Mantis vulnerabilities and new updates
N-Stalker has made available the latest database update (v167) for N-Stealth Web Security Scanner.
You should be able to receive it automatically next time you execute the scanner.
 |
to manually download it, use the url: https://secure.nstalker.com/customercenter/ |
If you need any additional assistance during this process, please, contact us at:
E-mail: support at nstalker (24hs) or
Phone: +55-11-3675-7093 (9am to 18pm GMT-0300)
This release has included the following vulnerabilities:
- PHP Handicapper Process_signup.PHP HTTP Response Splitting Vulnerability
- CutePHP CuteNews 1.4.1 Directory Traversal Vulnerability
- Simple PHP Blog 0.4.5 Multiple Input Validation Vulnerabilities
- Asus VideoSecurity Online Web Server 3.5 Directory Traversal Vulnerability
- PHPWebThing 0.4.4 Forum.PHP SQL Injection Vulnerability
- phpWebThings 0.4.4 Forum.PHP Cross-Site Scripting Vulnerability
- News2Net 3.0 Index.PHP SQL Injection Vulnerability
- XMB Forum 1.9.3 Post.PHP SQL Injection Vulnerability
- Belchior Foundry vCard Pro 3.1 Addrbook.PHP SQL Injection Vulnerability
- OaBoard 1.0 Forum.PHP Multiple SQL Injection Vulnerabilities
- PHPCafe Tutorial Manager Index.PHP SQL Injection Vulnerability
- Snitz Forum 2000 3.4.05 Post.ASP Cross-Site Scripting Vulnerability
- Invision Gallery 2.0.3 Index.PHP SQL Injection Vulnerability
- Subdreamer 2.2.1 Multiple Remote SQL Injection Vulnerabilities
- PHPESP 1.7.5 Multiple Unspecified Input Validation Vulnerabilities
- Search Enhanced Module 2.0 for PHP-Nuke HTML Injection Vulnerability
- ASP Fast Forum Error.ASP Cross-Site Scripting Vulnerability
- TikiWiki 1.9.1 Unspecified Cross-Site Scripting Vulnerability
- Hasbani 2.0 Web Server Malformed HTTP GET Request Remote Denial of Service Vulnerability
- FlatNuke 2.5.6 Index.PHP Cross-Site Scripting Vulnerability
- PBLang 4.65 Multiple Cross-Site Scripting Vulnerabilities
- CodeToSell ViArt Shop Enterprise 2.1.6 Multiple Cross-Site Scripting and HTML Injection Vulnerabilities
- Mantis 1.0 RC2 Multiple Unspecified SQL Injection Vulnerabilities
- MyBulletinBoard 1.0 PR2 Usercp.PHP SQL Injection Vulnerability
- SparkleBlog Multiple Injection Vulnerabilities
- eBASEweb 3.0 Unspecified SQL Injection Vulnerability
- Zomplog 3.4 Detail.PHP HTML Injection Vulnerability
N-Stealth DB General Information
Version: 167
Release Date: 12/16/2005
