.simplephpblog.com/", 47 | "safe": "0.5.1", 48 | "vuln": "CVE-2007-5071", 49 | "detection": [ 50 | { 51 | "file": "sb_functions.php", 52 | "variable": "$sb_info[ 'version' ]", 53 | "subdir": 1 54 | } 55 | ] 56 | }, 57 | { 58 | "name": "b2evolution", 59 | "url": "https://b2evolution.net/", 60 | "safe": "6.8.11", 61 | "vuln": "CVE-2017-1000423", 62 | "detection": [ 63 | { 64 | "file": "_application.php", 65 | "variable": "$app_version", 66 | "subdir": 2, 67 | "extra_match": "This is b2evolution" 68 | } 69 | ] 70 | }, 71 | { 72 | "name": "nucleuscms", 73 | "url": "http://www.nucleuscms.org/", 74 | "safe": "3.40", 75 | "vuln": "CVE-2009-0929", 76 | "detection": [ 77 | { 78 | "file": "globalfunctions.php", 79 | "variable": "$nucleus['version']", 80 | "subdir": 2 81 | } 82 | ] 83 | }, 84 | { 85 | "name": "sBlog", 86 | "url": "https://web.archive.org/web/20080908094255/http://sblog.se/wiki/Main_Page", 87 | "safe": "", 88 | "vuln": "CVE-2007-1801", 89 | "latest": "0.7.3", 90 | "detection": [ 91 | { 92 | "file": "version.ini", 93 | "variable": "conf_current_version", 94 | "subdir": 1, 95 | "extra_match": "[sblog_version_info]" 96 | } 97 | ] 98 | }, 99 | { 100 | "name": "Movable_Type", 101 | "url": "https://movabletype.com/", 102 | "safe": "6.8.2", 103 | "vuln": "CVE-2021-20837", 104 | "note": "only 5.x public", 105 | "detection": [ 106 | { 107 | "file": "mt.php", 108 | "variable": "VERSION_ID", 109 | "subdir": 1 110 | } 111 | ] 112 | }, 113 | { 114 | "name": "artmedic_weblog", 115 | "url": "http://www.artmedic-phpscripts.de/", 116 | "safe": "", 117 | "vuln": "CVE-2008-0798", 118 | "latest": "1.0", 119 | "detection": [ 120 | { 121 | "file": "artmedic_index.php", 122 | "variable": "# artmedic weblog", 123 | "subdir": 0 124 | } 125 | ] 126 | }, 127 | { 128 | "name": "DotClear", 129 | "url": "https://dotclear.org/", 130 | "safe": "2.14.2", 131 | "vuln": "CVE-2018-16358", 132 | "detection": [ 133 | { 134 | "file": "LISEZMOI.txt", 135 | "variable": "DotClear", 136 | "subdir": 0, 137 | "note": "older" 138 | }, 139 | { 140 | "file": "prepend.php", 141 | "variable": "DC_VERSION", 142 | "extra_match": "Dotclear", 143 | "subdir": 1 144 | } 145 | ] 146 | } 147 | ] 148 | -------------------------------------------------------------------------------- /freewvsdb/bb.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "phpBB", 4 | "url": "https://www.phpbb.com", 5 | "safe": "3.3.11", 6 | "vuln": "CVE-2023-5917", 7 | "detection": [ 8 | { 9 | "file": "CHANGELOG.html", 10 | "variable": "Changes since", 11 | "subdir": 1, 12 | "add_minor": "1" 13 | } 14 | ] 15 | }, 16 | { 17 | "name": "DeluxeBB", 18 | "url": "https://web.archive.org/web/20110202175019/http://www.deluxebb.com/", 19 | "safe": "", 20 | "latest": "1.3", 21 | "vuln": "CVE-2010-4151", 22 | "detection": [ 23 | { 24 | "file": "header.php", 25 | "variable": "$versionname", 26 | "subdir": 0, 27 | "extra_match": "DeluxeBB" 28 | } 29 | ] 30 | }, 31 | { 32 | "name": "PunBB", 33 | "url": "http://punbb.informer.com/", 34 | "safe": "1.4.1", 35 | "vuln": "https://secunia.com/advisories/46864", 36 | "detection": [ 37 | { 38 | "file": "install.php", 39 | "variable": "$punbb_version", 40 | "subdir": 0, 41 | "note": "1.2.x and earlier" 42 | }, 43 | { 44 | "file": "db_update.php", 45 | "variable": "UPDATE_TO", 46 | "subdir": 0, 47 | "extra_match": "@package PunBB" 48 | } 49 | ] 50 | }, 51 | { 52 | "name": "UseBB", 53 | "url": "https://github.com/usebb/UseBB", 54 | "safe": "", 55 | "vuln": "https://github.com/usebb/UseBB/commit/403718a1c34b0906b0c2b874794b1456c81c4a63", 56 | "latest": "1.0.16", 57 | "detection": [ 58 | { 59 | "file": "common.php", 60 | "variable": "USEBB_VERSION", 61 | "subdir": 1 62 | } 63 | ] 64 | }, 65 | { 66 | "name": "Vanilla", 67 | "url": "https://vanillaforums.com/", 68 | "safe": "3.2", 69 | "vuln": "https://open.vanillaforums.com/discussion/37556/vanilla-3-2-is-now-available", 70 | "detection": [ 71 | { 72 | "file": "version.php", 73 | "variable": "APPLICATION_VERSION", 74 | "subdir": 1, 75 | "extra_match": "define('APPLICATION', 'Vanilla');", 76 | "note": "1.x" 77 | }, 78 | { 79 | "file": "index.php", 80 | "variable": "APPLICATION_VERSION", 81 | "subdir": 0, 82 | "extra_match": "define('APPLICATION', 'Vanilla');", 83 | "note": "2.x" 84 | }, 85 | { 86 | "file": "environment.php", 87 | "variable": "APPLICATION_VERSION", 88 | "subdir": 0, 89 | "extra_match": "define('APPLICATION', 'Vanilla');" 90 | } 91 | ] 92 | }, 93 | { 94 | "name": "SimpleMachinesForum", 95 | "url": "http://www.simplemachines.org/", 96 | "safe": "2.0.5", 97 | "vuln": "CVE-2018-10305", 98 | "detection": [ 99 | { 100 | "file": "index.php", 101 | "variable": "$forum_version", 102 | "subdir": 0, 103 | "extra_match": "Simple Machines Forum" 104 | } 105 | ] 106 | }, 107 | { 108 | "name": "MyBB", 109 | "url": "https://mybb.com/", 110 | "safe": "1.8.22", 111 | "vuln": "https://blog.mybb.com/2019/12/30/mybb-1-8-22-released-security-maintenance-release/", 112 | "detection": [ 113 | { 114 | "file": "class_core.php", 115 | "variable": "$version", 116 | "subdir": 1 117 | } 118 | ] 119 | }, 120 | { 121 | "name": "Phorum", 122 | "url": "https://www.phorum.org/", 123 | "safe": "5.2.21", 124 | "vuln": "https://voidsec.com/wp-content/uploads/2016/04/Phorum-v.5.2.20-VoidSec.pdf", 125 | "latest": "5.2.23", 126 | "detection": [ 127 | { 128 | "file": "common.php", 129 | "variable": "define( \"PHORUM\"", 130 | "subdir": 0 131 | } 132 | ] 133 | }, 134 | { 135 | "name": "wBB", 136 | "url": "http://www.woltlab.com/", 137 | "safe": "3.0.9", 138 | "vuln": "https://www.securityfocus.com/archive/1/503867/30/60/threaded", 139 | "detection": [ 140 | { 141 | "file": "config.inc.php", 142 | "variable": "define('PACKAGE_VERSION',", 143 | "subdir": 0 144 | } 145 | ] 146 | }, 147 | { 148 | "name": "WBBLite", 149 | "url": "http://wbblite.com/", 150 | "safe": "2.1", 151 | "vuln": "https://www.securityfocus.com/archive/1/503867/30/60/threaded", 