Acunetix Premium - v8.0.20120808

New Feature

  • Acunetix WVS will alert the user if a web application firewall or IDS are detected

New Security Checks

  • Added a security check for FCKeditor cross site scripting vulnerability
  • Added a test for Liferay json Auth Bypass
  • Acunetix WVS now checks for Server Side Request Forgery
  • Added several security checks for IBM Tivoli Access Manager Web Server vulnerabilities
  • New security check for vulnerabilities in SharePoint Could Allow Elevation of Privilege (MS12-050)
  • Acunetix WVS now cheks for several DotNetNuke vulnerabilities (popular ASP.NET CMS)
  • Added a new security check for exposed Apache Solr Service
  • Remote code execution tests for Umbraco asp.net CMS software
  • Check for SWFUpload applet vulnerability in a large number of web applications
  • Added security checks for user controllable scripts and charsets

Improvements

  • Cross-site scripting (XSS) security checks were improved
  • HTTP Verb Tapering security script now bruteforces common or sensitive files and directories

Bug Fixes

  • Fixed: Incorrect handling of Internet Explorer’s Javascript substr implementation
  • Fixed: Login Sequence Recorder; ssl_write result was not handled correctly resulting in data not rendering correctly
  • Fixed: Display problem; alert/child count was not displayed correctly in some cases
  • Fixed: Developer report was not showing long urls in coverage report
  • Fixed: Saved credentials were not persistent in general settings