RESELLER | LOGIN
← Volte para a página principal
N-Stalker Latest Updates

Multiple CMS vulnerabilities and updates

By N-Stalker Team on March 11, 2008

N-Stalker has made available the latest database update for its Web Application Security Assessment Products.

You will be able to download it automatically in the following versions:

  • N-Stalker Web Application Security Scanner 2006 (Enterprise, QA and Infrastructure Edition)
    • WSI Update (N-Stalker Update Manager)
  • N-Stealth HTTP Security Scanner (not updated)

You should be able to receive it automatically next time you execute the scanner.

If you prefer to download it manually, please, use the following url: https://customer.nstalker.com.

If you need any additional assistance during this process, please, contact us at:
Web: Open new support ticket at https://customer.nstalker.com
E-mail: http://www.nstalker.com/about/contact (24hs) or
Phone: +55-11-3675-7093 (9am to 18pm GMT-0300)

This release has included the following vulnerabilities:

  • PK-Designs PKs Movie Database 3.0.3 Index.PHP NUM/CATEGORY Parameter Cross-Site Scripting Vulnerability
  • PK-Designs PKs Movie Database 3.0.3 Index.PHP CATEGORY Parameter Cross-Site Scripting Vulnerability
  • PK-Designs PKs Movie Database 3.0.3 Index.PHP SQL Injection Vulnerability
  • Joomla! and Mambo COM_GALLERY Component ID Parameter SQL Injection Vulnerability [CVE-2008-0746]
  • Serendipity Freetag-plugin 2.95 STYLE Parameter Cross Site Scripting Vulnerability [CVE-2008-0751]
  • Joovili 2.1 Members_Help.PHP Remote File Include Vulnerability [CVE-2008-0743]
  • Joomla! and Mambo COM_NEOGALLERY Component 1.1 CATID Parameter SQL Injection Vulnerability [CVE-2008-0752]
  • Calimero.CMS 3.3 Index.PHP Cross Site Scripting Vulnerability [CVE-2008-0749]
  • Joomla! and Mambo COM_NOTICIAS 1.0 Component ID Parameter SQL Injection Vulnerability [CVE-2008-0670]
  • PowerScripts PowerNews 2.5.6 Categories.Inc.PHP Local File Include Vulnerability [CVE-2008-0742]
  • PowerScripts PowerNews 2.5.6 Users.Inc.PHP Local File Include Vulnerability [CVE-2008-0742]
  • PowerScripts PowerNews 2.5.6 Templates.Inc.PHP Local File Include Vulnerability [CVE-2008-0742]
  • PowerScripts PowerNews 2.5.6 Permissions.Inc.PHP Local File Include Vulnerability [CVE-2008-0742]
  • PowerScripts PowerNews 2.5.6 Other.Inc.PHP Local File Include Vulnerability [CVE-2008-0742]
  • PowerScripts PowerNews 2.5.6 News.Inc.PHP Local File Include Vulnerability [CVE-2008-0742]
  • PowerScripts PowerNews 2.5.6 Index.PHP Local File Include Vulnerability [CVE-2008-0742]
  • SafeNET HighAssurance Remote and SoftRemote IPSecDrv.SYS 10.4.0.12 Local Privilege Escalation Vulnerability [CVE-2008-0573]
  • Sift Unity Search.CGI Cross-Site Scripting Vulnerability [CVE-2008-0669]
  • osCommerce 3.1 Customer_Testimonials.PHP SQL Injection Vulnerability [CVE-2008-0719]
  • mini-Pub 0.3 Img.PHP Remote File Include Vulnerability
  • mini-Pub 0.3 Cat.PHP Local File Include Vulnerability
  • MODx 0.9.6 Index.PHP 75/SEARCH Parameter Cross-Site Scripting Vulnerability
  • MODx 0.9.6 Index.PHP 84/SEARCH Parameter Cross-Site Scripting Vulnerability
  • MODx 0.9.6 Index.PHP HIGHLIGHT Parameter Cross-Site Scripting Vulnerability
  • MODx 0.9.6 Index.PHP A Parameter Cross-Site Scripting Vulnerability
  • Moodle 1.8.3 Install.PHP Cross Site Scripting Vulnerability [CVE-2008-0123]
  • Astanda Directory Project 1.3 Detail.PHP SQL Injection Vulnerability [CVE-2008-0649]
  • MyNews 1.6.4 Index.PHP Cross Site Scripting Vulnerability [CVE-2008-0723]
  • WS_FTP Server Manager 6.1.0.0 Authentication Bypass and Information Disclosure Vulnerabilities
  • Mihalism Multi Host 3.0 Users.PHP SQL Injection Vulnerability [CVE-2008-0714]
  • Pagetool 1.07 SEARCH_TERM Parameter Cross-Site Scripting Vulnerability [CVE-2008-0722]
  • photokorn 1.543 PIC Parameter SQL Injection Vulnerability [CVE-2008-0614]
  • Joomla! and Mambo COM_DOC Component SID Parameter SQL Injection Vulnerability [CVE-2008-0772]
  • Joomla! and Mambo COM_SERMON 2.0 Component GID Parameter SQL Injection Vulnerability [CVE-2008-0721]
  • Joomla! and Mambo YNews Component 1.0 ID Parameter SQL Injection Vulnerability [CVE-2008-0653]
