releases

Acunetix Web Vulnerability Scanner Product Releases

acunetix how to

Technical tips and videos about Acunetix WVS and Web Security

news

Acunetix Company and Web Security news, & Press Releases

events

Acunetix Webinars and Training around the world

web security zone

Everything you need to know about Web Security

Home » Archive by Category

Articles in news

Acunetix WVS voted Windowsecurity.com readers’ choice award winner
February 25, 2010 – 6:20 pm | 2 Comments

Leading Windows Security resource site, WindowSecurity.com, announced today that Acunetix Web Vulnerability Scanner was selected the winner in the Web Application Security category of the WindowSecurity.com Readers’ Choice Awards for the third time in a …

Latest Comparison Report from Larry Suto
February 8, 2010 – 5:43 pm | 16 Comments

Last week, Larry Suto published a report entitled “Accuracy and Time Costs of Web Application Security Scanner Report”.  I’ve started to investigate in detail the results from this report. And I’ve found a list of …

e107 CMS system website compromised
January 27, 2010 – 5:19 pm | 8 Comments

As part of my job here at Acunetix, from time to time I analyze source code looking for security problems. Using this information I adjust Acunetix WVS to detect these problems automatically (when it’s possible).
Monday, …

Security is hard
January 22, 2010 – 3:29 pm | No Comment

The year debuted with ‘Operation Aurora‘: Google and over 30 other companies were hit by a spear phishing attack which resulted in theft of intellectual property from Google and probably other companies. Spear phishing is a targeted …

AcuSensor, curl and Zen Cart
December 9, 2009 – 7:10 pm | 7 Comments

Recently we’ve released a new build, build number 20091124. This build includes a new AcuSensor check named “curl_exec() url is controlled by user”. This new check will verify if the user can control the URL passed to curl_exec.
In …

Changes coming to the OWASP Top 10 in 2010
December 3, 2009 – 8:24 pm | 8 Comments

In the spirit of improving Web application security worldwide the folks at OWASP have released the OWASP Top 10 2010 “release candidate”. It’s currently open for comments and scheduled for final release the first quarter …

PHP “multipart/form-data” denial of service
November 20, 2009 – 7:07 pm | 4 Comments

PHP version 5.3.1 was just released. This release contains a patch for a denial of service condition we’ve reported some time ago.
The problem is related with PHP’s handling of RFC 1867 (Form-based File Upload in …

US Air Force uses Acunetix WVS to identify and mitigate web application vulnerabilities
November 16, 2009 – 7:03 pm | 4 Comments

The US Air Force’s mission is to fly, fight and win… in air, space and Cyberspace.  US Air Force has an elite force defending people from millions of cyber attacks every day in their newest …

Looking back at 2009 through SQL Injection goggles
November 11, 2009 – 8:00 pm | 4 Comments

The earliest public mention I could find of SQL Injection (‘piggybacking SQL statements’ as the author put it) was from someone who called himself Rain Forest Puppy (RFP). In 1998 RFP wrote an article for …

CubeCart 4 session management bypass leads to administrator access
October 29, 2009 – 8:13 pm | 11 Comments

Release Date: 2009/10/29
Author: Bogdan Calin (bogdan [at] acunetix [dot] com)
Severity: Critical
Vendor Status: Vendor has released an updated version
Release Date: 2009/10/29
Author: Bogdan Calin (bogdan [at] acunetix [dot] com)
Severity: Critical
Vendor Status: Vendor has released …