New build detects an unfixed WordPress file deletion vulnerability, vulnerabilities in WordPress plugins and Joomla! Core

Acunetix v12 (build 12.0.180628131) has been released. This new build detects an unfixed WordPress file deletion vulnerability, vulnerabilities in multiple WordPress Plugins and two Joomla! Core vulnerabilities. Below is a full list of updates. New Features and Vulnerability tests New test for WordPress Arbitrary File Deletion Vulnerability described here and here (CVE-2018-12895) Added detection of […]

Read More →

Visit us at OWASP AppSec EU 2018

Acunetix will be exhibiting at OWASP AppSec in London between the 2nd and 6th July 2018 at the Queen Elizabeth 11 Centre (QE2) The OWASP Annual AppSec EU Security Conference, is the premier application security conference for European developers and security experts. We invite all customers and partners to visit us at Stand 01 in […]

Read More →

New build adds detection of vulnerabilities in WordPress, Django, multiple Spring Framework and Atlassian products

Acunetix v12 (build 12.0.180619111) has been released. This new build introduces new vulnerability checks for WordPress, Django, multiple Spring Framework and Atlassian products. Below is a full list of updates. New Features and Vulnerability tests Spring Data Commons RCE via Spring Expression Language (SpEL) injection (CVE-2018-1273) Atlassian OAuth Plugin IconUriServlet SSRF, affecting multiple Atlassian products […]

Read More →

Deserialization Vulnerabilities: Attacking Deserialization in JS

At ZeroNights 2017 conference, I spoke about “Deserialization vulnerabilities in various languages”. For my presentation, I used an interesting article about two serialization packages of Node.js. I showed them as examples of vulnerable implementations of deserialization processes. In this post, I’d like to show results of my own research and a new approach of attacking […]

Read More →

New build adds detection for Oracle Weblogic, PHPUnit, Edge Side Include Injection and more

Acunetix v12 (build 12.0.180611183) has been released. This new build introduces new vulnerability checks for Oracle Weblogic, PHPUnit, Edge Side Include Injection and other vulnerabilities. The new build also includes a good number of updates and several important fixes. Below is a full list of updates. New Features and Vulnerability tests Introduced system to automatically […]

Read More →

How to import Targets into Acunetix

If your Targets are already configured in another application, such as an Asset Management application, you might want to export the Targets from the 3rd party application and import them into Acunetix. This will save on the Target Configuration time. You can import a number of Targets into Acunetix using a .csv file. Proceed as […]

Read More →

How fast is Acunetix v12?

Acunetix version 12 ships with a new scanning engine which has been rewritten from scratch. One of the benefits of the new scanning engine is an improvement in scanning speed. Our tests indicate that the scanning time of some scans has been halved. This is partially due to a higher number of simultaneous requests being […]

Read More →