Reports of a 0-day vulnerability in Acunetix Web Vulnerability Scanner turn out to affect only an old version from 2012 which was subsequently fixed. A blog post has recently come to our attention that claims a successful attack against Acunetix v8 (build 20120704), and in…
Tag Archives v8
WordPress Caching Plugins Remote PHP Code Execution
Two very popular WordPress caching plugins: WP Super Cache (4,373,811 downloads) and W3 Total Cache (1,975,480 downloads) have been affected by a vulnerability that allows remote users to execute arbitrary PHP code. The affected versions are: WP Super Cache (version 1.2 and below, version 1.3.x and up are…
New WordPress Checks in Acunetix Web Vulnerability Scanner v8 build 20130416
This new release of Acunetix Web Vulnerability Scanner version 8, build 20130416, includes new and improved vulnerability checks which target WordPress installations, web applications hosted on Amazon S3, various other web applications. New Functionality Added a test that enumerates valid WordPress usernames using various techniques….
Acunetix WVS Update 20130308 – New Security Tests
Apart from the usual bug fixes / new functionality, each Acunetix WVS update generally includes new vulnerability tests or an improvement to existing checks. In this post, I would like to summarize the new security tests added in the latest Acunetix WVS update. Unicode Transformation…
Unable to Download Error Whilst Trying to Update Acunetix WVS
Symptoms When trying to update the latest build from Acunetix WVS, you encounter the following error: Unable to download https://www.acunetix.com/download/ fullver8/2013_03_08_01_webvulnscan8.exe. Try again later. More Information Acunetix has recently changed its update mechanism to a new and secure product download system. This update has been…
New security checks in Acunetix Web Vulnerability Scanner v8 build 20130308
This new release of Acunetix Web Vulnerability Scanner version 8 – build 20130308– includes a number of new security tests, most of which are product-specific, as well as various improvements in Cross-Site Scripting (XSS) checks and various bug fixes in the scan scheduler. New Functionality…
Better Evaluation with the Latest Acunetix WVS Build
We are pleased to announce a new release of Acunetix Web Vulnerability Scanner version 8 – build 20130205 – which provides a better evaluation experience by reporting all the vulnerabilities that are present in your web application. This new build also includes other minor product…
WordPress Pingback Vulnerability
Recently somebody posted on Reddit about a WordPress scanner that is taking advantage of a new WordPress vulnerability. The vulnerability is abusing the Pingback system, which is a well-known feature that’s used by a lot of bloggers. What is a Pingback? Quoting Wikipedia: A pingback…
New Acunetix WVS Build Includes ISO 27001 Template
We’ve just released a new version of Acunetix WVS version 8 – build 20121213 – which includes several new security checks such as the new module that tests Slow HTTP Denial of Service attacks like Slowloris. We’ve also added a good number of improvements and bug…