N-Stalker has made available the latest database update (v155) for N-Stealth Web Security Scanner.
You should be able to receive it automatically next time you execute the scanner.

to manually download it, use the url: https://secure.nstalker.com/customercenter/

If you need any additional assistance during this process, please, contact us at:
E-mail: support at nstalker (24hs) or
Phone: +55-11-3675-7093 (9am to 18pm GMT-0300)

This release has included the following vulnerabilities:

- MaxWebPortal 1.33 Multiple SQL Injection Vulnerabilities
- CodeToSell ViArt Shop Enterprise 2.1.6 Multiple Cross-Site Scripting and HTML Injection Vulnerabilities
- Video Cam Server 1.0 Directory Traversal Vulnerability
- Horde Chora 1.2.2 Remote Cross-Site Scripting Vulnerability
- EnViVo!CMS Default.ASP SearchString Parameter SQL Injection Vulnerability
- PHPCoin 1.2.1 Multiple SQL Injection Vulnerabilities
- Just William’s Amazon Webstore HTTP Response Splitting Vulnerability
- MyPHP Forum 1.0 Post.PHP Username Spoofing Vulnerability
- Oracle Application Server 9i Webcache PartialPageErrorPage Cross-Site Scripting Vulnerability
- Oracle Application Server 10.1.2 HTTP Service Mod_Access Restriction Bypass Vulnerability
- Just William’s Amazon Webstore SearchFor Parameter Cross-Site Scripting Vulnerability
- Just William’s Amazon Webstore CurrentIsExpanded Parameter Cross-Site Scripting Vulnerability
- Just William’s Amazon Webstore Closeup.PHP Image Parameter Cross-Site Scripting Vulnerability
- Dream4 Koobi CMS 4.2.3 Index.PHP P Parameter SQL Injection Vulnerability
- PHP-Calendar 0.10 Search.PHP SQL Injection Vulnerability
- ABCZone.IT WWWGuestBook 1.1 Login.ASP SQL Injection Vulnerability
- MySQL MaxDB 7.5.00.25 HTTP GET Request Remote Buffer Overflow Vulnerability
- BEA WebLogic Server And WebLogic Express 8.1 Administration Console Cross-Site Scripting Vulnerability
- BBlog 0.7.4 PostID Parameter SQL Injection Vulnerability
- MetaBid Auctions intAuctionID Parameter Remote SQL Injection Vulnerability
- PHPMyVisites 1.3 Set_Lang File Include Vulnerability
- PHPMyVisites 1.3 Part Variable Cross-Site Scripting Vulnerability
- MetaCart2 SearchAction.ASP Multiple SQL Injection Vulnerabilities
- Fastream NetFile FTP/Web Server 7.1 Directory Traversal Variant Vulnerability
- MetaCart2 strSubCatalog_NAME Parameter Remote SQL Injection Vulnerability
- MetaCart2 CurCatalogID Parameter Remote SQL Injection Vulnerability
- MetaCart2 IntCatalogID Parameter Remote SQL Injection Vulnerability
- GrayCMS 1.1 Error.PHP Remote File Include Vulnerability
- SQWebmail 4.0.5 HTTP Response Splitting Vulnerability
- Invision Power Board 2.0.1 QPid Parameter SQL Injection Vulnerability
- MySQL MaxDB 7.5.00.25 WebDAV IF Parameter Remote Buffer Overflow Vulnerability
- PixySoft E-Cart 1.1 Art Parameter Remote Command Execution Vulnerability
- OneWorldStore IDOrder Information Disclosure Vulnerability
- eGroupWare 1.0.6 Multiple Cross-Site Scripting and SQL Injection Vulnerabilities
- StorePortal 2.63 Default.ASP Multiple SQL Injection Vulnerabilities
- WoltLab Burning Board 2.3.1 PMS.PHP Cross-Site Scripting Vulnerability
- MailEnable HTTP 1.54 Authorization Buffer Overflow Vulnerability
- ACS Blog 1.1.3 Administrative Access Authentication Bypass Vulnerability
- CartWIZ 1.10 SearchResults.ASP Name Argument Cross-Site Scripting Vulnerability
- CartWIZ 1.10 Login.ASP Message Argument Cross-Site Scripting Vulnerability
- CartWIZ 1.10 Error.ASP Cross-Site Scripting Vulnerability
- CartWIZ 1.10 AddToWishlist.ASP Cross-Site Scripting Vulnerability
- CartWIZ 1.10 TellAFriend.ASP Cross-Site Scripting Vulnerability
- CartWIZ 1.10 SearchResults.ASP PriceTo Argument SQL Injection Vulnerability
- CartWIZ 1.10 SearchResults.ASP PriceFrom Argument SQL Injection Vulnerability
- CartWIZ 1.10 ProductDetails.ASP SQL Injection Vulnerability
- CartWIZ 1.10 ProductCatalogSubCats.ASP SQL Injection Vulnerability
- CartWIZ 1.10 AddToCart.ASP SQL Injection Vulnerability
- Black Knight Forum 4.0 Forum.ASP SQL Injection Vulnerability

N-Stealth DB General Information
Version: 155
Release Date: 07/11/2005