RESELLER | LOGIN
← Volte para a página principal
N-Stalker Latest Updates

Chipmunk vulnerabilities and multiple issues

By N-Stalker Team on July 10, 2008

N-Stalker has made available the latest database update for its Web Application Security Assessment Products.

You will be able to download it automatically in the following versions:

  • N-Stalker Web Application Security Scanner 2006 (Enterprise, QA and Infrastructure Edition)
    • WSI Update (N-Stalker Update Manager)
  • N-Stealth HTTP Security Scanner (not updated)

You should be able to receive it automatically next time you execute the scanner.

If you prefer to download it manually, please, use the following url: https://customer.nstalker.com.

If you need any additional assistance during this process, please, contact us at:
Web: Open new support ticket at https://customer.nstalker.com
E-mail: http://www.nstalker.com/about/contact (24hs) or
Phone: +55-11-3675-7093 (9am to 18pm GMT-0300)

This release has included the following vulnerabilities:

  • phPortal 1.2 Gunaysoft.PHP ICERIKYOLU Parameter Remote File Include Vulnerability [CVE-2008-3022]
  • phPortal 1.2 Gunaysoft.PHP SAYFAID Parameter Remote File Include Vulnerability [CVE-2008-3022]
  • phPortal 1.2 Gunaysoft.PHP UZANTI Parameter Remote File Include Vulnerability [CVE-2008-3022]
  • Joomla! and Mambo QuickTime VR Component 0.1 ROOM_ID Parameter SQL Injection Vulnerability
  • XChangeboard 1.70 NewThread.PHP SQL Injection Vulnerability [CVE-2008-3035]
  • plx Ad Trader 3.2 Ad.PHP SQL Injection Vulnerability [CVE-2008-3025]
  • Joomla! and Mambo COM_IS Component 1.0.1 Index.PHP MARKA Parameter SQL Injection Vulnerability
  • Joomla! and Mambo COM_IS Component 1.0.1 Index.PHP MOTOR Parameter SQL Injection Vulnerability
  • Joomla! and Mambo Brightcode Weblinks Component 1.5 Index.PHP SQL Injection Vulnerability [CVE-2008-3083]
  • Joomla! and Mambo Versioning Component 1.0.2 Index.PHP SQL Injection Vulnerability
  • EfesTECH Shop 2.0 Default.ASP SQL Injection Vulnerability [CVE-2008-3030]
  • CAT2 1.2 Spaw_Control.Class.PHP Local File Include Vulnerability
  • CMS little 0.0.1 Index.PHP Local File Include Vulnerability [CVE-2008-3036]
  • Simple PHP Agenda 2.2.4 Index.PHP Local File Include Vulnerability [CVE-2008-3031]
  • VanGogh CMS 0.9 Get_Article.PHP SQL Injection Vulnerability [CVE-2008-3027]
  • phpwebnews 0.2 Bukutamu.PHP SQL Injection Vulnerability
  • phpwebnews 0.2 Index.PHP SQL Injection Vulnerability
  • WebBlizzard CMS Index.PHP SQL Injection Vulnerability
  • Pivot 1.40.5 T Parameter Directory Traversal Vulnerability
  • Commtouch Anti-Spam Enterprise Gateway 5 Login.ASP Cross-Site Scripting Vulnerability
  • BareNuked CMS 1.1 Admin/Users.PHP SQL Injection Vulnerability
  • Sisplet CMS 2008-01-24 Index.PHP SQL Injection Vulnerability
  • TYPO3 Send-A-Card 2.2.2 Multiple Cross-Site Scripting Vulnerability
  • Mambo 4.0.14 Articles Component ARTID Parameter SQL Injection Vulnerability
  • PHP-Fusion Classifieds Module Classifieds.PHP SQL Injection Vulnerability
  • Joomla! and Mambo COM_XEWEBTV Component ID Parameter SQL Injection Vulnerability
  • Acmlmboard 1.A2 Memberlist.PHP SQL Injection Vulnerability
  • Joomla! and Mambo COM_BEAMOSPETITION Component PET Parameter SQL Injection Vulnerability
  • Online Booking Manager 2.2 Checkavail.PHP SQL Injection Vulnerability
