Acunetix Premium - v12.0.181218140

New Vulnerability checks

  • New test for Apache Solr XXE (CVE-2017-12629)
  • New test for RCE in Spring Security OAuth (CVE-2016-4977)
  • New test for Apache mod_jk access control bypass (CVE-2018-11759)
  • New test for Unauthenticated Stored XSS in WordPress Plugin WPML (CVE-2018-18069)
  • New test for ACME mini_httpd (web server) arbitrary file read (CVE-2018-18778)
  • New test for OSGi Management Console Default Credentials
  • New test for Flex BlazeDS AMF Deserialization RCE (CVE-2017-5641)
  • New test for common misconfigurations in ColdFusion
  • New test for AMF Deserialization RCE in ColdFusion (CVE-2017-3066)
  • New test for JNDI injection in ColdFusion (CVE-2018-15957)
  • New test for unauthenticated File uploading in ColdFusion (CVE-2018-15961)
  • New WordPress / WordPress plugin vulnerability checks


  • Improved the injection of payloads and other improvements in the handling of JSON data
  • Updated Chromium to fix Chromium vulnerability
  • Improved web application detection


  • Corrected LSR launch message for Linux installations
  • Fixed Update License issue on Internet Explorer
  • Fixed several memory leaks/scanner closing unexpectedly
  • Fixed issue affecting the processing of some content types
  • Some cookies were being added multiple times during the scan
  • Some redirects were not being correctly handled
  • Some requests generated by the scanner incorrectly contained two backslashes ('//')
  • Fixed issue in the Backup Folders checks going out of scope
  • Several minor fixes