Rational RequisitePro and Joomla multiple vulnerabilities

By N-Stalker Team on November 19, 2009

N-Stalker has made available its latest “N-Stealth Web Attack Database” update for all products, including N-Stalker 2009 and 2006 version.You should be able to automatically download it next time you execute N-Stalker Scanner.

If you need to contact us for additional instructions, go to N-Stalker’s Customer Center.

Important Note:  N-Stalker 2006 Version has been discontinued since March 31st, 2009. You must upgrade to N-Stalker 2009 to obtain our technical support.

This release includes patterns for the following vulnerabilities:

  • Joomla! Ajax Chat Component 1.0 Ajcuser.PHP Remote File Include Vulnerability – [CVE-2009-3822]
  • Joomla! JD-WordPress Component 2.0 Wp-Feed.PHP Remote File Include Vulnerability – [CVE-2006-4992]
  • IBM Rational RequisitePro ReqWebHelp 7.10 SearchView.JSP Cross Site Scripting Vulnerability – [CVE-2009-3730]
  • IBM Rational RequisitePro ReqWebHelp 7.10 WorkingSet.JSP Cross Site Scripting Vulnerability – [CVE-2009-3730]
  • Snitz Forums 2000 3.4.7 Pop_Send_To_Friend.ASP Cross Site Scripting Vulnerability – [CVE-2009-3730]
  • Zainu 1.0 Index.PHP Cross Site Scripting Vulnerability – [CVE-2009-3730]
  • bloofoxCMS 0.3.5 Index.PHP Cross Site Scripting Vulnerability – [CVE-2009-3730]
  • Achievo 1.3.4 Dispatch.PHP SQL Injection Vulnerability – [CVE-2009-2734]
  • Achievo 1.3.4 Dispatch.PHP Cross Site Scripting Vulnerability – [CVE-2009-2733]
  • Dream Poll 3.1 Index.PHP SQL Injection Vulnerability – [CVE-2009-2733]
  • Dream Poll 3.1 Index.PHP Cross-Site Scripting Vulnerability – [CVE-2009-2733]
  • Docebo 3.6.3 Index.PHP WORD Parameter SQL Injection Vulnerability – [CVE-2009-2733]
  • Docebo 3.6.3 Index.PHP ID_CERTIFICATE Parameter SQL Injection Vulnerability – [CVE-2009-2733]
  • Joomla! Index.PHP SQL Injection Vulnerability – [CVE-2009-2733]
  • AIOCP 1.4.1 Cp_Html2xhtmlbasic.PHP Remote File Include Vulnerability – [CVE-2009-3220]
  • AfterLogic WebMail Pro 4.7.10 History-Storage.ASPX Cross Site Scripting Vulnerability – [CVE-2009-3220]
  • Joomla! Soundset Component 1.0 Index.PHP SQL Injection Vulnerability – [CVE-2009-3644]
  • X-Cart Email Subscription Home.PHP Cross Site Scripting Vulnerability – [CVE-2009-3592]
  • Joomla! CB Resume Builder Index.PHP SQL Injection Vulnerability – [CVE-2009-3645]
  • Interspire Knowledge Manager 5.0 File_Manager.PHP Directory Traversal Vulnerability – [CVE-2009-3645]
  • Juniper Networks JUNOS J-Web 9.0R1.1 PATH_INFO Cross Site Scripting Vulnerability – [CVE-2009-3485]
  • Juniper Networks JUNOS J-Web 9.0R1.1 Scripter.PHP Cross Site Scripting Vulnerability – [CVE-2009-3487]
  • Juniper Networks JUNOS J-Web 9.0R1.1 JEXEC Cross Site Scripting Vulnerability – [CVE-2009-3487]
  • Juniper Networks JUNOS J-Web 9.0R1.1 CONFIGURATION Cross Site Scripting Vulnerability – [CVE-2009-3487]
  • Juniper Networks JUNOS J-Web 9.0R1.1 CONFIGURATION Cross Site Scripting Vulnerability – [CVE-2009-3486]
  • Juniper Networks JUNOS J-Web 9.0R1.1 TRACEROUTE Cross Site Scripting Vulnerability – [CVE-2009-3486]
