Added a test looking for ReadMe documentation files. The information contained in these files could help an attacker identify the web application being used and sometimes the version of the application. It’s recommended to remove these files from production systems
Added a test for HTML injection vulnerabilities
Added a test for weak passwords in Joomla! Administrative interface
Added a test for weak passwords in the Django Administrative interface
Added a test for Wordpress PHP Object Injection affecting versions lower than 3.6.1
Improvements
Various updates in DeepScan resulting in improved site coverage
Update in the way that the HTTP Editor detects the host header from the URL
Acunetix now displays a warning if the user closes the application during a scan
The Port scanner timeout connection can be configured in milliseconds, allowing for further fine-tuning of the timeout
Bug Fixes
Fixed a crash in the user interface when certain components where updated from different threads
Base64 tool has been updated to ignore CRLF
Fixed issue causing the CSRF checks to never finish in some cases
Fixed issue causing the Reporter to invalidate the default report in some cases when the settings were changed
Fixed issue causing the default report button was not working in welcome screen
Fixed crawler stall when maximum number of pages reached