X CLOSE

Enter your email below to sign up for latest updates from Appcheck NG.

placeholder+image
CLOSE

Simply complete the info below and we'll send you all you need to activate AppCheck NG and undertake your FREE scan.

Please enter individual IP addresses or ranges

Please enter full URLs for your web applications, and both http and https where appropriate

AppCheck NG Acknowledged by Microsoft, EBay, AT&T and Adobe

Advanced Vulnerability Detection The Appcheck NG Web Application scanner is developed in conjunction with a team of around 20 experienced penetration testers and as such deploys the very latest techniques in vulnerability detection from the front lines. Included in those techniques is our ability to detect DOM Based Cross Site Scripting vulnerabilities using a combination […]

Read More

Security Flaw Fixed in Popular Joomla Extension VirtueMart (CVE-2015-2193)

On the 10th of February 2015 Appcheck reported several security flaws in the popular VirtueMart eCommerce extension for Joomla (Version 3.0.2). A fix has since been made available via http://virtuemart.net/ although no official announcement was released by the vendor. Cross Site Scripting (XSS) Cross Site Scripting (XSS) vulnerabilities occur when data submitted to the application […]

Read More

AppCheck-NG Updated to Detect CVE-2015-0235 (a.k.a. GHOST)

The “GHOST” vulnerability is a security flaw within a key component of the Linux Operating System. The affected component “gethostbyname” is found in the Linux GNU C Library that is used by all Linux programs. If an attacker can pass a specially crafted hostname to the affected function it may be possible to execute malicious […]

Read More

SafeNet SAS OWA Agent Directory Traversal Vulnerability

On the 18th August, 2014, AppCheck reported a Directory Traversal Vulnerability in the SafeNet SAS Outlook Web Access Agent that, without requiring any user authentication, allows a remote attacker to gain access to any file located on the remote server’s local hard drives. Vulnerability Summary The SafeNet Authentication Service (SAS) Outlook Web Access Agent (formally […]

Read More

Drupal 7 SQL Injection – Use AppCheck NG to Discover if You Are Affected

Drupal SQL Injection Detection Module added to AppCheck NG Background Drupal is a popular open source content management system (CMS). The CMS platform is used by hundreds of thousands of organisations globally and has one of the largest user communities. On 15th October 2014, a pre-authentication SQL injection vulnerability (CVE-2014-3704) was disclosed after a code audit of Drupal […]

Read More

Unpatched Vulnerabilities in Magento E-Commerce Platform

On April 8th 2014, AppCheck reported several Cross Site Scripting Vulnerabilities in the Magento e-commerce platform via the eBay bug bounty program.  eBay responded to inform us that the vulnerabilities had already been reported. However, since more than 6 months have passed and no fix is yet available, This advisory is intended to inform Magento […]

Read More

Shell Shock Vulnerability – Use AppCheck NG to Discover if You Are Affected

Proof of Concept exploit module added to AppCheck NG: Screenshot Background Bash (the Bourne Again Shell) is a command process, typically run on a text window, similar to the command prompt on Microsoft Windows systems which allows the user to type command which cause actions. On the 24th September 2014, a remote code execution vulnerability in […]

Read More

50,000 Websites Hacked Through Critical WordPress Vulnerability

Over 50,000 websites have been compromised within the first three weeks following the disclosure of a critical vulnerability in the MailPoet plugin (formerly known as Wysija Newsletter) for WordPress. The vulnerability allows the attacker to upload any content including PHP script files to the server without authentication. Successful exploitation of the vulnerability allows the attacker […]

Read More

Time for Better Web App Security As SQL & XSS Threats Surge

A recent report revealed a 32% increase in cross-site scripting (XSS) and SQL injection attacks on the web-facing and cloud applications that carry sensitive information about organisations and their customers. Advances in technology and ever-increasing knowledge around these attack techniques mean that this is set to increase. In light of this, organisations should brace themselves […]

Read More

Apache Struts Vulnerability – Use AppCheck NG to Discover if You Are Affected

Background Apache Struts 2 is an open-source web application framework for developing Java EE web applications. It uses and extends the Java Servlet API to encourage developers to adopt a model–view–controller (MVC) architecture. On April 24th the Apache Struts project released an advisory for a remote code execution vulnerability affecting all versions of Struts between […]

Read More
1 2 3 4