RESELLER | LOGIN
← Volte para a página principal
N-Stalker Latest Updates

PHP-Fusion vulnerabilities and new updates

By N-Stalker Team on January 21, 2007

N-Stalker has made available the latest database update for its Web Application Security Assessment Products. Following the support life-cycle, we are still distributing updates for previous version.

You will be able to download it automatically in the following versions:

  • N-Stalker Web Application Security Scanner 2006 (Enterprise, QA and Infrastructure Edition)
    • WSI Update (N-Stalker Update Manager)
  • N-Stealth HTTP Security Scanner (database update 190)
    • Automatic DB Update

You should be able to receive it automatically next time you execute the scanner.

If you prefer to download it manually, please, use the following url: https://customer.nstalker.com.

If you need any additional assistance during this process, please, contact us at:
Web: Open new support ticket at https://customer.nstalker.com
E-mail: http://www.nstalker.com/about/contact (24hs) or
Phone: +55-11-3675-7093 (9am to 18pm GMT-0300)

This release has included the following vulnerabilities:

  • E-Business Designer 3.1.4 SQL Injection Vulnerabilities
  • E-Business Designer 3.1.4 Multiple Input Validation Vulnerabilities
  • Graffiti Forums 1.0 Topics.PHP SQL Injection Vulnerability
  • PHP-Fusion 6.0.37 Avatar Image Edit_profile.PHP HTML Injection Vulnerability
  • PHPWebGallery 1.5.2 Comments.PHP Cross-site Scripting Vulnerability
  • AutoRank 5.01 Multiple Cross-Site Scripting Vulnerabilities
  • Galleria Remote File Include Vulnerability
  • Pearl Forums Product 2.4 Multiple Remote File Include Vulnerabilities
  • Taskjitsu 2.0 Multiple HTML Injection Vulnerabilities
  • PostNuke 0.761 Multiple Cross-Site Scripting Vulnerabilities
  • WonderEdit Pro User_Bottom.PHP Remote File Include Vulnerability
  • MyPHP CMS 0.3.1 Global_header.PHP Remote File Include Vulnerability
  • Zoph 0.3.3 Unspecified SQL Injection Vulnerability
  • phpSysInfo 2.5.1 Index.php Information Disclosure Vulnerability
  • Blog:CMS 4.1 Thumb.PHP Remote File Include Vulnerability
  • PHPMailList 1.8.0 MailList.PHP Cross-site Scripting Vulnerability
  • Shopping Cart 0.9 Multiple HTML Injection Vulnerabilities
  • Blog:CMS 4.1 Multiple SQL Injection Vulnerabilities
  • ATutor 1.5.3 Multiple Cross-Site Scripting Vulnerabilities
  • Randshop 1.2 DateiPfad Parameter Remote File Include Vulnerability
  • AuraCMS Cross-Site Scripting Vulnerabilities
  • FreeWebshop 2.1 SQL Injection Vulnerabilities
  • FreeWebshop 2.1 Cross-Site Scripting Vulnerability
  • CommonSense CMS 5.0 Search.PHP Cross-site Scripting Vulnerability
  • AjaxPortal 3.0 LoginADP Function SQL Injection Vulnerability
  • Pivot 1.3.0 File Include Vulnerabilities
  • Pivot 1.3.0 Cross-Site Scripting Vulnerability
  • BosClassifieds InsPath Parameter Multiple Remote File Include Vulnerabilities
  • PHPBB 1.2.4 For Mambo Multiple Remote File Include Vulnerabilities
  • CommonSense CMS 5.0 Search.PHP Date Parameter SQL Injection Vulnerability
  • DGNews 1.5.1 Search.PHP SQL Injection Vulnerability
  • Papoo 3.0.0 Cross-Site Scripting Vulnerability
  • Papoo 3.0.0 SQL Injection Vulnerability
  • ATutor 1.5.3 SQL Injection Vulnerability
  • ATutor Cross-Site Scripting Vulnerability
  • PHP-Blogger 2.2.5 Multiple Cross-Site Scripting Vulnerabilities
  • LifeType 1.1 Index.PHP Date Parameter SQL Injection Vulnerability
  • Invision Power Board 2.1.6 Multiple SQL Injection Vulnerabilities
  • PC_CookBook 0.3 PCCookBook.PHP Remote File Include Vulnerability
  • Cutenews 1.4.5 Index.PHP Cross-site Scripting Vulnerability
  • SMF Forum 1.3 SMF.PHP Remote File Include Vulnerability
  • Invision Power Board 1.3.1 Index.PHP Act Parameter SQL Injection Vulnerability
  • SaPHPLesson 2.0 Add.PHP SQL Injection Vulnerability
  • VBZooM 1.11 Multiple SQL Injection Vulnerabilities
  • Fantastic GuestBook 2.0.1 GuestBook.PHP HTML Injection Vulnerabilities
  • VideoSpark FLV Player 8 Multiple Cross-Site Scripting Vulnerabilities
  • Lazarus Guestbook 1.6 Codes-English.PHP Cross-Site Scripting Vulnerability
  • Lazarus Guestbook 1.6 Picture.PHP Cross-Site Scripting Vulnerability
  • HiveMail 1.3 Cross-Site Scripting Vulnerabilities
  • HiveMail 1.3 SQL Injection Vulnerability
  • Sabdrimer 2.2.4 CMS Advanced1.PHP Remote File Include Vulnerability
  • EJ3 TOPo 2.2.178 Class_DB_Text.PHP Multiple Remote PHP Script Code Injection Vulnerabilities
  • Forum 5 PM.PHP Local File Include Vulnerability
  • PerForms 1.0 Performs.PHP Remote File Include Vulnerability
  • Horde Application Framework 3.0.9 Go.PHP Information Disclosure Vulnerability
  • MusicBox 2.3 Multiple Input Validation Vulnerabilities
  • ScozNet ScozNews 1.2.1 Multiple Remote File Include Vulnerabilities
  • PhotoCycle 1.0 PhotoCycle.php Parameter Cross-Site Scripting Vulnerability
  • HiveMail 1.3 Cross-Site Scripting Vulnerabilities
  • HiveMail 1.3 SQL Injection Vulnerability
  • Webvizyon 2006 SayfalaAltList.ASP SQL Injection Vulnerability
  • SweetSuite.NET 2.1 Content Management System Search.ASPX Cross-Site Scripting Vulnerability
  • Hosting Controller 6.1.0 Error.ASP Cross-site Scripting Vulnerability

This entry was posted in N-Stalker Latest Updates. Bookmark the permalink.
Products
About N-Stalker
Contact

Rua Monte Alegre, 61 - cj 81
Sao Paulo, BRA, 05014-000
BRA Phone: +55-11-3868-1997
Contact us