Changelogs

Acunetix Standard & Premium

RSS Feed

v11.0.171181742 - 27 Apr 2017

Copy Link Copy Link
Version 11 (build 11.0.171181742) – 27th April 2017

New Vulnerability Tests

Improvements

  • Various improvements to the WordPress checks

Bug Fixes

  • Fixed issue affecting checks on REST APIs
  • Fixed issue with Export to Imperva SecureSphere WAF

v11.0.171101535 - 20 Apr 2017

Copy Link Copy Link
Version 11 (build 11.0.171101535) – 20th April 2017

New Vulnerability Tests

Improvements

  • Improved Backup file checks
  • Various improvements to the WordPress checks
  • Added support for various JavaScript libraries in the Login Sequence Recorder and DeepScan

Bug Fixes

  • Virtual Host Audit check was not taking into consideration the Target Port and Scheme
  • Fixed DeepScan issue which caused infinite loop during auto-authentication for some web applications
  • Fixed issue in Login Sequence Recorder causing it not to load settings from the correct location

v11.0.170941159 - 04 Apr 2017

Copy Link Copy Link
Version 11 (build 11.0.170941159) – 4th April 2017

Improvements

  • The IP address or hostname of the Acunetix machine can be specified during the installation. This information is used to generate the SSL certificates used for the UI. This is required to avoid SSL errors
  • Update to Login Sequence Recorder and DeepScan improving compatibility with modern web applications
  • Target information is shown in “Scan Done” UI notifications
  • Various minor updates to the UI
  • Scan email notifications now include links to the scan results. Report email notifications include links to the report
  • Multiple updates to the WordPress and Joomla vulnerability checks

Bug Fixes

  • Fixed false positives caused by the PHP AcuSensor
  • Fixed 2 privilege escalation issues reported privately to Acunetix
  • Fixed false positive in WAF detection
  • Fixed UI issue caused by certain characters in the Target Description field

v11.0.170751531 - 16 Mar 2017

Copy Link Copy Link
Version 11 (build 11.0.170751531) – 16th March 2017

Updates

  • Check for Remote Code Execution (RCE) vulnerability in Apache Struts 2 (CVE-2017-5638)

v11.0.170611402 - 03 Mar 2017

Copy Link Copy Link
Version 11 (build 11.0.170611402) – 3rd March 2017

Updates

  • Multiple updates to the WordPress and Joomla vulnerability checks

Fixes

  • Fixed issue caused by UTF-8 characters in the login sequence filename
  • Fixed issue with Target address validation

v11.0. 170540920 - 23 Feb 2017

Copy Link Copy Link
Version 11 (build 11.0. 170540920) – 23rd February 2017

Updates

  • AcuMonitor registration setting is now remembered between license activations
  • Various updates to the WordPress and Joomla vulnerability checks
  • Acunetix now accepts .der, .p12 and .pfx file extensions for client certificates
  • Login Sequence Recorder (LSR) now better supports sites using ES6 features

Fixes

  • In certain situations, the auto-login details for a Target were not correctly stored, resulting the login credentials not being used during a scan
  • Fixed issue with parsing of addresses
  • Fixed issue causing auto-updating of the product to not be done for some licenses. Affected customers will be notified by email.

v11.0.170461052 - 15 Feb 2017

Copy Link Copy Link
Version 11 (build 11.0.170461052) - 15th February 2017

Updates

  • Creation of custom scanning profiles is possible from the Acunetix web UI.
  • Manual Intervention events can be configured as part of a Login Sequence for Captchas and two factor authentication
  • Retesting of vulnerabilities discovered by Acunetix
  • The ability to disable AcuMonitor at license activation
  • Comparison report for two scans of the same Target
  • Reports are now available in both PDF and HTML
  • The site structure is now shown in a hierarchical tree view
  • Excluded hours can be configured per Target, in which no scans will be performed by Acunetix
  • Added information on weak SSL key ciphers
  • The Acunetix license activation allows the user to opt out of AcuMonitor registration
  • Various updates to the WordPress and Joomla vulnerability checks

Fixes

  • Notifications for vulnerabilities discovered by AcuMonitor now include a link taking the user to the vulnerability identified
  • Various bug fixes in the UI
  • Changed scan status message when scanned target is not responsive
  • Fix in Relative Path Overwrite vulnerability check
  • Various updates and fixes related to AcuMonitor
  • Improved URL validation

v11.0.163541031 - 19 Dec 2016

Copy Link Copy Link
Version 11 (build 11.0.163541031) - 19th December 2016

New Features

  • Acunetix Enterprise users can now generate their API key to be used for the Acunetix API (contact sales@acunetix.com for more information on the API)
  • Selenium IDE files are now supported as Import files in Acunetix v11
  • The Acunetix Login Sequence Recorder can now edit login sequence files.

New Vulnerability Tests

Improvements

  • The Acunetix UI will show a message when the license is not activated.
  • The Login Sequence Recorder will make use of the proxy settings configured for the Target.
  • Better handling of cookies.

Bug Fixes

  • Fixed reports generated for targets that have not been scanned
  • Fixed allowance of empty Import Files to be uploaded for a Target
  • Some information returned by AcuSensor was not reflected in the vulnerability details
  • Fixed false positive in the ASP.NET debug mode check
  • Various minor updates and fixes
1 13 14 15 24