Why Are Some Vulnerabilities Marked as Verified?

Starting from Acunetix Version 12 (build 12.0.190325161), Acunetix marks some vulnerabilities identified during a scan as verified. Verified vulnerabilities are vulnerabilities that Acunetix has detected with 100% certainty in the web application being scanned and thus they do not need to be manually verified. Acunetix can verify vulnerabilities with or without AcuSensor, although AcuSensor does […]

Read More →

New build highlights verified vulnerabilities, checks for Nagios XI RCE, Cisco ISE XSS, Rails File Content Disclosure

Acunetix version 12 (build 12.0.190325161 – Windows and Linux) has been released. This new build indicates which vulnerabilities are verified and includes vulnerability checks for RCE in Nagios XI, XSS in Cisco Identity Service Engine, Rails File Content Disclosure, Apache Solr Deserialization of untrusted data, Next.js arbitrary file read and an update to detect XSS […]

Read More →

New build checks for Drupal RCE, ThinkPHP RCE, vBulletin LFI and Typo3 Restler LFI

Acunetix version 12 (build 12.0.190227132 – Windows and Linux) has been released. This new build includes a good number of new vulnerability checks, including checks for the recently discovered Drupal Remote Code Execution vulnerability, another RCE in ThinkPHP, Local File Inclusion vulnerabilities in vBulletin and Typo3, Unauthorized Access vulnerabilities in FastGI and uWSGI and new […]

Read More →

New build checks for vulnerabilities in Apache products, Coldfusion, ACME mini_httpd and Spring Security

Acunetix version 12 (build 12.0.181218140 – Windows and Linux) has been released. This new build checks for vulnerabilities in Apache Solr, Apache mod)jk, Coldfusion, ACME mini_httpd, Spring Security. The new build also includes a number of updates and important fixes. The new vulnerability checks, updates and fixes are available for both Windows and Linux. New […]

Read More →

New build updates DeepScan and LSR, introduces support for Swagger and Kerberos Auth

Acunetix version 12 (Windows build 12.0.181203110, Linux build 12.0.181204095) has been released. This new build includes updates to DeepScan and Login Sequence Recorder (LSR). It also introduces support for Swagger and Kerberos HTTP Authentication in the Windows version and introduces support for NTLM HTTP Authentication in the Linux version. Also added a good number of […]

Read More →

New build adds detection for CSP, SRI, Node.js source disclosure and Ghostscript RCE vulnerabilities

Acunetix version 12 (build 12.0.181012141) has been released. This new build reports sites that do not implement Content Security Policy (CSP) or Subresource Integrity (SRI) and detects Node.js source disclosure, Ghostscript RCE, SSRF in Paperclip and other vulnerabilities. This new build has a good number of updates and some important fixes. Below is a full […]

Read More →