N-Stalker has made available the latest database update for its Web Application Security Assessment Products. Following the support life-cycle, we are still distributing updates for previous version.

You will be able to download it automatically in the following versions:

• N-Stalker Web Application Security Scanner 2006 (Enterprise, QA and Infrastructure Edition)
• WSI Update (N-Stalker Update Manager)
• N-Stealth HTTP Security Scanner (not updated)

You should be able to receive it automatically next time you execute the scanner.

If you prefer to download it manually, please, use the following url: https://customer.nstalker.com.

If you need any additional assistance during this process, please, contact us at:
Web: Open new support ticket at https://customer.nstalker.com
E-mail: http://www.nstalker.com/about/contact (24hs) or
Phone: +55-11-3675-7093 (9am to 18pm GMT-0300)

This release has included the following vulnerabilities:

• Softerra Time-Assistant 6.2 Remote File Include Vulnerability
• Malaika System MyAds 2.04 Xoops Module Index.PHP SQL Injection Vulnerability
• Forum Picture and Meta Tags 1.7 Module PHPBB_ROOT_PATH Remote File Include Vulnerability
• JSBoard 2.0.10 Login.PHP Local File Include Vulnerability
• PHP-Fusion 6.1.4 Calendar_Panel Module Show_Event.PHP SQL Injection Vulnerability
• XOOPS Module Lykos Reviews 1.00 Index.PHP SQL Injection Vulnerability
• Bild Bearbeiten Online Upload Service 1.0 Top.PHP Remote File Include Vulnerability
• Kaqoo Auction Interfaces.Inc.PHP Remote File Include Vulnerability
• Kaqoo Auction Login.Inc.PHP Remote File Include Vulnerability
• Kaqoo Auction Items_Filter.Inc.PHP Remote File Include Vulnerability
• Kaqoo Auction Member.Inc.PHP Remote File Include Vulnerability
• Kaqoo Auction Activate.Inc.PHP Remote File Include Vulnerability
• Kaqoo Auction Admin_Balance.Inc.PHP Remote File Include Vulnerability
• Kaqoo Auction Install_Complete.Inc.PHP Remote File Include Vulnerability
• Kaqoo Auction New_Item.Inc.PHP Remote File Include Vulnerability
• Kaqoo Auction Login.Inc.PHP Remote File Include Vulnerability
• Kaqoo Auction Function.Inc.PHP Remote File Include Vulnerability
• Kaqoo Auction Support.Inc.PHP Remote File Include Vulnerability
• Kaqoo Auction Login.Inc.PHP Remote File Include Vulnerability
• CWB Pro 1.5 Cls_Listorders.PHP Remote File Include Vulnerability
• CWB Pro 1.5 Cls_Viewpastorders.PHP Remote File Include Vulnerability
• CWB Pro 1.5 Cls_Headline_Prod.PHP Remote File Include Vulnerability
• XOOPS Module Camportail 1.1 Show.PHP SQL Injection Vulnerability
• Atlassian JIRA 3.4.2 IssueNavigator.JSPA Cross-Site Scripting Vulnerability
• Really Simple PHP and Ajax 2007 Controller_v4.PHP Remote File Include Vulnerability
• Really Simple PHP and Ajax 2007 Controller_v5.PHP Remote File Include Vulnerability
• FlexPHPNews 0.0.5 News.PHP SQL Injection Vulnerability
• XOOPS RM+Soft Gallery Module 1.0 Categos.PHP SQL Injection Vulnerability
• MapTools 2.2.1 MapLab Params.PHP Remote File Include Vulnerability
• BT-Sondage 1.12 Gestion_Sondage.PHP Remote File Include Vulnerability
• Drake CMS 0.3.7 UI.DTA.PHP Cross-Site Scripting Vulnerability
• Drake CMS 0.3.7 404.PHP Local File Include Vulnerability
• XOOPS Debaser Module 0.92 Genre.PHP SQL Injection Vulnerability
• PHP-Fusion Multiple Modules 1.0 Index.PHP SQL Injection Vulnerabilities
• XOOPS WF-Section Module 1.01 Print.PHP SQL Injection Vulnerability
• XFSection Xoops Module 1.07 Print.PHP SQL Injection Vulnerability
• MyBB 1.2.3 Languages.PHP Client-IP SQL Injection Vulnerability
• MyBB 1.2.3 Index.PHP Client-IP SQL Injection Vulnerability
• CyBoards PHP Lite 1.21 Default_Header.PHP Remote File Include Vulnerability
• NextPage LivePublish 2.02 LPEXT.DLL Cross-Site Scripting Vulnerability
• XOOPS KShop Module 1.17 Product_Details.PHP SQL Injection Vulnerability
• XOOPS PopnupBlog Module 2.52 Index.PHP SQL Injection Vulnerability
• HolaCMS 1.4.10 Index_CMS.PHP Cross-Site Scripting Vulnerability
