Acunetix Premium - v9.0.20131216

New Features

Improvements

  • Improved test for WordPress OptimizePress Theme file upload vulnerability.
  • The scanner will now indicate that a scan can take long time to complete, allowing the user to tweak the scan settings if needed.
  • Various improvements to the Login Sequence Recorder
  • Improved the test looking for possible form caching (look for missing “pragma: no-cache” header).
  • It is now possible to use multiple input values for HTML inputs using the format: $(choice1,choice2). These can be configured from Configuration > Scan Settings > Input Fields.
  • Speed improvements gained by streamlining the number of requests performed by some checks.
  • Better handling of some uncommon HTTP status codes.
  • The user-agent of the Login Sequence Recorder can now be configured to use the one configured in WVS (by default, it uses Internet Explorer)
  • Directory Traversal script now provides better handling of Java Web Applications.
  • Improved the calculation of the average response time during a scan

Bug Fixes

  • Sites with a high response time were showing incorrect scan statistics.
  • Fixed rewrite detection on nginx servers with phpfastcgi.
  • Fixed some false positives in SQL Statement in comment.
  • Better handling of very long VIEWSTATE strings.
  • Improved handling of Windows based websites by providing better support for case insensitive filesystems
  • Scan from HTTP Proxy log entry was not working correctly
  • Fixed a crash caused by specific characters in the URL Encoded Post Data
  • Fixed a false positive in Script_Source_Code_Disclosure.script
  • Fixed some false positives in error messages.
  • Web Services: fixed Out of Bounds error when importing invalid WSDLs.