phpMyFAQ, UBB.threads vulnerabilities and multiple updates

By N-Stalker Team on January 19, 2010

N-Stalker has made available its latest “N-Stealth Web Attack Database” update for all products, including N-Stalker 2009 and 2006 version.You should be able to automatically download it next time you execute N-Stalker Scanner.

If you need to contact us for additional instructions, go to N-Stalker’s Customer Center.

Important Note: N-Stalker 2006 Version has been discontinued since March 31st, 2009. You must upgrade to N-Stalker 2009 to obtain our technical support.

This release includes patterns for the following vulnerabilities:

  • eWebquiz 8.0 Questions.ASP SQL Injection Vulnerability – [CVE-2009-4436]
  • eWebquiz 8.0 Importquestions.ASP SQL Injection Vulnerability – [CVE-2009-4436]
  • eWebquiz 8.0 Quiztakers.ASP SQL Injection Vulnerability – [CVE-2009-4436]
  • Active Auction House 3.6 Wishlist.ASP SQL Injection Vulnerability – [CVE-2009-4437]
  • Active Auction House 3.6 Links.ASP SQL Injection Vulnerability – [CVE-2009-4437]
  • cPanel 11.24.7 Dofileop.HTML Cross Site Scripting Vulnerability – [CVE-2009-4437]
  • cPanel 11.24.7 Fileop.HTML Cross Site Scripting Vulnerability – [CVE-2009-4437]
  • QuiXplorer 2.3.1 Index.PHP Local File Include Vulnerability – [CVE-2009-4437]
  • Joomla! Com_Joomportfolio Component Index.PHP SQL Injection Vulnerability – [CVE-2009-4428]
  • Joomla! Com_Personel Component Index.PHP SQL Injection Vulnerability – [CVE-2009-4428]
  • Pluxml-Blog 4.2 Auth.PHP Cross Site Scripting Vulnerability – [CVE-2009-4428]
  • WP-Forum WordPress Plugin 2.3 Index.PHP SQL Injection Vulnerability – [CVE-2009-3703]
  • phpFaber CMS 1.3.36 Module.PHP Cross Site Scripting Vulnerability – [CVE-2009-4382]
  • Zeeways ZeeLyrics 3.0 Searchresults_Main.PHP Cross Site Scripting Vulnerability – [CVE-2009-4316]
  • VirtueMart 1.0 Index.PHP SQL Injection Vulnerability – [CVE-2009-4430]
  • Million Pixel Script 3.0 Index.PHP Cross Site Scripting Vulnerability – [CVE-2009-4381]
  • iDevSpot iSupport 1.8 Index.PHP Cross Site Scripting Vulnerability – [CVE-2009-3731]
  • iDevSpot iSupport 1.8 Function.PHP Cross Site Scripting Vulnerability – [CVE-2009-3731]
  • Ez Cart Index.PHP Cross Site Scripting Vulnerability – [CVE-2009-4317]
  • Digital Scribe 1.4.1 Stuworkdisplay.PHP SQL Injection Vulnerability – [CVE-2009-4317]
  • Zeeways ZeeJobsite 3.0 Basic_Search_Result.PHP Cross Site Scripting Vulnerability – [CVE-2009-4317]
  • Zen Cart 1.3.8 Curltest.PHP Information Disclosure Vulnerability – [CVE-2009-4321]
  • Joomla! JS Jobs Component 1.0.5.6 Index.PHP MD Parameter SQL Injection Vulnerability – [CVE-2009-4321]
  • Joomla! JS Jobs Component 1.0.5.6 Index.PHP OI Parameter SQL Injection Vulnerability – [CVE-2009-4321]
  • Joomla! com_jphoto Component Index.PHP SQL Injection Vulnerability – [CVE-2009-4321]
  • TestLink 1.8.4 Eventviewer.PHP SQL Injection Vulnerability – [CVE-2009-4238]
  • TestLink 1.8.4 NavBar.PHP SQL Injection Vulnerability – [CVE-2009-4238]
  • TestLink 1.8.4 Login.PHP Cross Site Scripting Vulnerability – [CVE-2009-4237]
  • TestLink 1.8.4 ResultsMoreBuilds_BuildReport.PHP Cross Site Scripting Vulnerability – [CVE-2009-4237]
  • TestLink 1.8.4 Eventviewer.PHP LOGLEVEL Parameter Cross Site Scripting Vulnerability – [CVE-2009-4237]
  • TestLink 1.8.4 Eventviewer.PHP ENDDATE Parameter Cross Site Scripting Vulnerability – [CVE-2009-4237]
  • TestLink 1.8.4 Eventviewer.PHP STARTDATE Parameter Cross Site Scripting Vulnerability – [CVE-2009-4237]
  • TestLink 1.8.4 Attachmentupload.PHP Cross Site Scripting Vulnerability – [CVE-2009-4237]
  • TestLink 1.8.4 StaticPage.PHP Cross Site Scripting Vulnerability – [CVE-2009-4237]
  • Joomla! You!Hostit! Template 1.0.1 Index.PHP Cross-Site Scripting Vulnerability – [CVE-2009-4255]
  • Joomla! Com_Job Component Index.PHP SQL Injection Vulnerability – [CVE-2009-4255]
