Search

Traffic File Update - December 2013

This Traffic IQ Professional update for December 2013 contains the latest application exploits, threats and security evasion techniques along with technical data and high quality security rules.

Traffic IQ Professional

Traffic File Update for December 2013

126 Application Exploits

Ametys CMS 3.5.2 XPath Injection Vulnerability S
Apple Motion OZDocument parseElement() Function Integer Overflow Vulnerability S
Avira Secure Backup CVE-2013-6356 Buffer Overflow Vulnerability S
Beetel TC1-450 Airtel Cross Site Request Forgery Vulnerability S
Beetel TC1-450 Airtel Cross Site Request Forgery Vulnerability_1 S
Beetel TC1-450 Airtel Cross Site Request Forgery Vulnerability_2 S
Beetel TC1-450 Airtel Cross Site Request Forgery Vulnerability_3 S
Beetel TC1-450 Airtel Cross Site Request Forgery Vulnerability_4 S
Beetel TC1-450 Airtel Cross Site Request Forgery Vulnerability_5 S
Beetel TC1-450 Airtel Cross Site Request Forgery Vulnerability_6 S
Beetel TC1-450 Airtel Cross Site Request Forgery Vulnerability_7 S
C2C Forward Auction Center SQL Injection Vulnerability S
Cisco EPC3925 Cross Site Request Forgery Vulnerability S
Cisco EPC3925 Cross Site Request Forgery Vulnerability_1 S
Classifieds Creator 2.0 SQL Injection Vulnerability S
CoolPlayer Portable 2.19.4 (.m3u) Stack Buffer Overflow Vulnerability S
Cythosia Botnet socks5.php SQL injection Vulnerability S
Evince PDF Reader PDF File Remote Denial Of Service Vulnerability S
Hanso Player '.ogg' File Remote Buffer Overflow Vulnerability S
HTTP Apache Struts 'actionNames.action' CVE-2013-6348 XSS Vulnerability S
HTTP Apache Struts 'showConfig.action' CVE-2013-6348 XSS Vulnerability S
HTTP Apache Tomcat Manager Component CVE-2013-6357 CSRF Vulnerability S
HTTP appRain CVE-2013-6058 SQL Injection Vulnerability S
HTTP AskApache 3.0 Cross Site Request Forgery S
HTTP AskApache 3.0 Cross Site Request Forgery_1 S
HTTP Bugzilla 'attachment.cgi' CVE-2013-1734 CSRF Vulnerability S
HTTP Bugzilla 'process_bug.cgi' CVE-2013-1733 CSRF Vulnerability S
HTTP Bugzilla editflagtypes.cgi 'id' Cross Site Scripting Vulnerability S
HTTP Bugzilla editflagtypes.cgi 'sortkey' Cross Site Scripting Vulnerability S
HTTP Cisco EPC3925 'DdnsHostName' Parameter HTML Injection Vulnerability S
HTTP Cisco Security MARS CVE-2013-5563 XSS Vulnerability S
HTTP D-Link 2760N ddnsmngr.cmd username Parameter Reflected XSS Vulnerability S
HTTP D-Link 2760N ippcfg.cmd ippName Parameter Stored XSS Vulnerability S
HTTP D-Link 2760N portmapcfg.cmd groupName Parameter Reflected XSS Vulnerability S
HTTP D-Link 2760N prmngr.cmd PolicyName Parameter Stored XSS Vulnerability S
HTTP D-Link 2760N prmngr.cmd rmLst Parameter Stored XSS Vulnerability S
HTTP D-Link 2760N samba.cgi smbNetBiosName Parameter Stored XSS Vulnerability S
HTTP D-Link 2760N samba.cgi smbNetBiosName Parameter Stored XSS Vulnerability_1 S
HTTP D-Link 2760N scinflt.cmd fltName Parameter Stored XSS Vulnerability S
HTTP D-Link 2760N scoutflt.cmd Multiple Parameter Stored XSS Vulnerability S
HTTP D-Link 2760N scoutflt.cmd Multiple Parameter Stored XSS Vulnerability_1 S
