RESELLER | LOGIN
← Volte para a página principal
N-Stalker Latest Updates

Apache Jackrabbit vulnerabilities and multiple updates

By N-Stalker Team on February 12, 2009


N-Stalker has made available its latest “N-Stealth Web Attack Database” update for all products, including N-Stalker 2009 and 2006 version.You should be able to automatically download it next time you execute N-Stalker Scanner.

If you need to contact us for additional instructions, go to N-Stalker’s Customer Center.

This release includes patterns for the following vulnerabilities:

  • BusinessSpace 1.2 Index.PHP SQL Injection Vulnerability – [CVE-2009-0516]
  • Bitrix Site Manager 7.0 Index.HTML Cross-Site Scripting Vulnerability – [CVE-2009-0516]
  • Drupal 6.9 Install.PHP Local File Include Vulnerability – [CVE-2009-0516]
  • FotoWeb 6.0 Login.FWX Cross Site Scripting Vulnerability – [CVE-2009-0516]
  • FotoWeb 6.0 Grid.FWX Cross Site Scripting Vulnerability – [CVE-2009-0516]
  • YapBB 1.2 Forumhop.PHP SQL Injection Vulnerability – [CVE-2009-0516]
  • Team 1.0.5 Online.ASP Cross Site Scripting Vulnerability – [CVE-2009-0516]
  • Flatnux 2009-01-27 Filemanager.PHP Remote File Include Vulnerability – [CVE-2009-0516]
  • Flatnux 2009-01-27 Index.PHP Remote File Include Vulnerability – [CVE-2009-0516]
  • Power System Of Article Management 3.0 Userchklogin.ASP Cross Site Scripting Vulnerability – [CVE-2009-0516]
  • Power System Of Article Management 3.0 Userlogin.ASP Cross Site Scripting Vulnerability – [CVE-2009-0516]
  • Jaws 0.8.8 Upgrade/Index.PHP Local File Include Vulnerability – [CVE-2009-0516]
  • Jaws 0.8.8 Install/Index.PHP Local File Include Vulnerability – [CVE-2009-0516]
  • PHPbbBook 1.3 Bbcode.PHP Local File Include Vulnerability – [CVE-2009-0442]
  • Syntax Desktop 2.7 Preview.PHP Local File Include Vulnerability – [CVE-2009-0448]
  • GR Board 1.8 View.PHP Remote File Include Vulnerability – [CVE-2009-0444]
  • GR Board 1.8 Include.PHP Remote File Include Vulnerability – [CVE-2009-0444]
  • GR Board 1.8 List.PHP Remote File Include Vulnerability – [CVE-2009-0444]
  • GR Board 1.8 View.PHP Remote File Include Vulnerability – [CVE-2009-0444]
  • GR Board 1.8 View.PHP Remote File Include Vulnerability – [CVE-2009-0444]
  • GR Board 1.8 View.PHP Remote File Include Vulnerability – [CVE-2009-0444]
  • GR Board 1.8 View.PHP Remote File Include Vulnerability – [CVE-2009-0444]
  • GR Board 1.8 View.PHP Remote File Include Vulnerability – [CVE-2009-0444]
  • GR Board 1.8 View.PHP Remote File Include Vulnerability – [CVE-2009-0444]
  • GR Board 1.8 View.PHP Remote File Include Vulnerability – [CVE-2009-0444]
  • GR Board 1.8 View.PHP Remote File Include Vulnerability – [CVE-2009-0444]
  • GR Board 1.8 View.PHP Remote File Include Vulnerability – [CVE-2009-0444]
  • GR Board 1.8 View.PHP Remote File Include Vulnerability – [CVE-2009-0444]
  • GR Board 1.8 View.PHP Remote File Include Vulnerability – [CVE-2009-0444]
  • GR Board 1.8 View.PHP THEME Parameter Remote File Include Vulnerability – [CVE-2009-0444]
  • GR Board 1.8 View.PHP Remote File Include Vulnerability – [CVE-2009-0444]
  • MyDesign Sayac 2.0 Admin.ASP Login Parameters SQL Injection Vulnerability – [CVE-2009-0447]
