Hi all,

For passive Vulnerability Identification (modsecurity_crs_56_pvi_checks.conf), Mod-security needs a file named vulnerabilities.txt from osvdb.

But the osvdb.org will no longer publish such a file ("as they said"). Does this mean that I can't have PVI checks?

P.S. I wasn't using PVI checks before, so I don't have any versions of the vulnerabilities.txt file.