Adobe JRun, vTiger vulnerabilities and multiple updates

By N-Stalker Team on September 8, 2009

N-Stalker has made available its latest “N-Stealth Web Attack Database” update for all products, including N-Stalker 2009 and 2006 version.You should be able to automatically download it next time you execute N-Stalker Scanner.

If you need to contact us for additional instructions, go to N-Stalker’s Customer Center.

Important Note:  N-Stalker 2006 Version has been discontinued since March 31st, 2009. You must upgrade to N-Stalker 2009 to obtain our technical support.

This release includes patterns for the following vulnerabilities:

  • phpAuction 3.2 Index.PHP Remote File Include Vulnerability – [CVE-2008-7000]
  • Datalife Engine 8.2 Api.Class.PHP Remote File Include Vulnerability – [CVE-2008-7000]
  • PHP-Fusion Screen.PHP SQL Injection Vulnerability – [CVE-2008-7000]
  • PHP-Fusion 6.1.15.4 Downloads.PHP SQL Injection Vulnerability – [CVE-2008-7000]
  • Joomla! DigiFolio Component 1.52 Index.PHP SQL Injection Vulnerability – [CVE-2008-7000]
  • VideoGirls Forum.PHP Cross Site Scripting Vulnerability – [CVE-2008-7000]
  • VideoGirls Profile.PHP Cross Site Scripting Vulnerability – [CVE-2008-7000]
  • VideoGirls View.PHP Cross Site Scripting Vulnerability – [CVE-2008-7000]
  • Drupal Ajax Table Module 5.x Security Bypass Vulnerability – [CVE-2008-7000]
  • Simple CMS Index.PHP SQL Injection Vulnerability – [CVE-2008-7000]
  • TotalCalendar 2.4 Box_Display.PHP Local File Include Vulnerability – [CVE-2008-7000]
  • TotalCalendar 2.4 Rss.PHP SQL Injection Vulnerability – [CVE-2008-7000]
  • Turnkey Arcade Script Index.PHP Browse SQL Injection Vulnerability – [CVE-2008-7000]
  • Joomla! Siirler Bileseni 1.2.RC Index.PHP SQL Injection Vulnerability – [CVE-2008-7000]
  • Joomla! NinjaMonials 1.1 Index.PHP SQL Injection Vulnerability – [CVE-2008-7000]
  • Joomla! jTips Index.PHP SQL Injection Vulnerability – [CVE-2008-7000]
  • OpenAutoClassifieds 1.5.9 Listings.PHP SQL Injection Vulnerability – [CVE-2008-7000]
  • OpenAutoClassifieds 1.5.9 Xml_Zone_Data.PHP SQL Injection Vulnerability – [CVE-2008-7000]
  • Update Scanner 3.0.3 ONERROR HTML Injection Vulnerability – [CVE-2008-7000]
  • Agares Media Arcadem Pro 2.0 Index.PHP SQL Injection Vulnerability – [CVE-2008-7000]
  • Autonomous LAN Party 0.98.3 Bot.PHP Remote File Include Vulnerability – [CVE-2008-7000]
  • Dreamlevels Dreampics Builder Index.PHP SQL Injection Vulnerability – [CVE-2008-7000]
  • AJ Auction Pro OOPD 2.3 Store.PHP SQL Injection Vulnerability – [CVE-2008-7000]
  • vtiger CRM 5.0.4 Phprint.PHP Cross-Site Scripting Vulnerability – [CVE-2008-7000]
  • vtiger CRM 5.0.4 CommonAjax.PHP Local File Include Vulnerability – [CVE-2008-7000]
  • vtiger CRM 5.0.4 Index.PHP Local File Include Vulnerability – [CVE-2008-7000]
  • vtiger CRM 5.0.4 Graph.PHP Local File Include Vulnerability – [CVE-2008-7000]
