Citrix XenCenterWeb and multiple vulnerabilities updated
N-Stalker has made available its latest “N-Stealth Web Attack Database” update for all products, including N-Stalker 2009 and 2006 version.You should be able to automatically download it next time you execute N-Stalker Scanner.
If you need to contact us for additional instructions, go to N-Stalker’s Customer Center.
Important Note: N-Stalker 2006 Version has been discontinued since March 31st, 2009. You must upgrade to N-Stalker 2009 to obtain our technical support.
This release includes patterns for the following vulnerabilities:
- YourFreeWorld Programs Rating Script Rate.PHP Cross Site Scripting Vulnerability
- YourFreeWorld Programs Rating Script Postcomments.PHP Cross Site Scripting Vulnerability
- E-Xoopport MyAnnonces Index.PHP SQL Injection Vulnerability
- dB Masters Multimedia Content Manager 4.5 Index.PHP SQL Injection Vulnerability
- Joomla! Jobline Component 1.1.3.1 Index.PHP SQL Injection Vulnerability
- Multiple RadScripts Products Index.PHP SQL Injection Vulnerability
- Multiple RadScripts Products Storefront.PHP Cross Site Scripting Vulnerability
- Multiple RadScripts Products Index.PHP FID Parameter SQL Injection Vulnerability
- db Masters Multimedia Content Manager 4.5 Index.PHP SQL Injection Vulnerability
- PHPLive! 3.2.2 Request.PHP SQL Injection Vulnerability
- Opial 10 Home.PHP SQL Injection Vulnerability
- Opial 10 Home.PHP Cross-Site Scripting Vulnerability
- WordPress My Category Order Plugin 2.8 Post-New.PHP SQL Injection Vulnerability
- Joomla! Com_Category Component Index.PHP SQL Injection Vulnerability
- Joomla! Com_Propertylab Component Index.PHP SQL Injection Vulnerability
- ClanSphere 2009.0 Index.PHP Cross Site Scripting Vulnerability
- Siteframe 3.2.3 Document.PHP SQL Injection Vulnerability
- ADbNewsSender 1.5.5 Index.PHP Local File Include Vulnerability
- Citrix XenCenterWeb Edituser.PHP Cross-Site Scripting Vulnerability
- Citrix XenCenterWeb Login.PHP SQL Injection Vulnerability
- Citrix XenCenterWeb Forcesd.PHP VMNAME Parameter Cross-Site Scripting Vulnerability
- Citrix XenCenterWeb Forcesd.PHP VMREFID Parameter Cross-Site Scripting Vulnerability
- Citrix XenCenterWeb Forcerestart.PHP VMREFID Parameter Cross-Site Scripting Vulnerability
- Citrix XenCenterWeb Forcerestart.PHP VMNAME Parameter Cross-Site Scripting Vulnerability
- Citrix XenCenterWeb Console.PHP VMNAME Parameter Cross-Site Scripting Vulnerability
- Citrix XenCenterWeb Console.PHP LOCATION Parameter Cross-Site Scripting Vulnerability
- Citrix XenCenterWeb Console.PHP SESSIONID Parameter Cross-Site Scripting Vulnerability
- CMME 1.21 Admin.PHP Cross Site Scripting Vulnerability – [CVE-2009-2342]
- Horde 3.1 Main.PHP Cross Site Scripting Vulnerability – [CVE-2009-2360]
- Opial 1.0 Albumdetail.PHP SQL Injection Vulnerability – [CVE-2009-2341]
- ConPresso 3.4.8 CMS Detail.PHP SQL Injection Vulnerability – [CVE-2009-2341]
- Opial 1.0 Index.PHP SQL Injection Vulnerability – [CVE-2009-2340]
- fuzzylime (cms) Newsheads.PHP Local File Include Vulnerability – [CVE-2008-6834]
- fuzzylime (cms) Commupdate.PHP Local File Include Vulnerability – [CVE-2008-6834]
- TSEP 0.942.2 Index.PHP Local File Include Vulnerability – [CVE-2008-6834]
- TSEP 0.942.2 Tsepsearch.PHP Q Parameter Cross Site Scripting Vulnerability – [CVE-2008-6834]
