Mantis vulnerabilities and new updates
N-Stalker has made available the latest database update (v167) for N-Stealth Web Security Scanner.
You should be able to receive it automatically next time you execute the scanner.
 |
to manually download it, use the url: https://secure.nstalker.com/customercenter/ |
If you need any additional assistance during this process, please, contact us at:
E-mail: support at nstalker (24hs) or
Phone: +55-11-3675-7093 (9am to 18pm GMT-0300)
This release has included the following vulnerabilities:
– PHP Handicapper Process_signup.PHP HTTP Response Splitting Vulnerability
– CutePHP CuteNews 1.4.1 Directory Traversal Vulnerability
– Simple PHP Blog 0.4.5 Multiple Input Validation Vulnerabilities
– Asus VideoSecurity Online Web Server 3.5 Directory Traversal Vulnerability
– PHPWebThing 0.4.4 Forum.PHP SQL Injection Vulnerability
– phpWebThings 0.4.4 Forum.PHP Cross-Site Scripting Vulnerability
– News2Net 3.0 Index.PHP SQL Injection Vulnerability
– XMB Forum 1.9.3 Post.PHP SQL Injection Vulnerability
– Belchior Foundry vCard Pro 3.1 Addrbook.PHP SQL Injection Vulnerability
– OaBoard 1.0 Forum.PHP Multiple SQL Injection Vulnerabilities
– PHPCafe Tutorial Manager Index.PHP SQL Injection Vulnerability
– Snitz Forum 2000 3.4.05 Post.ASP Cross-Site Scripting Vulnerability
– Invision Gallery 2.0.3 Index.PHP SQL Injection Vulnerability
– Subdreamer 2.2.1 Multiple Remote SQL Injection Vulnerabilities
– PHPESP 1.7.5 Multiple Unspecified Input Validation Vulnerabilities
– Search Enhanced Module 2.0 for PHP-Nuke HTML Injection Vulnerability
– ASP Fast Forum Error.ASP Cross-Site Scripting Vulnerability
– TikiWiki 1.9.1 Unspecified Cross-Site Scripting Vulnerability
– Hasbani 2.0 Web Server Malformed HTTP GET Request Remote Denial of Service Vulnerability
– FlatNuke 2.5.6 Index.PHP Cross-Site Scripting Vulnerability
– PBLang 4.65 Multiple Cross-Site Scripting Vulnerabilities
– CodeToSell ViArt Shop Enterprise 2.1.6 Multiple Cross-Site Scripting and HTML Injection Vulnerabilities
– Mantis 1.0 RC2 Multiple Unspecified SQL Injection Vulnerabilities
– MyBulletinBoard 1.0 PR2 Usercp.PHP SQL Injection Vulnerability
– SparkleBlog Multiple Injection Vulnerabilities
– eBASEweb 3.0 Unspecified SQL Injection Vulnerability
– Zomplog 3.4 Detail.PHP HTML Injection Vulnerability
N-Stealth DB General Information
Version: 167
Release Date: 12/16/2005
