Ads

Search Your Apps

Search Your Apps

Themes

Themes

Premium Apps

Premium Apps


Acunetix Web Vulnerability Scanner 9.5 Full Version



Acunetix Web Vulnerability Scanner version 9.5 build 20140902 has been updated to include new vulnerability checks, including detection of Hibernate Query Injection, format strings vulnerabilities, MySQL username disclosure and others, including some, in well-known web applications. This new build also optimises existing checks, including its XSS and SQL Injection detection scripts.
The following is a full list of updates included in this release.

New Features

  • Implemented a test for format strings vulnerabilities in web applications
  • Implemented support for Hibernate Query Injection
  • Implemented a check for MySQL username disclosure in error messages
  • Implemented a test looking for vBulletin 5 SQL injection
  • Implemented detection of Multiple Vulnerabilities in Parallels Plesk Sitebuilder
  • Implemented a test looking for WordPress XMLRPC bruteforce
  • Implemented a test for Remote File Upload vulnerability in Mailpoet/Wysija newsletters popular WordPress plugin
  • Implemented a test for Insecure Nonce Generation in popular WordPress plugin WPTouch
  • Implemented a test looking for various JSP access restriction bypasses in Java web applications
  • Implemented detection of multiple vulnerabilities in Kunena Forum for Joomla
  • Implemented a test checking if applets are permitted when file uploads are possible (this will lead to XSS vulnerabilities)
  • Added a test for Java Debug Wire Protocol vulnerabilities
  • Added a test for Zabbix XXE
  • Added a test looking for Weblogic console default credentials
  • Added a test for Symphony debugging console enabled
  • Added a test for some MongoDB vulnerabilities
  • Added a test looking for Chrome Logger information disclosure
  • Added a generic script looking for unsecured mail forms that could lead to spam
  • Added a test to check if ASP.NET Viewstate MAC is enabled
  • Implemented a test for WordPress/Drupal/… XML quadratic blowup denial of service attack
  • Added a test looking for HTML injection with unterminated tag
  • Added a test for WordPress plugin Custom Contact Forms.

Improvements

  • Various optimisations to Amazon S3 related scripts such as XXE and SSRF
  • Improved the script looking for possible sensitive files
  • XSS script can now find less common XSS variants such as double encode payloads
  • SQL injection script checks for other variants such as SQL injection in order by, group by
  • XSS script now checks for many user controllable tag attributes
  • Various optimizations in the generation of reports
  • Improved Server Directory Traversal script
  • Improved Host Header Attack script

Bug Fixes

  • Fixed JS errors that appear in HTTP editor.
  • Restricted links matching was not working in some situations.
  • Fixed the slow response time alert – moved alert details from description.
  • Fixed a false positive with Struts2_Development_Mode script.
  • Auto login crash if requests were failing after a long time.
  • Existing cookies from manual browsing were ignored by crawler.
  • Reduced some false positives in Backup file reporting.
  • Login Sequence Recorder will delete the cookies it collected in the wizard.
  • Crawler will use cookies from LSR in manual mode.
                                                             Click Here to Download
 http://ow.ly/MnlR7




About san ron

We can provide Latest Android/Windows apps that you have been looking with premium version. Tutuorial video with Tricks or Hacks helps you. how to clearly solve your Problem. Stay Connected With Us and Visit For Latest Apps
«
Next
Newer Post
»
Previous
Older Post

No comments

Leave a Reply