N-Stalker has made available its latest “N-Stealth Web Attack Database” update for all products, including N-Stalker 2009 and 2006 version.You should be able to automatically download it next time you execute N-Stalker Scanner.

If you need to contact us for additional instructions, go to N-Stalker’s Customer Center.

This release includes patterns for the following vulnerabilities:

• Qwerty CMS Index.PHP SQL Injection Vulnerability
• Free Arcade Script 1.0 Play.PHP Local File Include Vulnerability
• MDPro and PostNuke My_eGallery Module 3.1.1 Index.PHP SQL Injection Vulnerability – [CVE-2009-0728]
• Taifajobs 1.0 Jobdetails.PHP SQL Injection Vulnerability – [CVE-2009-0727]
• Page Engine CMS 2.0 Recent_Poll_Include.PHP Remote File Include Vulnerability – [CVE-2009-0729]
• Page Engine CMS 2.0 Configuration.Inc.PHP Remote File Include Vulnerability – [CVE-2009-0729]
• Page Engine CMS 2.0 Statistics_Include.PHP Remote File Include Vulnerability – [CVE-2009-0729]
• Page Engine CMS 2.0 Login_Include.PHP Remote File Include Vulnerability – [CVE-2009-0729]
• Pyrophobia 2.1.3.1 Index.PHP Local File Include Vulnerability – [CVE-2009-0729]
• Joomla! and Mambo gigCalendar Component 1.0 Venuedetails.PHP SQL Injection Vulnerability – [CVE-2009-0730]
• Joomla! and Mambo gigCalendar Component 1.0 Banddetails.PHP SQL Injection Vulnerability – [CVE-2009-0730]
• Blue Utopia Index.PHP Local File Include Vulnerability – [CVE-2009-0730]
• Graugon Forum 1.0 View_Profile.PHP SQL Injection Vulnerability – [CVE-2009-0730]
• lastRSS autoposting bot MOD 0.1.3 Functions_Lastrss_Autopost.PHP Remote File Include Vulnerability – [CVE-2009-0730]
• A4Desk Event Calendar Index.PHP SQL Injection Vulnerability – [CVE-2008-6104]
• YACS 8.11 Update_Trailer.PHP Remote File Include Vulnerability – [CVE-2008-6104]
• ClipBucket 1.7 Dwnld.PHP Directory Traversal Vulnerability – [CVE-2008-6104]
• MemHT Portal 4.0.1 DELETENEWPM Parameter SQL Injection Vulnerability – [CVE-2008-6104]
• NovaBoard 1.0 Index.PHP TOPIC Parameter SQL Injection Vulnerability – [CVE-2008-6104]
• NovaBoard 1.0 Index.PHP FORUM Parameter SQL Injection Vulnerability – [CVE-2008-6104]
• RavenNuke 2.30 Modules.PHP SQL Injection Vulnerability – [CVE-2008-6104]
• RavenNuke 2.30 Modules.PHP REPLACEMENTS[6] Parameter Remote Code-Execution Vulnerability – [CVE-2008-6104]
• RavenNuke 2.30 Modules.PHP Remote Code-Execution Vulnerability – [CVE-2008-6104]
• PowerMovieList 0.14 Edituser.PHP SQL Injection Vulnerability – [CVE-2008-6104]
• PowerMovieList 0.14 Edituser.PHP FLTNAME Parameter Cross Site Scripting Vulnerability – [CVE-2008-6104]
• PowerMovieList 0.14 Edituser.PHP ACTION Parameter Cross Site Scripting Vulnerability – [CVE-2008-6104]
• PowerMovieList 0.14 List.PHP SQL Injection Vulnerability – [CVE-2008-6104]
• PowerMovieList 0.14 Activate.PHP SQL Injection Vulnerability – [CVE-2008-6104]
• Barracuda Load Balancer 640 Index.CGI Cross Site Scripting Vulnerability – [CVE-2008-6104]
• Openfiler 2.3 Index.HTML Cross Site Scripting Vulnerability – [CVE-2008-6104]
• BlogWrite 0.91 Print.PHP SQL Injection Vulnerability – [CVE-2008-6104]
• SAS Hotel Management System Myhotel_Info.ASP SQL Injection Vulnerability – [CVE-2008-6104]
• S-CMS 1.1 Delete_Page.PHP SQL Injection Vulnerability – [CVE-2008-6104]
• pHNews Header.PHP SQL Injection Vulnerability – [CVE-2008-6104]
• CMS Faethon 2.2 Info.PHP SQL Injection Vulnerability – [CVE-2008-6104]
• ea-gBook 0.1 Index_Inc.PHP Remote File Include Vulnerability – [CVE-2008-6104]
• Vlinks 1.1.6 Page.PHP SQL Injection Vulnerability – [CVE-2008-6104]
• Baran CMS 1.0 Default.ASP Cross-Site Scripting Vulnerability – [CVE-2008-6104]
• Baran CMS 1.0 Default.ASP SQL Injection Vulnerability – [CVE-2008-6104]
• IdeaCart 0.02 Index.PHP Local File Include Vulnerability – [CVE-2008-6104]
• IdeaCart 0.02 Index.PHP SQL Injection Vulnerability – [CVE-2008-6104]
