RESELLER | LOGIN
← Volte para a página principal
N-Stalker Latest Updates

PHPNuke Vulnerabilities and new updates

By N-Stalker Team on January 15, 2007

N-Stalker has made available the latest database update for its Web Application Security Assessment Products. Following the support life-cycle, we are still distributing updates for previous version.

You will be able to download it automatically in the following versions:

  • N-Stalker Web Application Security Scanner 2006 (Enterprise, QA and Infrastructure Edition)
    • WSI Update (N-Stalker Update Manager)
  • N-Stealth HTTP Security Scanner (database update 189)
    • Automatic DB Update

You should be able to receive it automatically next time you execute the scanner.

If you prefer to download it manually, please, use the following url: https://customer.nstalker.com.

If you need any additional assistance during this process, please, contact us at:
Web: Open new support ticket at https://customer.nstalker.com
E-mail: http://www.nstalker.com/about/contact (24hs) or
Phone: +55-11-3675-7093 (9am to 18pm GMT-0300)

This release has included the following vulnerabilities:

  • ADOdb 4.68 tmssql.php do Variable Arbitrary PHP Function Execution
  • YaBB 1.41 Login Cross-Site Scripting Vulnerability
  • YaBB YaBB.pl Cross Site Scripting Vulnerability
  • YABB SE 1.4.1 Reminder.PHP SQL Injection Vulnerability
  • Merchant Order Form 1.2 Order Log Permissions Vulnerability
  • Slashcode 2.2.5 submit.pl filter Variable XSS
  • Slashcode 2.2.4 search.pl topic Variable XSS
  • YaBB 9.11.2000 search.pl Arbitrary Command Execution Vulnerability
  • Ranson Johnson mailto.cgi Piped Address Vulnerability
  • CrazyWWWBoard HTTP_USER_AGENT CGI Environment Variable Remote Overflow
  • CrazyWWWBoard HTTP_USER_AGENT CGI Environment Variable Remote Overflow
  • Sun Cobalt RaQ 4.0 Directory Traversal File Reading Vulnerability
  • Sun Cobalt RaQ 4.0 Service.CGI HTTP Server Denial of Service Vulnerablity
  • Old MyServer versions might be susceptible to security flaws
  • Native Solutions The Banner Engine 4.0 Top.PHP Cross-site Scripting Vulnerability
  • QTO File Manager 1.0 Multiple Cross-Site Scripting Vulnerabilities
  • Free QBoard 1.1 QB_Path Remote File Include Vulnerabilities
  • Plume CMS 1.0.4 Multiple Remote File Include Vulnerabilities
  • Randshop 1.2 Index.PHP Remote File Include Vulnerability
  • BXCP 0.3 Index.PHP SQL Injection Vulnerability
  • Randshop 1.1.1 Header.Inc.PHP Remote File Include Vulnerability
  • Diesel Joke Site Category.PHP SQL Injection Vulnerability
  • MyNewsGroups 0.6 Tree.PHP SQL Injection Vulnerability
  • SiteBuilder-FX 3.5 Top.PHP Remote File Include Vulnerability
  • Efone 20000723 Config.INC Information Disclosure Vulnerability
  • Glossaire 1.7 Remote File Include Vulnerability
  • Plume CMS 1.1.3 DBInstall.PHP Remote File Include Vulnerability
  • AstroDog Press Some Chess 1.5 Board.PHP SQL Injection Vulnerability
  • FineShop 3.0 SQL Injection Vulnerabilities
  • FineShop 3.0 Cross-Site Scripting Vulnerabilities
  • Geeklog 1.4 Multiple Remote File Include Vulnerabilities
  • XennoBB 1.0.5 Messages.PHP Cross-site Scripting Vulnerability
  • Softbiz Banner Exchange 1.0 Multiple Cross-Site Scripting Vulnerabilities
  • Vincent-Leclercq News 5.2 Diver.PHP SQL Injection Vulnerability
  • PHP ICalender 2.22 Index.PHP Cross-Site Scripting Vulnerability
  • PHPRaid 3.0.5 Multiple SQL Injection Vulnerabilities
  • PHPRaid 3.0.5 PHPRAID_DIR Parameter Multiple Remote File Include Vulnerabilities
  • Xoops MyAds 2.04jp Module Annonces-p-f.PHP SQL Injection Vulnerability
  • PatchLink Update 6.2 Checkprofile.ASP SQL Injection Vulnerability