  • SebracCMS 0.4 Read.PHP SQL Injection Vulnerability
  • Talking Birds eSHOP100 Index.PHP SQL Injection Vulnerability
  • W1L3D4 Philboard 1.14 Search.ASP Cross-Site Scripting Vulnerability
  • W1L3D4 Philboard 1.14 Forum.ASP SQL Injection Vulnerability
  • SePortal 2.4 Poll.PHP SQL Injection Vulnerability
  • Joomla! and Mambo jabode Index.PHP SQL Injection Vulnerability
  • PowerAward 1.1.0 Winner.PHP Local File Include Vulnerability
  • PowerAward 1.1.0 Agb.PHP Local File Include Vulnerability
  • PowerAward 1.1.0 Winner.PHP Local File Include Vulnerability
  • PowerAward 1.1.0 Voting.PHP Local File Include Vulnerability
  • PowerAward 1.1.0 Voting.PHP Local File Include Vulnerability
  • PowerAward 1.1.0 Votecode.PHP Local File Include Vulnerability
  • PowerAward 1.1.0 Votecode.PHP Local File Include Vulnerability
  • PowerAward 1.1.0 Topsites.PHP Local File Include Vulnerability
  • PowerAward 1.1.0 Topsites.PHP Local File Include Vulnerability
  • PowerAward 1.1.0 Teilnehmer.PHP Local File Include Vulnerability
  • PowerAward 1.1.0 Teilnehmer.PHP Local File Include Vulnerability
  • PowerAward 1.1.0 Statistic.PHP Local File Include Vulnerability
  • PowerAward 1.1.0 Statistic.PHP Local File Include Vulnerability
  • PowerAward 1.1.0 Rss-Reader.PHP Local File Include Vulnerability
  • PowerAward 1.1.0 Rss-Reader.PHP Local File Include Vulnerability
  • PowerAward 1.1.0 Index.PHP Local File Include Vulnerability
  • PowerAward 1.1.0 Index.PHP Local File Include Vulnerability
  • PowerAward 1.1.0 Impressum.PHP Local File Include Vulnerability
  • PowerAward 1.1.0 Impressum.PHP Local File Include Vulnerability
  • PowerAward 1.1.0 Guestbook.PHP Local File Include Vulnerability
  • PowerAward 1.1.0 Guestbook.PHP Local File Include Vulnerability
  • PowerAward 1.1.0 External_Vote.PHP Local File Include Vulnerability
  • PowerAward 1.1.0 External_Vote.PHP Local File Include Vulnerability
  • PowerAward 1.1.0 Charts.PHP Local File Include Vulnerability
  • PowerAward 1.1.0 Charts.PHP Local File Include Vulnerability
  • PowerAward 1.1.0 Anmelden.PHP Local File Include Vulnerability
  • PowerAward 1.1.0 Anmelden.PHP Local File Include Vulnerability
  • PowerAward 1.1.0 Angemeldet.PHP Local File Include Vulnerability
  • PowerAward 1.1.0 Angemeldet.PHP Local File Include Vulnerability
  • PowerAward 1.1.0 Agb.PHP Local File Include Vulnerability
  • PowerAward 1.1.0 External_Vote.PHP Cross-Site Scripting Vulnerability
  • OTManager 24a Index.PHP Local File Include Vulnerability
  • OTManager 24a Index.PHP Cross-Site Scripting Vulnerability
  • pSys 0.7.0 Chatbox.PHP SQL Injection Vulnerability
  • AShop Deluxe Catalogue.PHP SQL Injection Vulnerability
  • HIOX Banner Rotator 1.3 HioxBannerRotate.PHP Remote File Include Vulnerability
  • FaName 1.0 Page.PHP Cross-Site Scripting Vulnerability
  • FaName 1.0 Index.PHP DESC Parameter Cross-Site Scripting Vulnerability
  • FaName 1.0 Index.PHP KEY Parameter Cross-Site Scripting Vulnerability
  • myBloggie 2.1.6 Index.PHP SQL Injection Vulnerability
  • myBloggie 2.1.6 Admin.PHP SQL Injection Vulnerability
  • myBloggie 2.1.6 Admin.PHP Cross-Site Scripting Vulnerability
  • RSS-aggregator 1.0 Supprimer_Flux.PHP SQL Injection Vulnerability
  • RSS-aggregator 1.0 Supprimer_Tag.PHP SQL Injection Vulnerability
