Acunetix Premium - v12.0.180911134

New Vulnerability Checks

• Added detection for Apache Struts Remote Code Execution (S2-057) (CVE-2018-11776)
• Added detection for URL rewrite vulnerability due to legacy header support (CVE-2018-14773)
• Added detection for Web Cache Poisoning
• Added detection of HTTP (non-SSL) origin accessing HTTPS resource
• Added detection of Yii2 Framework's development extensions
• Added detection for Cross-Origin Resource Sharing (CORS) origin validation failure
• Added detection for Drupal Core Open Redirect
• Added detection for Python pickle serialization
• New AcuMonitor Test - Detection of Reverse Proxy Misrouting (SSRF)
• New AcuMonitor Test - Detection of Attacks on Auxiliary Systems (SSRF)
• New vulnerability checks for multiple WordPress plugins and Joomla Core

Updates

• Multiple updates to the SSL checks
• Various memory optimisations
• Less requests required to verify AcuMontior checks

Fixes

• Fixed bug in testing of cookie values
• Fixed memory issues, causing some scans to exit unexpectedly
• Fixed bug causing some scans to crash when paused and resumed
• Fixed issue causing some scans to be aborted immediately because of error status on initial response
• Fixed issue causing some locations to get omitted from site structure
• Multiple fixes to import file feature
• Fixed issue which caused DeepScan not to use all cookies
• Custom headers were added twice on redirect
• Fixed issue affecting some sites using SSO