  • Joomla! and Mambo COM_DOWNLOADS Component FILECATID Parameter SQL Injection Vulnerability [CVE-2008-0652]
  • OpenSiteAdmin 0.9.1 SingleFilter.PHP Remote File Include Vulnerability [CVE-2008-0648]
  • OpenSiteAdmin 0.9.1 IndexFooter.PHP Remote File Include Vulnerability [CVE-2008-0648]
  • OpenSiteAdmin 0.9.1 LoginManager.PHP Remote File Include Vulnerability [CVE-2008-0648]
  • OpenSiteAdmin 0.9.1 FormManager.PHP Remote File Include Vulnerability [CVE-2008-0648]
  • OpenSiteAdmin 0.9.1 Form.PHP Remote File Include Vulnerability [CVE-2008-0648]
  • OpenSiteAdmin 0.9.1 Filter.PHP Remote File Include Vulnerability [CVE-2008-0648]
  • OpenSiteAdmin 0.9.1 FieldManager.PHP Remote File Include Vulnerability [CVE-2008-0648]
  • OpenSiteAdmin 0.9.1 DatabaseManager.PHP Remote File Include Vulnerability [CVE-2008-0648]
  • All Club CMS 0.0.1 Index.PHP SQL Injection Vulnerability [CVE-2008-0601]
  • XOOPS 2.0.18 Index.PHP Local File Include Vulnerability [CVE-2008-0612]
  • VHD Web Pack 2.0 Index.PHP Local File Include Vulnerability [CVE-2008-0609]
  • MyBB 1.2.11 Private.PHP SQL Injection Vulnerability [CVE-2008-0787]
  • PatchLink Update 6.4 Tmp/Patchlink.TMP Insecure Temporary File Creation Vulnerability [CVE-2008-0525]
  • PatchLink Update 6.4 Tmp/Plshutdown Insecure Temporary File Creation Vulnerability [CVE-2008-0525]
  • DevTracker Module For bcoos 1.1.11 and E-xoops 1.0.8 Index.PHP ORDER_BY Parameter Cross-Site Scripting Vulnerabilities
  • DevTracker Module For bcoos 1.1.11 and E-xoops 1.0.8 Index.PHP DIRECTION Parameter Cross-Site Scripting Vulnerabilities
  • Joomla! and Mambo SOBI2 2.5.3 Component SQL Injection Vulnerability [CVE-2008-0607]
  • Portail Web Php 2.5.1 Conf-Activation.PHP Remote File Include Vulnerability [CVE-2008-0645]
  • Portail Web Php 2.5.1 Item.PHP Remote File Include Vulnerability [CVE-2008-0645]
  • Portail Web Php 2.5.1 Conf_Modules.PHP Remote File Include Vulnerability [CVE-2008-0645]
  • Portail Web Php 2.5.1 Login.PHP Remote File Include Vulnerability [CVE-2008-0645]
  • CherryPy 3.0.2 Sessionfilter.PY Information Disclosure Vulnerability [CVE-2008-0252]
  • Joomla! and Mambo COM_MARKETPLACE Component 1.1.1 CATID Parameter SQL Injection Vulnerability [CVE-2008-1077]
  • Joomla! and Mambo COM_SHAMBO2 Component SQL Injection Vulnerability [CVE-2008-0606]
  • HispaH Youtube Clone Load_Message.PHP Cross-Site Scripting Vulnerability [CVE-2008-0687]
  • iTechBids Gold 3.0 Bidhistory.PHP SQL Injection Vulnerability [CVE-2008-0692]
  • A-Blog 2.0 SQL Injection Vulnerability [CVE-2008-0677]
  • A-Blog 2.0 Cross-Site Scripting Vulnerability [CVE-2008-0676]
  • Codice CMS Login.PHP SQL Injection Vulnerability [CVE-2008-0651]
  • Simple OS CMS 0.1c_beta Login.PHP SQL Injection Vulnerability
  • BlogPHP 2.0 Index.PHP SQL Injection Vulnerability [CVE-2008-0678]
  • BlogPHP 2.0 Index.PHP Cross-Site Scripting Vulnerability [CVE-2008-0678]
  • Mambo/Joomla Glossary COM_GLOSSARY Component SQL Injection Vulnerability [CVE-2008-0514]
  • Awesom! 0.3.2 for Joomla! and Mambo SQL Injection Vulnerability [CVE-2008-0603]
  • Joomla! mosDirectory Component 2.3.2 CATID Parameter SQL Injection Vulnerability [CVE-2008-0690]
  • WordPress Plugin ShiftThis Newsletter SQL Injection Vulnerability [CVE-2008-0683]
  • WordPress Plugin Wordspew SQL Injection Vulnerability [CVE-2008-0682]
  • iTechClassifieds ViewCat.PHP Cross-Site Scripting Vulnerability [CVE-2008-0684]
  • iTechClassifieds ViewCat.PHP SQL Injection Vulnerability [CVE-2008-0685]
  • DMSGuestbook 1.7 Admin.PHP Directory Traversal Vulnerability [CVE-2008-0615]
  • DMSGuestbook 1.7 Admin.PHP Cross-Site Scripting Vulnerability [CVE-2008-0617]
  • WP-Footnotes 2.2 WordPress Plugin Admin_Panel.PHP WP_FOOTNOTES_CURRENT_SETTINGS[PRIORITY] Parameter Vulnerability [CVE-2008-0691]
  • WP-Footnotes 2.2 WordPress Plugin Admin_Panel.PHP WP_FOOTNOTES_CURRENT_SETTINGS[STYLE_RULES] Parameter Vulnerability [CVE-2008-0691]
  • WP-Footnotes 2.2 WordPress Plugin Admin_Panel.PHP WP_FOOTNOTES_CURRENT_SETTINGS[PRE_FOOTNOTES] Parameter Vulnerability [CVE-2008-0691]
  • WP-Footnotes 2.2 WordPress Plugin Admin_Panel.PHP WP_FOOTNOTES_CURRENT_SETTINGS[POST_FOOTNOTES] Parameter Vulnerability [CVE-2008-0691]
