I was testing our scanner (with AcuSensor enabled) on Drupal (http://www.drupal.org) and the scanner found a possible File Inclusion vulnerability. As you can see from the screenshot above, the GET variable q was set to start/../../xxx….end and it got partially sanitized. It reached the include…
Acunetix Web Vulnerability Scanner Voted Windowsecurity.Com Readers’ Choice Award Winner for the second time
Acunetix WVS Singled Out by Network Security Administrators and Specialists London, UK – 26 February 2009 – Leading Windows Security resource site, WindowSecurity.com, announced today that Acunetix Web Vulnerability Scanner was selected the winner in the Web Application Security category of the WindowSecurity.com Readers’ Choice Awards….
American Express website vulnerable… again!
A few days ago a Cross-site-scripting vulnerability was discovered and reported on the American Express Site. A XSS vulnerability can allow attackers to steal user authentication cookies from americanexpress.com, thus leading to an account hijack. As web-security consultant Joshua D.Abraham said, web developers addressed only…
What do American Express and Facebook have in common?
Cross Site Scripting seems to be the word of the past few days with high profile sites getting featured on the technology news sites. ZDNet reported how Facebook just fixed four XSS security flaws affecting their developer’s page, the iPhone login page, the new users…
Facebook Worm on the Loose
A worm abusing Facebook‘s messaging system is making rounds between friends. It consists of an executable worm known as Koobface that runs on the victim’s computer and searches for Facebook cookies on his or her computer. It will then use these cookies to hijack an…
Acunetix releases Acunetix Web Vulnerability Scanner Version 6
We are proud to announce the launch of Acunetix Web Vulnerability Scanner Version 6. With this latest version, Acunetix is launching the new cutting edge AcuSensor Technology, which basically consists of application sensors that allow developers to identify many more vulnerabilities than when using a…
Acunetix Launches New Revolutionary Web Application Scanning Technology
Innovative AcuSensor Technology sets new standards in Web Vulnerability Scanning London, 29 October 2008 – Acunetix (www.acunetix.com), a pioneer on web application security scanning technology, has announced the release of the cutting edge AcuSensor Technology with the launch of version 6.0 of Acunetix Web Vulnerability Scanner,…
The Hacking of US Department of Homeland Security’s Website Highlights Dangers
Acunetix Web Vulnerability Scanner can be used to protect websites from the increasing threat of SQL injection attacks like the one on the DHS London, May 6, 2008 – Acunetix (www.acunetix.com), a pioneer on web application security scanning technology, has announced that the sophisticated SQL…
Acunetix Web Vulnerability Scanner Voted Windowsecurity.Com Readers’ Choice Award Winner
Acunetix Singled Out by Network Security Administrators and Specialists London, UK – 26 February 2008 – Leading Windows Security resource site, WindowSecurity.com, announced today that Acunetix Web Vulnerability Scanner was selected the winner in the Web Application Security Solution category of the WindowSecurity.com Readers’ Choice Awards….