  • Technote 7.2 Body_Default.PHP Remote File Include Vulnerability – [CVE-2009-0441]
  • DreamPics Photo/Video Gallery Index.PHP SQL Injection Vulnerability – [CVE-2009-0445]
  • WEBalbum 2.4b Photo.PHP SQL Injection Vulnerability – [CVE-2009-0446]
  • Multiple Groone Products 2.0 Header.PHP Remote File Include Vulnerability – [CVE-2009-0464]
  • glFusion 1.1.1 Anonymous Comment Comment.PHP HTML Injection Vulnerability – [CVE-2009-0455]
  • ClickCart 6.0 Login Parameters SQL Injection Vulnerability – [CVE-2009-0462]
  • E-Php B2B Trading Marketplace Script Signin.PHP Cross Site Scripting Vulnerability – [CVE-2009-0462]
  • E-Php B2B Trading Marketplace Script Gen_Confirm.PHP Cross Site Scripting Vulnerability – [CVE-2009-0462]
  • SalesCart Default.ASP SQL Injection Vulnerability – [CVE-2009-0462]
  • ReVou User_Updates.PHP SQL Injection Vulnerability – [CVE-2009-0462]
  • BPAutosales 1.0.1 Index.PHP Cross Site Scripting Vulnerability – [CVE-2009-0462]
  • BPAutosales 1.0.1 Index.PHP SQL Injection Vulnerability – [CVE-2009-0462]
  • Bugs Online 2.0.12 Help.ASP SQL Injection Vulnerability – [CVE-2009-0462]
  • e-Vision CMS 2.0 Iframe.PHP SQL Injection Vulnerability – [CVE-2008-0856]
  • PLE CMS 1.0 Login.PHP SQL Injection Vulnerability – [CVE-2009-0394]
  • Profense 2.6.2 Proxy.HTML Cross Site Scripting Vulnerabilities – [CVE-2009-0394]
  • KTP Computer Customer Database 1.0 LNAME Parameter SQL Injection Vulnerability – [CVE-2008-5954]
  • KTP Computer Customer Database 1.0 P Parameter Local File Include Vulnerability – [CVE-2008-5953]
  • Sourdough 0.3.5 Example_Clientside_Javascript.PHP Remote File Include Vulnerability – [CVE-2009-0456]
  • phpBLASTER 1.0 Mainfile.PHP SQL Injection Vulnerability – [CVE-2009-0456]
  • Flatnux 2009-01-27 User Profile Index.PHP HTML Injection Vulnerability – [CVE-2009-0456]
  • AJA Portal 1.2 Case.PHP Local File Include Vulnerability – [CVE-2009-0457]
  • AJA Portal 1.2 FANCYNLOptions.PHP Local File Include Vulnerability – [CVE-2009-0457]
  • AJA Portal 1.2 Reviews/Case.PHP Local File Include Vulnerability – [CVE-2009-0457]
  • Multiple Whole Hog Software Products Login SQL Injection Vulnerability – [CVE-2009-0458]
  • SMA-DB Startpage.PHP Cross Site Scripting Vulnerability – [CVE-2009-0458]
  • SMA-DB Startpage.PHP Remote File Include Vulnerability – [CVE-2009-0458]
  • E-Php Scripts CMS Browsecats.PHP SQL Injection Vulnerability – [CVE-2009-0458]
  • Max.Blog 1.0.6 Show_Post.PHP SQL Injection Vulnerability – [CVE-2009-0458]
  • ShopSystem eSystem Pop.ASP SQL Injection Vulnerability – [CVE-2009-0458]
  • ShopSystem eSystem Addtobasket.ASP SQL Injection Vulnerability – [CVE-2009-0458]
  • ShopSystem eSystem Pop.ASP PRO_ID Parameter SQL Injection Vulnerability – [CVE-2009-0458]
  • ShopSystem eSystem Logon.ASP SQL Injection Vulnerability – [CVE-2009-0458]
  • Wazzum Dating Software 2.0 Profile_View.PHP SQL Injection Vulnerability – [CVE-2009-0293]
  • Script Toko Online 5.01 Shop_Display_Products.PHP SQL Injection Vulnerability – [CVE-2009-0296]
  • ElearningForce Flash Magazine Deluxe Joomla! Component SQL Injection Vulnerability – [CVE-2009-0296]
  • Groone GLinks Index.PHP SQL Injection Vulnerability – [CVE-2009-0299]
