The Common Vulnerability Scoring System (CVSS) is an open standard for assessing the severity of security vulnerabilities. “Common” being the keyword, indicating that CVSS is designed to not only be independent to a specific vendor or industry, but also interoperable across systems that vary in…
Tag Archives wvs
Acunetix v10.5 adds support for Joomla! Drupal and CVSS3.0
A new version of Acunetix Web Vulnerability Scanners v10.5 has been released. The new version tests for Joomla! and Drupal vulnerabilities, supports CVSS 3.0 and includes other improvements/bug fixes. Joomla! and Drupal Support Acunetix v10.5 now reports vulnerabilities in popular content management systems Joomla! and Drupal. The…
Authenticated scans more effective! How?
The majority of web applications today make use of a login mechanism where the user must supply a set of credentials in order to navigate to authenticated areas of the web application. This allows access to restricted content and content that is customised to the…
New Acunetix update includes security checks for Joomla! Core RCE, improved XXE tests and more
New updates have been released that test for a new Joomla! remote code execution vulnerability affecting versions 1.5.0 through 3.4.5 CVE-2015-8562. Other updates also include improved XML External Entity (XXE) testing, multiple Cross-site Scripting tests in commonly used libraries and other improvements/bug fixes. Below is the…
Acunetix 10 build includes security checks in CORS configurations, Rails web applications and identifies the vBulletin 5 RCE
Acunetix 10 (build 20151125) has been released. This new build checks for insecure DNS records, insecure CORS configurations, Rails web applications running in development mode, web applications running Tornado and Pyramid in debug mode and various new and updated vulnerability checks including one for vBulletin…
Acunetix Port Scanner
The Acunetix Port Scanner performs a port scan against the server hosting the scanned website. When open ports are found, Acunetix Web Vulnerability Scanner will proceed with network level security checks against the network service running on that port, such as DNS Open Recursion tests,…
Acunetix 10 new build checks for vulnerabilities in Composer, Zend Framework, AjaxControlToolkit
Acunetix WVS v.10 (build 20150921) has been released. This new build checks for Cross Site Scripting in mobile-touch event handlers and for various vulnerabilities in products such as Composer, Zend Framework, AjaxControlToolkit and others. Below is a full list of updates. New Features Added a…
Acunetix WVS Input Fields
Many websites include web forms that capture visitor data, such as download forms. Acunetix Web Vulnerability Scanner can be configured to automatically submit random data or specific values to web forms during the crawl and scan stages of a security audit. By default, Acunetix Web Vulnerability…
Business Logic Security Testing with Acunetix v10
Business logic in web applications refers to the encoding of real-world business rules that determine how data should be created, displayed, stored, and changed in a workflow-style process. Applications implementing business logic are not easy to test automatically because they are meant to be used…