RESELLER | LOGIN
← Volte para a página principal
N-Stalker Latest Updates

Mambo Vulnerabilities and new updates

By N-Stalker Team on April 30, 2007

N-Stalker has made available the latest database update for its Web Application Security Assessment Products. Following the support life-cycle, we are still distributing updates for previous version.

You will be able to download it automatically in the following versions:

  • N-Stalker Web Application Security Scanner 2006 (Enterprise, QA and Infrastructure Edition)
    • WSI Update (N-Stalker Update Manager)
  • N-Stealth HTTP Security Scanner (not updated)

You should be able to receive it automatically next time you execute the scanner.

If you prefer to download it manually, please, use the following url: https://customer.nstalker.com.

If you need any additional assistance during this process, please, contact us at:
Web: Open new support ticket at https://customer.nstalker.com
E-mail: http://www.nstalker.com/about/contact (24hs) or
Phone: +55-11-3675-7093 (9am to 18pm GMT-0300)

This release has included the following vulnerabilities:

  • PHPList 2.10.2 Index.PHP Cross-Site Scripting Vulnerability
  • Alice-CMS 0.1 Guestbook/Index.PHP Remote File Include Vulnerability
  • Boonex Dolphin 5.2 Index.PHP Local File Include Vulnerability
  • Dev Web Manager System 1.5 Index.PHP Cross-Site Scripting Vulnerability
  • P-News 1.17 P-news.PHP Remote File Include Vulnerability
  • F5 FirePass 1000 5.5 SSL VPN My.AccTab.PHP3 Cross-Site Scripting Vulnerability
  • Multiple Comdev Applications 4.1 Adminfoot.PHP Remote File Include Vulnerability
  • Zorum 3.5 DBProperty.PHP Remote File Include Vulnerability
  • PHPAMX 0.9 Main.PHP Remote File Include Vulnerability
  • Kinesis Interactive Cinema System Index.ASP SQL Injection Vulnerability
  • PHP Live Helper 1.17 Admin.PHP Remote File Include Vulnerability
  • PHP Live Helper 1.17 Pbook.PHP Remote File Include Vulnerability
  • Lou Portail 1.4.1 Admin_Module.PHP Remote File Include Vulnerability
  • Lou Portail 1.4.1 Admin_Module.PHP Directory Traversal Vulnerability
  • YapBB 1.2 YapBB_Session.PHP Remote File Include Vulnerability
  • LoCal Calendar System 1.1 LcUser.PHP Remote File Include Vulnerability
  • ASPPlayGround.NET Forum 2.4.5 Calendar.ASP Cross-Site Scripting Vulnerability
  • pandaBB Basepath Parameter Remote File Include Vulnerability
  • pandaBB Adminpath Parameter Remote File Include Vulnerability
  • Power Phlogger 2.0.9 Config.Inc.PHP3 Remote File Include Vulnerability
  • DigitalHive 2.0 Base_Include.PHP Remote File Include Vulnerability
  • Segue CMS 1.5.8 Themesdir Remote File Include Vulnerability
  • XChangeboard 1.70 LoginNick SQL Injection Vulnerability
  • UltraCMS 0.9 Username and Password SQL Injection Vulnerability
  • SpeedBerg 1.2 GeneralToolBox.Tlb.PHP Remote File Include Vulnerability
  • SpeedBerg 1.2 MyToolBox.Tlb.PHP Remote File Include Vulnerability
  • SpeedBerg 1.2 Scriplet.Inc.PHP Remote File Include Vulnerability
  • SpeedBerg 1.2 SimplePage.Tpl.PHP Remote File Include Vulnerability
  • SpeedBerg 1.2 Speedberg.Class.PHP Remote File Include Vulnerability
  • SpeedBerg 1.2 EntrancePage.Tpl.PHP Remote File Include Vulnerability
  • SpeedBerg 1.2 EntrancePage.Tpl.PHP Remote File Include Vulnerability
  • Mambo 4.6.1 Index.PHP Cross-Site Scripting Vulnerability
  • Web Group Communication Center 0.5.6 Quiz.PHP SQL Injection Vulnerability
  • RSSonate Config_Local.PHP Remote File Include Vulnerability
  • RSSonate Sql2xml.PHP Remote File Include Vulnerability
  • RSSonate Rssonate.PHP Remote File Include Vulnerability
  • RSSonate Xml2rss.PHP Remote File Include Vulnerability
  • Virtual Law Office Setup.PHP Remote File Include Vulnerability
  • Virtual Law Office Calendar.PHP Remote File Include Vulnerability
  • Open Meetings Filing Application Email/Session.PHP Remote File Include Vulnerability
  • Open Meetings Filing Application Entityproperties/Session.PHP Remote File Include Vulnerability
  • Open Meetings Filing Application Editmeetings/Session.PHP Remote File Include Vulnerability
