Skip to content

Release 1.2.4
Compare
Choose a tag to compare
@ilmila ilmila released this 22 Nov 18:49
v1.2.4
764ace9
  • Added detection for JBoss jBPM Admin Console
  • Added check for Spring Boot Actuator console
  • Improved LFI module with new UTF-8 payloads
  • Improved EL Injection with new payloads
  • Added check for Apache Roller OGNL Injection (CVE-2013-4212)
  • Added check for Apache Struts 2 S2-023 - thanks to @h3xstream
  • Added check for Weblogic Admin Console Weak Password
  • Added check for Oracle Application Server multiple file disclosure issues
  • Added check for Oracle Log Database Accessible
  • Added check for AJP service identification
  • Added check for Weblogic UDDI Explorer SSRF (CVE-2014-4210)
  • Improved performance for passive checks
  • Improved Apache Wicket Information Disclosure
  • Improved J2EE incorrect exception handling
  • Added check for End Of Life Software - Jetty
  • Added check for End Of Life Software - Tomcat
  • Added check for End Of Life Software - Oracle Application Server
  • Added check for Oracle Application Server version
  • Added check for Oracle Glassfish version
  • Added check for Oracle Weblogic version
  • Added check Apache Struts OGNL Console
  • Added check for Happy Axis
Assets 2
Loading