  • Domain Trader 2.0 Catalog.PHP Cross-Site Scripting Vulnerability [CVE-2008-0688]
  • phpShop 0.8.1 Index.PHP SQL Injection Vulnerability [CVE-2008-0681]
  • Joomla! and Mambo NeoReferences Component 1.3.1 CATID Parameter SQL Injection Vulnerability [CVE-2008-0686]
  • Archimede Net 2000 E-Guest_Show.PHP SQL Injection Vulnerability
  • LiveCart 1.0.1 REMINDPASSWORD/RETURN Parameter Cross-Site Scripting Vulnerability [CVE-2007-6646]
  • LiveCart 1.0.1 Q Parameter Cross-Site Scripting Vulnerability [CVE-2007-6646]
  • LiveCart 1.0.1 ORDER/RETURN Parameter Cross-Site Scripting Vulnerability [CVE-2007-6646]
  • LiveCart 1.0.1 EMAIL Parameter Cross-Site Scripting Vulnerability [CVE-2007-6646]
  • Uniwin eCart Professional 2.0.15 CartView.ASP Cross-Site Scripting Vulnerability [CVE-2008-0558]
  • Nilson\’s Blogger 0.11 Comments.PHP Local File Include Vulnerability [CVE-2008-0559]
  • Nilson\’s Blogger 0.11 Index.PHP Local File Include Vulnerability [CVE-2008-0559]
  • Joomla! and Mambo CatalogShop 1.0 Component ID Parameter SQL Injection Vulnerability [CVE-2008-0557]
  • Joomla! and Mambo AkoGallery 2.5 Component ID Parameter SQL Injection Vulnerability [CVE-2008-0561]
  • Joomla! and Mambo COM_RESTAURANT Component ID Parameter SQL Injection Vulnerability [CVE-2008-0562]
  • sflog! 0.96 Index.PHP PERMALINK Parameter Local File Include Vulnerability [CVE-2008-0703]
  • sflog! 0.96 Index.PHP SECTION Parameter Local File Include Vulnerability [CVE-2008-0703]
  • Mindmeld 1.2.0.10 Admin_Index.PHP Remote File Include Vulnerability [CVE-2008-0572]
  • Mindmeld 1.2.0.10 Sensory.Inc.PHP Remote File Include Vulnerability [CVE-2008-0572]
  • Mindmeld 1.2.0.10 Mind.Inc.PHP Remote File Include Vulnerability [CVE-2008-0572]
  • vulnSig_title [vulnSig_cve]
  • Mindmeld 1.2.0.10 Manage.Inc.PHP Remote File Include Vulnerability [CVE-2008-0572]
  • Mindmeld 1.2.0.10 Learn.Inc.PHP Remote File Include Vulnerability [CVE-2008-0572]
  • Mindmeld 1.2.0.10 Ask.Inc.PHP Remote File Include Vulnerability [CVE-2008-0572]
  • DeltaScripts PHP Links 1.3 Smarty.PHP Remote File Include Vulnerability [CVE-2008-0566]
  • DeltaScripts PHP Links 1.3 Vote.PHP SQL Injection Vulnerability [CVE-2008-0565]
  • OpenBSD 4.1 bgplg CMD Parameter Cross-Site Scripting Vulnerability [CVE-2007-6700]
  • WordPress WassUp Plugin 1.4.3 Spy.PHP FROM_DATE Parameter SQL Injection Vulnerability [CVE-2008-0520]
  • WordPress WassUp Plugin 1.4.3 Spy.PHP TO_DATE Parameter SQL Injection Vulnerability [CVE-2008-0520]
  • YeSiL KoRiDoR Ziyaretçi Defteri Index.PHP SQL Injection Vulnerability
  • webSPELL 4.1.2 Whoisonline.PHP Cross-Site Scripting Vulnerability [CVE-2008-0574]
  • Mambo/Joomla COM_MUSEPOES Component AID Parameter SQL Injection Vulnerability [CVE-2008-0515]
  • SQLiteManager 1.2 Confirm.PHP Remote File Include Vulnerability [CVE-2008-0516]
  • Joomla! COM_RECIPES Component ID Parameter SQL Injection Vulnerability [CVE-2008-0518]
  • Mambo/Joomla COM_BUSLICENSE Component AID Parameter SQL Injection Vulnerability [CVE-2008-0579]
  • Connectix Boards 0.8.2 Part_Userprofile.PHP Remote File Include Vulnerability [CVE-2008-0502]
  • WordPress Plugin AdServe 0.2 Adclick.PHP SQL Injection Vulnerability [CVE-2008-0507]
  • Coppermine Photo Gallery 1.4.14 Showdoc.PHP Cross-Site Scripting Vulnerability [CVE-2008-0505]
  • Joomla! COM_MAMML Component Index.PHP SQL Injection Vulnerability [CVE-2008-0511]
  • Mambo 4.5 Newsletter Component ITEMID Parameter SQL Injection Vulnerability [CVE-2008-0510]
  • Joomla COM_FQ Component Index.PHP SQL Injection Vulnerability [CVE-2008-0512]
  • phpCMS 1.2.2 Parser.PHP Local File Include Vulnerability [CVE-2008-0513]
  • Seagull 0.6.3 Optimizer.PHP Information Disclosure Vulnerability [CVE-2008-0465]
  • Nucleus CMS 3.22 Action.PHP Cross-Site Scripting Vulnerability [CVE-2008-0497]
  • Bigware Shop 2.0 Main_Bigware_53.Tpl.PHP SQL Injection Vulnerability [CVE-2008-0498]
  • AmpJuke 0.7 Index.PHP Cross-Site Scripting Vulnerability [CVE-2008-0496]
  • Joomla! com_jokes Component 1.0 Index.PHP SQL Injection Vulnerability [CVE-2008-0519]
  • Bubbling Library 1.32 Simple.PHP Local File Include Vulnerability [CVE-2008-0545]
  • Bubbling Library 1.32 Simple.Tpl.PHP Local File Include Vulnerability [CVE-2008-0545]