  • Discuz! 6.0 2fly_Gift.PHP SQL Injection Vulnerability – [CVE-2009-2915]
  • IsolSoft Support Center 2.5 Newticket.PHP Cross-Site Scripting Vulnerability – [CVE-2009-2915]
  • IsolSoft Support Center 2.5 Rempass.PHP Remote File Include Vulnerability – [CVE-2009-2915]
  • IsolSoft Support Center 2.5 Rempass.PHP Local File Include Vulnerability – [CVE-2009-2915]
  • IsolSoft Support Center 2.5 Newticket.PHP Local File Include Vulnerability – [CVE-2009-2915]
  • IsolSoft Support Center 2.5 Newticket.PHP remote File Include Vulnerability – [CVE-2009-2915]
  • IsolSoft Support Center 2.5 Index.PHP Local File Include Vulnerability – [CVE-2009-2915]
  • IsolSoft Support Center 2.5 Index.PHP Remote File Include Vulnerability – [CVE-2009-2915]
  • Joomla! Com_Content Component 1.0 Index.PHP SQL Injection Vulnerability – [CVE-2008-6923]
  • Adobe JRun 4.0 Logviewer.JSP Directory Traversal Vulnerability – [CVE-2009-1873]
  • Mini-CMS 1.0.1 Forum.PHP SQL Injection Vulnerability – [CVE-2009-1873]
  • ViArt CMS Forum.PHP Cross Site Scripting Vulnerability – [CVE-2009-1873]
  • ViArt CMS Forum_Topic_New.PHP Cross Site Scripting Vulnerability – [CVE-2009-1873]
  • ViArt CMS Forums.PHP Cross Site Scripting Vulnerability – [CVE-2009-1873]
  • SQLiteManager 1.2 Main.PHP Cross Site Scripting Vulnerability – [CVE-2009-1873]
  • SupportPRO SupportDesk 3.0 Shownews.PHP Cross Site Scripting Vulnerability – [CVE-2009-1873]
  • PhotoPost PHP 3.3.1 Showgallery.PHP Cross Site Scripting Vulnerability – [CVE-2009-1873]
  • PhotoPost PHP 3.3.1 Showgallery.PHP SQL Injection Vulnerability – [CVE-2009-1873]
  • Alkacon OpenCms 7.5 Help_Head.JSP Cross-Site Scripting Vulnerability – [CVE-2009-1873]
  • AJ Auction Pro 3.0 Index.PHP Cross Site Scripting Vulnerability – [CVE-2009-1873]
  • Shopmaker 2.0 Mod.PHP SQL Injection Vulnerability – [CVE-2009-1873]
  • Shopmaker 2.0 Mod.PHP Local File Include Vulnerability – [CVE-2009-1873]
  • CS-Cart 2.0.5 Reward_Points.Post.PHP SQL Injection Vulnerability – [CVE-2009-2579]
  • Discloser 0.0.4 Index.PHP SQL Injection Vulnerability – [CVE-2009-2579]
  • Arab Portal 2.2 Mod.PHP Local File Include Vulnerability – [CVE-2009-2579]
  • ProjectButler 1.5 Pda_Projects.PHP Remote File Include Vulnerability – [CVE-2009-2791]
  • Arab Portal 2.2 Forum.PHP SQL Injection Vulnerability – [CVE-2009-2781]
  • Joomla! JFusion Component Index.PHP SQL Injection Vulnerability – [CVE-2009-2781]
  • Mobilelib Gold 3.0 Show.PHP MSGS Parameter SQL Injection Vulnerability – [CVE-2009-2781]
  • Mobilelib Gold 3.0 Show.PHP VIDO Parameter SQL Injection Vulnerability – [CVE-2009-2781]
  • Mobilelib Gold 3.0 Show.PHP SOUND Parameter SQL Injection Vulnerability – [CVE-2009-2781]
  • Mobilelib Gold 3.0 Show.PHP MMS Parameter SQL Injection Vulnerability – [CVE-2009-2781]
  • Mobilelib Gold 3.0 Show.PHP BLUE Parameter SQL Injection Vulnerability – [CVE-2009-2781]
