SAP Business Objects vulnerabilities and multiple updates
N-Stalker has made available its latest “N-Stealth Web Attack Database” update for all products, including N-Stalker 2009 and 2006 version.You should be able to automatically download it next time you execute N-Stalker Scanner.
If you need to contact us for additional instructions, go to N-Stalker’s Customer Center.
Important Note: N-Stalker 2006 Version has been discontinued since March 31st, 2009. You must upgrade to N-Stalker 2009 to obtain our technical support.
This release includes patterns for the following vulnerabilities:
- Online Photo Pro 2.0 Index.PHP Cross Site Scripting Vulnerability
- TotalCalendar 2.4 Config.PHP Remote File Include Vulnerability
- FunGamez Login.PHP SQL Injection Vulnerability
- FunGamez Index.PHP Local File Include MODULE Parameter Vulnerability
- FunGamez Index.PHP Local File Include Vulnerability
- Seditio Events Plugin 1.0 Plug.PHP SQL Injection Vulnerability
- WEBBDOMAIN WebShop 1.02 Detail.PHP NAME Parameter Cross-Site Scripting Vulnerability – [CVE-2008-6629]
- WEBBDOMAIN WebShop 1.02 Detail.PHP Cross-Site Scripting Vulnerability – [CVE-2008-6629]
- WEBBDOMAIN WebShop 1.02 Detail.PHP SQL Injection Vulnerability – [CVE-2008-6628]
- Geeklog 1.5.2 Usersettings.PHP SQL Injection Vulnerability – [CVE-2008-6628]
- FreeWebShop 2.2.9 Startmodules.Inc.PHP Local File Include Vulnerability – [CVE-2008-6628]
- razorCMS 0.3RC2 Index.PHP SLAB Parameter Cross-Site Script Vulnerability – [CVE-2008-6628]
- razorCMS 0.3RC2 Index.PHP SLAB Parameter Cross-Site Script Vulnerability – [CVE-2008-6628]
- razorCMS 0.3RC2 Index.PHP CAT Parameter Cross-Site Script Vulnerability – [CVE-2008-6628]
- Job2C 4.2 Windetail.PHP Local File Include Vulnerability – [CVE-2008-6628]
- Job2C 4.2 Detail.PHP Local File Include Vulnerability – [CVE-2008-6628]
- SMA-DB 0.3.13 Format.PHP PAGE_CSS Parameter Remote File Include Vulnerabilit – [CVE-2008-6628]
- SMA-DB 0.3.13 Format.PHP PAGE_JAVASCRIPT Parameter Remote File Include Vulnerabilit – [CVE-2008-6628]
- SMA-DB 0.3.13 Format.PHP PAGE_CONTENT Parameter Remote File Include Vulnerabilit – [CVE-2008-6628]
- NetHoteles 3.0 Ficha.PHP SQL Injection Vulnerability – [CVE-2009-1346]
- Phorum 5.2.10 Admin.PHP BADWORDS Parameter Cross Site Scripting Vulnerability – [CVE-2009-1346]
- Phorum 5.2.10 Admin.PHP BANLIST Parameter Cross Site Scripting Vulnerability – [CVE-2009-1346]
- LinPHA 1.3.3 Login.PHP Cross-Site Scripting Vulnerability – [CVE-2008-6571]
- LinPHA 1.3.3 New_Images.PHP ORDER Parameter Cross-Site Scripting Vulnerability – [CVE-2008-6571]
- LinPHA 1.3.3 New_Images.PHP PN Parameter Cross-Site Scripting Vulnerability – [CVE-2008-6571]
- GuestCal 2.1 Index.PHP Local File Include Vulnerability – [CVE-2009-1319]
- RQMS 1.2.2 Index.PHP ID Parameter SQL Injection Vulnerability – [CVE-2009-1319]
- Aqua CMS 1.1 Index.PHP SQL Injection Vulnerability – [CVE-2009-1317]
- AbleSpace 1.0 Events_View.PHP SQL Injection Vulnerability – [CVE-2009-1316]
- AbleSpace 1.0 Events_Clndr_View.PHP SQL Injection Vulnerability – [CVE-2009-1316]
- AbleSpace 1.0 Groups_Profile.PHP Cross-Site Scripting Vulnerability – [CVE-2009-1315 ]
- AbleSpace 1.0 Adv_Cat.PHP Cross-Site Scripting Vulnerability – [CVE-2009-1315 ]
- Jamroom 4.0.2 Index.PHP Local File Include Vulnerability – [CVE-2009-1318]
- Dynamic Flash Forum 1.0 Viewthreads.PHP SQL Injection Vulnerability – [CVE-2009-1318]
- Dynamic Flash Forum 1.0 Viewmessage.PHP SQL Injection Vulnerability – [CVE-2009-1318]
- Dynamic Flash Forum 1.0 Viewprofile.PHP SQL Injection Vulnerability – [CVE-2009-1318]
- Loggix Project 9.4.5 Post.PHP SQL Injection Vulnerability – [CVE-2009-1318]
- My Dealer CMS 2.0 Login.PHP SQL Injection Vulnerability – [CVE-2009-1318]
- BackendCMS 5.0 Main.ASP SQL Injection Vulnerability – [CVE-2009-1318]
