N-Stalker has made available the latest database update for its Web Application Security Assessment Products. Following the support life-cycle, we are still distributing updates for previous version.

You will be able to download it automatically in the following versions:

• N-Stalker Web Application Security Scanner 2006 (Enterprise, QA and Infrastructure Edition)
• WSI Update (N-Stalker Update Manager)
• N-Stealth HTTP Security Scanner (database update 191)
• Automatic DB Update

You should be able to receive it automatically next time you execute the scanner.

If you prefer to download it manually, please, use the following url: https://customer.nstalker.com.

If you need any additional assistance during this process, please, contact us at:
Web: Open new support ticket at https://customer.nstalker.com
E-mail: http://www.nstalker.com/about/contact (24hs) or
Phone: +55-11-3675-7093 (9am to 18pm GMT-0300)

This release has included the following vulnerabilities:

• HiveMail 1.3 Cross-Site Scripting Vulnerabilities
• Koobi Pro 5.6 Cross-Site Scripting Vulnerabilities
• Koobi Pro CMS 5.6 SQL Injection Vulnerabilities
• RW::Download Stats.PHP Remote File Include Vulnerability
• VisNetic Mail Server 8.3.5 Multiple File Include Vulnerabilities
• Subberz Lite UserFunc Remote File Include Vulnerability
• Sitemap 2.0 Sitemap.XML.PHP Remote File Include Vulnerability
• MiniBB 1.5a Multiple Remote File Include Vulnerabilities
• Pollxt 1.22.07 Module For Mambo Conf.Pollxt.PHP Remote File Include Vulnerability
• PHPLDAPAdmin 0.9.8 Cross-Site Scripting Vulnerabilities
• Francisco Charrua Photo-Gallery 1.0 Room.PHP SQL Injection Vulnerability
• FlushCMS 1.0 Class.Rich.PHP Remote File Include Vulnerability
• Calendar Module For Mambo 1.5.7 Com_Calendar.PHP Remote File Include Vulnerability
• Mail2Forum 1.2 M2F_FORUM.PHP File Include Vulnerability
• Mail2Forum 1.2 M2F_PHPBB204.PHP Remote File Include Vulnerability
• Mail2Forum 1.2 M2F_MAILINGLIST.PHP Remote File Include Vulnerability
• Mail2Forum 1.2 M2F_CRON.PHP Remote File Include Vulnerabilities
• LoudMouth 4.0j Module For Mambo ABBC.Class.PHP Remote File Include Vulnerability
• HTMLArea3 Addon For Mambo 1.5 Config.Inc.PHP Remote File Include Vulnerability
• VideoDB Component Module For Mambo 0.3 Xml_Domit_Lite_Include.PHP Remote File Include Vulnerability
• DeluxeBB 1.07 Cross-Site Scripting Vulnerability
• Loudblog 0.41 Index.PHP Cross-Site Scripting Vulnerability
• IDevSpot PHPHostBot 1.0 Index.PHP Remote File Include Vulnerability
• Plesk Control Panel 8.0 File_Manager.PHP Cross-Site Scripting Vulnerability
• IManage 4.0.12 Absolute_Path Multiple File Include Vulnerabilities
• GeodesicSolutions Products 2.0.3 Multiple SQL Injection Vulnerabilities
• MiniBB 1.5a News.PHP Remote File Include Vulnerability
• PHPFaber TopSites Index.PHP Multiple SQL Injection Vulnerabilities
• MultiBanner 1.0.1 Component Extadminmenus.Class.PHP Remote File Include Vulnerability
• Advanced Poll 2.0.2 Common.Inc.PHP Remote File Include Vulnerability
• PHP Live! 3.2 HELP.PHP Remote File Include Vulnerability
• PHP Live! 3.2 HEADER.PHP Remote File Include Vulnerability
• Micro Guestbook Add.PHP HTML Injection Vulnerability
• MoSpray 1.8 Component Multiple Remote File Include Vulnerabilities
• QontentOne CMS Search.PHP Cross-Site Scripting Vulnerability
• SQuery 4.5 LibPath Parameter Multiple Remote File Include Vulnerabilities
• MusicBox 2.3.4 Page Parameter SQL Injection Vulnerability
• Prince Clan Chess Club 0.8 Include.PCchess.PHP Remote File Include Vulnerability
• LinksCaffe 3.0 LINKS.PHP Cross-Site-Scripting Vulnerabilities
• LinksCaffe 3.0 Multiple Input Validation Vulnerabilities
• LinksCaffe 3.0 SQL Injection Vulnerabilities
• SNews Search_Query Cross-Site Scripting Vulnerability
• ActionApps 2.8.1 Multiple Remote File Include Vulnerabilities
