Acunetix Premium - v12.0.190325161

New Features

• Verified vulnerabilities are now indicated by Acunetix

New Vulnerability Checks

• Test for PHP opcache-status page
• Test for Arbitrary File Read in Next.js
• Test for Nagios XI Magpie_debug.php Unauthenticated RCE (CVE-2018-15708)
• Test for Horde Imp Unauthenticated Remote Command Execution
• Test for Cisco Identity Service Engine XSS (CVE-2018-15440)
• Test for publicly available Apache balancer-manager application
• Test for Rails File Content Disclosure in Action View (CVE-2019-5418)
• Test for Apache Solr Deserialization of untrusted data via jmx.serviceUrl (CVE-2019-0192)
• Added a test for /jolokia
• Updated XSS checks to detect vulnerabilities on newer versions of Apache Tomcat
• Added new WordPress Core and WordPress Plugins vulnerability checks

Updates

• Updated Directory Traversal vulnerability check
• Improved detection of Blind SQL Injection
• On Linux, OOM Killer will now stop less important processes
• Improve handling of XHR requests in Deepscan
• Multiple improvements to the LSR and Session detection
• Scan Stats are now retained between Pause/Resume
• Improved the detection of paths from JSON and XML
• Improve techniques used to detect type of input in web form
• Multiple minor UI updates

Fixes

• Fixed multiple instances of scanner stopping unexpectedly
• Fixed false positive reported by WordPress plugin All in One SEO Pack privielege escalation check
• Fixed issue causing the same web application to be detected multiple times
• Some vulnerability alerts did not show the HTTP Response
• Fixed issue causing incorrect processing of default values in forms
• HTTP redirects were not being detected
• Fixed issue in File Upload XSS vulnerability check
• Fixed issue causing PerFolder scripts not to be executed on all folders
• Fixed issue causing HAR file importing to fail
• Fixed issue causing LSR to fail to load Target with uppercase address
• Fixed issue causing SharePoint Reflected Cross-Site Scripting (CVE-2017-8514) not to be reported