  • RSS-aggregator 1.0 Supprimer_Flux.PHP Authentication Bypass Vulnerability
  • RSS-aggregator 1.0 Modifier_Tps_Rafraich.PHP Authentication Bypass Vulnerability
  • Catviz 0.4 Index.PHP WEBPAGE Parameter SQL Injection Vulnerability
  • Catviz 0.4 Index.PHP FOREIGN_KEY_VALUE Parameter SQL Injection Vulnerability
  • phpBLASTER 1.0 CMS Index.PHP DB Parameter Local File Include Vulnerability
  • phpBLASTER 1.0 CMS Index.PHP SKIN Parameter Local File Include Vulnerability
  • phpBLASTER 1.0 CMS Index.PHP LANG Parameter Local File Include Vulnerability
  • PHP-Fusion Kroax Module 4.42 Kroax.PHP SQL Injection Vulnerability
  • PolyPager 0.9.51 NR Parameter Cross Site Scripting Vulnerability
  • Orca 2.0 Params.PHP Remote File Include Vulnerability
  • eTicket 1.5.7 Newticket.PHP SQL Injection Vulnerability
  • eTicket 1.5.7 Open_Raw.PHP SQL Injection Vulnerability
  • eTicket 1.5.7 Open.PHP SQL Injection Vulnerability
  • eTicket 1.5.7 Index.PHP SQL Injection Vulnerability
  • PolyPager 0.9.5.1 NR Parameter SQL Injection Vulnerability
  • Keller Web Admin 0.94 Index.PHP BOOT.INI Local File Include Vulnerability
  • Keller Web Admin 0.94 Index.PHP PASSWD Local File Include Vulnerability
  • EasySiteNetwork Jokes Complete Website 2.1.3 Joke.PHP SQL Injection Vulnerability
  • EasySiteNetwork Riddles Complete Website 1.2.1 Riddle.PHP SQL Injection Vulnerability
  • Joomla! and Mambo FacileForms Component 1.4.6 FF_COMPATH Parameter Remote File Include Vulnerability
  • Galmeta Post 0.2 Test_Adodb_Lite.PHP DATE Parameter Local File Include Vulnerability
  • Galmeta Post 0.2 Test_Adodb_Lite.PHP EXTEND Parameter Local File Include Vulnerability
  • Galmeta Post 0.2 Test_Adodb_Lite.PHP ADODBLITE Parameter Local File Include Vulnerability
  • Galmeta Post 0.2 Test_Adodb_Lite.PHP DATABASETYPE Parameter Local File Include Vulnerability
  • The Rat CMS Pre-Alpha 2 Viewarticle2.PHP Cross-Site Scripting Vulnerability
  • The Rat CMS Pre-Alpha 2 Viewarticle.PHP ID Parameter Cross-Site Scripting Vulnerability
  • The Rat CMS Pre-Alpha 2 Viewarticle.PHP Cross-Site Scripting Vulnerabilit
  • The Rat CMS Pre-Alpha 2 Viewarticle2.PHP SQL Injection Vulnerability
  • The Rat CMS Pre-Alpha 2 Viewarticle.PHP SQL Injection and Cross-Site Scripting Vulnerabilit
  • EVA cms 2.3.1 Index.PHP Remote File Include Vulnerability
  • MosXML 1.x Mod_Mainmenu.PHP Remote File Include Vulnerability
  • nBill Joomla! and Mambo Component 1.2 Index.PHP SQL Injection Vulnerability
  • Jonascms 1.2 Backup.PHP Local File Include Vulnerability
  • Jonascms 1.2 Gb_Voegtoe.PHP Local File Include Vulnerability
  • PHPmotion 2.0 Play.PHP SQL Injection Vulnerability
  • IdeaBox Include.PHP Remote File Include Vulnerability
  • MyPHP CMS 0.3.1 Pages.PHP SQL Injection Vulnerability
  • mUnky 0.01 Index.PHP Local File Include Vulnerability
  • Softbiz Jokes and Funny Pictures Script Index.PHP SQL Injection Vulnerability
  • Webdevindo-CMS 1.0 Index.PHP SQL Injection Vulnerability
  • Relative Real Estate Systems 3.0 Index.PHP SQL Injection Vulnerability
  • benja CMS 0.1 Admin_Edit_Submenu.PHP Cross-Site Scripting Vulnerability
  • benja CMS 0.1 Admin_New_Submenu.PHP Cross-Site Scripting Vulnerability
  • benja CMS 0.1 Admin_Edit_Topmenu.PHP Cross-Site Scripting Vulnerability
  • Chipmunk Blog Members.PHP Cross Site Scripting Vulnerability