  • Juniper Networks JUNOS J-Web 9.0R1.1 PINGHOST Cross Site Scripting Vulnerability – [CVE-2009-3486]
  • e107 0.7.16 Search.PHP IN Parameter Cross Site Scripting Vulnerability – [CVE-2009-3486]
  • e107 0.7.16 Search.PHP BE Parameter Cross Site Scripting Vulnerability – [CVE-2009-3486]
  • e107 0.7.16 Search.PHP EP Parameter Cross Site Scripting Vulnerability – [CVE-2009-3486]
  • e107 0.7.16 Search.PHP EX Parameter Cross Site Scripting Vulnerability – [CVE-2009-3486]
  • Joomla! Fastball Component 1.2 Index.PHP SQL Injection Vulnerability – [CVE-2009-3443]
  • OSSIM 2.1.1 Repository_Document.PHP SQL Injection Vulnerability – [CVE-2009-3439 ]
  • OSSIM 2.1.1 Repository_Links.PHP SQL Injection Vulnerability – [CVE-2009-3439 ]
  • OSSIM 2.1.1 Repository_Editdocument.PHP SQL Injection Vulnerability – [CVE-2009-3439 ]
  • OSSIM 2.1.1 Getpolicy.PHP SQL Injection Vulnerability – [CVE-2009-3439 ]
  • OSSIM 2.1.1 Newhostgroupform.PHP SQL Injection Vulnerability – [CVE-2009-3439 ]
  • OSSIM 2.1.1 Modifynetform.PHP SQL Injection Vulnerability – [CVE-2009-3439 ]
  • OSSIM 2.1.1 Index.PHP Cross Site Scripting Vulnerability – [CVE-2009-3440]
  • Joomla!/Mambo Tupinambis Component 1.0 Index.PHP SQL Injection Vulnerability – [CVE-2009-3434]
  • IBM Lotus Connections 2.0.1 SimpleSearch.Do Cross Site Scripting Vulnerability – [CVE-2009-3469]
  • Vastal I-Tech Agent Zone View_Listing.PHP SQL Injection Vulnerability – [CVE-2009-3497]
  • Vastal I-Tech DVD Zone View_Mag.PHP SQL Injection Vulnerability – [CVE-2009-3495]
  • Vastal I-Tech DVD Zone View_Mag.PHP Cross Site Scripting Vulnerability – [CVE-2009-3496]
  • Vastal I-Tech Cosmetics Zone View_Products.PHP SQL Injection Vulnerability – [CVE-2009-3496]
  • Vastal I-Tech MMORPG View_News.PHP SQL Injection Vulnerability – [CVE-2009-3505]
  • Joomla! JoomlaFacebook Component Index.PHP SQL Injection Vulnerability – [CVE-2009-3438]
  • Joomla! SportFusion Component 0.2.3 Index.PHP SQL Injection Vulnerability – [CVE-2009-3491]
  • MaxWebPortal 1.365 Forum.ASP SQL Injection Vulnerability – [CVE-2009-3436]
  • Joomla! Com_Jinc Component 0.2 Index.PHP SQL Injection Vulnerability – [CVE-2009-3334]
  • Joomla! MyRemote Video Gallery 1.0 Index.PHP SQL Injection Vulnerability – [CVE-2009-3446]
  • Joomla! Survey Manager Component 1.5 Index.PHP SQL Injection Vulnerability – [CVE-2009-3325]
  • Joomla! JBudgetsMagic 0.4 Index.PHP SQL Injection Vulnerability – [CVE-2009-3332]
  • eFront 3.5.4 Database.PHP Remote File Include Vulnerability – [CVE-2009-3332]
  • Xerver Administration Interface 4.32 CURRENTPATH Parameter Cross Site Scripting Vulnerability – [CVE-2009-3562]
  • Zainu 1.0 Index.PHP SQL Injection Vulnerability – [CVE-2009-3310]
  • Com_Koesubmit Mambo/Joomla! Component 1.0 Koesubmit.PHP Remote File Include Vulnerability – [CVE-2009-3333]
  • JForJoomla JReservation Joomla! Component Index.PHP SQL Injection Vulnerability – [CVE-2009-3316]
  • OpenSiteAdmin 0.9.7 PageHeader.PHP Remote File Include Vulnerability – [CVE-2009-3317]

This entry was posted in N-Stalker Latest Updates and tagged , . Bookmark the permalink.