  • Absolute Image Gallery XE 2.0 Multiple Cross-Site Scripting Vulnerabilities
  • PHPClassifieds.Info Multiple Input Validation Vulnerabilities
  • NewsPHP 2006 PRO Multiple Input Validation Vulnerabilities
  • Pre Shopping Mall 1.0 Multiple Input Validation Vulnerabilities
  • RsGallery2 RSGallery2.PHP Remote File Include Vulnerability
  • MKPortal 1.0.1 Index.PHP Directory Traversal Vulnerability
  • Blog:CMS 4.0 k Index.PHP SQL Injection Vulnerability
  • VCard PRO Multiple SQL Injection Vulnerabilities
  • SmartSiteCMS 1.0 Multiple Remote File Include Vulnerabilities
  • Open WebMail 2.51 Openwebmail-read.PL Cross-Site Scripting Vulnerability
  • DeluxeBB 1.0.6 Multiple SQL Injection Vulnerabilities
  • PHPNuke 7.0 Module Name Multiple SQL Injection Vulnerabilities
  • Scout Portal Tool Kit 1.4 ForumTopics.PHP SQL Injection Vulnerability
  • Pearl For Mambo 1.6 Module Remote File Include Vulnerabilities
  • Ralf Image Gallery 0.7.5 Multiple Input Validation Vulnerabilities
  • Zorum 3.5 Multiple SQL Injection Vulnerabilities
  • MF Piadas 1.0 Admin.PHP Remote File Include Vulnerability
  • H-Sphere 2.5.1 Multiple Cross-Site Scripting Vulnerabilities
  • MF Piadas 1.0 Admin.PHP Cross-Site Scripting Vulnerability
  • CrisoftRicette 1.0 pre15b Cookbook.PHP Remote File Include Vulnerability
  • Jaws 0.6.2 Search Gadget Multiple Input Validation Vulnerabilities
  • MVNForum 1.0 GA Activatemember Cross-Site Scripting Vulnerability
  • Usenet 0.5 Index.PHP Cross-Site Scripting Vulnerability
  • OpenGuestbook 0.5 Multiple Cross-Site Script Vulnerability
  • OpenGuestbook 0.5 SQL Injection Vulnerability
  • Claroline 1.7.7 Multiple Unspecified Cross-Site Scripting Vulnerabilities
  • MyMail 1.0 Login.PHP Cross-Site Scripting Vulnerability
  • Anthill 0.3 Multiple SQL Injection Vulnerabilities
  • CBSMS Mambo Module 1.0 Mod_CBSMS_Messages.PHP Remote File Include Vulnerability
  • phpQLAdmin 2.2.7 Multiple Cross-Site Scripting Vulnerabilities
  • Bee-hive 1.2 Multiple Remote File Include Vulnerabilities
  • Cpanel Select.HTML Cross-Site Scripting Vulnerability
  • eNpaper1 Root_Header.PHP Remote File Include Vulnerability
  • dotProject 2.0.3 UI.Class.PHP Cross-Site Scripting Vulnerability
  • cPanel 10.8.2 OnMouseover Cross-Site Scripting Vulnerability
  • Qdig 1.2.9.2 Index.PHP Multiple Cross-Site Scripting Vulnerabilities
  • DeluxeBB 1.0.7 CP.PHP SQL Injection Vulnerability
  • GL-SH Deaf Forum 6.4.3 Multiple Cross-Site Scripting Vulnerabilities
  • MPCS 0.2 Comment.php Cross-Site Scripting Vulnerability
  • ADOdb 4.70 Tmssql.PHP Cross-Site Scripting Vulnerability
  • UebiMiau 2.7.10 Multiple Cross-Site Scripting Vulnerabilities
  • DreamAccount 3.1 Auth.api.PHP Remote File Include Vulnerability
  • Winged Gallery 1.0 Thumb.PHP Cross-Site Scripting Vulnerability
  • Custom Dating Biz 1.0 Multiple Input Validation Vulnerabilities
  • Project Eros BBSEngine 20060622-0315-jam Cross-Site Scripting Vulnerabilities
  • Project Eros BBSEngine 20060622-0315-jam SQL Injection Vulnerabilities
  • YaBB SE 1.5.5 Profile.php SQL Injection Vulnerability
  • THoRCMS 1.3.1 Functions_cms.PHP Remote File Include Vulnerability
  • ISPConfig 2.2.3 Multiple Remote File Include Vulnerabilities
  • BNBT 7.7 r3.2004.10.27 EasyTracker Cross-Site Scripting Vulnerabilities
  • Harpia 1.0.5 Multiple Remote File Include Vulnerabilities
  • PHP Blue Dragon CMS 2.9.1 Multiple Remote File Include Vulnerabilities

This entry was posted in N-Stalker Latest Updates. Bookmark the permalink.
Products
About N-Stalker
Contact

Rua Monte Alegre, 61 - cj 81
Sao Paulo, BRA, 05014-000
BRA Phone: +55-11-3868-1997
Contact us