- Banshee DAAP Extension 1.4.2 Vs_Diag.CGI Cross Site Scripting Vulnerability – [CVE-2009-1175]
- ASP Product Catalog 1.0 Search.ASP Cross Site Scripting Vulnerability – [CVE-2009-1321]
- e107 User Journals Plugin 0.8 Userjournals.PHP SQL Injection Vulnerability – [CVE-2009-1321]
- FreznoShop 1.3.0 Product_Details.PHP SQL Injection Vulnerability – [CVE-2009-1321]
- Yellow Duck Weblog 2.1 Check.PHP Local File Include Vulnerability – [CVE-2009-1321]
- w3bcms Guestbook Module 3.0 Index.Inc.PHP SQL Injection Vulnerability – [CVE-2009-1321]
- Redaxscript 0.2 Index.PHP Local File Include Vulnerability – [CVE-2009-1321]
- Redaxscript 0.2 Index.PHP Local File Include Vulnerability – [CVE-2009-1321]
- MoziloCMS 1.11 Index.PHP Local File Include Vulnerability – [CVE-2009-1321]
- MoziloCMS 1.11 Index.PHP Cross Site Scripting Vulnerability – [CVE-2009-1321]
- net2ftp 0.98 Registerglobals.Inc.PHP Cross-Site Scripting Vulnerability – [CVE-2009-1321]
- AdaptBB 1.0 Attach.PHP SQL Injection Vulnerability – [CVE-2009-1321]
- AdaptBB 1.0 Index.PHP PROFILE/BOX Parameter SQL Injection Vulnerability – [CVE-2009-1321]
- AdaptBB 1.0 Index.PHP MESSAGES/BOX Parameter SQL Injection Vulnerability – [CVE-2009-1321]
- AdaptBB 1.0 Index.PHP ID Parameter SQL Injection Vulnerability – [CVE-2009-1321]
- AdaptBB 1.0 Index.PHP PROFILE/BOX Parameter Remote Command Execution Vulnerability – [CVE-2009-1321]
- AdaptBB 1.0 Index.PHP MESSAGES/BOX Parameter Remote Command Execution Vulnerability – [CVE-2009-1321]
- Joomla! cmimarketplace Component 0.1 index.PHP Directory Traversal Vulnerability – [CVE-2009-1321]
- Xplode Module_Wrapper.ASP Cross Site Scripting Vulnerability – [CVE-2009-1321]
- Xplode Module_Wrapper.ASP SQL Injection Vulnerability – [CVE-2009-1321]
- COWON America jetAudio 7.0.3 JetFlExt.dll ActiveX Control Insecure Method Vulnerability – [CVE-2007-4983]
- SASPCMS 0.9 Default.ASP Cross Site Scripting Vulnerability – [CVE-2007-4983]
- Photo-Graffix 3.4 Wmprocess.PHP Local File Include Vulnerability – [CVE-2007-4983]
- Maian Music Joomla! Component 1.2.1 Index.PHP SQL Injection Vulnerability – [CVE-2007-4983]
- Pixie CMS Index.PHP SQL Injection Vulnerability – [CVE-2009-1065]
- Pixie CMS Index.PHP Cross Site Scripting Vulnerability – [CVE-2009-1067]
- Joomla! BookJoomlas Component 1.0 Index.PHP SQL Injection Vulnerability – [CVE-2009-1067]
- FlexCMS 2.5 ITEMID Parameter SQL Injection Vulnerability – [CVE-2009-1067]
- Gravity Board X 2.0 Index.PHP BOARD_ID Parameter SQL Injection Vulnerability – [CVE-2009-1067]
- Gravity Board X 2.0 Index.PHP MEMBER_ID Parameter SQL Injection Vulnerability – [CVE-2009-1067]
- AdaptBB Index.PHP SQL Injection Vulnerability – [CVE-2009-1067]
- form2list Page.PHP SQL Injection Vulnerability – [CVE-2009-1067]
- ActiveKB Loadpanel.PHP Local File Include Vulnerability – [CVE-2009-1067]
- Joomla! RD-Autos Component 1.5.7 Index.PHP MAKEID Parameter SQL Injection Vulnerability – [CVE-2009-1067]
- Q2 Solutions ConnX 4.0.20080606 FrmLoginPwdReminderPopup.ASPX SQL Injection Vulnerability – [CVE-2009-1067]
- Asbru Web Content Management 6.6.9 Login.ASP Cross Site Scripting Vulnerability – [CVE-2009-1067]
- Asbru Web Content Management 6.6.9 Page.ASP SQL Injection Vulnerability – [CVE-2009-1067]
- KoschtIT Image Gallery 1.82 Ki_Makepic.PHP Local File Include Vulnerability – [CVE-2009-1067]
- KoschtIT Image Gallery 1.82 Ki_Nojsdisplayimage.PHP Local File Include Vulnerability – [CVE-2009-1067]
- SAP Business Objects Crystal Reports 10.0 Viewreport.ASP Cross Site Scripting Vulnerability – [CVE-2009-1067]
- 4CMS Index.PHP Local File Include Vulnerability – [CVE-2009-1067]
- 4CMS Articles.PHP SQL Injection Vulnerability – [CVE-2009-1067]
- 4CMS Article.PHP SQL Injection Vulnerability – [CVE-2009-1067]
This entry was posted in N-Stalker Latest Updates and tagged updates, vulnerabilities. Bookmark the permalink.