Apache vulnerabilities and new updates
N-Stalker has made available the latest database update (v175) for N-Stealth Web Security Scanner.
You should be able to receive it automatically next time you execute the scanner.
 |
to manually download it, use the url: https://secure.nstalker.com/customercenter/ |
If you need any additional assistance during this process, please, contact us at:
E-mail: support at nstalker (24hs) or
Phone: +55-11-3675-7093 (9am to 18pm GMT-0300)
This release has included the following vulnerabilities:
- Apache 1.3.34/2.0.57/2.2.1 Unfiltered HTML Injection ‘Expect’ Header
- PHP 5.1.3 PHPInfo Large Input Cross-Site Scripting Vulnerability
- PHP 5.1.3 Multiple Safe_Mode and Open_Basedir Restriction Bypass Vulnerabilities
- MarmaraWeb E-Commerce Remote File Include Vulnerability
- MarmaraWeb E-Commerce Cross-Site Scripting Vulnerability
- Mantis 1.0RC3 View_filters_page.PHP Cross-Site Scripting Vulnerability
- Netref 3.0 Index.PHP SQL Injection Vulnerability
- WikkaWiki 1.1.6.0 TextSearch.PHP Cross-Site Scripting Vulnerability
- ASPBB 0.4 Multiple SQL Injection Vulnerabilities
- ASP-DEV XM Forum RC3 Forum.ASP Cross-Site Scripting Vulnerability
- CourseForum Technologies ProjectForum 4.7 Multiple Cross-Site Scripting Vulnerabilities
- DreamLevels Dream Poll 3.0 View_Results.PHP SQL Injection Vulnerability
- Jamit Job Board 2.4.1 Index.PHP SQL Injection Vulnerability
- PHP Web Scripts Ad Manager Pro 2.0 Advertiser_statistic.PHP SQL Injection Vulnerability
- Plogger Beta2 Index.PHP Multiple Input Validation Vulnerabilities
- PHP JackKnife 2.21 Cross-Site Scripting Vulnerability
- PHPCoin 1.2.2 Coin_CFG.PHP SQL Injection Vulnerability
- EveryAuction 1.53 Auction.PL Cross-Site Scripting Vulnerability
- Arab Portal System 2.0 beta 2 Link.PHP SQL Injection Vulnerabilities
- Website Baker 2.6 SQL Injection Vulnerability
- LocazoList Classifieds 1.03c SearchDB.ASP Input Validation Vulnerability
- Blackboard Academic Suite 6.0 Frameset.JSP Cross-Domain Frameset Loading Vulnerability
- Horde Kronolith 2.0.5 Multiple HTML Injection Vulnerabilities
- Horde Nag 2.0.3 Remote HTML Injection Vulnerabilities
- Magic Book Professional 2.0 Book.CFM Cross-Site Scripting Vulnerability
- Horde Mnemo 2.0.2 Remote HTML Injection Vulnerabilities
- Horde Turba 2.0.4 Multiple HTML Injection Vulnerabilities
- Nortel SSL VPN 4.2.1.6 Web Interface Input Validation Vulnerability
- PHPMyAdmin 2.7.0-beta1 Multiple Cross-Site Scripting Vulnerabilities
- PHPMyAdmin 2.7.0-beta1 Import_Blacklist Variable Overwrite Vulnerability
- Flatnuke 2.5.6 Index.PHP Directory Traversal Vulnerability
- Lyris Listmanager 8.8a TCLHTTPd Service Multiple Information Disclosure Vulnerabilities
- Lyris ListManager 8.8a Multiple SQL Injection Vulnerabilities
- Computer Associates CleverPath Portal 4.7 Login Page Cross-Site Scripting Vulnerability
- ACME Perl-Cal 2.99.30 Cal_make.PL Cross-Site Scripting Vulnerability
- XcPhotoAlbum 1.0 PASearch.ASP Cross-Site Scripting Vulnerability
- XcClassified 3.0 CPSearch.ASP Cross-Site Scripting Vulnerability
- Horde IMP 4.0.4 Email Attachments HTML Injection Vulnerability
- Zen Cart 1.2.6d Password_Forgotten.PHP SQL Injection Vulnerability
- Atlassian Confluence 2.0.1 build 321 Search Cross-Site Scripting Vulnerability
- Mr CGI Guy Multiple Software Search.CGI Cross-Site Scripting Vulnerability
- Quicksilver Forums 1.1.4 SQL Injection Vulnerability
- PHP-Fusion 6.0.109 Messages.PHP SQL Injection Vulnerability
N-Stealth DB General Information
Version: 175
Release Date: 05/29/2006
