Joomla! Vulnerabilities and multiple updates
N-Stalker has made available its latest “N-Stealth Web Attack Database” update for all products, including N-Stalker 2009 and 2006 version.You should be able to automatically download it next time you execute N-Stalker Scanner.
If you need to contact us for additional instructions, go to N-Stalker’s Customer Center.
Important Note: N-Stalker 2006 Version has been discontinued since March 31st, 2009. You must upgrade to N-Stalker 2009 to obtain our technical support.
This release includes patterns for the following vulnerabilities:
- Pivot 1.40.7 User.PHP Cross Site Scripting Vulnerability
- Pivot 1.40.7 Index.PHP Cross Site Scripting Vulnerability
- Yogurt 0.3 Inc_Webblogmanager.ASP SQL Injection Vulnerability
- Yogurt 0.3 Inc_Webblogmanager.ASP Cross-Site Scripting Vulnerability
- Multiple OrdaSoft Joomla! Components 1.5 Toolbar_Ext.PHP Remote File Include Vulnerability
- Joomla! AkoBook Component 2.3 Index.PHP SQL Injection Vulnerability
- Joomla! ComSchool Component 1.4 Index.PHP SQL Injection Vulnerability
- Ideal MooFAQ Joomla! Component 1.0 File_Includer.PHP Local File Include Vulnerability – [CVE-2009-2015]
- Joomla! 1.5.10 Index.PHP THEME_HEADER Parameter Cross Site Scripting Vulnerability – [CVE-2009-2015]
- Joomla! 1.5.10 Index.PHP JA_FONT Parameter Cross Site Scripting Vulnerability – [CVE-2009-2015]
- Joomla! 1.5.10 Index.PHP RIGHTCOLLAPSEDEFAULT Parameter Cross Site Scripting Vulnerability – [CVE-2009-2015]
- Joomla! 1.5.10 Index.PHP EXCLUDEMODULES Parameter Cross Site Scripting Vulnerability – [CVE-2009-2015]
- Joomla! 1.5.10 Index.PHP SLOGANTEXT Parameter Cross Site Scripting Vulnerability – [CVE-2009-2015]
- Joomla! 1.5.10 Index.PHP LOGOTEXT Parameter Cross Site Scripting Vulnerability – [CVE-2009-2015]
- Joomla! 1.5.10 Index.PHP THEME_ELEMENTS Parameter Cross Site Scripting Vulnerability – [CVE-2009-2015]
- Joomla! 1.5.10 Index.PHP THEME_BACKGROUND Parameter Cross Site Scripting Vulnerability – [CVE-2009-2015]
- moziloCMS 1.11.1 index.PHP Cross Site Scripting Vulnerability – [CVE-2009-2015]
- Joomla! and Mambo Mosres Component 1.0f Index.PHP SQL Injection Vulnerability – [CVE-2009-2015]
- Joomla! and Mambo Mosres Component 1.0f Index.PHP PROPERTY_UID Parameter SQL Injection Vulnerability – [CVE-2009-2015]
- Joomla! and Mambo Mosres Component 1.0f Index.PHP REGID Parameter SQL Injection Vulnerability – [CVE-2009-2015]
- Omilen Photo Gallery Joomla! Component 0.5b Index.PHP Local File Include Vulnerability – [CVE-2009-2015]
- Dream Windows Max CMS 2.0 Admin_Manager.ASP SQL Injection Vulnerability – [CVE-2009-1818]
- Seminar for Joomla! 1.28 Index.PHP SQL Injection Vulnerability – [CVE-2009-1818]
- Unclassified NewsBoard 1.6.4 Forum.PHP Local File Include Vulnerability – [CVE-2009-1818]
- Unclassified NewsBoard 1.6.4 Forum.PHP SQL Injection Vulnerability – [CVE-2009-1818]
- Seminar for Joomla! 1.28 Index.PHP SQL Injection Vulnerability – [CVE-2009-1818]
- PHP-Nuke Downloads Module 8.0 Modules.PHP Cross Site Scripting Vulnerability – [CVE-2009-1818]
- Joomla! JUser Component 2.0.4 Index.PHP SQL Injection Vulnerability – [CVE-2009-1818]
