RESELLER | LOGIN
← Volte para a página principal
N-Stalker Latest Updates

WebSVN vulnerabilities and new updates

By N-Stalker Team on August 18, 2007

N-Stalker has made available the latest database update for its Web Application Security Assessment Products. Following the support life-cycle, we are still distributing updates for previous version.

You will be able to download it automatically in the following versions:

  • N-Stalker Web Application Security Scanner 2006 (Enterprise, QA and Infrastructure Edition)
    • WSI Update (N-Stalker Update Manager)
  • N-Stealth HTTP Security Scanner (not updated)

You should be able to receive it automatically next time you execute the scanner.

If you prefer to download it manually, please, use the following url: https://customer.nstalker.com.

If you need any additional assistance during this process, please, contact us at:
Web: Open new support ticket at https://customer.nstalker.com
E-mail: http://www.nstalker.com/about/contact (24hs) or
Phone: +55-11-3675-7093 (9am to 18pm GMT-0300)

This release has included the following vulnerabilities:

  • Particle Gallery 1.0.1 Search.PHP Cross-Site Scripting Vulnerability [CVE-2007-2962]
  • Madirish Webmail 2.0 AddressBook.PHP Remote File Include Vulnerability [CVE-2007-2826]
  • Aigaion 1.3 Publicationactions.PHP HTML-injection Vulnerability [CVE-2007-3078]
  • Aigaion 1.3 Authoractions.PHP HTML-injection Vulnerability [CVE-2007-3078]
  • Prototype Of An PHP Application 0.1 Common.Inc.PHP Remote File Include Vulnerability
  • Prototype Of An PHP Application 0.1 Index.PHP Remote File Include Vulnerability
  • Prototype Of An PHP Application 0.1 Param.Inc.PHP Remote File Include Vulnerability
  • Prototype Of An PHP Application 0.1 Menuprincipal.PHP Remote File Include Vulnerability
  • Prototype Of An PHP Application 0.1 Ident.Inc.PHP Remote File Include Vulnerability
  • Prototype Of An PHP Application 0.1 Admin/Index.PHP Remote File Include Vulnerability
  • Prototype Of An PHP Application 0.1 Identification.PHP Remote File Include Vulnerability
  • Prototype Of An PHP Application 0.1 Disconnect.PHP Remote File Include Vulnerability
  • Prototype Of An PHP Application 0.1 Loginliste.PHP Remote File Include Vulnerability
  • Prototype Of An PHP Application 0.1 Loginmodif.PHP Remote File Include Vulnerability
  • Prototype Of An PHP Application 0.1 Ident/Index.PHP Remote File Include Vulnerability
  • Prototype Of An PHP Application 0.1 Gestion/Index.PHP Remote File Include Vulnerability
  • Buttercup WFM May-2007 Title Parameter Cross-Site Scripting Vulnerability [CVE-2007-3049]
  • Built2Go PHP Link Portal 1.79 Remote File Include Vulnerability [CVE-2007-2286]
  • Evenzia Content Management Systems (CMS) cross-site script vulnerability [CVE-2007-2991]
  • XOOPS IContent Module 1.0 Spaw_Control.Class.PHP Remote File Include Vulnerability [CVE-2007-3057]
  • Linker 2.0.4 Index.PHP Cross-Site Scripting Vulnerability [CVE-2007-3055]
  • Hunkaray Okul Portaly 1.1 Haberoku.ASP SQL Injection Vulnerability [CVE-2007-3080]
  • Okyanusmedya Index.PHP Cross-Site Scripting Vulnerability
  • Okyanusmedya Index.PHP Cross-Site Scripting Vulnerability
  • WebStudio CMS Index.PHP Cross-Site Scripting Vulnerability [CVE-2007-3070]
  • My DataBook Diary.PHP SQL Injection Vulnerability [CVE-2007-3063]
  • My DataBook Diary.PHP Cross-Site Scripting Vulnerability [CVE-2007-3064]
  • WebSVN 2.0 Filedetails.PHP Cross-Site Scripting Vulnerability [CVE-2007-3056]
