RESELLER | LOGIN
← Volte para a página principal
N-Stalker Latest Updates

WordPress vulnerabilities and multiple updates

By N-Stalker Team on August 4, 2008

N-Stalker has made available the latest database update for its Web Application Security Assessment Products.

You will be able to download it automatically in the following versions:

  • N-Stalker Web Application Security Scanner 2006 (Enterprise, QA and Infrastructure Edition)
    • WSI Update (N-Stalker Update Manager)
  • N-Stealth HTTP Security Scanner (not updated)

You should be able to receive it automatically next time you execute the scanner.

If you prefer to download it manually, please, use the following url: https://customer.nstalker.com.

If you need any additional assistance during this process, please, contact us at:
Web: Open new support ticket at https://customer.nstalker.com
E-mail: http://www.nstalker.com/about/contact (24hs) or
Phone: +55-11-3675-7093 (9am to 18pm GMT-0300)

This release has included the following vulnerabilities:

  • Article Friendly Standard Categorydetail.PHP SQL Injection Vulnerability
  • Symphony 1.7.1 Class.Admin.PHP SQL Injection Vulnerability
  • DEV Web Management System 1.5 Index.PHP Cross Site Scripting Vulnerability
  • DEV Web Management System 1.5 Index.PHP SQL Injection Vulnerability
  • Zee Reviews Opinions Rating Posting Engine PHP Script Comments.PHP SQL Injection Vulnerability
  • nzFotolog 0.4.1 Index.PHP Local File Include Vulnerability [CVE-2008-3405]
  • MJGUEST 6.8 Guestbook.Js.PHP Cross Site Scripting Vulnerability [CVE-2008-3404]
  • HIOX Browser Statistics 2.0 Hioxstats.PHP Remote File Include Vulnerabilit [CVE-2008-3402]
  • HIOX Browser Statistics 2.0 Hioxupdate.PHP Remote File Include Vulnerabilit [CVE-2008-3402]
  • HIOX Random Ad 1.3 HioxRandomAd.PHP Remote File Include Vulnerability [CVE-2008-3401]
  • @Mail 5.41 Config.PHP Local Information Disclosure Vulnerability [CVE-2008-3395]
  • @Mail 5.41 .HTPASSWD Local Information Disclosure Vulnerability [CVE-2008-3395]
  • InfoMining BookMine Events.CFM SQL Injection Vulnerability [CVE-2008-3393]
  • InfoMining BookMine Search.CFM Cross Site Scripting Vulnerability [CVE-2008-3394]
  • Gregarius 0.5.4 Ajax.PHP SQL Injection Vulnerability [CVE-2008-3374]
  • miniBB RSS 2.0 Plugin Rss2.PHP PATHTOFILES Parameter Remote File Include Vulnerability
  • miniBB RSS 2.0 Plugin Rss2.PHP PREMODDIR Parameter Remote File Include Vulnerability
  • ATutor 1.6.1 Import.PHP Remote File Include Vulnerability
  • JnSHosts PHP Hosting Directory 2.0 Admin.PHP Remote File Include Vulnerability
  • ViArt Shop 3.3.2 Products_Rss.PHP SQL Injection Vulnerability
  • Web Wiz Rich Text Editor 4.0.2 RTE_Popup_Link.ASP Cross Site Scripting Vulnerability
  • Owl Intranet Engine 0.95 Register.PHP Cross Site Scripting Vulnerability [CVE-2008-3100]
  • CMScout 2.05 Common.PHP Local File Include Vulnerability
  • IceBB 1.0-rc9.2 Index.PHP URL Parameter SQL Injection Vulnerability
  • IceBB 1.0-rc9.2 Index.PHP PROFILE Parameter SQL Injection Vulnerability
  • FipsCMS 2.1 Index.ASP SQL Injection Vulnerability
  • Camera Life 2.6.2 Sitemap.Xml.PHP SQL Injection Vulnerability
  • PhpTest 0.6.3 Picture.PHP SQL Injection Vulnerability
  • FizzMedia 1.51.2 Comment.PHP SQL Injection Vulnerability
  • Pre Survey Generator Default.ASP SQL Injection Vulnerability