  • SiteXS CMS 0.1.1 Post.PHP Local File Include Vulnerability – [CVE-2009-0299]
  • Lootan RC1 Login.ASP SQL Injection Vulnerability – [CVE-2009-0299]
  • ITLPoll 2.7 Index.PHP SQL Injection Vulnerability – [CVE-2009-0295]
  • LDF Login.ASP SQL Injection Vulnerability – [CVE-2009-0295]
  • WB News 2.0.1 Search.PHP Remote File Include Vulnerability – [CVE-2009-0294]
  • WB News 2.0.1 Base/Comments.PHP Remote File Include Vulnerability – [CVE-2009-0294]
  • WB News 2.0.1 Archive.PHP Remote File Include Vulnerability – [CVE-2009-0294]
  • WB News 2.0.1 SendFriend.PHP Remote File Include Vulnerability – [CVE-2009-0294]
  • WB News 2.0.1 Base/News.PHP Remote File Include Vulnerability – [CVE-2009-0294]
  • WB News 2.0.1 News.PHP Remote File Include Vulnerability – [CVE-2009-0294]
  • WB News 2.0.1 Comments.PHP Remote File Include Vulnerability – [CVE-2009-0294]
  • WB News 2.0.1 Archive.PHP Remote File Include Vulnerability – [CVE-2009-0294]
  • ASP-DEV XM Events Diary Diary_ViewC.ASP SQL Injection Vulnerability – [CVE-2008-5924]
  • smartSite CMS 1.0 Articles.PHP SQL Injection Vulnerability – [CVE-2008-5924]
  • SocialEngine Blog.PHP SQL Injection Vulnerability – [CVE-2008-5924]
  • Max.Blog 1.0.6 Offline_Auth.PHP SQL Injection Vulnerability – [CVE-2008-5924]
  • GameScript 4.6 Page.PHP Local File Include Vulnerability – [CVE-2008-5924]
  • GameScript 4.6 Games.PHP Cross Site Scripting Vulnerability – [CVE-2008-5924]
  • GameScript 4.6 Page.PHP SQL Injection Vulnerability – [CVE-2008-5924]
  • Community CMS 0.4 Index.PHP SQL Injection Vulnerability – [CVE-2008-5924]
  • Anantasoft Gazelle CMS Local File Include Vulnerability – [CVE-2008-5924]
  • Flaxweb Article Manager 1.1 Category.PHP SQL Injection Vulnerability – [CVE-2009-0284]
  • PHP-CMS Project 1.0 Login.PHP SQL Injection Vulnerability – [CVE-2009-0284]
  • Mambo COM_SIM Component 0.8 Index.PHP SQL Injection Vulnerability – [CVE-2009-0284]
  • OpenX 2.6.3 Fc.PHP Local File Include Vulnerability – [CVE-2009-0291]
  • VirtueMart Prior to 1.1.3 Index.PHP Local File Include Vulnerability – [CVE-2009-0291]
  • VirtueMart Prior to 1.1.3 Show_Image_In_Imgtag.PHP Remote File Include Vulnerability – [CVE-2009-0291]
  • VirtueMart Prior to 1.1.3 Export.PHP Remote File Include Vulnerability – [CVE-2009-0291]
  • VirtueMart Prior to 1.1.3 Index.PHP DOWNLOAD_ID Parameter Cross-Site Scripting Vulnerability – [CVE-2009-0291]
  • VirtueMart Prior to 1.1.3 Index.PHP Cross-Site Scripting Vulnerability – [CVE-2009-0291]
  • VirtueMart Prior to 1.1.3 Index.PHP SQL Injection Vulnerability – [CVE-2009-0291]
  • Max.Blog 1.0.6 Submit_Post.PHP SQL Injection Vulnerability – [CVE-2009-0291]
  • Pixie CMS 1.0 Mod_Settings.PHP Local File Include Vulnerability – [CVE-2009-0291]
  • Pixie CMS 1.0 Mod_Myaccount.PHP M Parameter Local File Include Vulnerability – [CVE-2009-0291]
  • Pixie CMS 1.0 Mod_Myaccount.PHP X Parameter Local File Include Vulnerability – [CVE-2009-0291]
  • Shop-inet 4.0 Show_Cat2.PHP SQL Injection Vulnerability – [CVE-2009-0292]
  • OpenGoo 1.1 Index.PHP Local File Include Vulnerability – [CVE-2009-0286]
  • Netvolution CMS 1.0 Default.ASP SQL Injection Vulnerability – [CVE-2009-0286]
