RESELLER | LOGIN
← Volte para a página principal
N-Stalker Latest Updates

PHP Vulnerabilities and new updates

By N-Stalker Team on July 21, 2005

N-Stalker has made available the latest database update (v156) for N-Stealth Web Security Scanner.
You should be able to receive it automatically next time you execute the scanner.

to manually download it, use the url:
https://secure.nstalker.com/customercenter/

 

 

If you need any additional assistance during this process, please, contact us at:
E-mail: support at nstalker (24hs) or
Phone: +55-11-3675-7093 (9am to 18pm GMT-0300)

This release has included the following vulnerabilities:

– XML-RPC for PHP 4.3.x Remote Code Injection Vulnerability
– All Enthusiast PhotoPost 4.8.1 PHP Pro Member.PHP SQL Injection Vulnerability
– Bug Report 1.0 Multiple HTML Injection Vulnerabilities
– DirectTopics 2.2 HTML Injection Vulnerability
– Bugzilla 2.19.2 Authentication Information Disclosure Vulnerability
– Open Solution Quick.Forum 2.1.6 NewTopic HTML Injection Vulnerability
– Open Solution Quick.Forum 2.1.6 iCategory SQL Injection
– MaxWebPortal 1.35 Multiple Remote Vulnerabilities
– BoastMachine 3.0 Remote Arbitrary File Upload Vulnerability
– Open Solution Quick.Cart 0.3 Index.PHP Cross-Site Scripting Vulnerability
– ShowOff! 1.5.4 Digital Media Software Multiple Remote Vulnerabilities
– PixySoft Guestbook Pro 3.2.1 Multiple HTML Injection Vulnerabilities
– Software602 602 LAN Suite 2004 Directory Traversal Vulnerability
– Yappa-NG 2.3.1 Unspecified Remote File Include Vulnerability
– ASP Virtual News Manager Admin_Login.ASP SQL Injection Vulnerability
– MyServer 0.8 Remote Directory Listing Vulnerability
– MyServer 0.8 Cross-Site Scripting Vulnerability
– Fusion SBX 1.2 Authentication Bypass Vulnerability
– Subject Search Server 1.1 Search For Variable HTML Injection Vulnerability
– NukeET 3.1 Base64 Codigo Variable Cross-Site Scripting Vulnerability
– WowBB 1.62 View_User.PHP SQL Injection Vulnerability
– WoltLab Burning Board 2.3.1 Unspecified Vulnerability
– Notes 1.4.6 Module for PHPBB SQL Injection Vulnerability
– Easy Message Board Remote Command Execution Vulnerability
– PWSPHP 1.2.2 Profil.PHP SQL Injection Vulnerability
– PWSPHP 1.2.2 Multiple Cross-Site Scripting Vulnerabilities
– CodeThat.com CodeThatShoppingCart 1.3.1 Multiple Input Validation Vulnerabilities
– Easy Message Board Directory Traversal Vulnerability
– Positive Software Corporation SiteStudio 1.6 HTML Injection Vulnerability
– Advanced Guestbook 2.3.1 Index.PHP Entry Parameter SQL Injection Vulnerability
– MegaBook 2.1 Admin.CGI EntryID Cross-Site Scripting Vulnerability
– MegaBook 2.1 Multiple HTML Injection Vulnerabilities
– HTMLJunction EZGuestbook Guestbook.mdb Database Disclosure Vulnerability
– PHP Advanced Transfer Manager 1.21 Arbitrary File Upload Vulnerability
– Invision Power Board 2.0.3 Search.PHP Highlite Parameter Cross-Site Scripting Vulnerability
– CJ Ultra Plus 1.0.4 OUT.PHP SQL Injection Vulnerability
– RSA SecurID 5.3 RSA Authentication Agent For Web Remote Heap Buffer Overflow Vulnerability
– 04WebServer 1.5 Directory Traversal Vulnerability
– BirdBlog BB 1.3.0 Code HTML Injection Vulnerability
– MidiCart PHP Item_List.PHP SecondGroup Parameter Cross-Site Scripting Vulnerability
– MidiCart PHP Item_List.PHP Maingroup Parameter Cross-Site Scripting Vulnerability
– MidiCart PHP Search_List.PHP SearchString Parameter Cross-Site Scripting Vulnerability
– MidiCart PHP Item_Show.PHP Code_No Parameter SQL Injection Vulnerability
– MidiCart PHP Item_List.PHP SecondGroup Parameter SQL Injection Vulnerability
– MidiCart PHP Item_List.PHP MainGroup Parameter SQL Injection Vulnerability
– MidiCart PHP Search_List.PHP SearchString Parameter SQL Injection Vulnerability
– OSTicket 1.2.7/1.3 Multiple Input Validation and Remote Code Injection Vulnerabilities
– FishNet FishCart 3.1 Multiple Cross-Site Scripting and SQL Injection Vulnerabilities
– SimpleCam 1.2 Directory Traversal Vulnerability
– Invision Power Board 2.1/2.0.3 Act Parameter Cross-Site Scripting Vulnerability
– WebCrossing WebX 5.0 Cross-Site Scripting Vulnerability
– Gossamer 3.0 Threads Links User.CGI Cross-Site Scripting Vulnerability
– ASP Inline Corporate Calendar 3.6.3 Details.ASP SQL Injection Vulnerability
– ASP Inline Corporate Calendar 3.6.3 Defer.ASP SQL Injection Vulnerability
– SitePanel2 2.6.1 Multiple Input Validation Vulnerabilities
– JGS-Portal 3.0.1 ID Variable SQL Injection Vulnerability
– Open WebMail 2.51 Remote Arbitrary Shell Command Execution Vulnerability

N-Stealth DB General Information
Version: 156
Release Date: 07/21/2005

This entry was posted in N-Stalker Latest Updates. Bookmark the permalink.
Products
About N-Stalker
Contact

Rua Monte Alegre, 61 - cj 81
Sao Paulo, BRA, 05014-000
BRA Phone: +55-11-3868-1997
Contact us