  • Moodle 1.7.5 Edit.PHP HTML Injection Vulnerability
  • Claroline 1.8.10 CourseLog.PHP Cross-Site Scripting Vulnerability
  • Claroline 1.8.10 Toolaccess_Details.PHP Cross-Site Scripting Vulnerability
  • YouTube Blog 0.1 Cuerpo.PHP Remote File Include Vulnerability
  • YouTube Blog 0.1 Mensaje.PHP Cross-Site Scripting Vulnerability
  • YouTube Blog 0.1 Todos.PHP SQL Injection Vulnerability
  • E-topbiz Shopcart DX 4.30 Product_Detail.PHP SQL Injection Vulnerability
  • VisualPic 0.3.1 index.PHP PIC Parameter Cross-Site Scripting Vulnerability
  • VisualPic 0.3.1 index.PHP LOGIN/PIC Parameter Cross-Site Scripting Vulnerability
  • RunCMS 1.6.1 Config.PHP Remote File Include Vulnerability
  • RunCMS 1.6.1 Votepolls.PHP Remote File Include Vulnerability
  • XOOPS 2.0.18.1 Admin.PHP Cross Site Scripting Vulnerability
  • XOOPS 2.0.18.1 Admin.PHP Local File Include Vulnerability
  • EasyE-Cards 3.10 Index.PHP RESULTHTML Parameter Cross Site Scripting Vulnerability
  • EasyE-Cards 3.10 Index.PHP SQL Injection Vulnerability
  • EasyE-Cards 3.10 Index.PHP RECIPIENTMAIL Parameter Cross Site Scripting Vulnerability
  • EasyE-Cards 3.10 Index.PHP SENDERMAIL Parameter Cross Site Scripting Vulnerability
  • EasyE-Cards 3.10 Index.PHP RECIPIENTNAME Parameter Cross Site Scripting Vulnerability
  • EasyE-Cards 3.10 Index.PHP SENDERNAME Parameter Cross Site Scripting Vulnerability
  • EasyE-Cards 3.10 Index.PHP DIR Parameter Cross Site Scripting Vulnerability
  • phpKF Forum_Duzen.PHP SQL Injection Vulnerability
  • HRS Multi Picture_Pic_Bv.ASP SQL Injection Vulnerability
  • Interact 2.4.1 Help.PHP MODULE Parameter Local File Include Vulnerability
  • Interact 2.4.1 Help.PHP FILE Parameter Local File Include Vulnerability
  • Flip 3.0 Config.PHP Remote File Include Vulnerability
  • Maran PHP Blog Comments.PHP Cross-Site Scripting Vulnerability
  • EasyPublish 3.0 READ Parameter SQL Injection Vulnerability
  • EasyPublish 3.0 READ Parameter Cross-Site Scripting Vulnerability
  • EasyDynamicPages 3.0 Index.PHP SQL Injection Vulnerability
  • EasyDynamicPages 3.0 Index.PHP Cross-Site Scripting Vulnerability
  • EasyBookMarker 4.0 Ajaxp_Backend.PHP Cross-Site Scripting Vulnerability
  • Jobbex JobSite Search_Result.CFM Multiple SQL Injection Vulnerabilities
  • PHPFootball 1.6 Show.PHP SQL Injection Vulnerability
  • Aprox CMS Engine 5.1.0.4 Index.PHP SQL Injection Vulnerability
  • Siteframe 5.0.5 Folder.PHP SQL Injection Vulnerability
  • phpFreeChat 1.1 Demo21_With_Hardocded_Urls.PHP Cross Site Scripting Vulnerability
  • Def_Blog 1.0.3 Comlook.PHP SQL Injection Vulnerability
  • Def_Blog 1.0.3 Comaddok.PHP SQL Injection Vulnerability
  • Lemon CMS 1.10 Browser.PHP Local File Include Vulnerability
  • CreaCMS Get_Liste_Langue.PHP Remote File Include Vulnerability
  • CreaCMS Edition_Article.PHP Remote File Include Vulnerability
  • phpHoo3 PhpHoo3.PHP SQL Injection Vulnerability
  • AlstraSoft Article Manager Pro 1.6 Contact_Author.PHP SQL Injection Vulnerability
  • AlstraSoft Video Share Enterprise 4.5.1 Album.PHP SQL Injection Vulnerability
  • IBS 0.15 Index.PHP Cross Site Scripting Vulnerability
  • OpenPro 1.3.1 Search_WA.PHP Remote File Include Vulnerability
  • Evaria ECMS 1.1 Eprint.PHP Remote File Include Vulnerability
