N-Stalker has made available the latest database update for its Web Application Security Assessment Products. Following the support life-cycle, we are still distributing updates for previous version.

You will be able to download it automatically in the following versions:

• N-Stalker Web Application Security Scanner 2006 (Enterprise, QA and Infrastructure Edition)
• WSI Update (N-Stalker Update Manager)
• N-Stealth HTTP Security Scanner (not updated)

You should be able to receive it automatically next time you execute the scanner.

If you prefer to download it manually, please, use the following url: https://customer.nstalker.com.

If you need any additional assistance during this process, please, contact us at:
Web: Open new support ticket at https://customer.nstalker.com
E-mail: http://www.nstalker.com/about/contact (24hs) or
Phone: +55-11-3675-7093 (9am to 18pm GMT-0300)

This release has included the following vulnerabilities:

• Achievo 0.9.1 Remote File Include Command Execution Vulnerability [CVE-2002-1435]
• Sage Content Management System 1.0 Cross Site Scripting Vulnerability [CVE-2003-1243]
• Geeklog 1.3.7 Profiles.PHP Multiple Cross-Site Scripting Vulnerabilities
• Geeklog 1.3.7 Comment.PHP Cross-Site Scripting Vulnerability
• Axis Network Camera 2.32 HTTP Authentication Bypass Vulnerability [CVE-2003-0240]
• AlstraSoft E-Friends 4.0 Pack Parameter SQL Injection Vulnerability [CVE-2007-2824]
• GaliX 2.0 Index.PHP Cross Site Scripting Vulnerability [CVE-2007-2806]
• Zomplog 3.7.6 Mp3playlist.PHP SQL Injection Vulnerability [CVE-2007-2773]
• HLstats 1.35 HLStats.PHP Cross Site Scripting Vulnerability [CVE-2007-2812]
• Apache Tomcat 6.0.10 Documentation Sample Application Cross-Site Scripting Vulnerability [CVE-2007-1355]
• Libstats 1.0.3 Template_CSV.PHP Remote File Include Vulnerability [CVE-2007-2779]
• MolyX Board 2.5 Index.PHP Local File Include Vulnerability [CVE-2007-2778]
• Build It Fast 0.4.1 Application.PHP Remote File Include Vulnerability [CVE-2007-2762]
• Build It Fast 0.4.1 Widget.BifWarning.PHP Remote File Include Vulnerability [CVE-2007-2762]
• Build It Fast 0.4.1 Widget.BifRoot3.PHP Remote File Include Vulnerability [CVE-2007-2762]
• Build It Fast 0.4.1 Widget.BifRoot2.PHP Remote File Include Vulnerability [CVE-2007-2762]
• Build It Fast 0.4.1 Widget.BifRoot.PHP Remote File Include Vulnerability [CVE-2007-2762]
• Build It Fast 0.4.1 Widget.BifContainer.PHP Remote File Include Vulnerability [CVE-2007-2762]
• Build It Fast 0.4.1 Footer.PHP Remote File Include Vulnerability [CVE-2007-2762]
• Article System Volume.PHP Remote File Include Vulnerability [CVE-2006-5766]
• Redoable 1.2 Header.PHP Cross-Site Scripting Vulnerability [CVE-2007-2757]
• VP-ASP Shopping Cart 6.50 ShopContent.ASP Cross-Site Scripting Vulnerability [CVE-2007-2790]
• FAQEngine 4.16.3 Question.PHP SQL Injection Vulnerability [CVE-2007-2749]
• FreeWebShop Index.PHP Directory Traversal Vulnerability [CVE-2006-5773]
• Geeklog 2.x ImageImageMagick.PHP Remote File Include Vulnerability [CVE-2007-2793]
• SimpNews 2.40.1 Print.PHP SQL Injection Vulnerability [CVE-2007-2750]
• PHPGlossar 0.8 Add.PHP Remote File Include Vulnerability [CVE-2007-2751]
• PHPGlossar 0.8 Change_Action.PHP Remote File Include Vulnerability [CVE-2007-2751]
