SAP ITS vulnerabilities and new updates
N-Stalker has made available the latest database update for its Web Application Security Assessment Products. Following the support life-cycle, we are still distributing updates for previous version.
You will be able to download it automatically in the following versions:
- N-Stalker Web Application Security Scanner 2006 (Enterprise, QA and Infrastructure Edition)
- WSI Update (N-Stalker Update Manager)
- N-Stealth HTTP Security Scanner (database update 194)
You should be able to receive it automatically next time you execute the scanner.
If you prefer to download it manually, please, use the following url: https://customer.nstalker.com.
If you need any additional assistance during this process, please, contact us at:
Web: Open new support ticket at https://customer.nstalker.com
E-mail: http://www.nstalker.com/about/contact (24hs) or
Phone: +55-11-3675-7093 (9am to 18pm GMT-0300)
This release has included the following vulnerabilities:
- BirdBlog 1.4 Comment.PHP Cross-Site Scripting Vulnerability
- BirdBlog 1.4 User.PHP Cross-Site Scripting Vulnerability
- BirdBlog 1.4 Index.PHP Cross-Site Scripting Vulnerability
- TikiWiki 1.9.4 Highlight Cross-Site Scripting Vulnerability
- Php_News 2.0 Multiple Remote File Include Vulnerabilities
- AckerTodo 4.0 Index.PHP Cross-Site Scripting Vulnerability
- VBulletin 2.3.8 Global.PHP SQL Injection Vulnerability
- Phoenix Evolution CMS Action Parameter Cross-Site Scripting Vulnerability
- Phoenix Evolution CMS Mod Parameter Cross-Site Scripting Vulnerability
- Phoenix Evolution CMS Pageid Parameter Cross-Site Scripting Vulnerability
- Quickblogger 1.4 Remote File Include Vulnerability
- CubeCart 3.0.12 View_Order.PHP SQL Injection Vulnerability
- CubeCart 3.0.12 View_Doc.PHP SQL Injection Vulnerability
- CubeCart 3.0.12 Forgot_Pass.PHP SQL Injection Vulnerability
- CubeCart 3.0.12 Forgot_Pass.PHP SQL Injection Vulnerability
- CubeCart 3.0.12 View_Order.PHP Cross-Site Scripting Vulnerability
- CubeCart 3.0.12 Footer.Inc.PHP Cross-Site Scripting Vulnerability
- CubeCart 3.0.12 Header.Inc.PHP Cross-Site Scripting Vulnerability
- CubeCart 3.0.12 Print_Order.PHP Cross-Site Scripting Vulnerability
- PABugs 2.0 Class.MySQL.PHP Remote File Include Vulnerability
- PHP Invoice 2.2 Home.PHP Cross-Site Scripting Vulnerability
- Boite de News 4.0.1 Multiple Remote File Include Vulnerabilities
- AnnoncesV 1.1 Annonce.PHP Remote File Include Vulnerability
- VirtueMart Joomla ECommerce Edition 1.0.11 Multiple Input Validation Vulnerabilities
- Web//News 1.4 Parser.PHP Remote File Include Vulnerability
- PHPBB-ES 2 Functions_KB.PHP Remote File Include Vulnerability
- PHProjekt 4.2.3 Specialdays.PHP Remote File Include Vulnerabilities
- PHProjekt 4.2.3 Dbman_Filter.Inc.PHP Remote File Include Vulnerabilities
- Old Jakart Tomcat Versions might be susceptible to security flaws
- Old Jakart Tomcat Versions might be susceptible to security flaws
- MyPhotos 0.1.3b Index.PHP Remote File Include Vulnerability
- PHPSelect Web Development Index.PHP3 Remote File Include Vulnerability
- JAF CMS 4.0RC1 Cross-Site Scripting Vulnerability
- JAF CMS 4.0RC1 HTML-Injection Vulnerability
- A-Blog 2 Menu.PHP Remote File Include Vulnerability
- A-Blog 2 Search.PHP Remote File Include Vulnerability
- A-Blog 2 Donation.PHP Remote File Include Vulnerability
- A-Blog 2 Latestnews.PHP Remote File Include Vulnerability
- A-Blog 2 Links.PHP Remote File Include Vulnerability
- A-Blog 2 Myaccount.PHP Remote File Include Vulnerability
- PPA Gallery 1.0 Functions_Inc.PHP Remote File Include Vulnerability
- Red Mombin 0.7 Process_Login.PHP Cross-Site Scripting Vulnerability
- SAP Internet Transaction Server COMMAND Cross-Site Scripting Vulnerability
- SAP Internet Transaction Server URLMIME Cross-Site Scripting Vulnerability
- Pie Cart Pro Home_Path Remote File Include Vulnerability
- SyntaxCMS 1.3 0004_Init_Urls.PHP Remote File Include Vulnerability
- PHPMyChat 0.1 Connected_Users.Lib.PHP3 Local File Include Vulnerability