  • Evaria ECMS 1.1 Index.PHP Remote File Include Vulnerability
  • Velocity Security Management System 1.0 HTTP Server Directory Traversal Vulnerability
  • tplSoccerSite 1.0 Index.PHP SQL Injection Vulnerability
  • tplSoccerSite 1.0 Additionalpage.PHP SQL Injection Vulnerability
  • tplSoccerSite 1.0 Matchdetails.PHP SQL Injection Vulnerability
  • tplSoccerSite 1.0 Opponent.PHP SQL Injection Vulnerability
  • tplSoccerSite 1.0 Player.PHP SQL Injection Vulnerability
  • AlstraSoft Affiliate Network Pro PGM Parameter SQL Injection Vulnerability
  • Joomla! and Mambo DT Register Component 2.2.3 EVENTID Parameter SQL Injection Vulnerability
  • HockeySTATS Online 2.0 Index.PHP ID Parameter SQL Injection Vulnerability
  • HockeySTATS Online 2.0 Index.PHP DIVID Parameter SQL Injection Vulnerability
  • preCMS 1.0 ID Parameter SQL Injection Vulnerability
  • Arctic Issue Tracker 2.0 FILTER Parameter SQL Injection Vulnerability
  • Community CMS 0.1 Include.PHP Remote File Include Vulnerability
  • UltraStats 0.2.142 Players-Detail.PHP SQL Injection Vulnerability
  • CodeDB List.PHP Local File Include Vulnerability
  • BilboBlog 0.2.1 Footer.PHP Cross-Site Scripting Vulnerability
  • BilboBlog 0.2.1 Homelink.PHP Cross-Site Scripting Vulnerability
  • BilboBlog 0.2.1 Homelink.PHP Cross-Site Scripting Vulnerability
  • BilboBlog 0.2.1 Homelink.PHP Cross-Site Scripting Vulnerability
  • BilboBlog 0.2.1 Homelink.PHP Cross-Site Scripting Vulnerability
  • BilboBlog 0.2.1 Homelink.PHP Cross-Site Scripting Vulnerability
  • BilboBlog 0.2.1 Index.PHP Cross-Site Scripting Vulnerability
  • Pubs Black Cat [The Fun] Browse.Groups.PHP SQL Injection Vulnerability
  • Pluck 4.5.1 Predefined_Variables.PHP Local File Include Vulnerability
  • ITechBids Gold 7.0 Sellers_Othersitem.PHP SQL Injection Vulnerability
  • ITechBids Gold 7.0 Forward_To_Friend.PHP Cross-Site Scripting Vulnerability
  • ITechBids Gold 7.0 Shop.PHP SQL Injection Vulnerability
  • ITechBids Gold 7.0 Classifieds.PHP SQL Injection Vulnerability
  • fuzzylime (cms) Arbitrary Script Injection and Local File Include Vulnerabilit
  • jSite 1.0 Index.PHP SQL Injection Vulnerability
  • jSite 1.0 Index.PHP Local File Include Vulnerability
  • php Help Agent 1.1 Head_Chat.Inc.PHP Local File Include Vulnerability
  • WordPress 2.5.1 Press-This.PHP S Parameter Cross-Site Scripting Vulnerability
  • WordPress 2.5.1 Press-This.PHP I Parameter Cross-Site Scripting Vulnerability
  • Pragyan CMS 2.6.2 Form.Lib.PHP Remote File Include Vulnerability
  • pSys 0.7.0 Alpha Login.Inc.PHP Remote File Include Vulnerability
  • pSys 0.7.0 Alpha Kopf.PHP Remote File Include Vulnerability
  • pSys 0.7.0 Alpha Fuss.PHP Remote File Include Vulnerability
  • pSys 0.7.0 Alpha Kopf.PHP Remote File Include Vulnerability
  • pSys 0.7.0 Alpha Fuss.PHP Remote File Include Vulnerability
  • pSys 0.7.0 Alpha Kopf.PHP Remote File Include Vulnerability
  • pSys 0.7.0 Alpha Fuss.PHP Remote File Include Vulnerability
  • pSys 0.7.0 Alpha Ajax_Post.Inc.PHP Remote File Include Vulnerability
  • pSys 0.7.0 Alpha Panel_User.PHP Remote File Include Vulnerability
  • pSys 0.7.0 Alpha Panel_Shopkunde.PHP Remote File Include Vulnerability
  • pSys 0.7.0 Alpha Panel_Shopkategorie.PHP Remote File Include Vulnerability
  • pSys 0.7.0 Alpha Ajax_Newpost.Inc.PHP Remote File Include Vulnerability