• Free Joke Script 1.0 Joke-Archives.PHP SQL Injection Vulnerability – [CVE-2008-6104]
• InselPhoto 1.1 Search.PHP SQL Injection Vulnerability – [CVE-2008-6104]
• Dacio\’s CMS 1.08 Index.PHP Cross Site Scripting Vulnerability – [CVE-2008-6104]
• Dacio\’s CMS 1.08 Index.PHP SQL Injection Vulnerability – [CVE-2008-6104]
• Bloggeruniverse 2.0 Editcomments.PHP SQL Injection Vulnerability – [CVE-2008-6104]
• Scripts Den Dating Website Script 9.01 Searchmatch.PHP SQL Injection Vulnerability – [CVE-2008-6104]
• Graugon Gallery 1.0 View.PHP SQL Injection Vulnerability – [CVE-2008-6104]
• Graugon Gallery 1.0 Index.PHP Cross-Site Scripting Vulnerability – [CVE-2008-6104]
• Halite News 0.1 Halite.PHP SQL Injection Vulnerability – [CVE-2008-6104]
• Thyme 1.3 Export.PHP Local File Include Vulnerability – [CVE-2009-0535]
• MyNews 0.10 Login.PHP SQL Injection Vulnerability – [CVE-2009-0535]
• Papoo 3.6 Message_Class.PHP Local File Include Vulnerability – [CVE-2009-0535]
• Auth PHP 1.0 Login.PHP SQL Injection Vulnerability – [CVE-2009-0535]
• Banking@Home 2.1 Login.ASP SQL Injection Vulnerability – [CVE-2009-0535]
• Hedgehog-CMS 1.21 Footer.PHP Local File Include Vulnerability – [CVE-2009-0535]
• phpYabs 0.1.2 Index.PHP Remote File Include Vulnerability – [CVE-2009-0535]
• CafeEngine Index.PHP SQL Injection Vulnerability – [CVE-2009-0574]
• Zeroboard 4.0 Write.PHP Local File Include Vulnerability – [CVE-2009-0574]
• Zeroboard 4.0 Print_Category.PHP local File Include Vulnerability – [CVE-2009-0574]
• ClickAuction Login_Check.ASP SQL Injection Vulnerability – [CVE-2009-0297]
• Script Toko Online 5.01 Shop_Display_Products.PHP SQL Injection Vulnerability – [CVE-2009-0296]
• Mailist 3.0 Send.PHP Local File Include Vulnerability – [CVE-2009-0296]
• Kipper 2.01 Default.PHP Cross Site Scripting Vulnerability – [CVE-2009-0296]
• Kipper 2.01 Index.PHP Local File Include Vulnerability – [CVE-2009-0296]
• Novell QuickFinder Server GENERALPROPERTIESSITE Parameter Cross-Site Scripting Vulnerability – [CVE-2009-0296]
• Novell QuickFinder Server ADMINURL Parameter Cross-Site Scripting Vulnerability – [CVE-2009-0296]
• Novell QuickFinder Server CLUSTERSERVICEPROPERTIESSITE Parameter Cross-Site Scripting Vulnerability – [CVE-2009-0296]
• Novell QuickFinder Server SITELOC Parameter Cross-Site Scripting Vulnerability – [CVE-2009-0296]
• Gaestebuch 1.6 Gastbuch.PHP Local File Include Vulnerability – [CVE-2009-0296]
• w3b|cms 3.5 Index.PHP SQL Injection Vulnerability – [CVE-2009-0296]
• SnippetMaster Webpage Editor 2.2.2 Vars.Inc.PHP Remote File Include Vulnerability – [CVE-2009-0530]
• SnippetMaster Webpage Editor 2.2.2 Pcltar.Lib.PHP Remote File Include Vulnerability – [CVE-2009-0530]
• YANOCC 0.1 Lang_Check.PHP Local File Include Vulnerability – [CVE-2009-0515]
• WebFrame 0.76 Index.PHP LANG Parameter Local File Include Vulnerability – [CVE-2009-0514]
• WebFrame 0.76 Index.PHP CURRENTMOD Parameter Local File Include Vulnerability – [CVE-2009-0514]
• WebFrame 0.76 Doc/Index.PHP Remote File Include Vulnerability – [CVE-2009-0513]
• WebFrame 0.76 Index.PHP Remote File Include Vulnerability – [CVE-2009-0513]
• WebFrame 0.76 Menu.PHP Remote File Include Vulnerability – [CVE-2009-0513]
• AdaptCMS Lite 1.4 Rss_Importer_Functions.PHP Remote File Include Vulnerability – [CVE-2009-0527]
• AdaptCMS Lite 1.4 Index.PHP URL Parameter Cross Site Scripting Vulnerability – [CVE-2009-0526]
• AdaptCMS Lite 1.4 Index.PHP ACUPARAM Parameter Cross Site Scripting Vulnerability – [CVE-2009-0526]
• If-CMS 2.07 Frame.PHP SQL Injection Vulnerability – [CVE-2009-0528]
• FlexCMS 2.5 CATID Parameter SQL Injection Vulnerability – [CVE-2009-0534]
• PHP Director 0.21 SEARCHING Parameter SQL Injection Vulnerability – [CVE-2009-0534]
• A Better Member-Based ASP Photo Gallery View.ASP SQL Injection Vulnerability – [CVE-2009-0531]