phpMyFAQ, UBB.threads vulnerabilities and multiple updates
N-Stalker has made available its latest “N-Stealth Web Attack Database” update for all products, including N-Stalker 2009 and 2006 version.You should be able to automatically download it next time you execute N-Stalker Scanner.
If you need to contact us for additional instructions, go to N-Stalker’s Customer Center.
Important Note: N-Stalker 2006 Version has been discontinued since March 31st, 2009. You must upgrade to N-Stalker 2009 to obtain our technical support.
This release includes patterns for the following vulnerabilities:
- eWebquiz 8.0 Questions.ASP SQL Injection Vulnerability – [CVE-2009-4436]
- eWebquiz 8.0 Importquestions.ASP SQL Injection Vulnerability – [CVE-2009-4436]
- eWebquiz 8.0 Quiztakers.ASP SQL Injection Vulnerability – [CVE-2009-4436]
- Active Auction House 3.6 Wishlist.ASP SQL Injection Vulnerability – [CVE-2009-4437]
- Active Auction House 3.6 Links.ASP SQL Injection Vulnerability – [CVE-2009-4437]
- cPanel 11.24.7 Dofileop.HTML Cross Site Scripting Vulnerability – [CVE-2009-4437]
- cPanel 11.24.7 Fileop.HTML Cross Site Scripting Vulnerability – [CVE-2009-4437]
- QuiXplorer 2.3.1 Index.PHP Local File Include Vulnerability – [CVE-2009-4437]
- Joomla! Com_Joomportfolio Component Index.PHP SQL Injection Vulnerability – [CVE-2009-4428]
- Joomla! Com_Personel Component Index.PHP SQL Injection Vulnerability – [CVE-2009-4428]
- Pluxml-Blog 4.2 Auth.PHP Cross Site Scripting Vulnerability – [CVE-2009-4428]
- WP-Forum WordPress Plugin 2.3 Index.PHP SQL Injection Vulnerability – [CVE-2009-3703]
- phpFaber CMS 1.3.36 Module.PHP Cross Site Scripting Vulnerability – [CVE-2009-4382]
- Zeeways ZeeLyrics 3.0 Searchresults_Main.PHP Cross Site Scripting Vulnerability – [CVE-2009-4316]
- VirtueMart 1.0 Index.PHP SQL Injection Vulnerability – [CVE-2009-4430]
- Million Pixel Script 3.0 Index.PHP Cross Site Scripting Vulnerability – [CVE-2009-4381]
- iDevSpot iSupport 1.8 Index.PHP Cross Site Scripting Vulnerability – [CVE-2009-3731]
- iDevSpot iSupport 1.8 Function.PHP Cross Site Scripting Vulnerability – [CVE-2009-3731]
- Ez Cart Index.PHP Cross Site Scripting Vulnerability – [CVE-2009-4317]
- Digital Scribe 1.4.1 Stuworkdisplay.PHP SQL Injection Vulnerability – [CVE-2009-4317]
- Zeeways ZeeJobsite 3.0 Basic_Search_Result.PHP Cross Site Scripting Vulnerability – [CVE-2009-4317]
- Zen Cart 1.3.8 Curltest.PHP Information Disclosure Vulnerability – [CVE-2009-4321]
- Joomla! JS Jobs Component 1.0.5.6 Index.PHP MD Parameter SQL Injection Vulnerability – [CVE-2009-4321]
- Joomla! JS Jobs Component 1.0.5.6 Index.PHP OI Parameter SQL Injection Vulnerability – [CVE-2009-4321]
- Joomla! com_jphoto Component Index.PHP SQL Injection Vulnerability – [CVE-2009-4321]
- TestLink 1.8.4 Eventviewer.PHP SQL Injection Vulnerability – [CVE-2009-4238]
- TestLink 1.8.4 NavBar.PHP SQL Injection Vulnerability – [CVE-2009-4238]
- TestLink 1.8.4 Login.PHP Cross Site Scripting Vulnerability – [CVE-2009-4237]
- TestLink 1.8.4 ResultsMoreBuilds_BuildReport.PHP Cross Site Scripting Vulnerability – [CVE-2009-4237]
- TestLink 1.8.4 Eventviewer.PHP LOGLEVEL Parameter Cross Site Scripting Vulnerability – [CVE-2009-4237]
- TestLink 1.8.4 Eventviewer.PHP ENDDATE Parameter Cross Site Scripting Vulnerability – [CVE-2009-4237]
- TestLink 1.8.4 Eventviewer.PHP STARTDATE Parameter Cross Site Scripting Vulnerability – [CVE-2009-4237]
- TestLink 1.8.4 Attachmentupload.PHP Cross Site Scripting Vulnerability – [CVE-2009-4237]
- TestLink 1.8.4 StaticPage.PHP Cross Site Scripting Vulnerability – [CVE-2009-4237]
- Joomla! You!Hostit! Template 1.0.1 Index.PHP Cross-Site Scripting Vulnerability – [CVE-2009-4255]
- Joomla! Com_Job Component Index.PHP SQL Injection Vulnerability – [CVE-2009-4255]
