Vulnerabilities

Detected by RIPS, missed by others.

The following critical security vulnerabilities were detected with RIPS and reported responsibly to the affected vendor.


DateSoftwareVersionVulnerability TypeDetailsFound By
Gallery33.0.4Remote Code ExecutionDetailsRIPS Team
OpenConf5.30Remote Code ExecutionDetails, NewsRIPS Team
hotCRP2.60SQL InjectionChangelogRIPS Team
hotCRP2.90SQL InjectionChangelogRIPS Team
Wordpress4.01Cross-Site ScriptingDetailsRIPS Team
osCommerce2.3.4Remote Code Execution RIPS Team
CMS Made Simple1.11.11SQL InjectionChangelog, DemoRIPS Team
phpBB2.0.23SQL InjectionDetails, DemoRIPS Team
Joomla3.3.4Remote Code ExecutionDetails, CVE-2014-7228RIPS Team
phpMyAdmin4.2.10Local File InclusionPMASA-2014-14, CVE-2014-8959RIPS Team
Magento1.9.0.1PHP Object InjectionDetailsRIPS Team
Drupal7.34PHP Object InjectionDetailsRIPS Team
Concrete55.7.2.1SQL InjectionDetailsRIPS Team
phpMyAdmin4.6.2Remote Code ExecutionPMASA-2016-27, CVE-2016-5734, DemoCure53
TeamPass2.1.25SQL InjectionDetails, Demo, NewsTeamPass
FreePBX13.xRemote Command ExecutionDetails, Demo, NewsRIPS Team
Coppermine Gallery1.5.42, 1.6.x-dev1Remote Command ExecutionDetails, DemoRIPS Team
eFront3.6.15SQL InjectionDetails, DemoRIPS Team
Expression Engine3.4.2PHP Object InjectionDetails, DemoRIPS Team
Roundcube1.2.2Remote Command ExecutionDetails, Demo, CVE-2016-9920RIPS Team
Serendipity2.0.3File UploadDetails, DemoRIPS Team
PHPKit1.6.6File UploadDetails, DemoRIPS Team
Precurio2.1Path TraversalDetails, DemoRIPS Team
Vtiger6.5.0SQL InjectionDetails, DemoDennis Detering
Redaxo5.2.0Remote Code ExecutionDetails, DemoRIPS Team
osClass3.6.1Remote Code ExecutionDetails, DemoRIPS Team
Kliqqi3.0.0.5Remote Code ExecutionDetails, DemoRIPS Team
AbanteCart1.2.8SQL InjectionDetails, DemoRIPS Team
e1072.1.2SQL InjectionDetails, DemoRIPS Team
Open Source SoftwareLatestMedium - CriticalReport a bug
you found with RIPS
Company Name

How can these vulnerabilities be automatically detected in your source code?

Find out in our blog post.