Acunetix Premium - v9.0.20131009

New Features

  • Added a test looking for ReadMe documentation files. The information contained in these files could help an attacker identify the web application being used and sometimes the version of the application. It’s recommended to remove these files from production systems
  • Added a test for HTML injection vulnerabilities
  • Added a test for weak passwords in Joomla! Administrative interface
  • Added a test for weak passwords in the Django Administrative interface
  • Added a test for Wordpress PHP Object Injection affecting versions lower than 3.6.1

Improvements

  • Various updates in DeepScan resulting in improved site coverage
  • Update in the way that the HTTP Editor detects the host header from the URL
  • Acunetix now displays a warning if the user closes the application during a scan
  • The Port scanner timeout connection can be configured in milliseconds, allowing for further fine-tuning of the timeout

Bug Fixes

  • Fixed a crash in the user interface when certain components where updated from different threads
  • Base64 tool has been updated to ignore CRLF
  • Fixed issue causing the CSRF checks to never finish in some cases
  • Fixed issue causing the Reporter to invalidate the default report in some cases when the settings were changed
  • Fixed issue causing the default report button was not working in welcome screen
  • Fixed crawler stall when maximum number of pages reached
  • Fixed various memory leaks in crawler
  • Various updates to the Scanning Profiles