• TP Book 1.0 Guestbook.PHP HTML Injection Vulnerability
• Etomite 0.6.1 Index.PHP SQL Injection Vulnerability
• PHPBB-Auction 1.3 Multiple SQL Injection Vulnerabilities
• PHP Forge 3 Cfg_Racine Remote File Include Vulnerability
• wwwThreads 5.4 Calendar.PHP Cross-Site Scripting Vulnerability
• Zyxel Prestige 660H-61 ADSL Router RPSysAdmin.HTML Cross-Site Scripting Vulnerability
• PHPSavant Savant2 Multiple Remote File Include Vulnerabilities
• WMNews 0.2a Base_Datapath Remote File Include Vulnerability
• Multiple Vendor nph-test-cgi Vulnerability
• PHP Pro Bid 5.2.4 Cross-site Scripting Vulnerabilities
• PHP Pro Bid 5.2.4 SQL Injection Vulnerabilities
• PHPODP 1.5h ODP.PHP Cross-Site Scripting Vulnerability
• SD Studio CMS Multiple Input Validation Vulnerabilities
• A6MamboHelpDesk 18 RC1 Admin.a6mambohelpdesk.PHP Remote File Include Vulnerability
• PortailPHP 1.7 Inscription.PHP Remote File Include Vulnerability
• Mam-Moodle pre_alpha Moodle.PHP Remote File Include Vulnerability
• JD WordPress 2.0-1.0 RC 2 WP-TRACKBACK.PHP File Include Vulnerabilities
• JD WordPress 2.0-1.0 RC2 WP-FEED.PHP Remote File Include Vulnerabilities
• JD WordPress 2.0-1.0 RC2 WP-COMMENTS-POST.PHP Remote File Include Vulnerabilities
• Artlinks MosConfig_Absolute_Path Remote File Include Vulnerability
• Mambo Gallery Manager 0.95 MosConfig_Absolute_Path Remote File Include Vulnerability
• PHPNuke INP Modules.PHP Cross-Site Scripting Vulnerability
• Bosdates 4.0 Payment.PHP Remote File Include Vulnerability
• SecurityImages 3.0.5 Component Multiple Remote File Include Vulnerabilities
• X-Scripts X-Protection 1.10 Protect.PHP SQL Injection Vulnerability
• X-Scripts X-Statistics 1.20 X-Statistics.PHP SQL Injection Vulnerability
• Com_Bayesiannaivefilter Mambo Component 1.1 Remote File Include Vulnerability
• User Home Pages 0.5 UHP_CONFIG.PHP Remote File Include Vulnerability
• Mambatstaff MosConfig_Absolute_Path Remote File Include Vulnerability
• Liga Manager Online 2.0 Joomla! Component Remote File Include Vulnerability
• ATutor 1.5.3 Multiple SQL Injection Vulnerabilities
• X-Scripts X-Poll 1.10 Top.PHP SQL Injection Vulnerability
• Ajax Chat 0.1 Cross-Site Scripting Vulnerabilities
• Seir Anphin V666 Community Management System Multiple SQL Injection Vulnerabilities
• MyBulletinBoard 1.1.7 UserCP.PHP Cross-Site Scripting Vulnerability
• Banex 2.21 PHP MySQL Banner Exchange File Include Vulnerability
• Banex 2.21 PHP MySQL Banner Exchange SQL Injection Vulnerabilities
• GeoClassifieds Enterprise 2.0.5.2 Index.PHP Multiple Cross-Site Scripting Vulnerabilities
• MusicBox 2.3.4 Cross-Site Scripting Vulnerabilities
• MusicBox 2.3.4 SQL Injection Vulnerability
• myEvent 1.3 Myevent.PHP Remote File Include Vulnerability
• Moskool 1.5 Component Admin.Moskool.PHP Remote File Include Vulnerability
• CliServ 0.65 Web Community Multiple Remote File Include Vulnerabilities
• ExBB Italia 0.2 UserStop.PHP Remote File Include Vulnerability
• PHPECard 2.1.4 Functions.PHP Remote File Include Vulnerability
• IwebNegar 1.1 Comments.PHP SQL Injection Vulnerability
• EzPortal 1.0 Cross-Site Scripting Vulnerability
• EzPortal 1.0 SQL Injection Vulnerability
• ZoneX 1.0.3 Usercp_Register.PHP Remote File Include Vulnerability
• JetStat JS ASP Faq Manager 1.10 Multiple SQL Injection Vulnerabilities
• MyBulletinBoard 1.1.7 Global.PHP Cross-Site Scripting Vulnerability
• Lanifex 2.3 Database of Managed Objects Access_manager.PHP Remote File Include Vulnerability
• Visualshapers EzContents 2.0.3 GLOBALS[rootdp] Parameter Multiple Remote File Include Vulnerabilities
• Jetbox CMS 2.1 Search_function.PHP Remote File Include Vulnerability
• ScriptsEZ Easy Ad-Manager Details.PHP Cross-Site Scripting Vulnerability
• MyBulletinBoard 1.1.7 Functions_Post.PHP Cross-Site Scripting Vulnerability
• ConfTool 1.1 Index.PHP Cross-Site Scripting Vulnerability