152 | "detection": [ 153 | { 154 | "file": "package.xml", 155 | "variable": "", 156 | "subdir": 0, 157 | "extra_match": "WoltLab Burning Board Lite" 158 | } 159 | ] 160 | }, 161 | { 162 | "name": "FluxBB", 163 | "url": "https://fluxbb.org/", 164 | "safe": "1.5.11", 165 | "vuln": "https://fluxbb.org/forums/viewtopic.php?id=9472", 166 | "detection": [ 167 | { 168 | "file": "install.php", 169 | "variable": "$fluxbb_version", 170 | "subdir": 1, 171 | "note": "2.x and earlier" 172 | }, 173 | { 174 | "file": "common.php", 175 | "variable": "FORUM_VERSION", 176 | "subdir": 1, 177 | "extra_match": "FORUM_DB_REVISION" 178 | } 179 | ] 180 | }, 181 | { 182 | "name": "vBulletin", 183 | "url": "https://www.vbulletin.com/", 184 | "safe": "5.6.2", 185 | "vuln": "CVE-2020-12720", 186 | "detection": [ 187 | { 188 | "file": "class_core.php", 189 | "variable": "define('FILE_VERSION'", 190 | "subdir": 1, 191 | "extra_match": "vBulletin" 192 | } 193 | ] 194 | } 195 | ] 196 | -------------------------------------------------------------------------------- /freewvs: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3 -O 2 | 3 | # freewvs - a free web vulnerability scanner 4 | # 5 | # https://freewvs.schokokeks.org/ 6 | # 7 | # Written by schokokeks.org Hosting, https://schokokeks.org 8 | # 9 | # Contributions by 10 | # Hanno Boeck, https://hboeck.de/ 11 | # Fabian Fingerle, https://fabian-fingerle.de/ 12 | # Bernd Wurst, https://bwurst.org/ 13 | 14 | 15 | import argparse 16 | import glob 17 | import json 18 | import os 19 | import pathlib 20 | import re 21 | import sys 22 | from xml.sax.saxutils import escape # noqa: DUO107 23 | 24 | 25 | def versioncompare(safe_version, find_version): 26 | if safe_version == "": 27 | return True 28 | safe_version_tup = [int(x) for x in safe_version.split(".")] 29 | find_version_tup = [int(x) for x in find_version.split(".")] 30 | return find_version_tup < safe_version_tup 31 | 32 | 33 | def checkoldsafe(old_safe, find_version): 34 | find_version_tup = [int(x) for x in find_version.split(".")] 35 | for oldver in old_safe.split(","): 36 | oldver_tup = [int(x) for x in oldver.split(".")] 37 | 38 | if find_version_tup == oldver_tup: 39 | return True 40 | # handle special case where minor version is larger 41 | if ( 42 | len(find_version_tup) >= 2 43 | and find_version_tup[:-1] == oldver_tup[:-1] 44 | and find_version_tup[-1] > oldver_tup[-1] 45 | ): 46 | return True 47 | return False 48 | 49 | 50 | def vulnprint(appname, version, safeversion, vuln, vfilename, subdir, xml): 51 | appdir = "/".join(os.path.abspath(vfilename).split("/")[: -1 - subdir]) 52 | if not xml: 53 | print(f"{appname} {version} ({safeversion}) {vuln} {appdir}") 54 | else: 55 | state = "vulnerable" 56 | if safeversion == "ok": 57 | state = "ok" 58 | print(f' ') 59 | print(f" {escape(appname)}") 60 | print(f" {escape(version)}") 61 | print(f" {escape(appdir)}") 62 | if state == "vulnerable": 63 | print(f" {escape(safeversion)}") 64 | print(f" {escape(vuln)}") 65 | print(" ") 66 | 67 | 68 | # Command-line options 69 | parser = argparse.ArgumentParser() 70 | parser.add_argument("dirs", nargs="*", help="Directories to scan") 71 | parser.add_argument( 72 | "-a", 73 | "--all", 74 | action="store_true", 75 | help="Show all webapps found, not just vulnerable", 76 | ) 77 | parser.add_argument("-x", "--xml", action="store_true", help="Output results as XML") 78 | parser.add_argument( 79 | "-3", 80 | "--thirdparty", 81 | action="store_true", 82 | help="Scan for third-party components like jquery", 83 | ) 84 | opts = parser.parse_args() 85 | 86 | jdir = False 87 | for p in [ 88 | os.path.dirname(sys.argv[0]) + "/freewvsdb", 89 | "/var/lib/freewvs", 90 | str(pathlib.Path.home()) + "/.cache/freewvs/", 91 | ]: 92 | if os.path.isdir(p): 93 | jdir = p 94 | break 95 | if not jdir: 96 | print("Can't find freewvs json db") 97 | sys.exit(1) 98 | 99 | jconfig = [] 100 | for cfile in glob.glob(jdir + "/*.json"): 101 | with open(cfile, encoding="ascii") as json_file: 102 | data = json.load(json_file) 103 | jconfig += data 104 | 105 | scanfiles = set() 106 | for app in jconfig: 107 | for det in app["detection"]: 108 | scanfiles.add(det["file"]) 109 | 110 | 111 | if opts.xml: 112 | print('') 113 | print("") 114 | 115 | # start the search 116 | 117 | for fdir in opts.dirs: 118 | for root, dirs, files in os.walk(fdir): 119 | # this protects us against nested directories causing 120 | # an exception 121 | if root.count(os.sep) > 500: 122 | del dirs[:] 123 | for filename in scanfiles.intersection(files): 124 | for item in jconfig: 125 | if not opts.thirdparty and "thirdparty" in item: 126 | continue 127 | for det in item["detection"]: 128 | if filename == det["file"]: 129 | mfile = os.path.join(root, filename) 130 | try: 131 | file = open(mfile, encoding="ascii", errors="replace") 132 | except OSError: 133 | continue 134 | filestr = file.read(200000) 135 | file.close() 136 | 137 | if ( 138 | "extra_match" in det and det["extra_match"] not in filestr 139 | ) or ( 140 | "extra_nomatch" in det and det["extra_nomatch"] in filestr 141 | ): 142 | continue 143 | 144 | if "path_match" in det and ( 145 | not root.endswith(det["path_match"]) 146 | ): 147 | continue 148 | 149 | findversion = re.search( 150 | re.escape(det["variable"]) + r"[^0-9\n\r]*[.]*" 151 | "([0-9.]*[0-9])[^0-9.]", 152 | filestr, 153 | ) 154 | if not findversion: 155 | continue 156 | findversion = findversion.group(1) 157 | 158 | # Very ugly phpbb workaround 159 | if "add_minor" in det: 160 | findversion = findversion.split(".") 