N-Stalker has made available the latest database update (v155) for N-Stealth Web Security Scanner.
You should be able to receive it automatically next time you execute the scanner.

to manually download it, use the url: https://secure.nstalker.com/customercenter/

If you need any additional assistance during this process, please, contact us at:
E-mail: support at nstalker (24hs) or
Phone: +55-11-3675-7093 (9am to 18pm GMT-0300)

This release has included the following vulnerabilities:

– MaxWebPortal 1.33 Multiple SQL Injection Vulnerabilities
– CodeToSell ViArt Shop Enterprise 2.1.6 Multiple Cross-Site Scripting and HTML Injection Vulnerabilities
– Video Cam Server 1.0 Directory Traversal Vulnerability
– Horde Chora 1.2.2 Remote Cross-Site Scripting Vulnerability
– EnViVo!CMS Default.ASP SearchString Parameter SQL Injection Vulnerability
– PHPCoin 1.2.1 Multiple SQL Injection Vulnerabilities
– Just William’s Amazon Webstore HTTP Response Splitting Vulnerability
– MyPHP Forum 1.0 Post.PHP Username Spoofing Vulnerability
– Oracle Application Server 9i Webcache PartialPageErrorPage Cross-Site Scripting Vulnerability
– Oracle Application Server 10.1.2 HTTP Service Mod_Access Restriction Bypass Vulnerability
– Just William’s Amazon Webstore SearchFor Parameter Cross-Site Scripting Vulnerability
– Just William’s Amazon Webstore CurrentIsExpanded Parameter Cross-Site Scripting Vulnerability
– Just William’s Amazon Webstore Closeup.PHP Image Parameter Cross-Site Scripting Vulnerability
– Dream4 Koobi CMS 4.2.3 Index.PHP P Parameter SQL Injection Vulnerability
– PHP-Calendar 0.10 Search.PHP SQL Injection Vulnerability
– ABCZone.IT WWWGuestBook 1.1 Login.ASP SQL Injection Vulnerability
– MySQL MaxDB 7.5.00.25 HTTP GET Request Remote Buffer Overflow Vulnerability
– BEA WebLogic Server And WebLogic Express 8.1 Administration Console Cross-Site Scripting Vulnerability
– BBlog 0.7.4 PostID Parameter SQL Injection Vulnerability
– MetaBid Auctions intAuctionID Parameter Remote SQL Injection Vulnerability
– PHPMyVisites 1.3 Set_Lang File Include Vulnerability
– PHPMyVisites 1.3 Part Variable Cross-Site Scripting Vulnerability
– MetaCart2 SearchAction.ASP Multiple SQL Injection Vulnerabilities
– Fastream NetFile FTP/Web Server 7.1 Directory Traversal Variant Vulnerability
– MetaCart2 strSubCatalog_NAME Parameter Remote SQL Injection Vulnerability
– MetaCart2 CurCatalogID Parameter Remote SQL Injection Vulnerability
– MetaCart2 IntCatalogID Parameter Remote SQL Injection Vulnerability
– GrayCMS 1.1 Error.PHP Remote File Include Vulnerability
– SQWebmail 4.0.5 HTTP Response Splitting Vulnerability
– Invision Power Board 2.0.1 QPid Parameter SQL Injection Vulnerability
– MySQL MaxDB 7.5.00.25 WebDAV IF Parameter Remote Buffer Overflow Vulnerability
– PixySoft E-Cart 1.1 Art Parameter Remote Command Execution Vulnerability
– OneWorldStore IDOrder Information Disclosure Vulnerability
– eGroupWare 1.0.6 Multiple Cross-Site Scripting and SQL Injection Vulnerabilities
– StorePortal 2.63 Default.ASP Multiple SQL Injection Vulnerabilities
– WoltLab Burning Board 2.3.1 PMS.PHP Cross-Site Scripting Vulnerability
– MailEnable HTTP 1.54 Authorization Buffer Overflow Vulnerability
– ACS Blog 1.1.3 Administrative Access Authentication Bypass Vulnerability
– CartWIZ 1.10 SearchResults.ASP Name Argument Cross-Site Scripting Vulnerability
– CartWIZ 1.10 Login.ASP Message Argument Cross-Site Scripting Vulnerability
– CartWIZ 1.10 Error.ASP Cross-Site Scripting Vulnerability
– CartWIZ 1.10 AddToWishlist.ASP Cross-Site Scripting Vulnerability
– CartWIZ 1.10 TellAFriend.ASP Cross-Site Scripting Vulnerability
– CartWIZ 1.10 SearchResults.ASP PriceTo Argument SQL Injection Vulnerability
– CartWIZ 1.10 SearchResults.ASP PriceFrom Argument SQL Injection Vulnerability
– CartWIZ 1.10 ProductDetails.ASP SQL Injection Vulnerability
– CartWIZ 1.10 ProductCatalogSubCats.ASP SQL Injection Vulnerability
– CartWIZ 1.10 AddToCart.ASP SQL Injection Vulnerability
– Black Knight Forum 4.0 Forum.ASP SQL Injection Vulnerability

N-Stealth DB General Information
Version: 155
Release Date: 07/11/2005