New Features
- Schedule up to 2,000 website security scans using a CSV file.
- Ability to exclude WSDL inputs from a scan from the WSDL scan wizard.
New Security Checks
- Added a new security check for IIS global.asa / global.asax backup files.
- Added a new remote code execution security check for vbseo 3.6.0.
- New arbitrary PHP code execution security check for Drupal.
- New information disclosure security check for Drupal.
- Added several web security checks for Ekton CMS.
- New XSS security check that can find vulnerabilities in Referrer headers.
Improvements
- Scheduler UI now supports pagination for faster load time.
- Improved XSS vulnerabilities detection in URIs.
- Improved Input Fields entries for better crawling of websites.
Bug Fixes
- Client certificates are now being used from the Login Sequence Recorder.
- Fixed a crash in the compare scans template.
- Fixed an AcuSensor injection problem with .NET Framework 4.0 applications.
- Fixed several Sensitive Directory vulnerabilities false positives.
- Fixed a Login Sequence Recorder crash.