  • Dodo\’s Quiz Script 1.1 Dodosquiz.PHP Local File Include Vulnerability – [CVE-2009-0286]
  • Joomla! com_beamospetition Component 1.0.12 Index.PHP SQL Injection Vulnerability – [CVE-2009-0286]
  • Joomla! com_beamospetition Component 1.0.12 Index.PHP Cross Site Scripting Vulnerability – [CVE-2009-0286]
  • Joomla! BazaarBuilder Component 5.0 Index.PHP SQL Injection Vulnerability – [CVE-2009-0286]
  • OBLOG Err.ASP Cross Site Scripting Vulnerability – [CVE-2009-0283]
  • BBSXP 5.13 Error.ASP Cross Site Scripting Vulnerability – [CVE-2009-0285]
  • PHP-Nuke Downloads Module Modules.PHP SQL Injection Vulnerability – [CVE-2009-0285]
  • DMXReady Blog Manager Inc_Weblogmanager.ASP SQL Injection Vulnerability – [CVE-2009-0339]
  • DMXReady Blog Manager Inc_Weblogmanager.ASP Cross-Site Scripting Vulnerability – [CVE-2009-0338]
  • DMXReady Secure Document Library 1.1 Upload_Image_Category.ASP SQL Injection Vulnerability – [CVE-2009-0338]
  • DMXReady Member Directory Manager 1.1 Upload_Image_Category.ASP SQL Injection Vulnerability – [CVE-2009-0338]
  • DMXReady Classified Listings Manager 1.1 Upload_Image_Category.ASP SQL Injection Vulnerability – [CVE-2009-0338]
  • Pardal CMS 0.2 Comentar.PHP SQL Injection Vulnerability – [CVE-2009-0279]
  • OwnRS 1.2 Autor.PHP SQL Injection Vulnerability – [CVE-2009-0279]
  • Goople CMS 1.8.2 Frontpage.PHP PASSWORD Parameter SQL Injection Vulnerability – [CVE-2009-0121]
  • Prince Clan Chess Club com_pcchess Component 0.8 GAME_ID Parameter SQL Injection Vulnerability – [CVE-2009-0121]
  • Enhanced Simple PHP Gallery 1.72 Comment.PHP Directory Traversal Vulnerability – [CVE-2009-0121]
  • WSS-PRO SCMS 1.0 Index.PHP Local File Include Vulnerability – [CVE-2009-0121]
  • Apache Jackrabbit 1.5 Swr.JSP Cross Site Scripting Vulnerability – [CVE-2009-0026]
  • Apache Jackrabbit 1.5 Search.JSP Cross Site Scripting Vulnerability – [CVE-2009-0026]
  • Ninja Blog 4.8 Index.PHP Directory Traversal Vulnerability – [CVE-2009-0026]
  • Joomla! and Mambo COM_NEWS Component Index.PHP SQL Injection Vulnerability – [CVE-2009-0026]
  • Joomla! WATicketSystem Component Index.PHP SQL Injection Vulnerability – [CVE-2009-0026]
  • Joomla! and Mambo gigCalendar Component 1.0 index.PHP SQL Injection Vulnerability – [CVE-2009-0026]
  • Joomla! and Mambo com_pccookbook Component RECIPE_ID Parameter SQL Injection Vulnerability – [CVE-2009-0026]
  • ActionCalendar 1.3 Admin.ASP SQL Injection Vulnerability – [CVE-2009-0026]
  • BlogIt! Index.ASP SQL Injection Vulnerability – [CVE-2009-0026]
  • BlogIt! Index.ASP Cross-Site Scripting Vulnerability – [CVE-2009-0026]
  • WarHound Walking Club Login.ASPX SQL Injection Vulnerability – [CVE-2009-0026]
  • BibCiter 1.4 Users.PHP SQL Injection Vulnerability – [CVE-2009-0026]
  • BibCiter 1.4 Contacts.PHP SQL Injection Vulnerability – [CVE-2009-0026]
  • BibCiter 1.4 Projects.PHP SQL Injection Vulnerability – [CVE-2009-0026]
  • Active Bids 3.5 Search.ASP SQL Injection Vulnerability – [CVE-2009-0026]
  • Active Bids 3.5 Auctionsended.ASP SQL Injection Vulnerability – [CVE-2009-0026]
  • Active Bids 3.5 Wishlist.ASP SQL Injection Vulnerability – [CVE-2009-0026]
