N-Stalker has made available the latest database update for its Web Application Security Assessment Products. Following the support life-cycle, we are still distributing updates for previous version.

You will be able to download it automatically in the following versions:

• N-Stalker Web Application Security Scanner 2006 (Enterprise, QA and Infrastructure Edition)
• WSI Update (N-Stalker Update Manager)
• N-Stealth HTTP Security Scanner (database update 194)
• Automatic DB Update

You should be able to receive it automatically next time you execute the scanner.

If you prefer to download it manually, please, use the following url: https://customer.nstalker.com.

If you need any additional assistance during this process, please, contact us at:
Web: Open new support ticket at https://customer.nstalker.com
E-mail: http://www.nstalker.com/about/contact (24hs) or
Phone: +55-11-3675-7093 (9am to 18pm GMT-0300)

This release has included the following vulnerabilities:

• BirdBlog 1.4 Comment.PHP Cross-Site Scripting Vulnerability
• BirdBlog 1.4 User.PHP Cross-Site Scripting Vulnerability
• BirdBlog 1.4 Index.PHP Cross-Site Scripting Vulnerability
• TikiWiki 1.9.4 Highlight Cross-Site Scripting Vulnerability
• Php_News 2.0 Multiple Remote File Include Vulnerabilities
• AckerTodo 4.0 Index.PHP Cross-Site Scripting Vulnerability
• VBulletin 2.3.8 Global.PHP SQL Injection Vulnerability
• Phoenix Evolution CMS Action Parameter Cross-Site Scripting Vulnerability
• Phoenix Evolution CMS Mod Parameter Cross-Site Scripting Vulnerability
• Phoenix Evolution CMS Pageid Parameter Cross-Site Scripting Vulnerability
• Quickblogger 1.4 Remote File Include Vulnerability
• CubeCart 3.0.12 View_Order.PHP SQL Injection Vulnerability
• CubeCart 3.0.12 View_Doc.PHP SQL Injection Vulnerability
• CubeCart 3.0.12 Forgot_Pass.PHP SQL Injection Vulnerability
• CubeCart 3.0.12 Forgot_Pass.PHP SQL Injection Vulnerability
• CubeCart 3.0.12 View_Order.PHP Cross-Site Scripting Vulnerability
• CubeCart 3.0.12 Footer.Inc.PHP Cross-Site Scripting Vulnerability
• CubeCart 3.0.12 Header.Inc.PHP Cross-Site Scripting Vulnerability
• CubeCart 3.0.12 Print_Order.PHP Cross-Site Scripting Vulnerability
• PABugs 2.0 Class.MySQL.PHP Remote File Include Vulnerability
• PHP Invoice 2.2 Home.PHP Cross-Site Scripting Vulnerability
• Boite de News 4.0.1 Multiple Remote File Include Vulnerabilities
• AnnoncesV 1.1 Annonce.PHP Remote File Include Vulnerability
• VirtueMart Joomla ECommerce Edition 1.0.11 Multiple Input Validation Vulnerabilities
• Web//News 1.4 Parser.PHP Remote File Include Vulnerability
• PHPBB-ES 2 Functions_KB.PHP Remote File Include Vulnerability
• PHProjekt 4.2.3 Specialdays.PHP Remote File Include Vulnerabilities
• PHProjekt 4.2.3 Dbman_Filter.Inc.PHP Remote File Include Vulnerabilities
• Old Jakart Tomcat Versions might be susceptible to security flaws
• Old Jakart Tomcat Versions might be susceptible to security flaws
• MyPhotos 0.1.3b Index.PHP Remote File Include Vulnerability
• PHPSelect Web Development Index.PHP3 Remote File Include Vulnerability
• JAF CMS 4.0RC1 Cross-Site Scripting Vulnerability
• JAF CMS 4.0RC1 HTML-Injection Vulnerability
• A-Blog 2 Menu.PHP Remote File Include Vulnerability
• A-Blog 2 Search.PHP Remote File Include Vulnerability
• A-Blog 2 Donation.PHP Remote File Include Vulnerability
• A-Blog 2 Latestnews.PHP Remote File Include Vulnerability
• A-Blog 2 Links.PHP Remote File Include Vulnerability
• A-Blog 2 Myaccount.PHP Remote File Include Vulnerability
• PPA Gallery 1.0 Functions_Inc.PHP Remote File Include Vulnerability
• Red Mombin 0.7 Process_Login.PHP Cross-Site Scripting Vulnerability
• SAP Internet Transaction Server COMMAND Cross-Site Scripting Vulnerability
• SAP Internet Transaction Server URLMIME Cross-Site Scripting Vulnerability
• Pie Cart Pro Home_Path Remote File Include Vulnerability
• SyntaxCMS 1.3 0004_Init_Urls.PHP Remote File Include Vulnerability
• PHPMyChat 0.1 Connected_Users.Lib.PHP3 Local File Include Vulnerability