List of secure web applications

As a result of one discussion on secure forums / CMS in PHP, an idea came to my mind: let's make together a list of secure web applications! The task of the list is to assist in choosing the application to install and provide an overview of the current security situation of the web applications.

Initially, it was about forums and CMS, but, I think, limited to these two applications is not necessary. To add an application to the list, it must meet several criteria:

1. You either use it (used), or you know the person who uses it.
2. This should not be a highly specialized application.
3. Free.
4. Open source.
5. And most importantly: safe !

I propose to define a secure application by the following criteria:

• The first public release was at least two years ago.
• There are no known vulnerabilities for the latest stable version.
• Common Vulnerabilities and Exposures (CVE) have no entries for this application for at least the last year (vulnerabilities in plugins can be ignored, provided that the application is quite usable without these plugins and they are not included in the typical installation).
• In the absence of applications that fully meet these criteria, you can include in the list the most secure of the existing ones (separately for each PL).

Forum	Check	YAP
Yabb	cve sf seclab milw0rm exploit ps secunia	Perl
phpBB 3	cve sf seclab milw0rm exploit ps secunia	Php
Snitz Forum 2000	cve sf seclab milw0rm exploit ps secunia	Asp
CMS	Check	YAP
papaya CMS	cve sf seclab milw0rm exploit ps secunia	Php
eZ Publish	cve sf seclab milw0rm exploit ps secunia	Php
Blog	Check	YAP
Serendipity	cve sf seclab milw0rm exploit ps secunia	Php
e-commerce	Check	YAP
osCommerce	cve sf seclab milw0rm exploit ps secunia	Php

Recommend applications for inclusion in the list in the comments, we will discuss there if necessary, and I will edit the article adding to the list. The rules for inclusion in the list can also be discussed and corrected.