• EXV2 2.0.4.3 CMS Article.PHP Cross-Site Scripting Vulnerability
• EXV2 2.0.4.3 CMS Index.PHP Cross-Site Scripting Vulnerability
• EXV2 2.0.4.3 CMS Topics.PHP Cross-Site Scripting Vulnerability
• EXV2 2.0.4.3 CMS Archive.PHP Cross-Site Scripting Vulnerability
• AroundMe 0.7.7 Maint_Contact_View.Tpl.PHP Remote File Include Vulnerability
• AroundMe 0.7.7 Default.Tpl.PHP Remote File Include Vulnerability
• AroundMe 0.7.7 Maint_Contact_View.Tpl.PHP Remote File Include Vulnerability
• AroundMe 0.7.7 Core_Profile.Header.PHP Remote File Include Vulnerability
• MyBlog 1.6 Games.PHP Remote File Include Vulnerability
• Gazi Okul Sitesi 2007 Fotokategori.ASP SQL Injection Vulnerability
• PHPBB Mutant 0.9.2 Mutant_Functions.PHP Remote File Include Vulnerability
• XOOPS Multiple Modules ViewCat.PHP SQL Injection Vulnerability
• XOOPS Multiple Modules ViewCat.PHP SQL Injection Vulnerability
• PHP-Generics 1.0 Dbcommon/Include.PHP Remote File Include Vulnerability
• PHP-Generics 1.0 Exception/Include.PHP Remote File Include Vulnerability
• PHP-Generics 1.0 Include.PHP Remote File Include Vulnerability
• CodeWand PHPBrowse Include_Stream.Inc.PHP Remote File Include Vulnerability
• Lite-CMS 0.2.1 Index.PHP Local File Include Vulnerability
• Sisplet CMS 05.10 Komentar.PHP Remote File Include Vulnerability
• Xoops Jobs Module 2.4 Index.PHP SQL Injection Vulnerability
• XOOPS WF-Link Module 1.03 Viewcat.PHP SQL Injection Vulnerability
• WebSpell 4.1.2 Picture.PHP Local File Include Vulnerability
• WebSpell 4.1.2 Picture.PHP Local File Include Vulnerability
• Livor 2.5 Index.PHP Cross-Site Scripting Vulnerability
• SmodBIP 1.06 Index.PHP SQL Injection Vulnerability
• WitShare 0.9 Index.PHP Local File Include Vulnerability
• Youngzsoft CMailServer 5.3.4 Signup.ASP Cross-Site Scripting Vulnerability
• Youngzsoft CMailServer 5.4.3 Comment Parameter Cross-Site Scripting Vulnerability
• SmodCMS 2.10 Dictionary.PHP SQL Injection Vulnerability
• MyNews 4.2.2 Week_Events.PHP Remote File Include Vulnerability
• phpGalleryScript 1.0 Init.Gallery.PHP Remote File Include Vulnerability
• EBoard 1.0.7 Member.PHP Local File Include Vulnerability
• Requestit 1.0 Index.PHP Remote File Include Vulnerability
• DirectAdmin 1.28.1 CMD_EMAIL_FORWARDER_MODIFY Cross-Site Scripting Vulnerability
• DirectAdmin 1.28.1 CMD_TICKET Cross-Site Scripting Vulnerability
• DirectAdmin 1.28.1 CMD_EMAIL_VACATION_MODIFY Cross-Site Scripting Vulnerability
• DirectAdmin 1.28.1 CMD_EMAIL_LIST Cross-Site Scripting Vulnerability
• DirectAdmin 1.28.1 CMD_FTP_SHOW Cross-Site Scripting Vulnerability
• DirectAdmin 1.28.1 CMD_SHOW_USER Cross-Site Scripting Vulnerability
• DirectAdmin 1.28.1 CMD_SHOW_RESELLER Cross-Site Scripting Vulnerability
• DirectAdmin 1.28.1 CMD_TICKET_CREATE Cross-Site Scripting Vulnerability
• QuizShock 1.6.1 Auth.PHP HTML Injection Vulnerability
• UBB.Threads 6.1.1 UBBThreads.PHP SQL Injection Vulnerability
• ScarNews 1.2.1 Scarnews.Inc.PHP Local File Include Vulnerability
• DeskPro 2.0.1 Login.PHP HTML Injection Vulnerability
• Pathos 0.92-2 Warn.PHP Remote File Include Vulnerability
• eCardMAX HotEditor 4.0 Keyboard.PHP Local File Include Vulnerability
• Battle.net Clan Script 1.5 Login.PHP SQL Injection Vulnerability
• PHP121 2.2 Instant Messenger php121db.PHP Local File Include Vulnerability
• HIOX Free Guest Book 4.0 Index.PHP HTML Injection Vulnerability
• Mambo/Joomla Taskhopper 1.1 Itemstatus_Type.PHP Remote File Include Vulnerability
• Mambo/Joomla Taskhopper 1.1 Projectstatus_Type.PHP Remote File Include Vulnerability
• Mambo/Joomla Taskhopper 1.1 Request_Type.PHP Remote File Include Vulnerability
• Mambo/Joomla Taskhopper 1.1 Responses_Type.PHP Remote File Include Vulnerability
• Mambo/Joomla Taskhopper 1.1 Timelog_Type.PHP Remote File Include Vulnerability
• Mambo/Joomla Taskhopper 1.1 Urgency_Type.PHP Remote File Include Vulnerability
• Mambo/Joomla Taskhopper 1.1 Contact_Type.PHP Remote File Include Vulnerability