  • Mobilelib Gold 3.0 Show.PHP WALLPAPERS Parameter SQL Injection Vulnerability – [CVE-2009-2781]
  • Mobilelib Gold 3.0 Show.PHP THEMES Parameter SQL Injection Vulnerability – [CVE-2009-2781]
  • Mobilelib Gold 3.0 Show.PHP PRO Parameter SQL Injection Vulnerability – [CVE-2009-2781]
  • Mobilelib Gold 3.0 Artcat.PHP SQL Injection Vulnerability – [CVE-2009-2781]
  • Mobilelib Gold 3.0 Show.PHP GAMES Parameter SQL Injection Vulnerability – [CVE-2009-2781]
  • Article Publisher Pro 2.0.3 Photos.PHP SQL Injection Vulnerability – [CVE-2009-2781]
  • Softbiz Dating Script 1.0 Cat_Products.PHP SQL Injection Vulnerability – [CVE-2009-2781]
  • NTSOFT BBS E-Market Professional Index.PHP Cross Site Scripting Vulnerability – [CVE-2009-2781]
  • XOOPS 2.3.3 Viewpmsg.PHP Cross Site Scripting Vulnerability – [CVE-2009-2781]
  • XOOPS 2.3.3 User.PHP Cross Site Scripting Vulnerability – [CVE-2009-2781]
  • Miniweb Site Builder Module 2.0 Index.PHP SITEBUILDER_ID Parameter Cross Site Scripting Vulnerability – [CVE-2009-2781]
  • Miniweb Site Builder Module 2.0 Index.PHP Cross Site Scripting Vulnerability – [CVE-2009-2781]
  • PunBB 1.2.20 Header_New_Messages.PHP Local File Include Vulnerability – [CVE-2008-6308]
  • PunBB 1.2.20 Viewtopic_PM-Link.PHP Local File Include Vulnerability – [CVE-2008-6308]
  • PunBB 1.2.20 Profile_Send.PHP Local File Include Vulnerability – [CVE-2008-6308]
  • PunBB 1.2.20 Functions_Navlinks.PHP Local File Include Vulnerability – [CVE-2008-6308]
  • Miniweb Survey Pro Module 2.0 Index.PHP Cross Site Scripting Vulnerability – [CVE-2008-6308]
  • Miniweb Survey Pro Module 2.0 Index.PHP SQL Injection Vulnerability – [CVE-2008-6308]
  • Intesync LLC Miniweb Publisher Module 2.0 Index.PHP BEGIN Parameter Cross Site Scripting Vulnerability – [CVE-2008-6308]
  • Intesync LLC Miniweb Publisher Module 2.0 Index.PHP Cross Site Scripting Vulnerability – [CVE-2008-6308]
  • Intesync LLC Miniweb Publisher Module 2.0 Index.PHP SQL Injection Vulnerability – [CVE-2008-6308]
  • Matterdaddy Market 1.2 Index.PHP Cross Site Scripting Vulnerability – [CVE-2008-6308]
  • TinyBrowser 1.41.6 Upload.PHP Cross-Site Scripting Vulnerability – [CVE-2008-6308]
  • Joomla! Permis Component 1.0 Index.PHP SQL Injection Vulnerability – [CVE-2008-6308]
  • phpArcadeScript 4.0 Linkout.PHP SQL Injection Vulnerability – [CVE-2008-6308]
  • PunBB Reputation Module 2.0.4 POSTER Parameter SQL Injection Vulnerability – [CVE-2008-6308]
  • SaphpLesson 4.0 Login.PHP SQL Injection Vulnerability – [CVE-2008-6308]
  • PHPLive! 3.2.2 Message_Box.PHP SQL Injection Vulnerability – [CVE-2008-6308]
  • Automatic Image Upload with Thumbnails 1.3.5 Uploadimg_View.PHP SQL Injection Vulnerability – [CVE-2008-6308]
  • AlmondSoft Almond Classifieds Index.PHP PAGE Parameter Cross Site Scripting Vulnerability – [CVE-2008-6308]
  • AlmondSoft Almond Classifieds Index.PHP CITY Parameter Cross Site Scripting Vulnerability – [CVE-2008-6308]
