Acunetix Premium - v12.0.181012141

New Vulnerability Checks

• New check for Content Security Policy (CSP) not implemented
• New check for Subresource Integrity (SRI not implemented
• New check for Node.js web application source code disclosure
• New check for Ghostscript RCE via file upload
• New check for Paperclip Server-Side Request Forgery (SSRF) via file upload (CVE-2017–0889)
• New check for WPEngine _wpeprivate/config.json information disclosure
• New check for Cross site scripting in HTTP-01 ACME challenge implementation
• New check for npm log file disclosure
• New check for PHP-CS-Fixer cache file disclosure
• Multiple new WordPress and Joomla vulnerability checks

Updates

• License keys can now be updated via the Acunetix web UI
• Additional memory improvements
• Improved exclusion of parameters
• Multiple updates to existing vulnerability checks
• Improved CORS origin validation failure checks
• Improved Pickle Serialization check

Fixes

• Manual Intervention was not working after a paused scan is resumed
• Scans for some sites using Digest HTTP Authentication were stopping unexpectedly
• Additional fixes for issues causing scans exiting unexpectedly
• Fixed issue causing many product update requests when proxy authentication is incorrectly configured
• Fixed: Some backup files / folders were not being identified
• Some vulnerabilities were incorrectly reported in the site root
• Fixed issue in similar page detection causing scans to take longer than expected
• Fixed issue causing valid sessions not to be identified correctly during the scan