- eliteCMS 1.01 Index.PHP Cross Site Scripting Vulnerability – [CVE-2009-1818]
- OCS Inventory NG Server 1.02 Group_Show.PHP SQL Injection Vulnerability – [CVE-2009-1818]
- OCS Inventory NG Server 1.02 Download.PHP SQL Injection Vulnerability – [CVE-2009-1818]
- ZeusCart 2.3 Index.PHP SQL Injection Vulnerability – [CVE-2009-1818]
- Joomla! JVideo! Component 0.3.11c Index.PHP SQL Injection Vulnerability – [CVE-2009-1818]
- Achievo 1.3.4 Dispatch.PHP Cross Site Scripting Vulnerability – [CVE-2009-1818]
- Achievo 1.3.4 Index.PHP Cross Site Scripting Vulnerability – [CVE-2009-1818]
- Lussumo Vanilla 1.1.7 Updatecheck.PHP Cross Site Scripting Vulnerability – [CVE-2009-1845]
- phpBugTracker 1.0.4 Include.PHP SQL Injection Vulnerability – [CVE-2009-1851]
- SiteX 0.7.4.418 Homepage.PHP Local File Include Vulnerability – [CVE-2009-1846]
- AgoraGroups Joomla! Component 0.3.5.3 Index.PHP SQL Injection Vulnerability – [CVE-2009-1848]
- Easy PX 41 CMS 9.0 Index.PHP Local File Include Vulnerability – [CVE-2009-1848]
- PHP-Nuke 8.0 UserLog.PHP SQL Injection Vulnerability – [CVE-2009-1848]
- Dokuwiki 2009-02-14 Doku.PHP Local File Include Vulnerability – [CVE-2009-1848]
- RoomPHPlanning 1.6 Userform.PHP SQL Injection Vulnerability – [CVE-2009-1848]
- phpBugTracker 1.0.3 Index.PHP SQL Injection Vulnerability – [CVE-2009-1850]
- cpCommerce 1.2.9 Functions.PHP Remote File Include Vulnerability – [CVE-2009-1850]
- vbPlaza Vbplaza.PHP SQL Injection Vulnerability – [CVE-2009-1850]
- WP-Lytebox Main.PHP Local File Include Vulnerability – [CVE-2009-1850]
- aMember 3.1.7 Newsletter_Threads.PHP Cross Site Scripting Vulnerability – [CVE-2009-1850]
- aMember 3.1.7 Users.PHP LETTER Parameter Cross Site Scripting Vulnerability – [CVE-2009-1850]
- aMember 3.1.7 Users.PHP STATUS Parameter Cross Site Scripting Vulnerability – [CVE-2009-1850]
- aMember 3.1.7 Users.PHP ACTION Parameter Cross Site Scripting Vulnerability – [CVE-2009-1850]
- aMember 3.1.7 Index.PHP Cross Site Scripting Vulnerability – [CVE-2009-1850]
- aMember 3.1.7 Profile.PHP Cross Site Scripting Vulnerability – [CVE-2009-1850]
- aMember 3.1.7 Setup.PHP Cross Site Scripting Vulnerability – [CVE-2009-1850]
- aMember 3.1.7 Aff.PHP Cross Site Scripting Vulnerability – [CVE-2009-1850]
- aMember 3.1.7 Email_Templates.PHP Cross Site Scripting Vulnerability – [CVE-2009-1850]
- aMember 3.1.7 Aff_Banners.PHP BANNER_ID Parameter Cross Site Scripting Vulnerability – [CVE-2009-1850]
- aMember 3.1.7 Aff_Banners.PHP Cross Site Scripting Vulnerability – [CVE-2009-1850]
- aMember 3.1.7 Coupons.PHP Cross Site Scripting Vulnerability – [CVE-2009-1850]
- aMember 3.1.7 Protect.PHP Cross Site Scripting Vulnerability – [CVE-2009-1850]
- aMember 3.1.7 Products.PHP Cross Site Scripting Vulnerability – [CVE-2009-1850]
- aMember 3.1.7 Newsletter_Guests.PHP Cross Site Scripting Vulnerability – [CVE-2009-1850]
- Joomla! Boy Scout Advancement 0.3 Index.PHP ID Parameter SQL Injection Vulnerability – [CVE-2009-1850]
- Joomla! Boy Scout Advancement 0.3 Index.PHP SQL Injection Vulnerability – [CVE-2009-1850]