  • Bubbling Library 1.32 Advanced.PHP Local File Include Vulnerability [CVE-2008-0545]
  • Bubbling Library 1.32 Advanced.Tpl.PHP Local File Include Vulnerability [CVE-2008-0545]
  • Bubbling Library 1.32 Yui-Menu.PHP Local File Include Vulnerability [CVE-2008-0545]
  • Bubbling Library 1.32 Examples/Dispatcher/Framework/Dispatcher.PHP Local File Include Vulnerability [CVE-2008-0521]
  • Bubbling Library 1.32 Examples/Dispatcher/Dispatcher.PHP Local File Include Vulnerability [CVE-2008-0521]
  • Bubbling Library 1.32 Examples/Wizard/Dispatcher.PHP Local File Include Vulnerability [CVE-2008-0521]
  • Bubbling Library 1.32 PHP/Dispatcher.PHP Local File Include Vulnerability [CVE-2008-0521]
  • VB Marketing Tseekdir.CGI Local File Include Vulnerability [CVE-2008-0488]
  • ASPired2Protect Login Page SQL Injection Vulnerability [CVE-2008-0487]
  • ClanSphere 2007.4.4 Install.PHP Local File Include Vulnerability [CVE-2008-0489]
  • eTicket 1.5.6 Index.PHP Cross-Site Scripting Vulnerability [CVE-2008-0552]
  • Mambo MOStlyCE Module 2.4 Connector.PHP Cross-Site Scripting Vulnerability
  • phpIP Management 4.3.2 Display.PHP SQL Injection Vulnerability [CVE-2008-0538]
  • WordPress Plugin 2.4.1 fGallery SQL Injection Vulnerability [CVE-2008-0491]
  • WordPress Plugin WP-Cal 0.3 SQL Injection Vulnerability [CVE-2008-0490]
  • OneCMS 2.4 Staff.PHP SQL Injection Vulnerability
  • EasySiteNetwork Recipe Website Script List.PHP SQL Injection Vulnerability [CVE-2008-0453]
  • Gerd Tentler Simple Forum 2.2 Forum.PHP OPEN Parameter Directory Traversal Vulnerability [CVE-2008-0541]
  • Gerd Tentler Simple Forum 2.2 Forum.PHP DATE_SHOW Parameter Directory Traversal Vulnerability [CVE-2008-0541]
  • Gerd Tentler Simple Forum 2.2 Thumbnail.PHP Directory Traversal Vulnerability [CVE-2008-0542]
  • F5 BIG-IP Application Security Manager 9.4.3 Rep_Request.PHP Cross-Site Scripting Vulnerability [CVE-2008-0539]
  • WebCalendar 1.1.6 Pref.PHP Cross-Site Scripting Vulnerability [CVE-2007-6696]
  • WebCalendar 1.1.6 Search.PHP Cross-Site Scripting Vulnerability [CVE-2007-6696]
  • Trixbox 2.4.2 Maint/Index.PHP Cross-Site Scripting Vulnerability [CVE-2008-0540]
  • Trixbox 2.4.2 User/Index.PHP Cross-Site Scripting Vulnerability [CVE-2008-0540]
  • CandyPress 4.1.1.26 Utilities_ConfigHelp.ASP SQL Injection Vulnerability [CVE-2008-0737]
  • CandyPress 4.1.1.26 Ajax_GetBrands.ASP SQL Injection Vulnerability [CVE-2008-0546]
  • CandyPress 4.1.1.26 Ajax_OptInventory.ASP SQL Injection Vulnerability [CVE-2008-0546]
  • CandyPress 4.1.1.26 Utilities_ConfigHelp.ASP Cross-Site Scripting Vulnerability [CVE-2008-0547]
  • CandyPress 4.1.1.26 SA_ShipFedExMeter.ASP Path Disclosure Vulnerability [CVE-2008-0736]
  • Pre Dynamic Institution Siteadmin/Login.ASP SQL Injection Vulnerability [CVE-2008-0543]
  • Pre Dynamic Institution Login.ASP SQL Injection Vulnerability [CVE-2008-0543]
  • Tiger Php News System 0.9.2 Index.PHP SQL Injection Vulnerability [CVE-2008-0469]
  • Flinx 1.3 Category.PHP SQL Injection Vulnerability [CVE-2008-0468]
  • aflog 1.01 Comments.PHP SQL Injection Vulnerability [CVE-2008-0397]
  • SLAED CMS 2.5 Index.PHP Local File Include Vulnerability [CVE-2008-0458]
  • Liquid-Silver CMS 0.3 Update/Index.PHP Local File Include Vulnerability [CVE-2008-0459]
  • aconon Mail 11.7 Template Parameter Directory Traversal Vulnerability [CVE-2008-0464]
  • TikiWiki 1.9.8 CMS Tiki-Listmovies.PHP Directory Traversal Vulnerability [CVE-2007-6528]
  • ChronoEngine ChronoForms 2.3.5 Format.PHP Remote File Include Vulnerability [CVE-2008-0567]
  • ChronoEngine ChronoForms 2.3.5 File.PHP Remote File Include Vulnerability [CVE-2008-0567]
  • ChronoEngine ChronoForms 2.3.5 Worksheet.PHP Remote File Include Vulnerability [CVE-2008-0567]
  • ChronoEngine ChronoForms 2.3.5 Workbook.PHP Remote File Include Vulnerability [CVE-2008-0567]
  • ChronoEngine ChronoForms 2.3.5 BIFFwriter.PHP Remote File Include Vulnerability [CVE-2008-0567]
  • ChronoEngine ChronoForms 2.3.5 PPS.PHP Remote File Include Vulnerability [CVE-2008-0567]
  • ChronoEngine ChronoForms 2.3.5 Writer.PHP Remote File Include Vulnerability [CVE-2008-0567]
  • TikiWiki 1.9.8.3 Tiki-Special_Chars.PHP Cross-Site Scripting Vulnerability [CVE-2007-6526]