161 | findversion[-1] = str( 162 | int(findversion[-1]) + int(det["add_minor"]) 163 | ) 164 | findversion = ".".join(findversion) 165 | 166 | if not versioncompare(item["safe"], findversion) or ( 167 | "old_safe" in item 168 | and checkoldsafe(item["old_safe"], findversion) 169 | ): 170 | if opts.all: 171 | vulnprint( 172 | item["name"], 173 | findversion, 174 | "ok", 175 | "", 176 | mfile, 177 | det["subdir"], 178 | opts.xml, 179 | ) 180 | continue 181 | 182 | safev = item["safe"] 183 | if "old_safe" in item: 184 | for ver in item["old_safe"].split(","): 185 | if versioncompare(ver, findversion): 186 | safev = ver 187 | 188 | vulnprint( 189 | item["name"], 190 | findversion, 191 | safev, 192 | item["vuln"], 193 | mfile, 194 | det["subdir"], 195 | opts.xml, 196 | ) 197 | 198 | if opts.xml: 199 | print("") 200 | -------------------------------------------------------------------------------- /freewvsdb/cms.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "WebsiteBaker", 4 | "url": "https://websitebaker.org/", 5 | "safe": "2.11.0", 6 | "vuln": "CVE-2017-16514", 7 | "detection": [ 8 | { 9 | "file": "version.php", 10 | "variable": "VERSION", 11 | "subdir": 3, 12 | "extra_match": "Website Baker Project" 13 | }, 14 | { 15 | "file": "version.php", 16 | "variable": "VERSION", 17 | "subdir": 2, 18 | "extra_match": "isteam" 19 | } 20 | ] 21 | }, 22 | { 23 | "name": "toendaCMS", 24 | "url": "http://www.toendacms.com/", 25 | "safe": "", 26 | "vuln": "CVE-2007-1872", 27 | "detection": [ 28 | { 29 | "file": "tcms_version.xml", 30 | "variable": "release", 31 | "subdir": 2 32 | } 33 | ] 34 | }, 35 | { 36 | "name": "Drupal", 37 | "url": "https://www.drupal.org/", 38 | "safe": "11.2.8", 39 | "old_safe": "11.1.9,10.5.6,10.4.8,7.102", 40 | "vuln": "CVE-2025-13083", 41 | "latest": "11.2.9", 42 | "detection": [ 43 | { 44 | "file": "system.module", 45 | "variable": "define('VERSION'", 46 | "subdir": 2, 47 | "note": "6.x and older" 48 | }, 49 | { 50 | "file": "bootstrap.inc", 51 | "variable": "define('VERSION'", 52 | "subdir": 1, 53 | "note": "7.x" 54 | }, 55 | { 56 | "file": "Drupal.php", 57 | "variable": "const VERSION", 58 | "subdir": 2, 59 | "note": "8.x" 60 | } 61 | ] 62 | }, 63 | { 64 | "name": "PHPNuke", 65 | "url": "https://www.phpnuke.org/", 66 | "safe": "8.1", 67 | "vuln": "CVE-2007-1519", 68 | "note": "I'm not really sure about that, but 8.0 is at least vulnerable, pre 8.0 aren't easily detectable", 69 | "detection": [ 70 | { 71 | "file": "version.php", 72 | "variable": "$version_number", 73 | "subdir": 2, 74 | "extra_match": "PHP-Nuke $version_number" 75 | } 76 | ] 77 | }, 78 | { 79 | "name": "TYPO3", 80 | "url": "https://typo3.org/", 81 | "safe": "10.4.2", 82 | "old_safe": "9.5.17", 83 | "vuln": "CVE-2020-11069", 84 | "detection": [ 85 | { 86 | "file": "config_default.php", 87 | "variable": "$TYPO_VERSION", 88 | "subdir": 1, 89 | "note": "4.x and older" 90 | }, 91 | { 92 | "file": "SystemEnvironmentBuilder.php", 93 | "extra_nomatch": "TYPO3\\CMS\\Core\\Utility\\PathUtility", 94 | "variable": "define('TYPO3_version", 95 | "subdir": 4, 96 | "note": "6.x to 8.x" 97 | }, 98 | { 99 | "file": "Typo3Version.php", 100 | "variable": "VERSION =", 101 | "subdir": 4, 102 | "note": "9.x and newer" 103 | } 104 | ] 105 | }, 106 | { 107 | "name": "Joomla", 108 | "url": "https://www.joomla.org/", 109 | "safe": "5.3.4", 110 | "old_safe": "4.4.14", 111 | "vuln": "CVE-2025-54476", 112 | "detection": [ 113 | { 114 | "file": "CHANGELOG.php", 115 | "variable": "---------------", 116 | "subdir": 0, 117 | "extra_match": "Joomla! is free software.", 118 | "note": "1.5 and older" 119 | }, 120 | { 121 | "file": "joomla.xml", 122 | "variable": "", 123 | "subdir": 3, 124 | "extra_match": "FILES_JOOMLA_XML_DESCRIPTION", 125 | "path_match": "administrator/manifests/files" 126 | } 127 | ] 128 | }, 129 | { 130 | "name": "Mambo", 131 | "url": "http://www.source.mambo-foundation.org/", 132 | "safe": "", 133 | "vuln": "CVE-2008-2905", 134 | "detection": [ 135 | { 136 | "file": "version.php", 137 | "variable": "var $RELEASE,var $DEV_LEVEL", 138 | "subdir": 1, 139 | "extra_match": "@package Mambo" 140 | } 141 | ] 142 | }, 143 | { 144 | "name": "w-Agora", 145 | "url": "http://www.w-agora.net/", 146 | "safe": "", 147 | "vuln": "CVE-2007-0607", 148 | "latest": "4.2.1", 149 | "detection": [ 150 | { 151 | "file": "misc_func.php", 152 | "variable": "$v =", 153 | "subdir": 1, 154 | "extra_match": "w-agora version $v" 155 | } 156 | ] 157 | }, 158 | { 159 | "name": "MODX", 160 | "url": "https://modx.com/", 161 | "safe": "2.7.1", 162 | "latest": "2.7.2", 163 | "vuln": "CVE-2018-17556", 164 | "detection": [ 165 | { 166 | "file": "version.inc.php", 167 | "variable": "$version", 168 | "subdir": 2, 169 | "extra_match": "$full_appname = 'MODx'", 170 | "note": "0.x" 171 | }, 172 | { 173 | "file": "version.inc.php", 174 | "variable": "$modx_version", 175 | "subdir": 2, 176 | "note": "1.x" 177 | }, 178 | { 179 | "file": "changelog.txt", 180 | "variable": "MODX Revolution", 181 | "subdir": 2, 182 | "extra_match": "MODX" 183 | } 184 | ] 185 | }, 186 | { 187 | "name": "PostNuke", 188 | "url": "http://www.postnuke.com", 189 | "safe": "", 190 | "vuln": "CVE-2007-0385", 191 | "latest": "0.764", 192 | "detection": [ 193 | { 194 | "file": "global.php", 195 | "variable": "_MESSAGE_00_a", 196 | "subdir": 2, 197 | "extra_match": "http://www.pn-cms.de" 198 | } 199 | ] 200 | }, 201 | { 202 | "name": "Contenido", 203 | "url": "https://www.contenido.org/", 204 | "safe": "4.9.12", 205 | "vuln": "https://devwerks.net/advisories/DW-2016-008_CONTENIDO_XSS.txt", 206 | "latest": "4.10.1", 207 | "detection": [ 208 | { 209 | "file": "config.misc.php", 210 | "variable": "$cfg['version']", 211 | "subdir": 1, 212 | "extra_match": "Contenido Misc Configurations" 213 | }, 214 | { 215 | "file": "startup.php", 216 | "variable": "CON_VERSION", 217 | "subdir": 1 218 | } 219 | ] 220 | }, 221 | { 222 | "name": "SilverStripe", 223 | "url": "https://www.silverstripe.com", 224 | "safe": "2.4.7", 225 | "vuln": "CVE-2012-0976", 226 | "detection": [ 227 | { 228 | "file": "silverstripe_version", 229 | "variable": "/open/modules/cms/", 230 | "subdir": 1, 231 | "extra_match": "/open/modules/cms/" 232 | } 233 | ] 