  • Chipmunk Blog Comments.PHP Cross Site Scripting Vulnerability
  • Chipmunk Blog Photos.PHP Cross Site Scripting Vulnerability
  • Chipmunk Blog Archive.PHP Cross Site Scripting Vulnerability
  • Chipmunk Blog Cat.PHP Cross Site Scripting Vulnerability
  • Open Digital Assets Repository System 1.0.2 Resource_Categories_View.PHP Remote File Include Vulnerability
  • phpDMCA 1.0 Adodb-Errorpear.Inc.PHP Remote File Include Vulnerability
  • phpDMCA 1.0 Adodb-Pear.Inc.PHP Remote File Include Vulnerability
  • HoMaP 0.1 Plugin_Admin.PHP Remote File Include Vulnerability
  • sHibby sHop 2.2 Default.ASP SQL Injection Vulnerability
  • MiGCMS 2.0.5 Content_Image.Class.PHP Remote File Include Vulnerability
  • MiGCMS 2.0.5 Collection.Class.PHP Remote File Include Vulnerability
  • RSS-aggregator Display.PHP Remote File Include Vulnerability
  • PageSquid CMS 0.3 Index.PHP SQL Injection Vulnerability
  • EXP Shop 1.0 Joomla! COM_EXPSHOP Component SQL Injection Vulnerability
  • IDMOS 1.0 Admin.PHP Remote File Include Vulnerability
  • IDMOS 1.0 Template_Add.PHP Remote File Include Vulnerability
  • IDMOS 1.0 Template_Operation.PHP Remote File Include Vulnerability
  • IDMOS 1.0 Menu_Operation.PHP Remote File Include Vulnerability
  • PEGames Template2.PHP SITETITLE Parameter Cross Site Scripting Vulnerability
  • PEGames Template2.PHP SITENAV Parameter Cross Site Scripting Vulnerability
  • PEGames Template2.PHP SITEMAIN Parameter Cross Site Scripting Vulnerability
  • PEGames Template2.PHP SITEALT Parameter Cross Site Scripting Vulnerability
  • phpAuction 3.2 Item.PHP SQL Injection Vulnerability
  • AJ HYIP Acme News.PHP SQL Injection Vulnerability
  • Scientific Image DataBase 0.41 Projects.PHP SQL Injection Vulnerability [CVE-2008-2834]
  • E-topbiz Link ADS 1 Out.PHP SQL Injection Vulnerability
  • E-topbiz Viral DX 1 2.07 Adclick.PHP SQL Injection Vulnerability
  • TOKOKITA Catlist.PHP SQL Injection Vulnerability
  • TOKOKITA Barang.PHP SQL Injection Vulnerability
  • TOKOKITA Catlist_Detail.PHP SQL Injection Vulnerability
  • DUcalendar 1.0 Detail.ASP SQL Injection Vulnerability
  • shareCMS 0.1 Event_Info.PHP SQL Injection Vulnerability
  • shareCMS 0.1 List_User.PHP SQL Injection Vulnerability
  • Relative Real Estate Systems 3.0 Index.PHP SQL Injection Vulnerability
  • Online Fantasy Football League 0.2.6 Teams.PHP SQL Injection Vulnerability
  • Online Fantasy Football League 0.2.6 Leagues.PHP SQL Injection Vulnerability
  • Online Fantasy Football League 0.2.6 Players.PHP SQL Injection Vulnerability
  • KbLance.com Index.PHP SQL Injection Vulnerability
  • Aprox CMS Engine 5.1.0.4 Index.PHP Local File Include Vulnerability
  • @CMS 2.1.1 Articles.PHP SQL Injection Vulnerability
  • @CMS 2.1.1 Readarticle.PHP SQL Injection Vulnerability
  • Ektron CMS400.NET 7.5.2 ContentRatingGraph.ASPX SQL Injection Vulnerability
  • PHPAuction Profile.PHP SQL Injection Vulnerability
  • emuCMS 0.3 Index.PHP SQL Injection Vulnerability
  • Jamroom 3.3.5 Purchase.PHP Remote File Include Vulnerability
  • JaxUltraBB 2.0 Viewprofile.PHP Local File Include Vulnerability
  • JaxUltraBB 2.0 Viewforum.PHP Cross Site Scripting Vulnerability
  • CiBlog 3.1 Links-Extern.PHP SQL Injection Vulnerability
  • GL-SH Deaf Forum 6.5.5 Cross-Site Scripting Vulnerability