  • PHP-Nuke 7.9 Modules.PHP SQL Injection Vulnerability [CVE-2008-0461]
  • DeluxeBB 1.1 Attachments_Header.PHP Cross-Site Scripting Vulnerability [CVE-2008-0439]
  • LulieBlog 1.0.1 Comment_Accepter.PHP SQL Injection Vulnerability [CVE-2008-0329]
  • LulieBlog 1.0.1 Comment_Refuser.PHP SQL Injection Vulnerability [CVE-2008-0329]
  • LulieBlog 1.0.1 Article_Suppr.PHP SQL Injection Vulnerability [CVE-2008-0329]
  • ClamAV 0.91.2 BZ_GET_FAST Bzip2 Decompression Vulnerability [CVE-2007-6337]
  • Novemberborn sIFR 2.0.2 FuturaLt.SWF Cross-Site Scripting Vulnerability [CVE-2008-0438]
  • Small Axe Weblog 0.3.1 Linkbar.PHP Remote File Include Vulnerability [CVE-2008-0442]
  • Singapore Modern Template 0.10.1 Default.PHP Cross-Site Scripting Vulnerability [CVE-2008-0400]
  • Mooseguy Blog System 1.0 Blog.PHP SQL Injection Vulnerability [CVE-2008-0424]
  • AlstraSoft Forum Pay Per Post Exchange 2.0 Index.PHP SQL Injection Vulnerability [CVE-2008-0429]
  • Lama Software Inc.Steps.Init_System.PHP Remote File Include Vulnerability [CVE-2008-0423]
  • Lama Software Inc.Steps.Access_Error.PHP Remote File Include Vulnerability [CVE-2008-0423]
  • Lama Software Inc.Steps.Check_Login.PHP Remote File Include Vulnerability [CVE-2008-0423]
  • Coppermine Photo Gallery 1.4.10 Thumbnails.PHP SQL Injection Vulnerability [CVE-2007-1107]
  • BoastMachine 3.1 Mail.PHP SQL Injection Vulnerability [CVE-2008-0422]
  • MegaBBS 1.5.14b Upload.ASP Cross-Site Scripting Vulnerability [CVE-2008-0436]
  • 360 Web Manager 3.0 Form.PHP SQL Injection Vulnerability [CVE-2008-0430]
  • Bloofox CMS 0.3 SQL Injection Vulnerability [CVE-2008-0428]
  • WordPress Plugin WP-Forum 1.7.4 SQL Injection Vulnerability [CVE-2008-0388]
  • Members Area System 1.7 View_Func.PHP Remote File Include Vulnerability [CVE-2008-0289]
  • Small Axe Weblog 0.3.1 Linkbar.PHP Remote File Include Vulnerability [CVE-2008-0376]
  • GradMan 0.1.3 Info.PHP Local File Include Vulnerability [CVE-2008-0393]
  • Clever Copy 3.0 Postcomment.PHP SQL Injection Vulnerability [CVE-2008-0363]
  • Clever Copy 3.0 Gallery.PHP Cross-Site Scripting Vulnerability [CVE-2008-0362]
  • vulnSig_title [vulnSig_cve]
  • Clever Copy 3.0 Gallery.PHP SQL Injection Vulnerability [CVE-2008-0363]
  • Site2Nite Real Estate Web Default.ASP SQL Injection Vulnerability [CVE-2008-0771]
  • GalaxyScripts Mini File Host 1.2 Upload.PHP Local File Include Vulnerability [CVE-2008-0357]
  • PHPEcho CMS 2.0 Index.PHP SQL Injection Vulnerability [CVE-2008-0355]
  • MiniWeb 0.8.19 Directory Traversal Vulnerability [CVE-2008-0338]
  • GradMan 0.1.3 Agregar_Info.PHP Local File Include Vulnerability [CVE-2008-0361]
  • MyBB 1.2.10 Moderation.PHP MERGEPOST Parameter SQL Injection Vulnerability [CVE-2008-0383]
  • MyBB 1.2.10 Usergroups.PHP SQL Injection Vulnerability [CVE-2008-0383]
  • MyBB 1.2.10 Moderation.PHP THREADS Parameter SQL Injection Vulnerability [CVE-2008-0383]
  • MyBB 1.2.10 Moderation.PHP RID Parameter SQL Injection Vulnerability [CVE-2008-0383]
  • MailBee WebMail Pro Download_View_Attachment.ASPX Local File Include Vulnerability [CVE-2008-0333]
  • BLOG:CMS 4.2.1 Index.PHP SQL Injection Vulnerability [CVE-2008-0360]
  • BLOG:CMS 4.2.1 Index.PHP Cross-Site Scripting Vulnerability [CVE-2008-0359]
  • BLOG:CMS 4.2.1 Admin.PHP Cross-Site Scripting Vulnerability [CVE-2008-0359]
  • BLOG:CMS 4.2.1 Table/Index.PHP SQL Injection Vulnerability [CVE-2008-0360]
  • BLOG:CMS 4.2.1 Action.PHP SQL Injection Vulnerability [CVE-2008-0360]
  • RichStrong CMS Showproduct.ASP SQL Injection Vulnerability [CVE-2008-0291]
  • ARIA 0.99-6 Effect.PHP Local File Include Vulnerability [CVE-2008-0332]
  • aliTalk 1.1.9 Receivertwo.PHP SQL Injection Vulnerabilty [CVE-2008-0371]
  • aliTalk 1.1.9 Elementz.PHP Access Validation Vulnerabilty [CVE-2008-0391]
  • aliTalk 1.1.9 Usercp.PHP SQL Injection Vulnerabilty [CVE-2008-0371]
  • aliTalk 1.1.9 Index.PHP SQL Injection Vulnerabilty [CVE-2008-0371]
  • FaName 1.0 Page.PHP SQL Injection Vulnerability [CVE-2008-0328]
  • Multiple FaScript Packages FP/Show.PHP ID Parameter SQL Injection Vulnerability [CVE-2008-0325]
  • Multiple FaScript Packages FAMP3/Show.PHP ID Parameter SQL Injection Vulnerability [CVE-2008-0327]
