Acunetix updated to detect vulnerabilities including Blind Out-of-band SQLi and RCE

Acunetix Web Vulnerability Scanner version 10 (build 20150707) has been updated to include new vulnerability checks, including the detection of Same Origin Method Execution, XSLT Injection, Blind Out-of-band Remote Code Execution and Blind Out-of-band SQL Injection. This build also includes various updates to the new Login Sequence Recorder. The following is a full list of […]

Read More →

XML external entity injection via REST APIs

The new version of Acunetix Web Vulnerability scanner comes with improved support for scanning REST APIs. When Acunetix WVS finds an REST API definition (via a WADL file or from Acunetix DeepScan) it also scans this API resource for XML external entity injection vulnerabilities. If it receives a REST API resource from Acunetix DeepScan and […]

Read More →

Improved support for Ruby on Rails web applications

Aside from better scanning of Java/J2EE web applications, Acunetix WVS version 10 comes with improved support for web applications built using the popular framework Ruby on Rails. A lot of new Rails specific tests were added in the new version. For example, many Rails developers use Rails scaffolding. Rails scaffolding is a quick way to […]

Read More →

Better scanning of Java / J2EE web applications

With the release of Acunetix WVS version 10, we’ve introduced a lot of improvements on how we test Java web applications. Java web applications are notoriously hard to scan automatically for many reasons, the most important one being session management. This type of application will frequently invalidate user sessions, making the process of crawling and […]

Read More →

Delegate tasks, limit access and stay in control with Acunetix OVS Multi-User Access

A new feature to the online version of Acunetix – Acunetix Online Vulnerability Scanner (OVS) now allows the owner of an account to create child users, delegating vulnerability scanning and reporting tasks to other users and at the same time auditing their actions. This increased flexibility has been introduced following feedback from current users, who […]

Read More →

Acunetix OVS Update Spots Vulnerabilities with Military Precision

An important update has just been rolled out to Acunetix Online Vulnerability Scanner (OVS) which includes 2 features unique to Acunetix – AcuSensor and AcuMonitor. Both technologies have been successfully used in Acunetix WVS to enhance scan results by improving vulnerability detection and detecting difficult to detect vulnerabilities such as Blind XSS, reducing false positives […]

Read More →

Acunetix WVS v9.5 build 20140902 detects Hibernate Query Injection, Format Strings and more

Acunetix Web Vulnerability Scanner version 9.5 build 20140902 has been updated to include new vulnerability checks, including detection of Hibernate Query Injection, format strings vulnerabilities, MySQL username disclosure and others, including some, in well-known web applications. This new build also optimises existing checks, including its XSS and SQL Injection detection scripts. The following is a […]

Read More →

Acunetix WVS v9.5 build 20140602 includes new vulnerability checks for popular web applications and platforms

Acunetix Web Vulnerability Scanner version 9.5, build 20140602, identifies new vulnerabilities in Google Web Toolkit™, Joomla!, Parallels Plesk, nginx, and a number of WordPress plugins including the popular All in One SEO plugin. The following is the full list of updates included in this release. New Functionality Added a check for Open Flash Chart ‘ofc_upload_image.php’ […]

Read More →