- TSEP 0.942.2 Tsepsearch.PHP USER_E Parameter Cross Site Scripting Vulnerability – [CVE-2008-6834]
- TSEP 0.942.2 Indexer_Search_Table.PHP Cross Site Scripting Vulnerability – [CVE-2008-6834]
- BIGACE Web CMS 2.6 Index.PHP Local File Include Vulnerability – [CVE-2008-6834]
- Simple Machines Forum Member Awards 1.0.2 Index.PHP SQL Injection Vulnerability – [CVE-2008-6834]
- LightOpenCMS 0.1 Smarty.PHP Local File Include Vulnerability – [CVE-2009-2223]
- phpMyAdmin 3.3.0-dev Index.PHP Cross Site Scripting Vulnerability – [CVE-2009-2284]
- cPanel Lastvisit.HTML Arbitrary File Disclosure Vulnerability – [CVE-2009-2275]
- Joomla! K2 Component 1.0.1 Index.PHP SQL Injection Vulnerability – [CVE-2009-2275]
- Joomla! Joomla-PHP Component Index.PHP SQL Injection Vulnerability – [CVE-2009-2400]
- DM Albums 1.9.2 Album.PHP Remote File Include Vulnerability – [CVE-2009-2400]
- DM Albums 1.9.2 Album.PHP Remote File Include Vulnerability – [CVE-2009-2400]
- Joomla! BookFlip Component 2.1 Index.PHP SQL Injection Vulnerability – [CVE-2009-2400]
- PinME! Joomla! Component 2.1 Index.PHP SQL Injection Vulnerability – [CVE-2009-2400]
- MDPro Survey Module Modules.PHP SQL Injection Vulnerability – [CVE-2009-2400]
- Moodle 1.9.3 Block_Html.PHP Cross Site Scripting Vulnerability – [CVE-2009-0502]
- PHP-Address Book 4.0.1 View.PHP SQL Injection Vulnerability – [CVE-2009-2259]
- PHP-Address Book 4.0.1 Delete.PHP SQL Injection Vulnerability – [CVE-2009-2259]
- PHP-Address Book 4.0.1 Index.PHP SQL Injection Vulnerability – [CVE-2009-2259]
- PHP-Address Book 4.0.1 Edit.PHP SQL Injection Vulnerability – [CVE-2009-2259]
- Aardvark Topsites PHP 5.2 Index.PHP Cross Site Scripting Vulnerability – [CVE-2009-2259]
- PHPEcho CMS 2.0-rc3 Index.PHP SQL Injection Vulnerability – [CVE-2009-2259]
- Tribiq CMS 5.0.12c Nlarlist_Content.Inc.PHP Cross Site Scripting Vulnerability – [CVE-2009-2259]
- Tribiq CMS 5.0.12c Tb_Foot.Inc.PHP Cross Site Scripting Vulnerability – [CVE-2009-2259]
- Tribiq CMS 5.0.12c Forum.Inc.PHP Cross Site Scripting Vulnerability – [CVE-2009-2259]
- Tribiq CMS 5.0.12c Forum.Inc.PHP Cross Site Scripting Vulnerability – [CVE-2009-2259]
- Tribiq CMS 5.0.12c Forum.Inc.PHP Cross Site Scripting Vulnerability – [CVE-2009-2259]
- Tribiq CMS 5.0.12c Forum.Inc.PHP Cross Site Scripting Vulnerability – [CVE-2009-2259]
- Tribiq CMS 5.0.12c Forum.Inc.PHP Cross Site Scripting Vulnerability – [CVE-2009-2259]
- Tribiq CMS 5.0.12c Header.Inc.PHP Cross Site Scripting Vulnerability – [CVE-2009-2259]
- Tribiq CMS 5.0.12c Contact.Inc.PHP Cross Site Scripting Vulnerability – [CVE-2009-2259]
- Tribiq CMS 5.0.12c Contact.Inc.PHP Cross Site Scripting Vulnerability – [CVE-2009-2259]
- Tribiq CMS 5.0.12c Header.Inc.PHP Local File Include Vulnerability – [CVE-2009-2220]
- Tribiq CMS 5.0.12c Contact.Inc.PHP Local File Include Vulnerability – [CVE-2009-2220]
- Tribiq CMS 5.0.12c Masthead.Inc.PHP Local File Include Vulnerability – [CVE-2009-2220]
- Tribiq CMS 5.0.12c Toppanel.Inc.PHP Local File Include Vulnerability – [CVE-2009-2220]
- Tribiq CMS 5.0.12c Nlarlist_Content.Inc.PHP Local File Include Vulnerability – [CVE-2009-2220]
- Glossword 1.8.11 Index.PHP Local File Include Vulnerability – [CVE-2009-2220]
- Shop-Script Pro 2.12 Index.PHP SQL Injection Vulnerability – [CVE-2009-2023]