  • pSys 0.7.0 Alpha Kopf.PHP Remote File Include Vulnerability
  • pSys 0.7.0 Alpha Fuss.PHP Remote File Include Vulnerability
  • pSys 0.7.0 Alpha Adminmenuright.PHP Remote File Include Vulnerability
  • Galatolo Web Manager 1.3a Index.PHP SQL Injection Vulnerability
  • Galatolo Web Manager 1.3a All.PHP Cross-Site Scripting Vulnerability
  • Newsx 1.6 READ_ARTICLE() Buffer Overflow Vulnerability
  • WebCMS Portal Edition Index.PHP SQL Injection Vulnerability
  • n-forms Joomla! 1.01 COM_N-FORMS Component SQL Injection Vulnerability
  • Avlc Forum Vlc_Forum.PHP SQL Injection Vulnerability
  • fuzzylime (cms) 3.01 Polladd.PHP Arbitrary Script Injection Vulnerability
  • Maian Weblog 4.0 WEBLOG_COOKIE Authentication Bypass Vulnerability
  • Maian Guestbook 3.2 GBOOK_COOKIE Authentication Bypass Vulnerability
  • Maian Greetings 2.1 MECARD_ADMIN_COOKIE Authentication Bypass Vulnerability
  • Maian Music 1.0 MMUSIC_COOKIE Authentication Bypass Vulnerability
  • Maian Gallery 1.1 MGALLERY_ADMIN_COOKIE Authentication Bypass Vulnerability
  • Maian Cart 1.1 MCCART_COOKIE Authentication Bypass Vulnerability
  • Million Pixels 3.0 Tops_Top.PHP SQL Injection Vulnerability
  • trixbox 2.6.1 LANGCHOICE Arbitrary Script Injection Vulnerability
  • Hudson 1.223 Q Parameter Cross-Site Scripting Vulnerability
  • Wysi Wiki Wyg 1.0 Index.PHP Local File Include Vulnerability
  • File Store PRO 3.2 Download.PHP SQL Injection Vulnerability
  • Dreamlevels DreamNews Dreamnews-Rss.PHP SQL Injection Vulnerability
  • AuraCMS 2.2.2 Pages_Data.PHP EDIT_SAVED Parameter Security Bypass Vulnerability
  • AuraCMS 2.2.2 Pages_Data.PHP DELETE Parameter Security Bypass Vulnerability
  • AuraCMS 2.2.2 Pages_Data.PHP ADD Parameter Security Bypass Vulnerability
  • Dreamlevels Dreampics Builder Index.PHP SQL Injection Vulnerability
  • Xomol CMS 1.2 Index.PHP HTML Injection and Cross-Site Scripting Vulnerability
  • PageFusion 1.5 Index.PHP ACCT_FNAME Parameter Cross Site Scripting Vulnerability
  • PageFusion 1.5 Index.PHP ACCT_LNAME Parameter Cross Site Scripting Vulnerability
  • PageFusion 1.5 Index.PHP PID Parameter Cross Site Scripting Vulnerability
  • PageFusion 1.5 Index.PHP PGID Parameter Cross Site Scripting Vulnerability
  • PageFusion 1.5 Index.PHP REZ Parameter Cross Site Scripting Vulnerability
  • V-webmail 1.6.4 Core.PHP Remote File Include Vulnerability
  • V-webmail 1.6.4 Core.PHP Remote File Include Vulnerability
  • V-webmail 1.6.4 RFC822.PHP Remote File Include Vulnerability
  • V-webmail 1.6.4 CachedConfig.PHP Remote File Include Vulnerability
  • V-webmail 1.6.4 Email.List.Search.PHP Remote File Include Vulnerability
  • V-webmail 1.6.4 Prepend.PHP Remote File Include Vulnerability
  • V-webmail 1.6.4 Prepend.PHP Remote File Include Vulnerability
  • V-webmail 1.6.4 File.PHP Remote File Include Vulnerability
  • V-webmail 1.6.4 Log.PHP Remote File Include Vulnerability
  • V-webmail 1.6.4 System.PHP Remote File Include Vulnerability
  • V-webmail 1.6.4 Getopt.PHP Remote File Include Vulnerability
  • V-webmail 1.6.4 MimeDecode.PHP Remote File Include Vulnerability
  • V-webmail 1.6.4 Tree.PHP Remote File Include Vulnerability
  • V-webmail 1.6.4 Parser.PHP Remote File Include Vulnerability
  • V-webmail 1.6.4 Socket.PHP Remote File Include Vulnerability