- Basic Analysis And Security Engine 1.4.2 Base_Stat_Uaddr.PHP Cross Site Scripting Vulnerability – [CVE-2009-1850]
- Basic Analysis And Security Engine 1.4.2 Base_Qry_Main.PHP Cross Site Scripting Vulnerability – [CVE-2009-1850]
- Basic Analysis And Security Engine 1.4.2 Base_Stat_Alerts.PHP Cross Site Scripting Vulnerability – [CVE-2009-1850]
- Saman Portal Index.PHP SQL Injection Vulnerability – [CVE-2009-1850]
- ZaoCMS Edit_User.PHP SQL Injection Vulnerability – [CVE-2009-1850]
- DotNetNuke 4.9.3 ErrorPage.ASPX Cross-Site Scripting Vulnerability – [CVE-2009-1850]
- LxBlog User_Index.PHP SQL Injection Vulnerability – [CVE-2009-1850]
- LxBlog User_Index.PHP Cross Site Scripting Vulnerability – [CVE-2009-1850]
- Flash Quiz 2.0 Num_Questions.PHP SQL Injection Vulnerability – [CVE-2009-1850]
- Flash Quiz 2.0 Questions.PHP ORDER_NUMBER Parameter SQL Injection Vulnerability – [CVE-2009-1850]
- Flash Quiz 2.0 Questions.PHP QUIZ Parameter SQL Injection Vulnerability – [CVE-2009-1850]
- Flash Quiz 2.0 Results_Table_Web.PHP SQL Injection Vulnerability – [CVE-2009-1850]
- Flash Quiz 2.0 High_Score_Web.PHP QUIZ Parameter SQL Injection Vulnerability – [CVE-2009-1850]
- Flash Quiz 2.0 High_Score.PHP SQL Injection Vulnerability – [CVE-2009-1850]
- Flash Quiz 2.0 Answers.PHP ORDER_NUMBER Parameter SQL Injection Vulnerability – [CVE-2009-1850]
- Flash Quiz 2.0 Answers.PHP QUIZ Parameter SQL Injection Vulnerability – [CVE-2009-1850]
- Your Articles Directory Page.PHP SQL Injection Vulnerability – [CVE-2009-1850]
- ASP Inline Corporate Calendar Search.ASP Cross Site Scripting Vulnerability – [CVE-2009-1850]
- ASP Inline Corporate Calendar Active_Appointments.ASP SQL Injection Vulnerability – [CVE-2009-1850]
- 26th Avenue bSpeak 1.10 Index.PHP SQL Injection Vulnerability – [CVE-2009-1747]
- Realty Web-Base 1.0 List_List.PHP Parameter SQL Injection Vulnerability – [CVE-2009-1751 ]
- Scripts for Sites EZ Pub Site Directory.PHP SQL Injection Vulnerability – [CVE-2008-6794]
- Catviz 0.4 Index.PHP WEBPAGES_FORM Cross Site Scripting Vulnerability – [CVE-2009-1749]
- Catviz 0.4 Index.PHP USERMAN_FORM Cross Site Scripting Vulnerability – [CVE-2009-1749]
- Catviz 0.4 Index.PHP WEBPAGES_FORM Local File Include Vulnerability – [CVE-2009-1748]
- Catviz 0.4 Index.PHP USERMAN_FORM Local File Include Vulnerability – [CVE-2009-1748]
- Joomla! Casino Component 0.3.1 Index.PHP SQL Injection Vulnerability – [CVE-2009-1748]
- VidsharePro Listing_Video.PHP SQL Injection Vulnerability – [CVE-2009-1734]
- VidsharePro Search.PHP Cross Site Scripting Vulnerability – [CVE-2009-1735]
- Dog Pedigree Online Database 1.2 ManagePerson.PHP SQL Injection Vulnerability – [CVE-2009-1735]
- Dog Pedigree Online Database 1.2 Details.PHP SQL Injection Vulnerability – [CVE-2009-1735]
- Coppermine Photo Gallery 1.4.22 Displayecard.PHP SQL Injection Vulnerability – [CVE-2009-1735]
- Coppermine Photo Gallery 1.4.22 Thumbnails.PHP SQL Injection Vulnerability – [CVE-2009-1735]
- Joomla! com_gsticketsystem Index.PHP SQL Injection Vulnerability – [CVE-2009-1735]
This entry was posted in N-Stalker Latest Updates and tagged updates, vulnerabilities. Bookmark the permalink.