  • Multiple FaScript Packages PH/Show.PHP ID Parameter SQL Injection Vulnerability [CVE-2008-0326]
  • Apple QuickTime 7.1.6 Compressed PICT Remote Buffer Overflow Vulnerability [CVE-2008-0036]
  • pMachine Pro 2.4.1 Preferences.PHP Cross-Site Scripting Vulnerability [CVE-2008-0334]
  • RichStrong CMS Showproduct.ASP SQL Injection Vulnerability [CVE-2008-0291]
  • Xforum 1.4 Liretopic.PHP SQL Injection Vulnerability [CVE-2008-0279]
  • Ajchat 0.10 Directory.PHP SQL Injection Vulnerability
  • 0DayDB 2.3 Delete.PHP Authentication Bypass Vulnerability [CVE-2007-5465]
  • Agares Media phpAutoVideo 2.21 Articleblock.PHP SQL Injection Vulnerability [CVE-2008-0262]
  • TaskFreak! 0.6.1 Index.PHP SQL Injection Vulnerability [CVE-2008-0270]
  • Matteo Binda ASP Photo Gallery 1.0 Imgbig.ASP SQL Injection Vulnerability [CVE-2008-0256]
  • Matteo Binda ASP Photo Gallery 1.0 Thumbricerca.ASP ID Parameter SQL Injection Vulnerability [CVE-2008-0256]
  • Matteo Binda ASP Photo Gallery 1.0 Thumbricerca.ASP RICERCA Parameter SQL Injection Vulnerability [CVE-2008-0256]
  • Matteo Binda ASP Photo Gallery 1.0 Thumb.ASP SQL Injection Vulnerability [CVE-2008-0256]
  • TutorialCMS 1.02 Activate.PHP SQL Injection Vulnerability [CVE-2008-0254]
  • IceWarp Mail Server 9.1.1 Admin/Index.Html Cross-Site Scripting Vulnerability [CVE-2008-0218]
  • minimal Gallery 0.8 Mg_Thumbs.PHP THUMBCAT Parameter Information Disclosure Vulnerability [CVE-2008-0259]
  • minimal Gallery 0.8 Mg_Thumbs.PHP THUMB Parameter Information Disclosure Vulnerability [CVE-2008-0259]
  • PHP Running Management 1.0.2 Index.PHP Cross Site Scripting Vulnerability [CVE-2008-0258]
  • BugTracker.NET 2.7.1 New Bug Report Multiple HTML Injection Vulnerabilities [CVE-2008-0335]
  • X7 Chat 2.0.5 Index.PHP SQL Injection Vulnerability [CVE-2008-0278]
  • DigitalHive 2.0 Gestion_Membre.PHP SQL Injection Vulnerability [CVE-2008-0290]
  • DomPHP 0.81 Agenda/Index.PHP SQL Injection Vulnerability
  • iGaming CMS 3.1 Archive.PHP SQL Injection Vulnerability [CVE-2008-0255]
  • VisionBurst vcart 3.3.2 Index.PHP Remote File Include Vulnerability [CVE-2008-0287]
  • VisionBurst vcart 3.3.2 Checkout.PHP Remote File Include Vulnerability [CVE-2008-0287]
  • MTCMS 2.0 Index.PHP A Parameter SQL Injection Vulnerability [CVE-2008-0280]
  • MTCMS 2.0 Index.PHP CID Parameter SQL Injection Vulnerability [CVE-2008-0280]
  • DomPHP 0.81 Index.PHP Remote File Include Vulnerability [CVE-2008-0283]
  • ID-Commerce 2.0 Liste.PHP SQL Injection Vulnerability [CVE-2008-0281]
  • SAM Broadcaster samPHPweb 4.2.2 Db.PHP Remote File Include Vulnerability [CVE-2008-0143]
  • osDate 2.0.8 Php121db.PHP Remote File Include Vulnerability [CVE-2008-0230]
  • PHP Webquest 2.6 Soporte_Horizontal_W.PHP SQL Injection Vulnerability [CVE-2008-0219]
  • EvilBoard 0.1a Index.PHP Cross-Site Scripting Vulnerability [CVE-2008-0155]
  • EvilBoard 0.1a Index.PHP SQL-Injection Vulnerability [CVE-2008-0154]
  • HelpBox 3.7.1 Requestattach.ASP Cross-Site Scripting Vulnerability [CVE-2007-5403]
  • Zero CMS 1.0 Index.PHP ID Parameter SQL Injection Vulnerability [CVE-2008-0232]
  • Zero CMS 1.0 Index.PHP F Parameter SQL Injection Vulnerability [CVE-2008-0232]
  • Zero CMS 1.0 Index.PHP T Parameter SQL Injection Vulnerability [CVE-2008-0232]
  • Tuned Studios Multiple Webpage Templates Index.PHP Remote File Include Vulnerability [CVE-2008-0231]
  • SysHotel On Line System Index.PHP Local File Include Vulnerability [CVE-2008-0184]
  • eTicket 1.5.5.2 View.PHP Cross-Site Scripting Vulnerability [CVE-2008-0268]
  • eTicket 1.5.5.2 Admin.PHP SQL Injection Vulnerability [CVE-2008-0267]
  • eTicket 1.5.5.2 Search.PHP SQL Injection Vulnerability [CVE-2008-0267]
  • MailMachinePRO 2.2.4 ShowMsg.PHP SQL Injection Vulnerability [CVE-2007-6551]
  • PortalApp 4.0 Forums.ASP Cross-Site Scripting Vulnerability
  • PortalApp 4.0 Content.ASP Cross-Site Scripting Vulnerability
  • PortalApp 4.0 Forums.ASP SQL Injection Vulnerability
  • DCP-Portal 6.11 Index.PHP SQL Injection Vulnerability
  • Shop-Script 2.0 Index.PHP Local Information Disclosure Vulnerability [CVE-2008-0158]
  • Snitz Forums 2000 3.4.6 Login.ASP Cross-Site Scripting Vulnerability [CVE-2008-0208]
