SmartScanner version 1.12 is out with a new 64bit build. Of course, we didn’t forget to include new tests.
Below are major changes in this release.
- New 64bit build along with the 32bit version
- New tests, focusing on web server vulnerabilities
- CRLF Injection in URL, that can occur because of misconfigurations in Nginx or other web servers
- Nginx Code Execution due to Misconfiguration
- Nginx CVE-2017-7529
- Django CVE-2018-14574
- WordPress CVE-2016-10033
- Now Referer and User-Agent headers are tested for XSS and other vulnerabilities by default. (You can disable it in the scan config)
- A critical bug causing random crashes fixed.
- Some false positives were removed and, many optimizations were done.
Read the changelog for details of new changes.