  • V-webmail 1.6.4 POP3.PHP Remote File Include Vulnerability
  • auraCMS 2.2.2 Pages_Data.PHP SQL Injection Vulnerability
  • Dokeos 1.8.5 User_Portal.PHP Local File Include Vulnerability
  • Boonex Dolphin 6.1.2 HTMLSax3.PHP Remote File Include Vulnerability
  • Boonex Dolphin 6.1.2 Content.Inc.PHP Remote File Include Vulnerability
  • Boonex Dolphin 6.1.2 Safehtml.PHP Remote File Include Vulnerability
  • eSyndiCat 2.2 Register.PHP Cross Site Scripting Vulnerability
  • phpDatingClub 3.7 Website.PHP Local File Include Vulnerability
  • GAPI CMS 9.0.2 Toolbar.PHP Remote File Include Vulnerability
  • vBulletin 3.7.1 Adminlog.PHP Request Logging HTML Injection Vulnerability
  • BrewBlogger 2.1 Logincheck.Inc.PHP SQL Injection Vulnerability
  • Mole Group Hotel Script Index.PHP SQL Injection Vulnerability
  • Lastminute Script 4.0 Index.PHP SQL Injection Vulnerability
  • Triton CMS Pro 1.06 X-FORWARDED-FOR Header SQL Injection Vulnerability
  • fuzzylime (cms) 3.01 Blog.PHP Local File Include Vulnerability
  • PHP-Nuke 4ndvddb Module 0.91 Modules.PHP SQL Injection Vulnerability
  • Zoph 0.7.2.1 Search.PHP Cross-Site Scripting Vulnerability
  • Zoph 0.7.2.1 Search.PHP SQL Injection Vulnerability
  • DodosMail 2.5 Dodosmail.PHP Local File Include Vulnerability
  • SmartPPC Directory.PHP SQL Injection Vulnerability
  • ImperialBB 2.3.5 Remote File Upload Vulnerability
  • fuzzylime (cms) Rss.PHP Local File Include Vulnerability
  • ContentNow Language_Menu.PHP Cross-Site Scripting Vulnerability
  • ContentNow Upload.PHP Unrestricted File Upload Vulnerability
  • Joomla! and Mambo DBQuery Component 1.4.1 Common.Class.PHP Remote File Include Vulnerability
  • Kasseler CMS 1.3 Index.PHP Cross Site Scripting Vulnerability [CVE-2008-3088]
  • pHNews Comments.PHP Local File Include Vulnerability
  • Joomla! and Mambo altas Component Index.PHP SQL Injection Vulnerability
  • 1024 CMS 1.4.4 Default/Standard.PHP Local File Include Vulnerability
  • 1024 CMS 1.4.4 Total.PHP Local File Include Vulnerability
  • 1024 CMS 1.4.4 Total.PHP Local File Include Vulnerability
  • 1024 CMS 1.4.4 Print.PHP Local File Include Vulnerability
  • 1024 CMS 1.4.4 Print.PHP Local File Include Vulnerability
  • 1024 CMS 1.4.4 Print.PHP Local File Include Vulnerability
  • 1024 CMS 1.4.4 Basic_Header.PHP Local File Include Vulnerability
  • 1024 CMS 1.4.4 Basic_Footer.PHP Local File Include Vulnerability
  • 1024 CMS 1.4.4 Content.PHP Local File Include Vulnerability
  • 1024 CMS 1.4.4 Newest.PHP Local File Include Vulnerability
  • 1024 CMS 1.4.4 Add.PHP Local File Include Vulnerability
  • 1024 CMS 1.4.4 De/Default.PHP Local File Include Vulnerability
  • 1024 CMS 1.4.4 Fr/Default.PHP Local File Include Vulnerability
  • 1024 CMS 1.4.4 En/Default.PHP Local File Include Vulnerability
  • 1024 CMS 1.4.4 News.PHP Local File Include Vulnerability
  • 1024 CMS 1.4.4 Admins/Default.PHP Local File Include Vulnerability
  • 1024 CMS 1.4.4 Reports/Default.PHP Local File Include Vulnerability
  • 1024 CMS 1.4.4 Snazzy/Standard.PHP Local File Include Vulnerability
  • 1024 CMS 1.4.4 Standard.PHP Remote File Include Vulnerability

This entry was posted in N-Stalker Latest Updates. Bookmark the permalink.
Products
About N-Stalker
Contact

Rua Monte Alegre, 61 - cj 81
Sao Paulo, BRA, 05014-000
BRA Phone: +55-11-3868-1997
Contact us