  • YOOtheme Warp5 Joomla! Component Index.PHP Cross Site Scripting Vulnerability – [CVE-2009-4255]
  • Chipmunk Newsletter 2.0 Addlist.PHP SQL Injection Vulnerability – [CVE-2009-4255]
  • GCalendar Joomla! Component 2.1.4 Index.PHP SQL Injection Vulnerability – [CVE-2009-4099]
  • PhpShop 0.8.1 Index.PHP ORDER_ID Parameter Cross-Site Scripting Vulnerability – [CVE-2009-4099]
  • PhpShop 0.8.1 Index.PHP CATEGORY Parameter SQL Injection Vulnerability – [CVE-2009-4099]
  • PhpShop 0.8.1 Index.PHP TAX_RATE_ID Parameter SQL Injection Vulnerability – [CVE-2009-4099]
  • PhpShop 0.8.1 Index.PHP PAYMENT_METHOD_ID Parameter SQL Injection Vulnerability – [CVE-2009-4099]
  • PhpShop 0.8.1 Index.PHP USER_ID Parameter SQL Injection Vulnerability – [CVE-2009-4099]
  • PhpShop 0.8.1 Index.PHP VENDOR_CATEGORY_ID Parameter SQL Injection Vulnerability – [CVE-2009-4099]
  • PhpShop 0.8.1 Index.PHP USER_ID Parameter SQL Injection Vulnerability – [CVE-2009-4099]
  • PhpShop 0.8.1 Index.PHP MODULE_ID Parameter SQL Injection Vulnerability – [CVE-2009-4099]
  • PhpShop 0.8.1 Index.PHP VENDOR_ID Parameter SQL Injection Vulnerability – [CVE-2009-4099]
  • PhpShop 0.8.1 Index.PHP PRODUCT_ID Parameter SQL Injection Vulnerability – [CVE-2009-4099]
  • PhpShop 0.8.1 Index.PHP MODULE_ID Parameter SQL Injection Vulnerability – [CVE-2009-4099]
  • Sisplet CMS 2008-01-24 New.PHP Remote File Include Vulnerability – [CVE-2009-4099]
  • AROUNDMe 1.1 Connect.PHP Remote File Include Vulnerability – [CVE-2009-4264]
  • YABSoft Advanced Image Hosting Script 2.2 Search.PHP Cross Site Scripting Vulnerability – [CVE-2009-4266]
  • UBB.threads 7.5.4.2 Smarty_Compiler.Class.PHP Remote File Include Vulnerability – [CVE-2009-4266]
  • UBB.threads 7.5.4.2 Html.Inc.PHP Remote File Include Vulnerability – [CVE-2009-4266]
  • UBB.threads 7.5.4.2 Ubbthreads.PHP Local File Include Vulnerability – [CVE-2009-4266]
  • Elkagroup Image Gallery 1.0 Index.PHP SQL Injection Vulnerability – [CVE-2009-4266]
  • 427BB 2.3.2 Showpost.PHP SQL Injection Vulnerability – [CVE-2009-4266]
  • phpMyFAQ 2.5.4 Index.PHP LANG Parameter Cross Site Scripting Vulnerability – [CVE-2009-4266]
  • phpMyFAQ 2.5.4 Index.PHP QUESTION Parameter Cross Site Scripting Vulnerability – [CVE-2009-4266]
  • phpMyFAQ 2.5.4 Index.PHP CAT Parameter Cross Site Scripting Vulnerability – [CVE-2009-4266]
  • phpMyFAQ 2.5.4 Index.PHP CAT Parameter Cross Site Scripting Vulnerability – [CVE-2009-4266]
  • phpMyFAQ 2.5.4 Index.PHP ID Parameter Cross Site Scripting Vulnerability – [CVE-2009-4266]
  • phpMyFAQ 2.5.4 Index.PHP SRCLANG Parameter Cross Site Scripting Vulnerability – [CVE-2009-4266]
  • phpMyFAQ 2.5.4 Index.PHP ID Parameter Cross Site Scripting Vulnerability – [CVE-2009-4266]
  • phpMyFAQ 2.5.4 Index.PHP CAT Parameter Cross Site Scripting Vulnerability – [CVE-2009-4266]
  • phpMyFAQ 2.5.4 Index.PHP ARTLANG Parameter Cross Site Scripting Vulnerability – [CVE-2009-4266]
  • phpMyFAQ 2.5.4 Index.PHP NEWSLANG Parameter Cross Site Scripting Vulnerability – [CVE-2009-4266]
  • phpMyFAQ 2.5.4 Index.PHP TAGGING_ID Parameter Cross Site Scripting Vulnerability – [CVE-2009-4266]
  • phpMyFAQ 2.5.4 Index.PHP CAT Parameter Cross Site Scripting Vulnerability – [CVE-2009-4266]
  • phpMyFAQ 2.5.4 Index.PHP LANG Parameter Cross Site Scripting Vulnerability – [CVE-2009-4266]
  • phpMyFAQ 2.5.4 Index.PHP LETTER Parameter Cross Site Scripting Vulnerability – [CVE-2009-4266]
  • phpMyFAQ 2.5.4 Index.PHP LANG Parameter Cross Site Scripting Vulnerability – [CVE-2009-4266]
  • phpMyFAQ 2.5.4 Index.PHP ARTLANG Parameter Cross Site Scripting Vulnerability – [CVE-2009-4266]
  • phpMyFAQ 2.5.4 Index.PHP HIGHLIGHT Parameter Cross Site Scripting Vulnerability – [CVE-2009-4266]

This entry was posted in N-Stalker Latest Updates and tagged , . Bookmark the permalink.