  • Snitz Forums 2000 3.4.6 Setup.ASP Cross-Site Scripting Vulnerability [CVE-2008-0134]
  • netRisk 1.9.7 Patch/Index.PHP Cross-Site Scripting Vulnerability
  • netRisk 1.9.7 Patch/Index.PHP SQL Injection Vulnerability
  • Xoops XoopsGallery Module 1.3.3 Init_Basic.PHP Remote File Include Vulnerability [CVE-2008-0138]
  • Tribisur 2.0 Forum.PHP SQL Injection Vulnerability [CVE-2008-0133]
  • Tribisur 2.0 Cat_Main.PHP SQL Injection Vulnerability [CVE-2008-0133]
  • SAM Broadcaster samPHPweb 4.2.2 Songinfo.PHP SQL Injection Vulnerability [CVE-2008-0187]
  • netRisk 1.9.7 Index.PHP Remote File Include Vulnerability [CVE-2008-0144]
  • Rotabanner Local 3 Index.PHP DROP Parameter Cross-Site Scripting Vulnerability [CVE-2008-0200]
  • Rotabanner Local 3 Index.PHP USER Parameter Cross-Site Scripting Vulnerability [CVE-2008-0200]
  • Fastpublish CMS 1.9999 Designconfig.PHP Remote File Include Vulnerability [CVE-2007-6324]
  • City Writer 0.9.7 Head.PHP Remote File Include Vulnerability [CVE-2007-6324]
  • DynaWeb Developers MMS Gallery 1.0 Get_Image.PHP Directory Traversal Vulnerability [CVE-2007-6323]
  • DynaWeb Developers MMS Gallery 1.0 Get_File.PHP Directory Traversal Vulnerability [CVE-2007-6323]
  • Xml2owl 0.1.1 Filedownload.PHP Directory Traversal Vulnerability [CVE-2007-6322]
  • WordPress 2.3.1 Wp-Db.PHP Character Set SQL Injection Vulnerability [CVE-2007-6318]
  • PRO-Search 0.17 Index.PHP DATA[TITLE] Parameter Cross-Site Scripting Vulnerability [CVE-2008-0207]
  • PRO-Search 0.17 Index.PHP DATA[MESSAGE] Parameter Cross-Site Scripting Vulnerability [CVE-2008-0207]
  • PRO-Search 0.17 Index.PHP DATA[TABLE][1][ITEM] Parameter Cross-Site Scripting Vulnerability [CVE-2008-0207]
  • PRO-Search 0.17 Index.PHP DATA[TABLE][1][URL] Parameter Cross-Site Scripting Vulnerability [CVE-2008-0207]
  • PRO-Search 0.17 Index.PHP DATA[POWEREDBY] Parameter Cross-Site Scripting Vulnerability [CVE-2008-0207]
  • WordPress 2.2.3 Post.PHP Cross-Site Scripting Vulnerability [CVE-2008-0192]
  • WordPress 2.2.3 Edit.PHP Cross-Site Scripting Vulnerability [CVE-2008-0193]
  • WordPress 2.2.3 Page-New.PHP Cross-Site Scripting Vulnerability [CVE-2008-0192]
  • Site@School 2.3.10 Slideshow_Full.PHP SQL Injection Vulnerability [CVE-2008-0129]
  • vulnSig_title [vulnSig_cve]
  • ClipShare Uprofile.PHP SQL Injection Vulnerability [CVE-2008-0089]
  • phpWebSite 1.4 Search Module Cross-Site Scripting Vulnerability [CVE-2008-0092]
  • Pragmatic Utopia PU Arcade 2.0.3 Index.PHP SQL Injection Vulnerability [CVE-2007-6663]
  • WebPortal CMS 0.6 Index.PHP SQL Injection Vulnerability [CVE-2007-6664]
  • AGENCY4NET WEBFTP Download2.PHP Local File Include Vulnerability [CVE-2008-0091]
  • Zenphoto 1.1.3 Rss.PHP SQL Injection Vulnerability [CVE-2007-6666]
  • MyPHP Forum 3.0 Member.PHP SQL Injection Vulnerability [CVE-2007-6667]
  • MyPHP Forum 3.0 Faq.PHP SQL Injection Vulnerability [CVE-2007-6667]
  • IPTBB 0.5.4 Index.PHP SQL Injection Vulnerability [CVE-2007-6639]
  • MilliScripts Dir.PHP Cross-Site Scripting Vulnerability [CVE-2007-6641]
  • MatPo.de Kontakt Formular 1.4 Function.PHP Remote File Include Vulnerability [CVE-2007-6655]
  • Mihalism Multi Host 2.0.7 Download.PHP Directory Traversal Vulnerability [CVE-2007-6653]
  • CMS Made Simple 1.2.2 TinyMCE Module Content_Css.PHP SQL Injection Vulnerability [CVE-2007-6656]
  • MatPo.de MatPo Bilder Galerie 1.1 Tumbnail.PHP Remote File Include Vulnerability [CVE-2007-6649]
  • SanyBee Gallery 0.1.1 Index.PHP Local File Include Vulnerability [CVE-2007-6648]
  • w-Agora 4.2.1 Index.PHP SQL Injection Vulnerability [CVE-2007-6647]
  • CustomCMS 3.1 Vars.PHP SQL Injection Vulnerability [CVE-2007-6658]
  • Makale Scripti Cross-Site Scripting Vulnerability [CVE-2007-6673]
  • PHCDownload 1.1 Search.PHP SQL Injection Vulnerability [CVE-2007-6670]
  • PHCDownload 1.1 Search.PHP Cross-Site Scripting Vulnerability [CVE-2007-6669]
  • NoseRub 0.5.2 Identity.PHP SQL Injection Vulnerability [CVE-2007-6602]
  • 2z Project 0.9.6 Usermenu.TPL Cross-Site Scripting Vulnerability [CVE-2007-6661]
  • 2z Project 0.9.6 Index.PHP Cross-Site Scripting Vulnerability [CVE-2007-6661]
  • 2z Project 0.9.6 Admin.PHP Cross-Site Scripting Vulnerability [CVE-2007-6661]