• Achievo 1.1 ATK.Inc Remote File Include Vulnerability [CVE-2007-2736]
• Jetbox CMS 2.1 Index.PHP Cross Site Scripting Vulnerability [CVE-2007-2732]
• Jetbox CMS 2.1 Index.PHP Cross Site Scripting Vulnerability [CVE-2007-2732]
• Jetbox CMS 2.1 Index.PHP Cross Site Scripting Vulnerability [CVE-2007-2732]
• Jetbox CMS 2.1 Index.PHP Cross Site Scripting Vulnerability [CVE-2007-2732]
• Jetbox CMS 2.1 Index.PHP Cross Site Scripting Vulnerability [CVE-2007-2732]
• Jetbox CMS 2.1 Index.PHP Cross Site Scripting Vulnerability [CVE-2007-2732]
• XOOPS Module Glossarie 1.7 Glossaire-P-F.PHP SQL Injection Vulnerability [CVE-2007-2738]
• MyConference Xoops Module 1.0 Index.PHP SQL Injection Vulnerability [CVE-2007-2737]
• Geeklog Media Gallery 1.4.7 Ftpmedia.PHP Remote File Include Vulnerability [CVE-2007-2706]
• SonicBB 1.0 Viewforum.PHP SQL Injection Vulnerability [CVE-2007-1902]
• Linksnet Newsfeed 1.0 Remote File Include Vulnerability [CVE-2007-2707]
• Flip 2.0.1 Everything.PHP Remote File Include Vulnerability [CVE-2007-2140]
• Tools 4 Web News-Script 2.0 NewsAdmin.PHP Remote File Include Vulnerability [CVE-2007-2708]
• NagiosQL 2.0 Prepend_Adm.PHP Remote File Include Vulnerability [CVE-2007-2709]
• SonicBB 1.0 Search.PHP Cross-Site Scripting Vulnerability [CVE-2007-1903]
• EfesTECH Haber 5.0 SQL Injection Vulnerability [CVE-2007-2662]
• Beacon 0.2 Splash.lang.PHP Remote File Include Vulnerability [CVE-2007-2663]
• BlogMe 3.0 Archshow.ASP SQL Injection Vulnerability [CVE-2007-2659]
• ACGV Annu 1.3 ACVG.PHP Local File Include Vulnerability [CVE-2007-2560]
• EQDKP 1.3.1 Show Variable Cross-Site Scripting Vulnerability [CVE-2007-2716]
• IG Shop 1.4 Page.PHP SQL Injection Vulnerability [CVE-2007-2717]
• W1L3D4 Philboard 0.2 W1L3D4_Bolum.ASP SQL Injection Vulnerability [CVE-2007-2641]
• PinkCrow Designs Gallery 2.0 PHPThumb.PHP Local File Include Vulnerability [CVE-2007-2643]
• R2K Gallery 1.7 Galeria.PHP Local File Include Vulnerability [CVE-2007-2642]
• TeamSpeak Server 2.0.20.1 Ok_Box.HTML Cross-Site Scripting Vulnerability
• TaskDriver 1.2 Notes.PHP SQL Injection Vulnerability [CVE-2007-2622]
• PHP Multi User Randomizer 2006.09.13 Configure_Plugin.TPL.PHP Cross-Site Scripting Vulnerability [CVE-2007-2632]
• Original Version 0.11 Config.Inc.PHP Remote File Include Vulnerability [CVE-2007-2620]
• TutorialCMS 1.00 Search.PHP SQL Injection Vulnerability [CVE-2007-2600]
• Simple News 1.0.0 FINAL Print.PHP SQL Injection Vulnerability [CVE-2007-2598]
• TellTargetCMS 1.3.3 Site_Conf.PHP Remote File Include Vulnerability [CVE-2007-2597]
• TellTargetCMS 1.3.3 Lay.PHP Remote File Include Vulnerability [CVE-2007-2597]
• TellTargetCMS 1.3.3 Referenz.PHP Remote File Include Vulnerability [CVE-2007-2597]
• TellTargetCMS 1.3.3 Surfer_Aendern.PHP Remote File Include Vulnerability [CVE-2007-2597]
• TellTargetCMS 1.3.3 Produkte_Nach_Serie_Alle.PHP Remote File Include Vulnerability [CVE-2007-2597]
• TellTargetCMS 1.3.3 Surfer_Anmeldung_NWL.PHP Remote File Include Vulnerability [CVE-2007-2597]
• TellTargetCMS 1.3.3 Hg_Referenz_Jobgalerie.PHP Remote File Include Vulnerability [CVE-2007-2597]
• TellTargetCMS 1.3.3 Ref_Kd_Rubrik.PHP Remote File Include Vulnerability [CVE-2007-2597]