  • Active Bids 3.5 Search.ASP Cross-Site Scripting Vulnerability – [CVE-2009-0026]
  • Active Bids 3.5 Tellafriend.ASP Cross-Site Scripting Vulnerability – [CVE-2009-0026]
  • LemonLDAP:NG 0.9.3.1 Index.PL Cross Site Scripting Vulnerability – [CVE-2009-0026]
  • eReservations Default.ASP SQL Injection Vulnerability – [CVE-2009-0252]
  • Simple PHP Newsletter 1.5 Mail.PHP Local File Include Vulnerability – [CVE-2009-0252]
  • Simple PHP Newsletter 1.5 Mailbar.PHP Local File Include Vulnerability – [CVE-2009-0252]
  • WarHound Ping IP Admin.ASPX SQL Injection Vulnerability – [CVE-2009-0252]
  • w3bcms Admin/Index.PHP SQL Injection Vulnerability – [CVE-2009-0252]
  • Active Auction Search.ASP SQL Injection Vulnerability – [CVE-2009-0252]
  • Active Auction Stores.ASP SQL Injection Vulnerability – [CVE-2009-0252]
  • Active Auction Search.ASP Cross-Site Scripting Vulnerability – [CVE-2009-0252]
  • RankEm Rankup.ASP Cross Site Scripting Vulnerability – [CVE-2009-0252]
  • LinksPro Default.ASP SQL Injection Vulnerability – [CVE-2009-0252]
  • GNUBoard 4.31.3 Common.PHP remote File Include Vulnerability – [CVE-2009-0252]
  • GNUBoard 4.31.3 Common.PHP Directory Traversal Vulnerability – [CVE-2009-0252]
  • Free Bible Search Readbible.PHP SQL Injection Vulnerability – [CVE-2009-0252]
  • MKPortal 1.2.1 Handler_Image.PHP Cross-Site Scripting Vulnerability – [CVE-2009-0252]
  • Joomla! RD-Autos Component 1.5.2 Index.PHP SQL Injection Vulnerability – [CVE-2009-0252]
  • Blue Eye CMS 1.0.0 Index.PHP SQL Injection Vulnerability – [CVE-2009-0252]
  • Eventing Component for Joomla! 1.6.5 COM_EVENTING SQL Injection Vulnerability – [CVE-2009-0252]
  • Seo4SMF Seo4smf-Redirect.PHP Cross-Site Scripting Vulnerability – [CVE-2009-0252]
  • Seo4SMF Seo4smf-Redirect.PHP SQL Injection Vulnerability – [CVE-2009-0252]
  • DMXReady Members Area Manager 1.2 Upload_Image_Security_Level.ASP SQL Injection Vulnerability – [CVE-2009-0252]
  • PHP Photo Album 0.8 Index.PHP Local File Include Vulnerability – [CVE-2009-0252]
  • Joomla! com_fantasytournament Component 2009.1.5 Index.PHP ROUNDID Parameter SQL Injection Vulnerability – [CVE-2009-0252]
  • Joomla! com_fantasytournament Component 2009.1.5 Index.PHP MANAGERID Parameter SQL Injection Vulnerability – [CVE-2009-0252]
  • Joomla! com_fantasytournament Component 2009.1.5 Index.PHP ROUNDID Parameter SQL Injection Vulnerability – [CVE-2009-0252]
  • Joomla! and Mambo gigCalendar Component 1.0 Index.PHP SQL Injection Vulnerability – [CVE-2009-0252]
  • Joomla! com_camelcitydb2 Component 2.2 Index.PHP SQL Injection Vulnerability – [CVE-2009-0252]
  • Joomla! Portfol Component 1.2 Index.PHP SQL Injection Vulnerability – [CVE-2009-0252]
  • Joomla! com_xevidmegahd Component Index.PHP SQL Injection Vulnerability – [CVE-2009-0252]
  • PHP-Fusion Kroax Module 5.4 Callcomments.PHP SQL Injection Vulnerability – [CVE-2009-0252]
  • WordPress Plugin WP-Forum 1.7.8 Forum_Feed.PHP SQL Injection Vulnerability – [CVE-2009-0252]

This entry was posted in N-Stalker Latest Updates and tagged . Bookmark the permalink.
Products
About N-Stalker
Contact

Rua Monte Alegre, 61 - cj 81
Sao Paulo, BRA, 05014-000
BRA Phone: +55-11-3868-1997
Contact us