HTTP D-Link 2760N scprttrg.cmd appName Parameter Stored XSS Vulnerability S
HTTP D-Link 2760N snmpconfig.cgi snmpRoCommunity Parameter XSS Vulnerability S
HTTP D-Link 2760N sntpcfg.cgi ntpServer1 Parameter Stored XSS Vulnerability S
HTTP D-Link 2760N todmngr.tod username Parameter Stored XSS Vulnerability S
HTTP D-Link 2760N urlfilter.cmd TodUrlAdd Parameter Stored XSS Vulnerability S
HTTP Fortinet FortiAnalyzer SYSAdminUserDialog page CVE-2013-6826 CSRF Vulnerability S
HTTP GLPI Improper Access Control in GLPI CVE-2013-5696 Vulnerability S
HTTP GLPI PHP Code Execution CVE-2013-5696 Vulnerability S
HTTP Gnew CMS CVE-2013-5640 Multiple SQL Injection Vulnerabilities S
HTTP Gnew CMS CVE-2013-5640 Multiple SQL Injection Vulnerabilities_1 S
HTTP Gnew CMS CVE-2013-5640 Multiple SQL Injection Vulnerabilities_2 S
HTTP Gnew CMS CVE-2013-5640 Multiple SQL Injection Vulnerabilities_3 S
HTTP Gnew CMS CVE-2013-5640 Multiple SQL Injection Vulnerabilities_4 S
HTTP Gnew CMS CVE-2013-5640 Multiple SQL Injection Vulnerabilities_5 S
HTTP Gnew CMS CVE-2013-5640 Multiple SQL Injection Vulnerabilities_6 S
HTTP Gnew CMS CVE-2013-5640 Multiple SQL Injection Vulnerabilities_7 S
HTTP Horde GroupWare Web Mail Edition CVE-2013-6364 XSS Vulnerability S
HTTP Horde GroupWare Web Mail Edition CVE-2013-6365 CSRF Vulnerability S
HTTP HP 2620 Switch Series 'json.html' CVE-2013-6852 CSRF Vulnerability S
HTTP ImpressPages CMS 'instanceId' Cross Site Scripting Vulnerability S
HTTP ImpressPages CMS 'pageId' Parameter SQL Injection Vulnerability S
HTTP Juniper Networks JUNOS EmbedThis AppWeb Web Server XSS Vulnerability S
HTTP Microsoft .NET Framework CVE-2011-3415 URI Open Redirection Vulnerability S
HTTP MyBB ajaxfs.php 'tooltip' Parameter SQL Injection Vulnerability S
HTTP MyBB ajaxfs.php 'usertooltip' Parameter SQL Injection Vulnerability S
HTTP nginx CVE-2013-4547 URI Processing Security Bypass Vulnerability S
HTTP Practico index.php Admin User Creation CSRF Vulnerability S
HTTP Practico index.php Multiple Parameter XSS Vulnerabilities S
HTTP ProjeQtOr 'objectId' Parameter SQL Injection Vulnerability S
HTTP ProjeQtOr 'objectId' Parameter SQL Injection Vulnerability_1 S
HTTP ProjeQtOr CVE-2013-6163 'main.php' Cross Site Scripting Vulnerability S
HTTP ProjeQtOr CVE-2013-6163 'parameter.php' Cross Site Scripting Vulnerability S
HTTP RBS Change 3.6.8 Cross Site Scripting Vulnerability S
HTTP RUCKUS WIRELESS Zoneflex 'device.asp' Authentication Bypass Vulnerability S
HTTP RUCKUS WIRELESS Zoneflex 'internet.asp' Authentication Bypass Vulnerability S
HTTP RUCKUS WIRELESS Zoneflex 'local_network.asp' Authentication Bypass Vulnerability S
HTTP RUCKUS WIRELESS Zoneflex 'reboot.asp' Authentication Bypass Vulnerability S
HTTP RUCKUS WIRELESS Zoneflex 'wireless.asp' Authentication Bypass Vulnerability S
HTTP Synology DiskStation Manager Arbitrary File Download S
HTTP Synology DiskStation Manager Directory Traversal Vulnerability S
HTTP Synology DiskStation Manager Remote File List S
HTTP TOSHIBA e-Studio Admin Password Manipulation CSRF Vulnerability S
