Simple PHP Blog and Joomla components vulnerabilities

By N-Stalker Team on March 31, 2010

N-Stalker has made available its latest “N-Stealth Web Attack Database” update for all products, including N-Stalker 2009 and 2006 version.You should be able to automatically download it next time you execute N-Stalker Scanner.

If you need to contact us for additional instructions, go to N-Stalker’s Customer Center.

Important Note: N-Stalker 2006 Version has been discontinued since March 31st, 2009. You must upgrade to N-Stalker 2009 to obtain our technical support.

This release includes patterns for the following vulnerabilities:

  • AzDGDatingMedium 1.9.3 Login.PHP Cross Site Scripting Vulnerability
  • AzDGDatingMedium 1.9.3 Search.PHP Cross Site Scripting Vulnerability
  • AzDGDatingMedium 1.9.3 Index.PHP Cross Site Scripting Vulnerability
  • Webring Index.PHP Cross Site Scripting Vulnerability
  • Squito Gallery 1.0 IMAGEDIR Parameter Cross Site Scripting Vulnerability
  • Squito Gallery 1.0 PAGE Parameter Cross Site Scripting Vulnerability
  • Joomla! Com_Airmonoblock Component Index.PHP SQL Injection Vulnerability
  • Joomla! Com_Rd_Download Component Index.PHP Directory Traversal Vulnerability
  • Joomla! Com_Artistavenue Component Index.PHP Cross-Site Scripting Vulnerability – [CVE-2009-4579]
  • Dictionary Module 0.91b for XOOPS Detail.PHP SQL Injection Vulnerability – [CVE-2009-4582]
  • ArticleLive PHP Index.PHP USERNAME Parameter Cross Site Scripting Vulnerability – [CVE-2009-4582]
  • ArticleLive PHP Index.PHP PASSWORD Parameter Cross Site Scripting Vulnerability – [CVE-2009-4582]
  • RoseOnlineCMS Admincp.PHP Local File Include Vulnerability – [CVE-2009-4581]
  • phpAuction Register.PHP TPL_NICK Parameter Cross Site Scripting Vulnerability – [CVE-2009-4581]
  • phpAuction Register.PHP TPL_NAME Parameter Cross Site Scripting Vulnerability – [CVE-2009-4581]
  • Com_Adagency Joomla! Component index.PHP Local File Include Vulnerability – [CVE-2009-4581]
  • DrBenHur.com DBHcms 1.1.4 Index.PHP Remote File Include Vulnerability – [CVE-2009-4581]
  • Cybershade CMS 0.2b Core.PHP Remote File Include Vulnerability – [CVE-2009-4581]
  • Cybershade CMS 0.2b Includes.PHP Remote File Include Vulnerability – [CVE-2009-4581]
  • Joomla! Q-Personel Component 1.0.2 Index.PHP Cross-Site Scripting Vulnerability – [CVE-2009-4575]
  • Joomla! BeeHeard Component Index.PHP SQL Injection Vulnerability – [CVE-2009-4575]
  • Calendar Express Year.PHP SQL Injection Vulnerability – [CVE-2009-4575]
  • FreePBX 2.5.2 Config.PHP Cross Site Scripting Vulnerability – [CVE-2009-4458]
  • Aditus Consulting JpGraph 3.0.6 Csim_In_Html_Ex1.PHP Cross-Site Scripting Vulnerability – [CVE-2009-4422]
  • PHP-Calendar 1.1 Update10.PHP Local File Include Vulnerability – [CVE-2009-3702]
  • PHP-Calendar 1.1 Update10.PHP Local File Include Vulnerability – [CVE-2009-3702]
  • PHP-Calendar 1.1 Update08.PHP Local File Include Vulnerability – [CVE-2009-3702]
  • PHP-Calendar 1.1 Update08.PHP Local File Include Vulnerability – [CVE-2009-3702]
  • Simple PHP Blog 0.5.1 Languages_Cgi.PHP Local File Include Vulnerability – [CVE-2009-4421]
  • Joomla! Joomulus Component 2.0 Tagcloud.SWF Cross-Site Scripting Vulnerability – [CVE-2009-4573]
  • Joomla! Com_Webcamxp Component Index.PHP Cross-Site Scripting Vulnerability – [CVE-2009-4573]
  • Joomla! Com_Jm-Recommend Component Index.PHP Cross-Site Scripting Vulnerability – [CVE-2009-4573]
  • Joomla! Com_Facileforms Component Index.PHP Cross-Site Scripting Vulnerability – [CVE-2009-4578]
  • Joomla! Com_Trabalhe_Conosco Component Index.PHP Cross-Site Scripting Vulnerability – [CVE-2009-4578]
  • Joomla! Com_Dhforum Component Index.PHP SQL Injection Vulnerability – [CVE-2009-4583]
  • ClarkConnect Linux 5.0 Proxy.PHP Cross Site Scripting Vulnerability – [CVE-2009-4583]
  • Joomla! Com_Kkcontent Component Index.PHP SQL Injection Vulnerability – [CVE-2009-4583]
  • Joomla Com_Noticia Component Index.PHP Cross-Site Scripting Vulnerability – [CVE-2009-4583]
  • PHPFootball 1.0 News.Mainnews.PHP Cross Site Scripting Vulnerability – [CVE-2009-4583]
  • Pragyan CMS 2.6.4 Search.PHP MODULEFOLDER Parameter Remote File Include Vulnerability – [CVE-2009-4583]
  • Pragyan CMS 2.6.4 Search.PHP SOURCEFOLDER Parameter Remote File Include Vulnerability – [CVE-2009-4583]
  • Kasseler CMS 1.3.4 Index.PHP UNAME Parameter Cross Site Scripting Vulnerability – [CVE-2009-4583]
  • Kasseler CMS 1.3.4 Index.PHP DO Parameter Cross Site Scripting Vulnerability – [CVE-2009-4583]
  • Kasseler CMS 1.3.4 Index.PHP ID Parameter Cross Site Scripting Vulnerability – [CVE-2009-4583]
  • Joomla! Com_Mediaslide Component Viewer.PHP Directory Traversal Vulnerability – [CVE-2009-4583]
  • Joomla HotBrackets Tournament Brackets Component Index.PHP SQL Injection Vulnerability – [CVE-2010-0945]
  • Joomla! JCal Pro Component 1.5.3.6 Cal_Popup.PHP Remote File Include Vulnerability – [CVE-2009-4431]
  • Joomla Event Manager Component 1.5 Index.PHP SQL Injection Vulnerability – [CVE-2009-4431]

This entry was posted in N-Stalker Latest Updates and tagged , , . Bookmark the permalink.