234 | }, 235 | { 236 | "name": "CMSMadeSimple", 237 | "url": "https://www.cmsmadesimple.org/", 238 | "safe": "2.2.15", 239 | "vuln": "CVE-2024-1527", 240 | "detection": [ 241 | { 242 | "file": "version.php", 243 | "variable": "$CMS_VERSION", 244 | "subdir": 0 245 | } 246 | ] 247 | }, 248 | { 249 | "name": "e107", 250 | "url": "https://e107.org/", 251 | "safe": "1.0.0", 252 | "vuln": "CVE-2011-4920", 253 | "detection": [ 254 | { 255 | "file": "ver.php", 256 | "variable": "$e107info['e107_version']", 257 | "subdir": 0 258 | } 259 | ] 260 | }, 261 | { 262 | "name": "SPIP", 263 | "url": "https://www.spip.net/", 264 | "safe": "3.2.5", 265 | "old_safe": "3.1.11", 266 | "vuln": "CVE-2019-16392", 267 | "detection": [ 268 | { 269 | "file": "inc_version.php", 270 | "variable": "$spip_version_branche", 271 | "subdir": 1 272 | } 273 | ] 274 | }, 275 | { 276 | "name": "contao", 277 | "url": "https://contao.org/", 278 | "safe": "4.7.5", 279 | "old_safe": "4.4.39", 280 | "vuln": "CVE-2019-11512", 281 | "detection": [ 282 | { 283 | "file": "CHANGELOG.txt", 284 | "variable": "Version", 285 | "subdir": 0, 286 | "extra_match": "Contao Open Source CMS Changelog", 287 | "note": "very old versions" 288 | }, 289 | { 290 | "file": "CHANGELOG.md", 291 | "variable": "Version", 292 | "subdir": 0, 293 | "extra_match": "Contao Open Source CMS" 294 | } 295 | ] 296 | }, 297 | { 298 | "name": "redaxo", 299 | "url": "https://redaxo.org/", 300 | "safe": "4.5", 301 | "vuln": "CVE-2012-3869", 302 | "latest": "4.5", 303 | "detection": [ 304 | { 305 | "file": "en_gb.lang", 306 | "variable": "setup_037", 307 | "subdir": 3 308 | } 309 | ] 310 | }, 311 | { 312 | "name": "textpattern", 313 | "url": "https://textpattern.com/", 314 | "safe": "4.8.8", 315 | "vuln": "CVE-2021-44082", 316 | "latest": "4.8.8", 317 | "detection": [ 318 | { 319 | "file": "index.php", 320 | "variable": "$thisversion", 321 | "subdir": 1 322 | } 323 | ] 324 | }, 325 | { 326 | "name": "bolt", 327 | "url": "https://bolt.cm/", 328 | "safe": "3.5.3", 329 | "vuln": "https://github.com/bolt/bolt/blob/v3.5.4/changelog.md#bolt-353", 330 | "latest": "3.5.3", 331 | "detection": [ 332 | { 333 | "file": "Version.php", 334 | "variable": "const VERSION", 335 | "subdir": 4, 336 | "extra_match": "Bolt's" 337 | } 338 | ] 339 | } 340 | ] 341 | -------------------------------------------------------------------------------- /freewvsdb/plugins.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "Serendipity-mycalendar", 4 | "url": "https://s9y.org", 5 | "safe": "0.13", 6 | "vuln": "CVE-2007-6390", 7 | "detection": [ 8 | { 9 | "file": "serendipity_event_mycalendar.php", 10 | "variable": "$propbag->add('version'", 11 | "subdir": 0 12 | } 13 | ] 14 | }, 15 | { 16 | "name": "Serendipity-freetag", 17 | "url": "https://s9y.org", 18 | "safe": "3.69", 19 | "vuln": "https://github.com/s9y/additional_plugins/commit/3edecdb7eccc24e0d5c63a3d5702dba54599bda3", 20 | "detection": [ 21 | { 22 | "file": "serendipity_event_freetag.php", 23 | "variable": "$propbag->add('version'", 24 | "subdir": 0 25 | } 26 | ] 27 | }, 28 | { 29 | "name": "SquirrelMail-gpg", 30 | "url": "https://squirrelmail.org/plugin_view.php?id=153", 31 | "safe": "2.1", 32 | "vuln": "CVE-2007-3779", 33 | "detection": [ 34 | { 35 | "file": "gpg_pref_functions.php", 36 | "variable": "$GPG_VERSION", 37 | "subdir": 0 38 | } 39 | ] 40 | }, 41 | { 42 | "name": "Drupal-Views", 43 | "url": "https://www.drupal.org/project/views", 44 | "safe": "2.13", 45 | "vuln": "CVE-2011-4113", 46 | "detection": [ 47 | { 48 | "file": "views.info", 49 | "variable": "version = \"6.x", 50 | "subdir": 0 51 | } 52 | ] 53 | }, 54 | { 55 | "name": "Wordpress-timthumb", 56 | "url": "https://github.com/GabrielGil/TimThumb", 57 | "safe": "2.8.14", 58 | "vuln": "CVE-2014-4663", 59 | "detection": [ 60 | { 61 | "file": "timthumb.php", 62 | "variable": "('VERSION',", 63 | "subdir": 0, 64 | "extra_match": "TimThumb" 65 | } 66 | ] 67 | }, 68 | { 69 | "name": "Wordpress-timthumb-renamed", 70 | "url": "https://github.com/GabrielGil/TimThumb", 71 | "safe": "2.8.14", 72 | "vuln": "CVE-2014-4663", 73 | "detection": [ 74 | { 75 | "file": "thumb.php", 76 | "variable": "('VERSION',", 77 | "subdir": 0, 78 | "extra_match": "TimThumb" 79 | } 80 | ] 81 | }, 82 | { 83 | "name": "Joomla-JCE", 84 | "url": "https://www.joomlacontenteditor.net/", 85 | "safe": "2.1", 86 | "vuln": "CVE-2012-2902", 87 | "detection": [ 88 | { 89 | "file": "editor.php", 90 | "variable": "$_version", 91 | "subdir": 3, 92 | "extra_match": "JCE class" 93 | } 94 | ] 95 | }, 96 | { 97 | "name": "WP Super Cache", 98 | "url": "https://wordpress.org/plugins/wp-super-cache/", 99 | "safe": "1.7.3", 100 | "vuln": "CVE-2021-24329", 101 | "latest": "1.7.3", 102 | "detection": [ 103 | { 104 | "file": "wp-cache.php", 105 | "variable": "Version:", 106 | "subdir": 0, 107 | "extra_match": "Plugin Name: WP Super Cache" 108 | } 109 | ] 110 | }, 111 | { 112 | "name": "W3 Total Cache", 113 | "url": "https://wordpress.org/plugins/w3-total-cache/", 114 | "safe": "2.1.3", 115 | "vuln": "https://wordpress.org/plugins/w3-total-cache/#developers", 116 | "detection": [ 117 | { 118 | "file": "w3-total-cache.php", 119 | "variable": "Version:", 120 | "subdir": 0, 121 | "extra_match": "Plugin Name: W3 Total Cache" 122 | } 123 | ] 124 | }, 125 | { 126 | "name": "phpThumb", 127 | "url": "http://phpthumb.sourceforge.net/", 128 | "safe": "1.7.10", 129 | "vuln": "CVE-2010-1598", 130 | "detection": [ 131 | { 132 | "file": "phpthumb.class.php", 133 | "variable": "$phpthumb_version", 134 | "subdir": 0 135 | } 136 | ] 137 | }, 138 | { 139 | "name": "Wordpress-Jetpack", 140 | "url": "https://jetpack.com/", 141 | "safe": "14.1", 142 | "vuln": "CVE-2024-10858", 143 | "detection": [ 144 | { 145 | "file": "jetpack.php", 146 | "variable": "JETPACK__VERSION", 147 | "subdir": 0 148 | } 149 | ] 150 | }, 151 | { 152 | "name": "Wordpress-MailPoet", 153 | "url": "https://www.mailpoet.com/", 154 | "safe": "2.6.8", 155 | "vuln": "CVE-2014-4726", 156 | "detection": [ 157 | { 158 | "file": "base.php", 159 | "variable": "static $version", 160 | "subdir": 0, 161 | "extra_match": "WYSIJA_object" 162 | } 163 | ] 164 | }, 165 | { 166 | "name": "Wordpress-CustomContact", 167 | "url": "https://wordpress.org/plugins/custom-contact-forms/", 168 | "safe": "5.1.0.4", 169 | "vuln": "https://blog.sucuri.net/2014/08/database-takeover-in-custom-contact-forms.html", 170 | "detection": [ 171 | { 172 | "file": "custom-contact-forms.php", 173 | "variable": "Version", 174 | "subdir": 0 175 | } 176 | ] 177 | }, 178 | { 179 | "name": "Wordpress-SliderRevolution", 180 | "url": "https://revolution.themepunch.com/", 181 | "safe": "4.2.3", 182 | "vuln": "CVE-2015-5151", 183 | "note": "unclear about exact version", 184 | "detection": [ 185 | { 186 | "file": "revslider.php", 187 | "variable": "$revSliderVersion", 188 | "subdir": 0 189 | } 190 | ] 191 | }, 192 | { 193 | "name": "Wordpress-NextGEN", 194 | "url": "https://wordpress.org/plugins/nextgen-gallery/", 195 | "safe": "3.5.0", 196 | "vuln": "CVE-2020-35942", 197 | "detection": [ 198 | { 199 | "file": "nggallery.php", 200 | "variable": "NGG_PLUGIN_VERSION", 201 | "subdir": 0 202 | } 203 | ] 204 | }, 205 | { 206 | "name": "Wordpress-Akismet", 207 | "url": "https://wordpress.org/plugins/akismet/", 208 | "safe": "3.1.5", 209 | "vuln": "CVE-2015-9357", 210 | "detection": [ 211 | { 212 | "file": "akismet.php", 213 | "variable": "AKISMET_VERSION", 214 | "subdir": 0 215 | } 216 | ] 217 | }, 218 | { 219 | "name": "Wordpress-AllInOneSEO", 220 | "url": "https://semperplugins.com/all-in-one-seo-pack-changelog/", 221 | "safe": "3.2.7", 222 | "vuln": "CVE-2019-16520", 223 | "detection": [ 224 | { 225 | "file": "all_in_one_seo_pack.php", 226 | "variable": "define( 'AIOSEOP_VERSION'", 227 | "subdir": 0 228 | } 229 | ] 230 | }, 231 | { 232 | "name": "Wordpress-DownloadManager", 233 | "url": "https://wordpress.org/plugins/download-manager/", 234 | "safe": "3.1.07", 235 | "vuln": "https://de.wordpress.org/plugins/download-manager/#developers", 236 | "detection": [ 237 | { 238 | "file": "download-manager.php", 239 | "variable": "define('WPDM_Version'", 240 | "subdir": 0 241 | } 242 | ] 243 | }, 244 | { 245 | "name": "Wordpress-Fancybox", 246 | "url": "https://wordpress.org/plugins/fancybox-for-wordpress/", 247 | "safe": "3.0.4", 248 | "vuln": "CVE-2015-1494", 249 | "detection": [ 250 | { 251 | "file": "fancybox.php", 252 | "variable": "FBFW_VERSION", 253 | "subdir": 0 254 | } 255 | ] 256 | }, 257 | { 258 | "name": "Joomla-Googlemaps", 259 | "url": "http://joomlacode.org/gf/project/mambot_google1/", 260 | "safe": "3.1", 261 | "vuln": "CVE-2013-7428", 262 | "detection": [ 263 | { 264 | "file": "plugin_googlemap3.perm", 265 | "variable": "", 266 | "subdir": 0 267 | } 268 | ] 269 | }, 270 | { 271 | "name": "Wordpress-SEObyYoast", 272 | "url": "https://wordpress.org/plugins/wordpress-seo/", 273 | "safe": "11.6.0", 274 | "vuln": "CVE-2019-13478", 275 | "detection": [ 276 | { 277 | "file": "wp-seo-main.php", 278 | "variable": "WPSEO_VERSION", 279 | "subdir": 0 280 | } 281 | ] 282 | }, 283 | { 284 | "name": "Wordpress-GoogleAnalyticsbyMonsterInsights", 285 | "url": "https://wordpress.org/plugins/google-analytics-for-wordpress/changelog/", 286 | "safe": "7.2.0", 287 | "vuln": "https://wpvulndb.com/vulnerabilities/9157/", 288 | "detection": [ 289 | { 290 | "file": "googleanalytics.php", 291 | "variable": "GAWP_VERSION", 292 | "subdir": 0 293 | } 294 | ] 295 | }, 296 | { 297 | "name": "Wordpress-Captcha", 298 | "url": "https://wordpress.org/plugins/captcha/", 299 | "safe": "4.4.5", 300 | "vuln": "https://www.wordfence.com/blog/2017/12/backdoor-captcha-plugin/", 301 | "detection": [ 302 | { 303 | "file": "captcha.php", 304 | "variable": "Version:", 305 | "subdir": 0 306 | } 307 | ] 308 | }, 309 | { 310 | "name": "Wordpress-ContactForm7", 311 | "url": "https://contactform7.com/", 312 | "safe": "6.0.6", 313 | "vuln": "CVE-2025-3247", 314 | "detection": [ 315 | { 316 | "file": "wp-contact-form-7.php", 317 | "variable": "WPCF7_VERSION", 318 | "subdir": 0 319 | } 320 | ] 321 | }, 322 | { 323 | "name": "Wordpress-ACF", 324 | "url": "https://www.advancedcustomfields.com/", 325 | "safe": "6.3.8", 326 | "vuln": "https://www.advancedcustomfields.com/blog/acf-6-3-8-security-release/", 327 | "detection": [ 328 | { 329 | "file": "acf.php", 330 | "variable": "Version:", 331 | "extra_match": "Advanced Custom Fields", 332 | "subdir": 0 333 | } 334 | ] 335 | }, 336 | { 337 | "name": "Wordpress-Updraftplus", 338 | "url": "https://updraftplus.com/", 339 | "safe": "1.25.1", 340 | "vuln": "CVE-2025-0215", 341 | "detection": [ 342 | { 343 | "file": "updraftplus.php", 344 | "variable": "Version:", 345 | "subdir": 0 346 | } 347 | ] 348 | }, 349 | { 350 | "name": "Wordpress-GoogleXMLSitemaps", 351 | "url": "https://wordpress.org/plugins/google-sitemap-generator/", 352 | "safe": "4.1.1", 353 | "vuln": "https://wordpress.org/plugins/google-sitemap-generator/#developers", 354 | "detection": [ 355 | { 356 | "file": "sitemap.php", 357 | "variable": "Version:", 358 | "extra_match": "Google XML Sitemaps Generator for WordPress", 359 | "subdir": 0 360 | } 361 | ] 362 | }, 363 | { 364 | "name": "Wordpress-DuplicatePost", 365 | "url": "https://wordpress.org/plugins/duplicate-post/", 366 | "safe": "3.2.4", 367 | "vuln": "https://packetstormsecurity.com/files/154622/Duplicate-Post-3.2.3-Cross-Site-Scripting.html", 368 | "detection": [ 369 | { 370 | "file": "duplicate-post.php", 371 | "variable": "DUPLICATE_POST_CURRENT_VERSION", 372 | "subdir": 0 373 | } 374 | ] 375 | }, 376 | { 377 | "name": "Wordpress-ThemegrillDemoImporter", 378 | "url": "https://wordpress.org/plugins/themegrill-demo-importer/", 379 | "safe": "1.6.3", 380 | "vuln": "https://www.openwall.com/lists/oss-security/2020/02/19/1", 