- YOOtheme Warp5 Joomla! Component Index.PHP Cross Site Scripting Vulnerability – [CVE-2009-4255]
- Chipmunk Newsletter 2.0 Addlist.PHP SQL Injection Vulnerability – [CVE-2009-4255]
- GCalendar Joomla! Component 2.1.4 Index.PHP SQL Injection Vulnerability – [CVE-2009-4099]
- PhpShop 0.8.1 Index.PHP ORDER_ID Parameter Cross-Site Scripting Vulnerability – [CVE-2009-4099]
- PhpShop 0.8.1 Index.PHP CATEGORY Parameter SQL Injection Vulnerability – [CVE-2009-4099]
- PhpShop 0.8.1 Index.PHP TAX_RATE_ID Parameter SQL Injection Vulnerability – [CVE-2009-4099]
- PhpShop 0.8.1 Index.PHP PAYMENT_METHOD_ID Parameter SQL Injection Vulnerability – [CVE-2009-4099]
- PhpShop 0.8.1 Index.PHP USER_ID Parameter SQL Injection Vulnerability – [CVE-2009-4099]
- PhpShop 0.8.1 Index.PHP VENDOR_CATEGORY_ID Parameter SQL Injection Vulnerability – [CVE-2009-4099]
- PhpShop 0.8.1 Index.PHP USER_ID Parameter SQL Injection Vulnerability – [CVE-2009-4099]
- PhpShop 0.8.1 Index.PHP MODULE_ID Parameter SQL Injection Vulnerability – [CVE-2009-4099]
- PhpShop 0.8.1 Index.PHP VENDOR_ID Parameter SQL Injection Vulnerability – [CVE-2009-4099]
- PhpShop 0.8.1 Index.PHP PRODUCT_ID Parameter SQL Injection Vulnerability – [CVE-2009-4099]
- PhpShop 0.8.1 Index.PHP MODULE_ID Parameter SQL Injection Vulnerability – [CVE-2009-4099]
- Sisplet CMS 2008-01-24 New.PHP Remote File Include Vulnerability – [CVE-2009-4099]
- AROUNDMe 1.1 Connect.PHP Remote File Include Vulnerability – [CVE-2009-4264]
- YABSoft Advanced Image Hosting Script 2.2 Search.PHP Cross Site Scripting Vulnerability – [CVE-2009-4266]
- UBB.threads 7.5.4.2 Smarty_Compiler.Class.PHP Remote File Include Vulnerability – [CVE-2009-4266]
- UBB.threads 7.5.4.2 Html.Inc.PHP Remote File Include Vulnerability – [CVE-2009-4266]
- UBB.threads 7.5.4.2 Ubbthreads.PHP Local File Include Vulnerability – [CVE-2009-4266]
- Elkagroup Image Gallery 1.0 Index.PHP SQL Injection Vulnerability – [CVE-2009-4266]
- 427BB 2.3.2 Showpost.PHP SQL Injection Vulnerability – [CVE-2009-4266]
- phpMyFAQ 2.5.4 Index.PHP LANG Parameter Cross Site Scripting Vulnerability – [CVE-2009-4266]
- phpMyFAQ 2.5.4 Index.PHP QUESTION Parameter Cross Site Scripting Vulnerability – [CVE-2009-4266]
- phpMyFAQ 2.5.4 Index.PHP CAT Parameter Cross Site Scripting Vulnerability – [CVE-2009-4266]
- phpMyFAQ 2.5.4 Index.PHP CAT Parameter Cross Site Scripting Vulnerability – [CVE-2009-4266]
- phpMyFAQ 2.5.4 Index.PHP ID Parameter Cross Site Scripting Vulnerability – [CVE-2009-4266]
- phpMyFAQ 2.5.4 Index.PHP SRCLANG Parameter Cross Site Scripting Vulnerability – [CVE-2009-4266]
- phpMyFAQ 2.5.4 Index.PHP ID Parameter Cross Site Scripting Vulnerability – [CVE-2009-4266]
- phpMyFAQ 2.5.4 Index.PHP CAT Parameter Cross Site Scripting Vulnerability – [CVE-2009-4266]
- phpMyFAQ 2.5.4 Index.PHP ARTLANG Parameter Cross Site Scripting Vulnerability – [CVE-2009-4266]
- phpMyFAQ 2.5.4 Index.PHP NEWSLANG Parameter Cross Site Scripting Vulnerability – [CVE-2009-4266]
- phpMyFAQ 2.5.4 Index.PHP TAGGING_ID Parameter Cross Site Scripting Vulnerability – [CVE-2009-4266]
- phpMyFAQ 2.5.4 Index.PHP CAT Parameter Cross Site Scripting Vulnerability – [CVE-2009-4266]
- phpMyFAQ 2.5.4 Index.PHP LANG Parameter Cross Site Scripting Vulnerability – [CVE-2009-4266]
- phpMyFAQ 2.5.4 Index.PHP LETTER Parameter Cross Site Scripting Vulnerability – [CVE-2009-4266]
- phpMyFAQ 2.5.4 Index.PHP LANG Parameter Cross Site Scripting Vulnerability – [CVE-2009-4266]
- phpMyFAQ 2.5.4 Index.PHP ARTLANG Parameter Cross Site Scripting Vulnerability – [CVE-2009-4266]
- phpMyFAQ 2.5.4 Index.PHP HIGHLIGHT Parameter Cross Site Scripting Vulnerability – [CVE-2009-4266]
This entry was posted in N-Stalker Latest Updates and tagged updates, vulnerabilities. Bookmark the permalink.