Vulnerabilities

Detected by RIPS, missed by others.

The following critical security vulnerabilities were detected with RIPS and reported responsibly to the affected vendor.


DateSoftwareVersionVulnerability TypeDetailsCredits
Gallery33.0.4Remote Code ExecutionDetailsRIPS Team
OpenConf5.30Remote Code ExecutionDetails, News, VideoRIPS Team
hotCRP2.60SQL InjectionChangelogRIPS Team
hotCRP2.90SQL InjectionChangelogRIPS Team
Wordpress4.01Cross-Site ScriptingDetailsRIPS Team
osCommerce2.3.4Remote Code ExecutionVideoRIPS Team
CMS Made Simple1.11.11SQL InjectionChangelog, DemoRIPS Team
phpBB2.0.23SQL InjectionDetails, DemoRIPS Team
Joomla!3.3.4Remote Code ExecutionDetails, CVE-2014-7228RIPS Team
phpMyAdmin4.2.10Local File InclusionPMASA-2014-14, CVE-2014-8959RIPS Team
Magento1.9.0.1PHP Object InjectionDetailsRIPS Team
Drupal7.34PHP Object InjectionDetailsRIPS Team
Concrete55.7.2.1SQL InjectionDetailsRIPS Team
phpMyAdmin4.6.2Remote Code ExecutionPMASA-2016-27, CVE-2016-5734, DemoCure53
TeamPass2.1.25SQL InjectionDetails, Demo, NewsTeamPass
FreePBX13.xRemote Command ExecutionDetails, Demo, News, VideoRIPS Team
Coppermine Gallery1.5.42, 1.6.x-dev1Remote Command ExecutionDetails, DemoRIPS Team
eFront3.6.15SQL InjectionDetails, DemoRIPS Team
Expression Engine3.4.2PHP Object InjectionDetails, Demo, VideoRIPS Team
Roundcube1.2.2Remote Command ExecutionDetails, Demo, CVE-2016-9920, VideoRIPS Team
Serendipity2.0.3File UploadDetails, Demo, VideoRIPS Team
PHPKit1.6.6File UploadDetails, DemoRIPS Team
Precurio2.1Path TraversalDetails, DemoRIPS Team
Vtiger6.5.0SQL InjectionDetails, DemoDennis Detering
Redaxo5.2.0Remote Code ExecutionDetails, DemoRIPS Team
osClass3.6.1Remote Code ExecutionDetails, Demo, VideoRIPS Team
Kliqqi3.0.0.5Remote Code ExecutionDetails, DemoRIPS Team
AbanteCart1.2.8SQL InjectionDetails, DemoRIPS Team
e1072.1.2SQL InjectionDetails, DemoRIPS Team
Ampache3.8.2SQL InjectionDetailsVeit Hailperin

How can these vulnerabilities be automatically detected in your source code?