  • Linker 2.0.4 Search.PHP Cross-Site Scripting Vulnerability [CVE-2007-3054]
  • PostNuke PNPHPBB2 1.2 Module Index.PHP SQL Injection Vulnerability [CVE-2007-3052]
  • EQDKP 1.3.2 Listmembers.PHP SQL Injection Vulnerability [CVE-2007-3077]
  • SendCard 3.4.1 SendCard.PHP Local File Include Vulnerability [CVE-2007-3082]
  • ASP Folder Gallery Download_Script.ASP Arbitrary File Download Vulnerability [CVE-2007-3158]
  • PBLang 4.66 Login.PHP Local File Include Vulnerability [CVE-2007-3096]
  • ComicSense Index.PHP SQL Injection Vulnerability [CVE-2007-3088]
  • Kravchuk K-Letter 1.0 Unsubs.PHP Remote File Include Vulnerability [CVE-2007-3118]
  • Kravchuk K-Letter 1.0 Subs.PHP Remote File Include Vulnerability [CVE-2007-3118]
  • Kravchuk K-Letter 1.0 Action.PHP Remote File Include Vulnerability [CVE-2007-3118]
  • All In One Control Panel 1.3.16 CP_Dpage.PHP Cross-Site Scripting Vulnerability [CVE-2007-3120]
  • NewsSync 1.5 Nuke_Include.PHP Remote File Include Vulnerability [CVE-2007-3136]
  • Ismail Kartli Alisveris Sistemi 1.0 News.ASP SQL Injection Vulnerability [CVE-2007-3119]
  • Atom PhotoBlog 1.0.9 AtomPhotoBlog.PHP Multiple Input Validation Vulnerabilities [CVE-2007-3135]
  • W1L3D4 WEBmarket 0.1 Urunbak.ASP SQL Injection Vulnerability [CVE-2007-3133]
  • WMSCMS 2.0 4Print.ASP Cross Site Scripting Vulnerability [CVE-2007-3137]
  • WMSCMS 2.0 4Print.ASP Cross Site Scripting Vulnerability [CVE-2007-3137]
  • Hünkaray Duyuru Scripti Oku.ASP SQL Injection Vulnerability
  • phpWebThings 1.5.2 Editor.PHP Remote File Include Vulnerability [CVE-2006-6042]
  • phpWebThings 1.5.2 Editor.PHP Remote File Include Vulnerability [CVE-2007-3141]
  • 3Com OfficeConnect Secure Router 1.04-168 Tk Parameter Cross Site Scripting Vulnerability [CVE-2006-3974]
  • VotreMedia Watermark Module For Gallery 0.4.1 Remote File Include Vulnerability [CVE-2007-2575]
  • Ibrahim Ã?AKICI Okul Portal 2.0 Haber_Oku.ASP SQL Injection Vulnerability
  • WordPress 2.2 Request_URI Parameter Cross-Site Scripting Vulnerability [CVE-2007-3238]
  • Joomla JEvents Component 1.4.1 Comutils.PHP Remote File Include Vulnerability
  • JD Wiki For Joomla 1.0.2 Dwpage.PHP Remote File Include Vulnerability [CVE-2007-3130]
  • JD Wiki For Joomla 1.0.2 Wantedpages.PHP Remote File Include Vulnerability [CVE-2007-3130]
  • vBSupport 2.0 Integrated Ticket System vBSupport.PHP SQL Injection Vulnerability [CVE-2007-3196]
  • Battle.net Clan Script 1.5.1 Login.PHP SQL Injection Vulnerability [CVE-2007-1909]
  • Just For Fun Network Management and Monitoring System 0.8.3 SQL Injection Vulnerability [CVE-2007-3204]
  • Just For Fun Network Management and Monitoring System 0.8.3 Cross-Site Scripting Vulnerability [CVE-2007-3189]
  • Beehive Forum 0.7.1 Links.PHP Cross-Site Scripting Vulnerability [CVE-2007-3212]
  • Beehive Forum 0.7.1 Links.PHP Cross-Site Scripting Vulnerability [CVE-2007-3212]
  • Maran Blog Comments.PHP Cross Site Scripting Vulnerability [CVE-2007-3198]
  • Thyme Calendar 1.3 Event_View.PHP SQL Injection Vulnerability [CVE-2007-2621]
  • ERFAN WIKI 1.0 Index.PHP Cross Site Scripting Vulnerability [CVE-2007-3195]
  • GeometriX Download Portal 1.0 Down_Indir.ASP SQL Injection Vulnerability [CVE-2007-3188]

This entry was posted in N-Stalker Latest Updates. Bookmark the permalink.
Products
About N-Stalker
Contact

Rua Monte Alegre, 61 - cj 81
Sao Paulo, BRA, 05014-000
BRA Phone: +55-11-3868-1997
Contact us