381 | "detection": [ 382 | { 383 | "file": "class-themegrill-demo-importer.php", 384 | "variable": "$version", 385 | "subdir": 1 386 | } 387 | ] 388 | }, 389 | { 390 | "name": "Wordpress-WooCommerce", 391 | "url": "https://woocommerce.com/", 392 | "safe": "3.9.2", 393 | "vuln": "https://woocommerce.wordpress.com/2020/02/13/woocommerce-3-9-2-security-release/", 394 | "detection": [ 395 | { 396 | "file": "woocommerce.php", 397 | "variable": "Version:", 398 | "subdir": 0 399 | } 400 | ] 401 | }, 402 | { 403 | "name": "Wordpress-AllinoneWPMigration", 404 | "url": "https://wordpress.org/plugins/all-in-one-wp-migration/", 405 | "safe": "7.41", 406 | "vuln": "CVE-2021-24216", 407 | "detection": [ 408 | { 409 | "file": "constants.php", 410 | "variable": "AI1WM_VERSION", 411 | "subdir": 0 412 | } 413 | ] 414 | }, 415 | { 416 | "name": "Wordpress-SEO-by-Rank-Math", 417 | "url": "https://rankmath.com/", 418 | "safe": "1.0.41", 419 | "vuln": "https://www.wordfence.com/blog/2020/03/critical-vulnerabilities-affecting-over-200000-sites-patched-in-rank-math-seo-plugin/", 420 | "detection": [ 421 | { 422 | "file": "rank-math.php", 423 | "variable": "$version", 424 | "subdir": 0 425 | } 426 | ] 427 | }, 428 | { 429 | "name": "bbPress", 430 | "url": "https://bbpress.org/", 431 | "safe": "2.6.5", 432 | "vuln": "CVE-2020-13693", 433 | "detection": [ 434 | { 435 | "file": "bbpress.php", 436 | "variable": "$this->version", 437 | "subdir": 0 438 | } 439 | ] 440 | }, 441 | { 442 | "name": "Wordpress-File-Manager", 443 | "url": "https://wordpress.org/plugins/wp-file-manager/", 444 | "safe": "6.9", 445 | "vuln": "https://seravo.com/blog/0-day-vulnerability-in-wp-file-manager/", 446 | "detection": [ 447 | { 448 | "file": "file_folder_manager.php", 449 | "variable": "$ver", 450 | "subdir": 0 451 | } 452 | ] 453 | }, 454 | { 455 | "name": "Wordpress-simple-tags", 456 | "url": "https://wordpress.org/plugins/simple-tags/", 457 | "safe": "3.40.1", 458 | "vuln": "https://wordpress.org/plugins/simple-tags/#developers", 459 | "detection": [ 460 | { 461 | "file": "simple-tags.php", 462 | "variable": "STAGS_VERSION", 463 | "subdir": 0 464 | } 465 | ] 466 | }, 467 | { 468 | "name": "Roundcube-RCMCardDAV", 469 | "url": "https://github.com/mstilkerich/rcmcarddav", 470 | "safe": "4.0.0", 471 | "vuln": "https://github.com/mstilkerich/rcmcarddav/releases/tag/v4.0.0-alpha1", 472 | "detection": [ 473 | { 474 | "file": "carddav.php", 475 | "variable": "const PLUGIN_VERSION", 476 | "subdir": 0, 477 | "note": "4.0.0 and above" 478 | }, 479 | { 480 | "file": "carddav_common.php", 481 | "variable": "RCM CardDAV plugin/", 482 | "subdir": 0, 483 | "note": "3.x" 484 | } 485 | ] 486 | } 487 | ] 488 | -------------------------------------------------------------------------------- /freewvsdb/misc.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "phpMyAdmin", 4 | "url": "https://www.phpmyadmin.net/", 5 | "safe": "5.2.2", 6 | "old_safe": "4.9.11", 7 | "vuln": "CVE-2025-24530", 8 | "detection": [ 9 | { 10 | "file": "Config.class.php", 11 | "variable": "PMA_VERSION", 12 | "subdir": 1, 13 | "note": "4.5.x and older" 14 | }, 15 | { 16 | "file": "Config.php", 17 | "variable": "PMA_VERSION", 18 | "subdir": 1, 19 | "extra_match": "namespace PMA\\libraries;", 20 | "note": "4.6.x/4.7.x" 21 | }, 22 | { 23 | "file": "package.json", 24 | "variable": "version", 25 | "subdir": 0, 26 | "extra_match": "A web interface for MySQL and MariaDB" 27 | } 28 | ] 29 | }, 30 | { 31 | "name": "SquirrelMail", 32 | "url": "https://squirrelmail.org/", 33 | "safe": "", 34 | "vuln": "CVE-2020-14933", 35 | "detection": [ 36 | { 37 | "file": "strings.php", 38 | "variable": "$version", 39 | "subdir": 1, 40 | "extra_match": "SquirrelMail version number" 41 | } 42 | ] 43 | }, 44 | { 45 | "name": "Mantis", 46 | "url": "https://mantisbt.org/", 47 | "safe": "2.27.2", 48 | "vuln": "CVE-2025-55155", 49 | "detection": [ 50 | { 51 | "file": "config_defaults_inc.php", 52 | "variable": "$g_mantis_version", 53 | "subdir": 0 54 | }, 55 | { 56 | "file": "constant_inc.php", 57 | "variable": "MANTIS_VERSION", 58 | "subdir": 1 59 | } 60 | ] 61 | }, 62 | { 63 | "name": "Bugzilla", 64 | "url": "https://www.bugzilla.org/", 65 | "safe": "5.0.4", 66 | "old_safe": "4.4.13", 67 | "vuln": "CVE-2018-5123", 68 | "detection": [ 69 | { 70 | "file": "globals.pl", 71 | "variable": "$::param{'version'}", 72 | "subdir": 0, 73 | "note": "2.14.x and older" 74 | }, 75 | { 76 | "file": "Config.pm", 77 | "variable": "$Bugzilla::Config::VERSION", 78 | "subdir": 1, 79 | "note": "2.16.x - 2.23.x" 80 | }, 81 | { 82 | "file": "Constants.pm", 83 | "variable": "BUGZILLA_VERSION", 84 | "subdir": 1, 85 | "note": "3.x and newer" 86 | } 87 | ] 88 | }, 89 | { 90 | "name": "SimpNews", 91 | "url": "https://web.archive.org/web/20110228171938/http://www.boesch-it.de/", 92 | "safe": "2.48", 93 | "vuln": "CVE-2010-2858", 94 | "detection": [ 95 | { 96 | "file": "global.inc.php", 97 | "variable": "$version", 98 | "subdir": 1, 99 | "extra_match": "$path_simpnews" 100 | } 101 | ] 102 | }, 103 | { 104 | "name": "calendarix", 105 | "url": "https://web.archive.org/web/20120430200920/http://www.calendarix.com/", 106 | "safe": "", 107 | "vuln": "CVE-2007-3183", 108 | "detection": [ 109 | { 110 | "file": "cal_config.inc.php", 111 | "variable": "$version", 112 | "subdir": 0 113 | } 114 | ] 115 | }, 116 | { 117 | "name": "myEvent", 118 | "url": "http://mywebland.com/", 119 | "safe": "", 120 | "vuln": "CVE-2007-0690", 121 | "detection": [ 122 | { 123 | "file": "config.php", 124 | "variable": "$version", 125 | "subdir": 0, 126 | "extra_match": "$eventbgcolor" 127 | } 128 | ] 129 | }, 130 | { 131 | "name": "php-stats", 132 | "url": "http://php-stats.com/", 133 | "safe": "", 134 | "vuln": "CVE-2007-5453", 135 | "detection": [ 136 | { 137 | "file": "update.php", 138 | "variable": "$version", 139 | "subdir": 0, 140 | "extra_match": "http://php-stats.com/" 141 | } 142 | ] 143 | }, 144 | { 145 | "name": "Ampache", 146 | "url": "http://ampache.org/", 147 | "safe": "4.0.0", 148 | "vuln": "CVE-2019-12385", 149 | "detection": [ 150 | { 151 | "file": "init.php", 152 | "variable": "$results['version']", 153 | "subdir": 1, 154 | "extra_match": "$ampache_path" 155 | } 156 | ] 157 | }, 158 | { 159 | "name": "SiteBar", 160 | "url": "https://sitebar.org/", 161 | "safe": "3.3.9", 162 | "vuln": "CVE-2007-5492", 163 | "detection": [ 164 | { 165 | "file": "database.inc.php", 166 | "variable": "SB_CURRENT_RELEASE", 167 | "subdir": 1 168 | } 169 | ] 170 | }, 171 | { 172 | "name": "phpPgAdmin", 173 | "url": "http://phppgadmin.sourceforge.net/", 174 | "safe": "5.0.4", 175 | "vuln": "CVE-2012-1600", 176 | "detection": [ 177 | { 178 | "file": "lib.inc.php", 179 | "variable": "$appVersion", 180 | "subdir": 1, 181 | "extra_match": "phpPgAdmin" 182 | } 183 | ] 184 | }, 185 | { 186 | "name": "FTP Admin", 187 | "url": "http://ftpadmin.sourceforge.net/", 188 | "safe": "", 189 | "vuln": "CVE-2007-6234", 190 | "detection": [ 191 | { 192 | "file": "session_start.php", 193 | "variable": "VERSION", 194 | "subdir": 0, 195 | "extra_match": "define(\"TITLE\", \"FTP Admin\");" 196 | } 197 | ] 198 | }, 199 | { 200 | "name": "RoundCube", 201 | "url": "https://roundcube.net", 202 | "safe": "1.6.12", 203 | "old_safe": "1.5.12", 204 | "latest": "1.6.12", 205 | "vuln": "https://roundcube.net/news/2025/12/13/security-updates-1.6.12-and-1.5.12", 206 | "detection": [ 207 | { 208 | "file": "index.php", 209 | "variable": "RCMAIL_VERSION", 210 | "subdir": 0 211 | }, 212 | { 213 | "file": "iniset.php", 214 | "variable": "RCMAIL_VERSION", 215 | "subdir": 2 216 | } 217 | ] 218 | }, 219 | { 220 | "name": "Moodle", 221 | "url": "https://moodle.org/", 222 | "safe": "4.4.2", 223 | "old_safe": "4.3.6,4.2.9,4.1.12", 224 | "latest": "4.4.2", 225 | "vuln": "CVE-2024-43425", 226 | "detection": [ 227 | { 228 | "file": "version.php", 229 | "variable": "$release", 230 | "subdir": 0, 231 | "extra_match": "MOODLE VERSION INFORMATION" 232 | } 233 | ] 234 | }, 235 | { 236 | "name": "cacti", 237 | "url": "https://cacti.net/", 238 | "safe": "1.2.8", 239 | "vuln": "CVE-2019-17357", 240 | "detection": [ 241 | { 242 | "file": "global.php", 243 | "variable": "$config[\"cacti_version\"]", 244 | "subdir": 1 245 | } 246 | ] 247 | }, 248 | { 249 | "name": "gnopaste", 250 | "url": "http://gnopaste.sf.net/", 251 | "safe": "0.5.4", 252 | "vuln": "CVE-2006-2834", 253 | "detection": [ 254 | { 255 | "file": "install.php", 256 | "variable": "$_SESSION['page_title'] = 'gnopaste", 257 | "subdir": 0 258 | } 259 | ] 260 | }, 261 | { 262 | "name": "Flyspray", 263 | "url": "http://www.flyspray.org/", 264 | "safe": "0.9.9.7", 265 | "vuln": "CVE-2012-1058", 266 | "detection": [ 267 | { 268 | "file": "class.flyspray.php", 269 | "variable": "var $version", 270 | "subdir": 1 271 | } 272 | ] 273 | }, 274 | { 275 | "name": "phpMyID", 276 | "url": "http://siege.org/projects/phpMyID", 277 | "safe": "", 278 | "vuln": "CVE-2008-4730", 279 | "detection": [ 280 | { 281 | "file": "MyID.php", 282 | "variable": "@version", 283 | "subdir": 0 284 | } 285 | ] 286 | }, 287 | { 288 | "name": "phplist", 289 | "url": "https://www.phplist.org/", 290 | "safe": "3.5.1", 291 | "vuln": "CVE-2020-8547", 292 | "detection": [ 293 | { 294 | "file": "connect.php", 295 | "variable": "define(\"VERSION\"", 296 | "subdir": 1 297 | }, 298 | { 299 | "file": "init.php", 300 | "variable": "define(\"VERSION\"", 301 | "subdir": 1 302 | } 303 | ] 304 | }, 305 | { 306 | "name": "Matomo", 307 | "url": "https://matomo.org/", 308 | "safe": "4.6.0", 309 | "vuln": "https://matomo.org/changelog/matomo-4-6-0/", 310 | "latest": "4.6.2", 311 | "detection": [ 312 | { 313 | "file": "Version.php", 314 | "variable": "const VERSION", 315 | "subdir": 1, 316 | "extra_match": "@link https://matomo.org" 317 | }, 318 | { 319 | "file": "Version.php", 320 | "variable": "const VERSION", 321 | "subdir": 1, 322 | "extra_match": "@link http://piwik.org", 323 | "note": "when it was called Piwik" 324 | } 325 | ] 326 | }, 327 | { 328 | "name": "phpWishlist", 329 | "url": "http://phpwishlist.sourceforge.net/", 330 | "safe": "0.1.15", 331 | "vuln": "CVE-2005-2203", 332 | "detection": [ 333 | { 334 | "file": "header.inc.php", 335 | "variable": "$version", 336 | "subdir": 1, 337 | "extra_match": "* Wishlist -" 338 | } 339 | ] 340 | }, 341 | { 342 | "name": "awstats", 343 | "url": "https://awstats.sourceforge.io/", 344 | "safe": "7.7", 345 | "vuln": "CVE-2017-1000501", 346 | "detection": [ 347 | { 348 | "file": "awstats.pl", 349 | "variable": "$VERSION =", 350 | "subdir": 0 351 | } 352 | ] 353 | }, 354 | { 355 | "name": "phpMyFAQ", 356 | "url": "https://www.phpmyfaq.de/", 357 | "safe": "2.9.11", 358 | "vuln": "CVE-2018-16650", 359 | "detection": [ 360 | { 361 | "file": "phpmyfaq.spec", 362 | "variable": "version", 363 | "subdir": 1 364 | } 365 | ] 366 | }, 367 | { 368 | "name": "Horde-webmail", 369 | "url": "http://www.horde.org/", 370 | "safe": "", 371 | "vuln": "CVE-2019-12094", 372 | "detection": [ 373 | { 374 | "file": "bundle.php", 375 | "variable": "BUNDLE_VERSION", 376 | "subdir": 1, 377 | "extra_match": "'Horde Groupware Webmail Edition'" 378 | }, 379 | { 380 | "file": "Bundle.php", 381 | "variable": "VERSION", 382 | "subdir": 1, 383 | "extra_match": "'Horde Groupware Webmail Edition'" 384 | } 385 | ] 386 | }, 387 | { 388 | "name": "ResourceSpace", 389 | "url": "https://www.resourcespace.com/", 390 | "safe": "4.2.2833", 391 | "vuln": "CVE-2011-4311", 392 | "latest": "4.3.2912", 393 | "detection": [ 394 | { 395 | "file": "version.php", 396 | "variable": "$productname='ResourceSpace';$productversion", 397 | "subdir": 1 398 | } 399 | ] 400 | }, 401 | { 402 | "name": "apc.php", 403 | "url": "http://pecl.php.net/package/APC", 404 | "safe": "301867", 405 | "vuln": "CVE-2010-3294", 