  • Open Meetings Filing Application Editmeetings/Session.PHP Remote File Include Vulnerability
  • Kawf 1.0 Main.PHP Remote File Include Vulnerability
  • Castor 1.1.1 RS.PHP Remote File Include Vulnerability
  • Trawler Web CMS 1.8.1 Colorpik2.PHP Remote File Include Vulnerability
  • Trawler Web CMS 1.8.1 Extras_Menu.PHP Remote File Include Vulnerability
  • Trawler Web CMS 1.8.1 Newfile.PHP Remote File Include Vulnerability
  • Trawler Web CMS 1.8.1 Insert1.PHP Remote File Include Vulnerability
  • Trawler Web CMS 1.8.1 Downloads/Index.PHP Remote File Include Vulnerability
  • Trawler Web CMS 1.8.1 Up/Index.PHP Remote File Include Vulnerability
  • Mambo MambWeather 1.8.1 Module Savant2_Plugin_Options.PHP Remote File Include Vulnerability
  • PGOSD Function.PHP3 Remote File Include Vulnerability
  • Net_DNS 0.3 RR.PHP Remote File Include Vulnerability
  • EZ-Ticket 0.0.1 Common.PHP Remote File Include Vulnerability
  • AROUNDMe 0.5.2 P_New_Password.TPL.PHP Remote File Include Vulnerability
  • Vitrax Premodded 107 Functions_Portal.PHP Remote File Include Vulnerability
  • SAPHPLesson 3.0 Multiple SQL Injection Vulnerabilities
  • Learn.com Learncenter.ASP Cross-Site Scripting Vulnerability
  • BlueShoes Framework 4.6 Viewer.PHP Remote File Include Vulnerability
  • BlueShoes Framework 4.6 File.PHP Remote File Include Vulnerability
  • BlueShoes Framework 4.6 FileBrowserInner.PHP Remote File Include Vulnerability
  • BlueShoes Framework 4.6 Bs_Faq.Class.PHP Remote File Include Vulnerability
  • BlueShoes Framework 4.6 Bs_Ml_User.Class.PHP Remote File Include Vulnerability
  • BlueShoes Framework 4.6 Bs_Wse_Profile.Class.PHP Remote File Include Vulnerability
  • BlueShoes Framework 4.6 Bs_ImageArchive.Class.PHP Remote File Include Vulnerability
  • ClanLite Config-PHP.PHP Remote File Include Vulnerability
  • SchoolAlumni Portal 2.26 Directory Traversal Vulnerability
  • SchoolAlumni Portal 2.26 Cross-Site Scripting Vulnerability
  • RMSOFT Gallery System 2.0 Images.PHP Cross-Site Scripting Vulnerability
  • MDWeb 1.3 Country_Insert.PHP Remote File Include Vulnerability
  • MDWeb 1.3 Form_Org.Inc.PHP Remote File Include Vulnerability
  • D-Link DSL-G624T Information Disclosure Vulnerability
  • SourceForge 1.0.4 Database.PHP Remote File Include Vulnerability
  • OTSCMS 2.1.3 OTSCMS.PHP GLOBALS[Config][Directories][Classes] Parameter Remote File Include Vulnerability
  • OTSCMS 1.0.3 OTSCMS.PHP GLOBALS[Config][Otscms][Directories][Includes] Parameter Remote File Include Vulnerability
  • OTSCMS 1.4.1 OTSCMS.PHP GLOBALS[Config][Otscms][Directories][Classes] Parameter Remote File Include Vulnerability
  • INCA IM-204 Information Disclosure Vulnerability
  • JumbaCMS 0.0.1 Functions.PHP Remote File Include Vulnerability
  • Der Dirigent 1.0.3 Insert_Table.PHP Remote File Include Vulnerability
  • Der Dirigent 1.0.3 Insert_Link.PHP Remote File Include Vulnerability
  • Der Dirigent 1.0.3 Table_Prop.PHP Remote File Include Vulnerability
  • Der Dirigent 1.0.3 Insert_Line.PHP Remote File Include Vulnerability
  • Der Dirigent 1.0.3 Insert_Link.PHP Remote File Include Vulnerability
  • Intelimen InteliEditor 1.2.2.1 Lib.Editor.Inc.PHP Remote File Include Vulnerability
  • Crafty Syntax Live Help 2.9.9 Util.PHP Remote File Include Vulnerability
  • Crafty Syntax Live Help 2.9.9 Sql.PHP Remote File Include Vulnerability
  • Crafty Syntax Live Help 2.9.9 Resultset.PHP Remote File Include Vulnerability
  • Crafty Syntax Live Help 2.9.9 Stringparser.PHP Remote File Include Vulnerability
  • Smarty 2.6.9 Smarty.Class.PHP Remote File Include Vulnerability
  • SimpNews 2.34 Multiple Cross-Site Scripting Vulnerabilities
  • CPanel 10.9 Dosetmytheme Cross-Site Scripting Vulnerability
  • CPanel 10.9 Editzonetemplate Cross-Site Scripting Vulnerability

This entry was posted in N-Stalker Latest Updates. Bookmark the permalink.
Products
About N-Stalker
Contact

Rua Monte Alegre, 61 - cj 81
Sao Paulo, BRA, 05014-000
BRA Phone: +55-11-3868-1997
Contact us