HTTP UNICORN WB-3300NR Router DNS Settings Alter CSRF Vulnerability S
HTTP UNICORN WB-3300NR Router Factory Reset CSRF Vulnerability S
HTTP UNICORN WB-3300NR Router WPA Password Disclosure CSRF Vulnerability S
HTTP WordPress Ad-minister Plugin 'key' Paramter Cross Site Scripting Vulnerability S
HTTP WordPress WP-Cron 1.1.5 Cross Site Scripting Vulnerability S
HTTP WordPress WP-Cron 1.1.5 Cross Site Scripting Vulnerability_1 S
HTTP YUI 'uploader.swf' CVE-2013-6780 Cross Site Scripting Vulnerability S
IBM Cognos Business Intelligence XML External Entity Information Disclosure Vulnerability S
iScripts MultiCart 2.4 Cross Site Request Forgery Vulnerability S
iScripts MultiCart 2.4 Cross Site Request Forgery Vulnerability_1 S
iScripts MultiCart 2.4 Cross Site Scripting Vulnerability S
JPEGView 'Image Top Position' Sign Extension Buffer Overflow Vulnerability S
KMPlayer WAV File Handling Divide by Zero DoS Vulnerability S
Light Alloy '.m3u' File CVE-2013-6874 Buffer Overflow Vulnerability S
Lowest Unique Bid Auction SQL Injection Vulnerability S
MijoSearch 2.0.1 Cross Site Scripting Vulnerability S
MijoSearch 2.0.1 Path Disclosure Vulnerability S
NagiosQL 3.2.0 SP2 Cross Site Scripting Vulnerability S
NewsAktuell PressePortal DE SQL Injection Vulnerability S
Open DC Hub 'MyInfo' Message Remote Stack Buffer Overflow Vulnerability S
Osclass 3.3 Cross Site Request Forgery Vulnerability S
Osclass 3.3 Cross Site Request Forgery Vulnerability_1 S
Osclass 3.3 Directory Traversal Vulnerability S
Osclass 3.3 Directory Traversal Vulnerability_1 S
Osclass 3.3 Directory Traversal Vulnerability_2 S
Osclass 3.3 SQL Injection Vulnerability S
Osclass 3.3 SQL Injection Vulnerability_1 S
osCmax e-Commerce 2.5.3 Cross Site Scripting Vulnerability S
osCmax e-Commerce 2.5.3 Object Injection Vulnerability S
phpThumb 1.7.12 Server Side Request Forgery Vulnerability S
Piwigo 2.5.3 Cross Site Request Forgery Vulnerability S
Piwigo 2.5.3 Cross Site Request Forgery Vulnerability_1 S
Plogue Sforzando 'AriaSetup.xml' Product Value Handling Buffer Overflow Weakness S
ProVJ Playlist Processing Buffer Overflow Vulnerability S
SoftMaker TextMaker Crafted TMW File Memory Corruption Vulnerability S
VideoSpirit Crafted VISPRJ File Handling Buffer Overflow Vulnerability S
VideoSpirit Crafted VISPRJ File Handling Buffer Overflow Vulnerability_1 S
Watermark Master '.wstyle' File Handling Buffer Overflow Vulnerability S
WordPress Folo Theme Cross Site Scripting Vulnerability S
WordPress Optinfirex Cross Site Scripting Vulnerability S
WordPress Orange Cross Site Request Forgery Vulnerability S
WordPress Orange Cross Site Request Forgery Vulnerability_1 S
WordPress WP Realty Cross Site Scripting Vulnerability S


idappcom - Auditing, verifying and enhancing the capabilities of corporate security defences.

We do not use cookies for tracking users, displaying customised content or storing information about users, other than that required to maintain 'session state' for the login system for registered users. Please read our cookie policy for more information. Please note that by using this site you are consenting to the use of cookies.