Vulnerabilities

Detected by RIPS, missed by others.

The following critical security vulnerabilities were detected with RIPS and reported responsibly to the affected vendor.


Date Software Version Vulnerability Type Details Found By
Gallery3 3.0.4 Remote Code Execution Details RIPS Team
OpenConf 5.30 Remote Code Execution Details, News RIPS Team
hotCRP 2.60 SQL Injection Changelog RIPS Team
hotCRP 2.90 SQL Injection Changelog RIPS Team
Wordpress 4.01 Cross-Site Scripting Details RIPS Team
osCommerce 2.3.4 Remote Code Execution Demo RIPS Team
CMS Made Simple 1.11.11 SQL Injection Changelog, Demo RIPS Team
phpBB 2.0.23 SQL Injection Details, Demo RIPS Team
Joomla 3.3.4 Remote Code Execution Details, CVE-2014-7228 RIPS Team
phpMyAdmin 4.2.10 Local File Inclusion PMASA-2014-14, CVE-2014-8959 RIPS Team
Magento 1.9.0.1 PHP Object Injection Details, Demo RIPS Team
Drupal 7.34 PHP Object Injection Details RIPS Team
Concrete5 5.7.2.1 SQL Injection Details RIPS Team
phpMyAdmin 4.6.2 Remote Code Execution PMASA-2016-27, CVE-2016-5734, Demo Cure53
TeamPass 2.1.25 SQL Injection Details, Demo, News TeamPass
FreePBX 13.x Remote Command Execution Details, Demo, News RIPS Team
Coppermine Gallery 1.5.42, 1.6.x-dev1 Remote Command Execution Details, Demo RIPS Team
eFront 3.6.15 SQL Injection Details, Demo RIPS Team
Expression Engine 3.4.2 PHP Object Injection Details, Demo RIPS Team
Roundcube 1.2.2 Remote Command Execution Details, Demo, CVE-2016-9920 RIPS Team
Serendipity 2.0.3 File Upload Details, Demo RIPS Team
PHPKit 1.6.6 File Upload Details, Demo RIPS Team
Precurio 2.1 Path Traversal Details, Demo RIPS Team
Vtiger 6.5.0 SQL Injection Details, Demo Dennis Detering
Redaxo 5.2.0 Remote Code Execution Details, Demo RIPS Team
osClass 3.6.1 Remote Code Execution Details, Demo RIPS Team
Kliqqi 3.0.0.5 Remote Code Execution Details, Demo RIPS Team
AbanteCart 1.2.8 SQL Injection Details, Demo RIPS Team
e107 2.1.2 SQL Injection Details, Demo RIPS Team
Open Source Software Latest Medium - Critical Report a bug
you found with RIPS
Company Name

How can these vulnerabilities be automatically detected in your source code?

Find out in our blog post.