  • Joovili 3.0.6 Images.Inc.PHP Local File Include Vulnerability [CVE-2007-6620]
  • Joovili 3.0.6 Joovili.Images.PHP PICTURE Parameter Local File Include Vulnerability [CVE-2007-6621]
  • Joovili 3.0.6 Joovili.Images.PHP Local File Include Vulnerability [CVE-2007-6621]
  • Joovili 3.0.6 Images.Inc.PHP PICTURE Parameter Local File Include Vulnerability [CVE-2007-6620]
  • OpenBiblio 0.5.1 Staff_Del_Confirm.PHP Cross-Site Scripting Vulnerability [CVE-2007-6608]
  • OpenBiblio 0.5.1 Phpinfo.PHP Security Exposure Vulnerability [CVE-2007-6606]
  • OpenBiblio 0.5.1 Custom_Marc_Form_Fields.PHP Path Disclosure Vulnerability [CVE-2007-6607]
  • OpenBiblio 0.5.1 Theme_Preview.PHP Cross-Site Scripting Vulnerability [CVE-2007-6608]
  • OpenBiblio 0.5.1 Theme_Del_Confirm.PHP Cross-Site Scripting Vulnerability [CVE-2007-6608]
  • NetBizCity FaqMasterFlexPlus Faq.PHP Cross-Site Scripting Vulnerability [CVE-2007-6633]
  • NetBizCity FaqMasterFlexPlus Faq.PHP SQL Injection Vulnerability [CVE-2007-6634]
  • XCMS 1.82 Index.PHP S Parameter Local File Include Vulnerability [CVE-2007-6604]
  • XCMS 1.82 Index.PHP PG Parameter Local File Include Vulnerability [CVE-2007-6604]
  • iPortalX Search.ASP Cross-Site Scripting Vulnerability [CVE-2007-6597]
  • iPortalX Blogs.ASP Cross-Site Scripting Vulnerability [CVE-2007-6597]
  • iPortalX Members.ASP Cross-Site Scripting Vulnerability [CVE-2007-6597]
  • XZeroScripts XZero Community Classifieds 4.95.11 SQL Injection Vulnerability [CVE-2007-6566]
  • XZeroScripts XZero Community Classifieds 4.95.11 Local File Include Vulnerability [CVE-2007-6567]
  • XZeroScripts XZero Community Classifieds 4.95.11 Config.Inc.PHP Remote File Include Vulnerability [CVE-2007-6568]
  • PNphpBB2 1.2.0 Printview.PHP Local File Include Vulnerability [CVE-2007-6624]
  • RunCMS 1.6 Brokenfile.PHP SQL Injection Vulnerability [CVE-2007-6544]
  • RunCMS 1.6 Index.PHP Cross-Site Scripting Vulnerability [CVE-2007-6545]
  • RunCMS 1.6 Submit.PHP Cross-Site Scripting Vulnerability [CVE-2007-6545]
  • RunCMS 1.6 Brokenlink.PHP SQL Injection Vulnerability [CVE-2007-6544]
  • RunCMS 1.6 Modlink.PHP SQL Injection Vulnerability [CVE-2007-6544]
  • RunCMS 1.6 Ratelink.PHP SQL Injection Vulnerability [CVE-2007-6544]
  • RunCMS 1.6 Ratefile.PHP SQL Injection Vulnerability [CVE-2007-6544]
  • RunCMS 1.6 Visit.PHP SQL Injection Vulnerability [CVE-2007-6544]
  • webSPELL 4.1.2 Usergallery.PHP GALLERYID Parameter Cross-Site Scripting Vulnerability [CVE-2007-6309]
  • webSPELL 4.1.2 Calendar.PHP YEAR Parameter Cross-Site Scripting Vulnerability [CVE-2007-6309]
  • webSPELL 4.1.2 Calendar.PHP USERID Parameter Cross-Site Scripting Vulnerability [CVE-2007-6309]
  • webSPELL 4.1.2 Calendar.PHP MONTH Parameter Cross-Site Scripting Vulnerability [CVE-2007-6309]
  • webSPELL 4.1.2 Calendar.PHP TAG Parameter Cross-Site Scripting Vulnerability [CVE-2007-6309]
  • webSPELL 4.1.2 Calendar.PHP UPID Parameter Cross-Site Scripting Vulnerability [CVE-2007-6309]
  • Falt4 CMS RC4 Index.PHP TOPIC Parameter Cross-Site Scripting Vulnerability [CVE-2007-6310]
  • Falt4 CMS RC4 Index.PHP HANDLER Parameter Cross-Site Scripting Vulnerability [CVE-2007-6310]
  • Falt4 CMS RC4 Index.PHP SQL Injection Vulnerability [CVE-2007-6311]
  • wwwstats 3.21 Clickstats.PHP HTML Injection Vulnerability [CVE-2007-6307]
  • Web Sihirbazi 5.1.1 Default.ASP PAGEID Parameter SQL Injection Vulnerability [CVE-2007-6556]
  • Web Sihirbazi 5.1.1 Default.ASP ID Parameter SQL Injection Vulnerability [CVE-2007-6556]
  • eSyndiCat Link Directory 2.2 Suggest-Link.PHP SQL Injection Vulnerability [CVE-2007-6543]
  • Limbo CMS 1.0.4 Admin.PHP Cross-Site Scripting Vulnerability [CVE-2007-6564]
  • TeamCal Pro 3.1 Joomlajack.Tcpro.PHP Remote File Include Vulnerability [CVE-2007-6553]
  • TeamCal Pro 3.1 Statistics.PHP Local File Include Vulnerability [CVE-2007-6554]
  • TeamCal Pro 3.1 Login.PHP Local File Include Vulnerability [CVE-2007-6554]
  • TeamCal Pro 3.1 Register.PHP Local File Include Vulnerability [CVE-2007-6554]

This entry was posted in N-Stalker Latest Updates. Bookmark the permalink.
Products
About N-Stalker
Contact

Rua Monte Alegre, 61 - cj 81
Sao Paulo, BRA, 05014-000
BRA Phone: +55-11-3868-1997
Contact us