Blog/

Get Proof of Concept for XSS and SQL Injections with SmartScanner v1.24

By SmartScanner

We’re excited to announce the release of SmartScanner Version 1.24! This version comes packed with new features, important improvements, and updates aimed at enhancing the performance and accuracy of your web vulnerability scanning. Here’s a breakdown of what’s new:

New Features:

  1. Proof of Concept (POC) for XSS and SQL Injection Vulnerabilities
    To make vulnerability testing more practical, we’ve added POC generation for both Cross-Site Scripting (XSS) and SQL Injection vulnerabilities. This allows you to better understand the potential impact of detected vulnerabilities.

  2. SQL Injection for MemSQL Database
    We’ve expanded our SQL injection tests to now include MemSQL, enhancing support for a wider range of database systems.

  3. Test for PHP CGI Argument Injection RCE SmartScanner now tests for PHP CGI Argument Injection Remote Code Execution (RCE) vulnerabilities, including CVE-2024-4577 and CVE-2012-1.24, providing better protection against remote exploitation.

  4. Separate Classification Section in Vulnerability Details
    Vulnerability reports now include a separate classification section, helping you quickly identify the type and severity of each issue.

Improvements:

  • Better XSS Detection in Script Tags
    Enhanced our XSS detection algorithm, improving identification of malicious scripts within <script> tags.

  • Improved Error Detection
    We’ve fine-tuned error detection for more accurate reporting, reducing false positives and negatives.

Bug Fixes:

  • Fixed Incorrect PHP Error Detection
    Addressed an issue with PHP error detection that occasionally misclassified non-errors as detailed PHP errors.

Updates:

We’ve also updated the detection for several vulnerable software versions to ensure your scans are up to date:

  • OpenSSL
  • Nginx
  • Apache
  • Tomcat
  • PHP
  • WordPress

How to Upgrade:

If you’re already using SmartScanner, upgrading to version 1.24 is simple! Download the latest version and follow the installation instructions to take advantage of these new features and improvements.

Stay secure and thank you for continuing to trust SmartScanner for your web application security needs!

Download SmartScanner Free Version

You might also like:

Test for Drupal and Joomla! vulnerabilities with SmartScanner version 1.4

Test Apache Tomcat and Apache Struts Vulnerabilities with SmartScanner 1-14

Host Header Injection and Python Tests with SmartScanner 1.11

Scan security of your website with SmartScanner for free

Download