N-Stalker has made available the latest database update for its Web Application Security Assessment Products. Following the support life-cycle, we are still distributing updates for previous version.

You will be able to download it automatically in the following versions:

• N-Stalker Web Application Security Scanner 2006 (Enterprise, QA and Infrastructure Edition)
• WSI Update (N-Stalker Update Manager)
• N-Stealth HTTP Security Scanner (database update 185)
• Automatic DB Update

You should be able to receive it automatically next time you execute the scanner.

If you prefer to download it manually, please, use the following url: https://customer.nstalker.com.

If you need any additional assistance during this process, please, contact us at:
Web: Open new support ticket at https://customer.nstalker.com
E-mail: http://www.nstalker.com/about/contact (24hs) or
Phone: +55-11-3675-7093 (9am to 18pm GMT-0300)

This release has included the following vulnerabilities:

• phpMyWebmin 1.0 Multiple Remote File Include Vulnerabilities
• Yblog Multiple Cross-Site Scripting Vulnerabilities
• OlateDownload 3.4.0 Multiple Input Validation Vulnerabilities
• SMBlog 1.2 Arbitrary PHP Command Execution Vulnerability
• ConfTool 1.1 Index.PHP Cross-Site Scripting Vulnerability
• PHPBookingCalendar 1.0c Details_View.PHP SQL Injection Vulnerability
• PHP Ticket 0.71 Search.PHP SQL Injection Vulnerability
• DSDownload 1.0 Multiple SQL-Injection Vulnerabilities
• DSCounter 1.2 Index.PHP SQL Injection Vulnerability
• Cholod MySQL Based Message Board Mb.CGI SQL Injection Vulnerability
• IBM Tivoli Business Systems Manager 3.1 APWC_Win_Main.JSP Cross-Site Scripting Vulnerability
• AdMan 1.0.2 ViewStatement.PHP SQL Injection Vulnerability
• CoMoblog 1.0 Img.PHP Cross-Site Scripting Vulnerability
• EasyMoblog 0.5.1 Img.PHP Cross-Site Scripting Vulnerability
• OnePlug CMS Multiple SQL Injection Vulnerabilities
• 1WebCalendar 4.0 Multiple SQL Injection Vulnerabilities
• BEA WebLogic Server Win32 8.1 SP4 Remote Denial Of Service Vulnerability
• BEA WebLogic Portal 8.1 SP5 JSR-168 Portlets Information Disclosure Vulnerability
• Contrexx CMS 1.0.8 Index.PHP Cross-Site Scripting Vulnerability
• php iCalendar 2.2.1 Local File Include Vulnerability
• KnowledgebasePublisher 1.2 PageController.PHP Remote File Include Vulnerability
• Simple PHP Blog 0.4.7 Install05.PHP Local File Include Vulnerability
• DirectContact 0.3b Directory Traversal Vulnerability
• Zeroboard 4.1 pl7 Multiple HTML Injection Vulnerabilities
• Core News 2.0.1 Index.PHP Remote Code Execution Vulnerability
• DokuWiki Mediamanager 2005-09-22 Cross-Site Scripting Vulnerability
• Easy File Sharing Web Server 3.2 Multiple Input Validation Vulnerabilities