- Joomla! and Mambo Tickets Component 2.1 Index.PHP SQL Injection Vulnerability – [CVE-2009-2023]
- Campsite 2.6.2 Ad_Popup.PHP Remote File Include Vulnerability – [CVE-2009-2182]
- Campsite 2.6.2 List_Dir.PHP Cross-Site Scripting Vulnerability – [CVE-2009-2181]
- Campsite 2.6.2 Ad.PHP Local File Include Vulnerability – [CVE-2009-2183]
- Campsite 2.6.2 Autopublish_Del.PHP Remote File Include Vulnerability – [CVE-2009-2182]
- Campsite 2.6.2 Autopublish.PHP Remote File Include Vulnerability – [CVE-2009-2182]
- Campsite 2.6.2 Add_Move.PHP Remote File Include Vulnerability – [CVE-2009-2182]
- Campsite 2.6.2 Add.PHP Remote File Include Vulnerability – [CVE-2009-2182]
- Campsite 2.6.2 Index.PHP Remote File Include Vulnerability – [CVE-2009-2182]
- Campsite 2.6.2 CommandProcessor.PHP Remote File Include Vulnerability – [CVE-2009-2182]
- Campsite 2.6.2 Phorum_Load.PHP Remote File Include Vulnerability – [CVE-2009-2182]
- Campsite 2.6.2 Liveuser_Configuration.PHP Remote File Include Vulnerability – [CVE-2009-2182]
- Campsite 2.6.2 Set-Author.PHP Remote File Include Vulnerability – [CVE-2009-2182]
- Campsite 2.6.2 Menu.PHP Remote File Include Vulnerability – [CVE-2009-2182]
- Campsite 2.6.2 Logout.PHP Remote File Include Vulnerability – [CVE-2009-2182]
- Campsite 2.6.2 Init_Content.PHP Remote File Include Vulnerability – [CVE-2009-2182]
- Campsite 2.6.2 Camp_Html.PHP Remote File Include Vulnerability – [CVE-2009-2182]
- phpDatingClub 3.7 Search.PHP SQL Injection Vulnerability – [CVE-2009-2179]
- phpDatingClub 3.7 Website.PHP Cross-Site Scripting Vulnerability – [CVE-2009-2178]
- Softbiz Ads Image.PHP SQL Injection Vulnerability – [CVE-2009-2232]
- FireStats 1.6.1 Firestats-Wordpress.PHP Remote File Include Vulnerability – [CVE-2009-2143]
- TBDEV.NET 01-01-08 Polls.PHP Cross Site Scripting Vulnerability – [CVE-2009-2141]
- TBDEV.NET 01-01-08 Makepoll.PHP Cross Site Scripting Vulnerability – [CVE-2009-2141]
- DirectAdmin 1.33.6 CMD_REDIRECT Cross-Site Scripting Vulnerability – [CVE-2009-2141]
- geccBBlite 0.1 Scrivi.PHP HTML Injection Vulnerability – [CVE-2009-2141]
- fuzzylime (cms) 3.03a Confirm.PHP Local File Include Vulnerability – [CVE-2009-2141]
- fuzzylime (cms) 3.03a Display.PHP Local File Include Vulnerability – [CVE-2009-2141]
- phpWebThings 1.5.2 Help.PHP Local File Include Vulnerability – [CVE-2009-2081]
- phPortal 1.0 Topicler.PHP SQL Injection Vulnerability – [CVE-2009-2098]
- Joomla! Com_Jumi Component Index.PHP SQL Injection Vulnerability – [CVE-2009-2102]
- WordPress Photoracer Plugin 1.0 Viewimg.PHP SQL Injection Vulnerability – [CVE-2009-2122]
- iJoomla RSS Feeder Component Index.PHP SQL Injection Vulnerability – [CVE-2009-2099 ]
- JoomlaPraise Projectfork 2.0.10 Joomla! Component Index.PHP Local File Include Vulnerability – [CVE-2009-2100]
- Webmedia Explorer 5.10 Index.PHP SEARCH Parameter Cross Site Scripting Vulnerability – [CVE-2009-2107]
- Webmedia Explorer 5.10 Index.PHP EMAIL Parameter Cross Site Scripting Vulnerability – [CVE-2009-2107]
- Webmedia Explorer 5.10 Index.PHP BOOKMARK Parameter Cross Site Scripting Vulnerability – [CVE-2009-2107]
- Webmedia Explorer 5.10 Index.PHP THISISNOTAREALCALL Parameter Cross Site Scripting Vulnerability – [CVE-2009-2107]
This entry was posted in N-Stalker Latest Updates and tagged updates, vulnerabilities. Bookmark the permalink.