• TellTargetCMS 1.3.3 Produkte_Nach_Serie.PHP Remote File Include Vulnerability [CVE-2007-2597]
• TellTargetCMS 1.3.3 Class.Csv.PHP Remote File Include Vulnerability [CVE-2007-2597]
• AForum 1.32 Func.PHP Remote File Include Vulnerability [CVE-2007-2596]
• PHPMyPortal 3.0 RC3 Articles.Inc.PHP Remote File Include Vulnerability [CVE-2007-2594]
• FAQ Administrator FAQ_Reply.PHP Remote File Include Vulnerability [CVE-2006-5637]
• The Search Engine Project Configfunction.PHP Remote File Include Vulnerability [CVE-2006-4085]
• Novell Netware Enterprise Web Server 6.0 Multiple Vulnerabilities [CVE-2004-2104]
• Miplex SmartyFU.Class.PHP Remote File Include Vulnerability [CVE-2007-2608]
• Berylium2 2003-08-18 Berylium-Classes.PHP Remote File-Include Vulnerability [CVE-2007-2531]
• CGX 20050314 Mtdialogo.PHP Remote File Include Vulnerability [CVE-2007-2611]
• CGX 20050314 Logingecon.PHP Remote File Include Vulnerability [CVE-2007-2611]
• CGX 20050314 Login.PHP Remote File Include Vulnerability [CVE-2007-2611]
• CGX 20050314 Ltdialogo.PHP Remote File Include Vulnerability [CVE-2007-2611]
• Crie Seu PHPLojaFacil 0.1.5 Ftp.PHP Remote File Include Vulnerability [CVE-2007-2615]
• Crie Seu PHPLojaFacil 0.1.5 Ftp.PHP Remote File Include Vulnerability [CVE-2007-2615]
• Crie Seu PHPLojaFacil 0.1.5 Db.PHP Remote File Include Vulnerability [CVE-2007-2615]
• LaVague 0.3 PrintBar.PHP Remote File Include Vulnerability [CVE-2007-2607]
• Advanced Guestbook 2.4.2 Picture.PHP Cross-Site Scripting Vulnerability [CVE-2007-0605]
• Censura 1.15.4 Censura.PHP SQL Injection Vulnerability [CVE-2007-2673]
• PHP TopTree BBS 2.0.1a TPL_Message.PHP Remote File Include Vulnerability [CVE-2007-2544]
• Kayako eSupport 3.0.90 Index.PHP Cross-Site Scripting Vulnerability [CVE-2007-2562]
• FipsCMS 2.1 PID Parameter SQL Injection Vulnerability [CVE-2007-2561]
• Mini Web Shop 2.0 Order_Form.PHP Cross Site Scripting Vulnerability [CVE-2007-2532]
• Mini Web Shop 2.0 Sendmail.PHP Cross Site Scripting Vulnerability [CVE-2007-2532]
• Archangel Weblog 0.90.2 Local File Include And Authentication Bypass Vulnerabilities [CVE-2007-2574]
• WF-Quote 1.0 Xoops Module Index.PHP SQL Injection Vulnerability
• PHP Content Architect 0.9 MFA_Theme.PHP Remote File Include Vulnerability [CVE-2007-2572]
• WikiVI5 Show.PHP Remote File Include Vulnerability [CVE-2007-2570]
• PHPFaber TopSites 3.0 Admin/Index.PHP Directory Traversal Vulnerability [CVE-2007-2155]
• Friendly 1.0d1 Yaml.Inc.PHP Remote File Include Vulnerability [CVE-2007-2569]
• Friendly 1.0d1 _Load.PHP Remote File Include Vulnerability [CVE-2007-2569]
• Friendly 1.0d1 _Load.PHP Remote File Include Vulnerability [CVE-2007-2569]
• Friendly 1.0d1 _Load.PHP Remote File Include Vulnerability [CVE-2007-2569]
• ACP3 4.0 Index.PHP SQL Injection Vulnerability [CVE-2007-2577]
• ACP3 4.0 Index.PHP SQL Injection Vulnerability [CVE-2007-2577]
• ACP3 4.0 Index.PHP Cross-Site Scripting Vulnerability [CVE-2007-2579]
• ACP3 4.0 Index.PHP Cross-Site Scripting Vulnerability [CVE-2007-2579]
• ACP3 4.0 Index.PHP Cross-Site Scripting Vulnerability [CVE-2007-2579]
• ACP3 4.0 Download.PHP Cross-Site Scripting Vulnerability [CVE-2007-2579]
• ACP3 4.0 Index.PHP Cross-Site Scripting Vulnerability [CVE-2007-2579]
• ACP3 4.0 Index.PHP Cross-Site Scripting Vulnerability [CVE-2007-2579]