  • FubarForum 1.5 Index.PHP Local File Include Vulnerability
  • IPTBB 0.5.6 Index.PHP Local File Include Vulnerability
  • FireAnt 1.3 Index.PHP Local File Include Vulnerability
  • MM Chat 1.5 Chatconfig.PHP Local File Include Vulnerability
  • MM Chat 1.5 Chathead.PHP SITENAME Parameter Cross Site Scripting Vulnerability
  • MM Chat 1.5 Chathead.PHP SITENAME Parameter Cross Site Scripting Vulnerability
  • Carscripts Classifieds Index.PHP SQL Injection Vulnerability
  • BoatScripts Classifieds Index.PHP SQL Injection Vulnerability
  • LifeType 1.0.6 Index.PHP SQL Injection Vulnerability [CVE-2008-2629]
  • Orlando CMS classes 0.6 Logger/Init.PHP Remote File Include Vulnerability
  • Orlando CMS classes 0.6 Stage6.PHP Remote File Include Vulnerability
  • Orlando CMS classes 0.6 Stage4.PHP Remote File Include Vulnerability
  • Orlando CMS classes 0.6 Stage1.PHP Remote File Include Vulnerability
  • Orlando CMS classes 0.6 Users/Init.PHP Remote File Include Vulnerability
  • Orlando CMS classes 0.6 Security/Init.PHP Remote File Include Vulnerability
  • Orlando CMS classes 0.6 Newscat.PHP Remote File Include Vulnerability
  • MaxTrade 1.3.23 Trade Module SQL Injection Vulnerability
  • Traindepot 0.1 Index.PHP Local File Include Vulnerability [CVE-2008-2839]
  • Traindepot 0.1 Index.PHP Cross-Site Scripting Vulnerability [CVE-2008-2839]
  • WebCalendar 1.0.4 Tools/Send_Reminders.PHP Remote File Include Vulnerability [CVE-2008-2836]
  • EroCMS 1.4 Index.PHP SQL Injection Vulnerability [CVE-2008-2792]
  • ClipShare 3.0 Group_Posts.PHP SQL Injection Vulnerability [CVE-2008-2793]
  • easyTrade Detail.PHP SQL Injection Vulnerability [CVE-2008-2790]
  • PHP Site Lock 2.0 Index.PHP SQL Injection Vulnerability
  • FreeCMS 0.2 Index.PHP SQL Injection Vulnerability [CVE-2008-2796]
  • ThaiQuickCart PHPSESSID Cookie Parameter Local File Include Vulnerability
  • Basic-CMS Index.PHP SQL Injection Vulnerability [CVE-2008-2789]
  • Bizon-CMS 2.0 Photo/Index.PHP SQL Injection Vulnerability
  • Comparison Engine Power 1.0 Product.Detail.PHP SQL Injection Vulnerability [CVE-2008-2791]
  • LifeType 1.0.6 Index.PHP SQL Injection Vulnerability [CVE-2008-2629]
  • AJ Auction 1.0 Index.PHP SQL Injection Vulnerability
  • AJ Auction Pro 2.0 Category.PHP SQL Injection Vulnerability
  • Lotus Core CMS Index.PHP Remote File Include Vulnerability
  • Lotus Core CMS 404.PHP Remote File Include Vulnerability
  • OwnRS Clanek.PHP SQL Injection Vulnerability
  • OwnRS Clanek.PHP Cross-Site Scripting Vulnerability
  • vBulletin Moderation Control Panel 3.7.1 REDIRECT Parameter Cross-Site Scripting Vulnerability
  • CMS-BRD Index.PHP SQL Injection Vulnerability
  • Samart-cms 2.0 Site.PHP SQL Injection Vulnerability
  • Academic Web Tools CMS 1.4.2.8 Download.PHP Directory Traversal Vulnerability
  • Academic Web Tools CMS 1.4.2.8 Rss_Getfile.PHP Cross-Site Scripting Vulnerability
  • Academic Web Tools CMS 1.4.2.8 Htmlarea.Js.PHP Cross-Site Scripting Vulnerability
  • Academic Web Tools CMS 1.4.2.8 Login.PHP Cross-Site Scripting Vulnerability
  • Academic Web Tools CMS 1.4.2.8 Rating.PHP SQL Injection Vulnerability

This entry was posted in N-Stalker Latest Updates. Bookmark the permalink.
Products
About N-Stalker
Contact

Rua Monte Alegre, 61 - cj 81
Sao Paulo, BRA, 05014-000
BRA Phone: +55-11-3868-1997
Contact us