406 | "note": "this does not contain it's \"real\" version number, using the CVS id instead - there's been an XSS pre 3.1.4.", 407 | "detection": [ 408 | { 409 | "file": "apc.php", 410 | "variable": "$VERSION='$Id: apc.php", 411 | "subdir": 0 412 | } 413 | ] 414 | }, 415 | { 416 | "name": "webtrees", 417 | "url": "https://www.webtrees.net/", 418 | "safe": "1.2.4", 419 | "vuln": "CVE-2014-100006", 420 | "latest": "1.5.2", 421 | "detection": [ 422 | { 423 | "file": "session.php", 424 | "variable": "define('WT_VERSION'", 425 | "subdir": 1 426 | } 427 | ] 428 | }, 429 | { 430 | "name": "PhpGedView", 431 | "url": "http://phpgedview.sourceforge.net/", 432 | "safe": "4.2.4", 433 | "vuln": "CVE-2011-0405", 434 | "detection": [ 435 | { 436 | "file": "session.php", 437 | "variable": "define('PGV_VERSION'", 438 | "subdir": 1 439 | } 440 | ] 441 | }, 442 | { 443 | "name": "status.net", 444 | "url": "http://status.net", 445 | "safe": "0.9.9", 446 | "vuln": "CVE-2011-3370", 447 | "detection": [ 448 | { 449 | "file": "common.php", 450 | "variable": "define('STATUSNET_BASE_VERSION'", 451 | "subdir": 1 452 | } 453 | ] 454 | }, 455 | { 456 | "name": "limesurvey", 457 | "url": "https://www.limesurvey.org/", 458 | "safe": "4.1.15", 459 | "vuln": "https://www.limesurvey.org/limesurvey-updates/2234-limesurvey-4-1-15-build-200402-released", 460 | "detection": [ 461 | { 462 | "file": "common.php", 463 | "variable": "$versionnumber", 464 | "subdir": 0, 465 | "extra_match": "LimeSurvey", 466 | "note": "1.8.x and earlier" 467 | }, 468 | { 469 | "file": "version.php", 470 | "variable": "$versionnumber", 471 | "subdir": 0, 472 | "extra_match": "$dbversionnumber", 473 | "note": "1.9.x" 474 | }, 475 | { 476 | "file": "version.php", 477 | "variable": "$config['versionnumber']", 478 | "subdir": 2, 479 | "extra_match": "LimeSurvey", 480 | "note": "2.x and above" 481 | } 482 | ] 483 | }, 484 | { 485 | "name": "webcalendar", 486 | "url": "http://www.k5n.us/webcalendar.php", 487 | "safe": "1.3.0", 488 | "vuln": "CVE-2016-10033", 489 | "detection": [ 490 | { 491 | "file": "config.php", 492 | "variable": "$PROGRAM_VERSION", 493 | "subdir": 1, 494 | "extra_match": "@package WebCalendar" 495 | } 496 | ] 497 | }, 498 | { 499 | "name": "nextcloud", 500 | "url": "https://nextcloud.com", 501 | "safe": "28.0.4", 502 | "old_safe": "27.1.8,26.0.13", 503 | "latest": "29.0.4", 504 | "vuln": "CVE-2024-37884", 505 | "detection": [ 506 | { 507 | "file": "version.php", 508 | "variable": "$OC_VersionString", 509 | "subdir": 0, 510 | "extra_match": "$vendor = 'nextcloud';" 511 | } 512 | ] 513 | }, 514 | { 515 | "name": "owncloud", 516 | "url": "https://owncloud.org/", 517 | "safe": "10.13.1", 518 | "latest": "10.13.3", 519 | "vuln": "CVE-2023-49105", 520 | "detection": [ 521 | { 522 | "file": "util.php", 523 | "variable": "return '", 524 | "subdir": 1, 525 | "extra_match": "class OC_Util", 526 | "note": "5.x and earlier" 527 | }, 528 | { 529 | "file": "version.php", 530 | "variable": "$OC_VersionString", 531 | "subdir": 0, 532 | "extra_nomatch": "nextcloud" 533 | } 534 | ] 535 | }, 536 | { 537 | "name": "videodb", 538 | "url": "http://www.videodb.net/", 539 | "safe": "4.0", 540 | "vuln": "https://www.exploit-db.com/exploits/17660", 541 | "detection": [ 542 | { 543 | "file": "constants.php", 544 | "variable": "('VERSION',", 545 | "subdir": 1, 546 | "extra_match": "TBL_" 547 | } 548 | ] 549 | }, 550 | { 551 | "name": "OpenX", 552 | "url": "http://www.openx.com/", 553 | "safe": "", 554 | "vuln": "https://www.kreativrauschen.com/blog/2013/12/18/zero-day-vulnerability-in-openx-source-2-8-11-and-revive-adserver-3-0-1/", 555 | "detection": [ 556 | { 557 | "file": "constants.php", 558 | "variable": "OA_VERSION", 559 | "subdir": 0, 560 | "extra_match": "OpenX" 561 | } 562 | ] 563 | }, 564 | { 565 | "name": "revive", 566 | "url": "http://www.revive-adserver.com/", 567 | "safe": "3.0.5", 568 | "vuln": "CVE-2013-5954", 569 | "detection": [ 570 | { 571 | "file": "constants.php", 572 | "variable": "VERSION", 573 | "subdir": 0, 574 | "extra_match": "Revive Adserver" 575 | } 576 | ] 577 | }, 578 | { 579 | "name": "osTicket", 580 | "url": "https://osticket.com/", 581 | "safe": "1.12.1", 582 | "old_safe": "1.10.7", 583 | "vuln": "CVE-2019-14750", 584 | "latest": "1.14.1", 585 | "detection": [ 586 | { 587 | "file": "bootstrap.php", 588 | "variable": "define('THIS_VERSION',", 589 | "subdir": 0 590 | } 591 | ] 592 | }, 593 | { 594 | "name": "Gitlist", 595 | "url": "https://gitlist.org/", 596 | "safe": "0.7.0", 597 | "vuln": "CVE-2018-1000533", 598 | "latest": "1.0.2", 599 | "detection": [ 600 | { 601 | "file": "footer.twig", 602 | "variable": "Powered by", 603 | "subdir": 3 604 | }, 605 | { 606 | "file": "installed.php", 607 | "variable": "pretty_version", 608 | "subdir": 2, 609 | "extra_match": "klaussilveira/gitlist" 610 | } 611 | ] 612 | }, 613 | { 614 | "name": "reveal.js", 615 | "url": "https://revealjs.com/", 616 | "safe": "3.9.2", 617 | "vuln": "CVE-2020-8127", 618 | "latest": "3.9.2", 619 | "detection": [ 620 | { 621 | "file": "reveal.js", 622 | "variable": "var VERSION", 623 | "subdir": 1 624 | } 625 | ] 626 | }, 627 | { 628 | "name": "YOURLS", 629 | "url": "https://yourls.org/", 630 | "safe": "1.9", 631 | "vuln": "https://github.com/YOURLS/YOURLS/releases/tag/1.9", 632 | "latest": "1.9.1", 633 | "detection": [ 634 | { 635 | "file": "version.php", 636 | "variable": "YOURLS_VERSION", 637 | "subdir": 1 638 | } 639 | ] 640 | }, 641 | { 642 | "name": "PrivateBin", 643 | "url": "https://privatebin.info/", 644 | "safe": "1.7.4", 645 | "vuln": "CVE-2024-39899", 646 | "latest": "1.7.5", 647 | "detection": [ 648 | { 649 | "file": "Controller.php", 650 | "variable": "const VERSION", 651 | "extra_match": "namespace PrivateBin;", 652 | "subdir": 1 653 | } 654 | ] 655 | } 656 | ] 657 | --------------------------------------------------------------------------------