- Joined
- Jan 8, 2019
- Messages
- 56,605
- Solutions
- 2
- Reputation
- 32
- Reaction score
- 100,451
- Points
- 2,313
- Credits
- 32,570
6 Years of Service
76%
Acunetix Premium is a web application security solution for managing the security of multiple websites, web applications, and APIs.
17 Jun 2025
Acunetix Premium - v25.5.0
New features
Added support for JAVA IAST Sensor running on WebLogic (Read more)
New security checks
Added JWT auth bypass for API
Added SAP NetWeaver Visual Composer Unrestricted File Uploading (CVE-2025-31324)
Added detection for Craft CMS Remote Code Execution (CVE-2025-32432)
Added check for missing X-Content-Type-Options header
Detection for Craft CMS Remote Code Execution vulnerability (CVE-2025-32432)
Improvements
Added regex to enhance detection of Stack Trace Disclosure in Django apps
Improved detection of JWTs signed with weak secrets
Added new security check for exposed nginx.conf and .htaccess files to enhance vulnerability detection
LDAP Injection detection added
Added detection for PII (Personally Identifiable Information) disclosure vulnerabilities
New detection for database connection strings in JSON responses to improve sensitive data exposure coverage
Scanner updated to support scanning targets with NTLM Authentication from Linux
Resolved issues
Fixed false positive for Cleo Harmony/VLTrader/LexiCom RCE detection
Corrected version comparison logic in "Scripts\WebApps\drupal_3.script"
https://www.acunetix.com/changelogs/acunetix-premium/v25-5-0-17-june-2025Old Version
Acunetix Premium is a web application security solution for managing the security of multiple websites, web applications, and APIs.
Changelog:
Acunetix Premium - v25.4.0
New security checks
Added a check for CrushFTP Authentication Bypass (CVE-2025-31161)
Added a check for Ingress-Nginx "IngressNightmare" RCE (CVE-2025-1974)
Added a check for Vite Arbitrary File Read (CVE-2025-30208, CVE-2025-31125)
Added a check for Kentico Staging API Auth Bypass
Improvements
Updated Node to version...
