Detected by RIPS, Missed by Others

A security testing solution is as good as the real security bugs it finds.

Software Version Issue Type Details
WordPress 5.0.0 Privilege Escalation Analysis, News
phpBB 3.2.3 Phar Deserialization to RCE Analysis, RIPS Report, News
Pydio 8.2.1 Remote Code Execution Analysis, RIPS Report, News
WooCommerce 3.4.5 File Delete to RCE Analysis, RIPS Report, News
TikiWiki 17.1 SQL Injection Analysis
WordPress 4.9.6 File Delete to RCE Analysis
Moodle 3.4.2 Remote Code Execution Analysis, News
PrestaShop 1.7.2.4 Remote Code Execution Analysis, News
Shopware 5.4.2 Path Traversal, SQL Injection News
WooCommerce 3.2.3 PHP Object Injection Analysis, News
LimeSurvey 2.72.3 Remote Code Execution Analysis , RIPS Report
Joomla! 3.8.3 SQL Injection Analysis, RIPS Report, News , CVE-2018-6376
CubeCart 6.1.12 Auth Bypass, SQL Injection Analysis, RIPS Report
OXID eSales 4.10.6 Authenticated SQL Injection RIPS Report
Shopware 5.3.3 SQL Injection, XXE Injection Analysis , RIPS Report
flatCore CMS 1.4.6 Remote Code Execution Analysis , RIPS Report
Joomla! 3.7.5 LDAP Injection Analysis, RIPS Report, News, CVE-2017-14596
SugarCRM 7.7, 7.8, 7.9 SQL Injection, File Disclosure Analysis, CVE-2017-14508, 14509, 14510
Ampache 3.8.2 SQL Injection Details, More
e107 2.1.2 SQL Injection Analysis, RIPS Report
AbanteCart 1.2.8 SQL Injection Analysis, RIPS Report
Kliqqi 3.0.0.5 Remote Code Execution Analysis, RIPS Report
osClass 3.6.1 Remote Code Execution Analysis, RIPS Report, Video
Redaxo 5.2.0 Remote Code Execution Analysis, RIPS Report
Vtiger 6.5.0 SQL Injection Analysis, RIPS Report
Precurio 2.1 Path Traversal Analysis, RIPS Report
PHPKit 1.6.6 File Upload Analysis, RIPS Report
Serendipity 2.0.3 File Upload Analysis, RIPS Report, Video
Roundcube 1.2.2 Remote Command Execution Analysis, RIPS Report, CVE-2016-9920, Video
Expression Engine 3.4.2 PHP Object Injection Analysis, RIPS Report, Video
eFront 3.6.15 SQL Injection Analysis, RIPS Report
Coppermine Gallery 1.5.42, 1.6.x-dev1 Remote Command Execution Analysis, RIPS Report
FreePBX 13.x Remote Command Execution Analysis, RIPS Report, News, Video
TeamPass 2.1.25 SQL Injection Analysis, RIPS Report, News
phpMyAdmin 4.6.2 Remote Code Execution PMASA-2016-27, CVE-2016-5734, RIPS Report
Concrete5 5.7.2.1 SQL Injection Details
Drupal 7.34 PHP Object Injection Details
Magento 1.9.0.1 PHP Object Injection Details
phpMyAdmin 4.2.10 Local File Inclusion PMASA-2014-14, CVE-2014-8959
Joomla! 3.3.4 Remote Code Execution Details, CVE-2014-7228
phpBB 2.0.23 SQL Injection Analysis, RIPS Report
CMS Made Simple 1.11.11 SQL Injection Changelog, RIPS Report
osCommerce 2.3.4 Remote Code Execution Video
Wordpress 4.01 Cross-Site Scripting Details
hotCRP 2.90 SQL Injection Changelog
hotCRP 2.60 SQL Injection Changelog
OpenConf 5.30 Remote Code Execution Analysis, News, Video
Gallery3 3.0.4 Remote Code Execution Details
Here is one of the few security products, that is not snakeoil: RIPS. We use it all the time.

Dr. Mario Heiderich, CEO, Cure53