  • AlmondSoft Almond Classifieds Index.PHP SQL Injection Vulnerability – [CVE-2008-6308]
  • Almond Classifieds Component for Joomla! 7.5 Index.PHP SQL Injection Vulnerability – [CVE-2008-6308]
  • Almond Classifieds Component for Joomla! 7.5 Gmap.PHP Cross-Site Scripting Vulnerability – [CVE-2008-6308]
  • PG Roommate Finder Solution Viewprofile.PHP Cross Site Scripting Vulnerability – [CVE-2008-6308]
  • PG Roommate Finder Solution Quick_Search.PHP Cross Site Scripting Vulnerability – [CVE-2008-6308]
  • SkaDate 7.0 File_Uploader.PHP Cross-Site Scripting Vulnerability – [CVE-2008-6308]
  • SkaDate 7.0 Auth.PHP Cross-Site Scripting Vulnerability – [CVE-2008-6308]
  • SkaDate 7.0 Index.PHP LANGUAGE_ID Parameter Local File Include Vulnerability – [CVE-2008-6308]
  • SkaDate 7.0 Index.PHP LAYOUT Parameter Local File Include Vulnerability – [CVE-2008-6308]
  • AIOCP 1.4.1 Cp_Html2txt.PHP Remote File Include Vulnerability – [CVE-2008-6308]
  • PG eTraining Lessons_Login.PHP ID Parameter Cross Site Scripting Vulnerability – [CVE-2008-6308]
  • PG eTraining Lessons_Login.PHP CUR Parameter Cross Site Scripting Vulnerability – [CVE-2008-6308]
  • PG eTraining News_Read.PHP Cross Site Scripting Vulnerability – [CVE-2008-6308]
  • PG eTraining Courses_Login.PHP Cross Site Scripting Vulnerability – [CVE-2008-6308]
  • XZeroScripts XZero Community Classifieds 4.97.8 Index.PHP POSTEVENT Parameter Cross Site Scripting Vulnerability – [CVE-2008-6308]
  • XZeroScripts XZero Community Classifieds 4.97.8 Index.PHP XZCAL_Y Parameter Cross Site Scripting Vulnerability – [CVE-2008-6308]
  • PG Matchmaking Services.PHP Cross Site Scripting Vulnerability – [CVE-2008-6308]
  • PG Matchmaking Search.PHP Cross Site Scripting Vulnerability – [CVE-2008-6308]
  • PG Matchmaking Browse_Men.PHP Cross Site Scripting Vulnerability – [CVE-2008-6308]
  • PG Matchmaking Browse_Ladies.PHP Cross Site Scripting Vulnerability – [CVE-2008-6308]
  • Pixaria Gallery 2.3.5 Pixaria.Image.PHP Directory Traversal Vulnerability – [CVE-2008-6308]
  • Joomla! Com_Joomloads Component Index.PHP SQL Injection Vulnerability – [CVE-2008-6308]
  • e107 my_gallery Plugin 2.4.1 Image.PHP Directory Traversal Vulnerability – [CVE-2008-6308]
  • Censura 1.16.4 Censura.PHP SQL Injection Vulnerability – [CVE-2008-6308]
  • Censura 1.16.4 Censura.PHP Cross Site Scripting Vulnerability – [CVE-2008-6308]
  • GraFX MiniCWB 2.3 Ru.Inc.PHP Remote File Include Vulnerability – [CVE-2008-6308]
  • GraFX MiniCWB 2.3 Ro.Inc.PHP Remote File Include Vulnerability – [CVE-2008-6308]
  • GraFX MiniCWB 2.3 No.Inc.PHP Remote File Include Vulnerability – [CVE-2008-6308]
  • GraFX MiniCWB 2.3 Hu.Inc.PHP Remote File Include Vulnerability – [CVE-2008-6308]
  • GraFX MiniCWB 2.3 En.Inc.PHP Remote File Include Vulnerability – [CVE-2008-6308]

This entry was posted in N-Stalker Latest Updates and tagged , , . Bookmark the permalink.