This new release of Acunetix Web Vulnerability Scanner version 8 – build 20130308– includes a number of new security tests, most of which are product-specific, as well as various improvements in Cross-Site Scripting (XSS) checks and various bug fixes in the scan scheduler.
- Added a test for Kayako Fusion v4.51.1891 - Multiple Web Vulnerabilities
- Added various tests for Apache Tomcat
- Added a test for CKEditor 4.0.1 Cross-Site Scripting vulnerability
- Added a test for Moveable Type 4.x Unauthenticated Remote Command Execution
- Implemented detection of Virtual Hosts on the target server
- Implemented jQuery 1.9 support
- Added a test for subversion 1.7 (.svn) repositories
- Added a test for Parallels Plesk SQL Injection Vulnerability (CVE-2012-1557).
- Implemented some tests looking for various Unicode transformation issues such as Best-Fit Mappings, Overlong byte sequences and Ill-Formed Sub-sequences
- Added header input schemes for folders
- Added identification of file names in input scheme parameter values. Any file names detected are subsequently crawled
- Various improvements to XSS tests
- Improved Possible_Sensitive_Directories script
- Improved jQuery attr() support
- Improved Virtual Host Directory Listing test
- The report of 404 – Page Not Found now instructs users to checks the Referrers tab for a list of pages linking to the broken link
- Fixed a crash that occurs infrequently when configuring a scheduled scan
- Fixed various minor issues in the scan scheduler
How to Upgrade
When you start Acunetix WVS 8, you will be notified that a new build is available to download. Navigate to the General > Program Updates node in the Tools explorer, click on Download and Install the new build.
You can see the complete Acunetix WVS change log here. If you have any technical questions, feel free to email the Acunetix Team on firstname.lastname@example.org. If you have any sales related questions or are interested in becoming an Acunetix Reseller, email the Sales Team - email@example.com.