Identify the Heartbleed Bug with Acunetix Vulnerability Scanner

Featured Article

The Aftermath of the Heartbleed Bug

April 17, 2014 - 09:34am

The Heartbleed bug, a security flaw in the popular OpenSSL library used for data encryption, has taken the web security world by storm, and the victim toll has started to rise. The first reported victims include the Canada Revenue Agency ... [+]


Four skills that will make you a better Web security professional

Four skills that will make you a better Web security professional

People who are at the top of their games such as Formula One engineers, neurosurgeons, stunt pilots and so on have one thing in common: they all have finely-tuned technical skills. This is not just specific knowledge of what they … [+]

Acunetix WVS Version7 build 20101012 released

An updated build of Acunetix WVS Version 7 has been released.  It includes two bug fixes. Bug fixes: … [+]

Why all the hoopla over the Twitter onMouseOver flaw?

Why all the hoopla over the Twitter onMouseOver flaw?

The recent publicity and ranting about Twitter’s onMouseOver flaw* got me thinking about our perception of software quality and expectations of risk. Why is there no room for error when Twitter makes a mistake yet we put up with so … [+]

Acunetix WVS Version 7 build 20100921 released

Acunetix WVS Version 7 build 20100921 released

An updated build of Acunetix WVS Version 7 has been released.  Apart form a number of improvements and bug fixes, this build will also automatically check for the latest OpenX OFC file upload and the ASP.NET padding Oracle vulnerabilities. New … [+]

How to check if your application is vulnerable to the ASP.NET Padding Oracle Vulnerability

How to check if your application is vulnerable to the ASP.NET Padding Oracle Vulnerability

Everybody’s talking about the ASP.NET Padding Oracle vulnerability released a few days ago at the ekoparty Security Conference. However, until now there wasn’t enough information on how do you check if your application is vulnerable or not. Yesterday, Duncan Smart … [+]

Why do so many people buy into "checklist" audits?

Why do so many people buy into "checklist" audits?

Probably my biggest pet peeve related to application security is the claim by many (typically management) that “We know we’re secure, we just had an audit”. I can’t tell you how many times I’ve seen this situation. Management will require … [+]

Directory Traversal in Axigen v7.4.1 running on Windows

Directory Traversal in Axigen v7.4.1 running on Windows

We are continuing with the list of security vulnerabilities found in a number of web applications while testing our latest version of Acunetix WVS v7 . In this blog post, we will look into the details of a very serious … [+]

Ways to avoid email floods when running Web vulnerability scans

Ways to avoid email floods when running Web vulnerability scans

If you’ve ever ran a Web vulnerability scan you’ve likely experienced this situation. You fire up your scanner, tweak your settings, and click Start. The next thing you know people in customer service, marketing, IT, etc. are wondering why they’re … [+]

SQL Injection and XSS vulnerabilities in CubeCart version 4.3.3

SQL Injection and XSS vulnerabilities in CubeCart version 4.3.3

We are continuing with the list of security vulnerabilities found in a number of web applications while testing our latest version of Acunetix WVS v7 . In this blog post, we will look into the details of a number of … [+]

Web Security problems in Zenphoto version 1.3

Web Security problems in Zenphoto version 1.3

We are continuing with the list of security vulnerabilities found in a number of web applications while testing our latest version of Acunetix WVS v7 . In this blog post, we will look into the details of a number of … [+]