Joomla Vulnerabilities and multiple updates

By N-Stalker Team on February 23, 2010

N-Stalker has made available its latest “N-Stealth Web Attack Database” update for all products, including N-Stalker 2009 and 2006 version.You should be able to automatically download it next time you execute N-Stalker Scanner.

If you need to contact us for additional instructions, go to N-Stalker’s Customer Center.

Important Note: N-Stalker 2006 Version has been discontinued since March 31st, 2009. You must upgrade to N-Stalker 2009 to obtain our technical support.

This release includes patterns for the following vulnerabilities:

  • Joomla! DigiStore Component Index.PHP SQL Injection Vulnerability
  • Joomla! com_schools Component Index.PHP SQL Injection Vulnerability
  • FlatPress 0.909 Login.PHP Cross Site Scripting Vulnerability – [CVE-2009-4461]
  • FlatPress 0.909 Login.PHP Cross Site Scripting Vulnerability – [CVE-2009-4461]
  • FlatPress 0.909 Contact.PHP Cross Site Scripting Vulnerability – [CVE-2009-4461]
  • Sunbyte e-Flower Index.PHP SQL Injection Vulnerability – [CVE-2009-4461]
  • Joomla! com_calendario Component Index.PHP SQL Injection Vulnerability – [CVE-2009-4461]
  • MAXdev MD-Forum 2.07 Index.PHP SQL Injection Vulnerability – [CVE-2009-4577]
  • Best Top List 2.11 Out.PHP Cross Site Scripting Vulnerability – [CVE-2009-4577]
  • Joomla! iF Portfolio Nexus Index.PHP Local File Include Vulnerability – [CVE-2009-4577]
  • IMG2ASCII 1.17 Ascii.PHP Cross Site Scripting Vulnerability – [CVE-2009-4577]
  • phpPowerCards 2.0 Pagenumber.Inc.PHP ARCHIV Parameter Cross Site Scripting Vulnerability – [CVE-2009-4469]
  • phpPowerCards 2.0 Pagenumber.Inc.PHP SUBCAT Parameter Cross Site Scripting Vulnerability – [CVE-2009-4469]
  • phpPowerCards 2.0 Pagenumber.Inc.PHP PATH_INFO Parameter Cross Site Scripting Vulnerability – [CVE-2009-4469]
  • freeForum 1.7 Index.PHP Cross Site Scripting Vulnerability – [CVE-2009-4469]
  • MyShoutPro 1.2 Index.PHP Cross Site Scripting Vulnerability – [CVE-2009-4469]
  • phpInstantGallery 1.1 Admin.PHP Cross Site Scripting Vulnerability – [CVE-2009-4446]
  • Barbo91 Upload.PHP Cross Site Scripting Vulnerability – [CVE-2009-4446]
  • APC Switched Rack PDU 3.7.0 Login1 Cross Site Scripting Vulnerability – [CVE-2009-4406]
  • Woltlab Burning Board Kleinanzeigenmarkt Plugin Index.PHP SQL Injection Vulnerability – [CVE-2009-4406]
  • MyBB 1.4.10 Myps.PHP Cross Site Scripting Vulnerability – [CVE-2009-4406]
  • Webformatique Car Manager Joomla! Component 2.1 Index.PHP Cross Site Scripting Vulnerability – [CVE-2009-4406]
  • Joomla! JEEMA Article Collection Component Index.PHP SQL Injection Vulnerability – [CVE-2009-4406]
  • 4homepages 4images 1.7.1 Search.PHP SQL Injection Vulnerability – [CVE-2009-4406]
  • JBC Explorer 7.20 Arbre.PHP Cross Site Scripting Vulnerability – [CVE-2009-4406]
  • Pre Projects E-Smart Cart Login.ASP SQL Injection Vulnerability – [CVE-2009-4406]
  • Pyrmont V2 2.0.7 WordPress Theme Results.PHP SQL Injection Vulnerability – [CVE-2009-4424]
  • F3Site 2009 New.PHP Local File Include Vulnerability – [CVE-2009-4435]
  • F3Site 2009 Poll.PHP Local File Include Vulnerability – [CVE-2009-4435]

This entry was posted in N-Stalker Latest Updates and tagged , , . Bookmark the permalink.