Search

Traffic File Update - November 2014

This Traffic IQ Professional update for November 2014 contains the latest application exploits, threats and security evasion techniques along with technical data and high quality security rules.

Traffic IQ Professional

Traffic File Update for November 2014

134 Application Exploits

ADF JSF implementation (ADF Faces) Cross Site Scripting Vulnerability S
Adobe Coldfusion Information Disclosure Vulnerability S
Adobe Flash Player CVE-2013-0634 Code Execution Vulnerability S
Adobe Flash Player Type Confusion Code Execution Vulnerability S
Adobe Reader And Acrobat Integer Overflow Vulnerability S
Barracuda Networks Message Archiver 650 - Persistent XSS Vulnerability S
Creative Contact Form - Arbitrary File Upload Vulnerability S
Creative Contact Form - Arbitrary File Upload Vulnerability_1 S
Croogo CMS Multiple Cross Site Scripting Vulnerability S
Croogo CMS Multiple Cross Site Scripting Vulnerability_1 S
Croogo CMS Multiple Cross Site Scripting Vulnerability_2 S
Croogo CMS Multiple Cross Site Scripting Vulnerability_3 S
Croogo CMS Multiple Cross Site Scripting Vulnerability_4 S
Croogo CMS Multiple Cross Site Scripting Vulnerability_5 S
Croogo CMS Multiple Cross Site Scripting Vulnerability_6 S
Croogo CMS Multiple Cross Site Scripting Vulnerability_7 S
Croogo CMS Multiple Cross Site Scripting Vulnerability_8 S
Croogo CMS Multiple Cross Site Scripting Vulnerability_9 S
Elastix Cross Site Scripting and Remote Command Execution Vulnerability S
Emc Alphastor Device Manager Command Execution Vulnerability S
Enalean Tuleap CVE-2014-7176 SQL Injection Vulnerability S
EspoCRM install Cross Site Scripting Vulnerability S
EspoCRM install File Include Vulnerability S
EspoCRM installProcess Access Control Security Bypass Attempt S
Etiko CMS CVE-2014-8505 Cross Site Scripting Vulnerability S
Etiko CMS CVE-2014-8505 Cross Site Scripting Vulnerability_1 S
Etiko CMS CVE-2014-8506 SQL Injection Vulnerability S
Etiko CMS CVE-2014-8506 SQL Injection Vulnerability_1 S
Feng Office 1.7.4 - Cross Site Scripting Vulnerability S
Feng Office 1.7.4 - Cross Site Scripting Vulnerability_1 S
Ffmpeg Decode_Slice_Header Denial Of Service Vulnerability S
Folder Plus 2.5.1 iOS - Persistent XSS Vulnerability S
HP Operations Manager Cross Site Scripting Vulnerability S
HTTP AirVision Controller Admin Setting Manipulation CSRF Vulnerability S
HTTP CMS Subkarma Cross Site Scripting Vulnerability S
HTTP CMS Subkarma Cross Site Scripting Vulnerability_1 S
HTTP Comersus Sophisticated Cart Information Disclosure Vulnerability S
HTTP Epicor Enterprise CVE-2014-4312 Codes.asp XSS Vulnerability S
HTTP Epicor Enterprise CVE-2014-4312 ImportBudget_fr.asp XSS Vulnerability S
HTTP Epicor Enterprise CVE-2014-4312 search_item_bt.asp XSS Vulnerability S
HTTP Epicor Enterprise CVE-2014-4312 UserSearchDlg.asp XSS Vulnerability S
HTTP Epicor Enterprise CVE-2014-4312 UserSearchDlg.asp XSS Vulnerability_1 S
HTTP HumHub Modules Mail 0.5.8 Cross Site Scripting Vulnerability S
HTTP ManageEngine OpManager CVE-2014-6035 File Upload Vulnerability S
HTTP ManageEngine OpManager CVE-2014-6035 File Upload Vulnerability_1 S
HTTP ManageEngine OpManager CVE-2014-6035 File Upload Vulnerability_2 S
HTTP Megapolis Portal Manager Cross Site Scripting Vulnerability S
HTTP Megapolis Portal Manager Cross Site Scripting Vulnerability_1 S
HTTP mFi Controller Admin Setting Manipulation CSRF Vulnerability S
HTTP Mozilla Firefox and Thunderbird CVE-2014-1564 Information Disclosure Vulnerability S
HTTP Mozilla.org Cross Site Scripting Vulnerability S
HTTP Mozilla.org Cross Site Scripting Vulnerability_1 S
HTTP Mozilla.org Cross Site Scripting Vulnerability_2 S
HTTP Mozilla.org Cross Site Scripting Vulnerability_3 S
HTTP Mozilla.org Cross Site Scripting Vulnerability_4 S
HTTP Mozilla.org Cross Site Scripting Vulnerability_5 S
HTTP Mozilla.org Cross Site Scripting Vulnerability_6 S
HTTP Mozilla.org Cross Site Scripting Vulnerability_7 S
HTTP Mozilla.org Cross Site Scripting Vulnerability_8 S
HTTP Multdivision CMS AutoWeb 'noticias.php' SQL Injection Vulnerability S
HTTP Multiple Aztech Modem Routers Session Hijacking Vulnerability S
HTTP Multiple Aztech Routers 'AZ_Retrain.cgi' DoS Vulnerability S
HTTP MVO - Maquina Vendas Online SQL Injection Vulnerability S
HTTP MVO - Maquina Vendas Online SQL Injection Vulnerability_1 S
HTTP MyBB MyBBlog 1.0 Cross Site Scripting Vulnerability S
HTTP NuCom ADSLR5000UN Router guidewan.html Information Disclosure Vulnerability S
HTTP OpenMRS 2.1 'Allergy Page' Persistant XSS Vulnerability S
HTTP OpenMRS 2.1 'Register Patient' Persistant XSS Vulnerability S
HTTP OpenMRS 2.1 'Register Patient' Persistant XSS Vulnerability_1 S
HTTP OpenMRS 2.1 'Register Patient' Persistant XSS Vulnerability_2 S
HTTP OpenMRS 2.1 'Visit Notes Page' Persistant XSS Vulnerability S
HTTP OpenMRS 2.1 Cross Site Request Forgery Vulnerability S
HTTP OpenMRS 2.1 Reflected XSS Vulnerability S
HTTP OpenMRS 2.1 Reflected XSS Vulnerability_1 S
HTTP OpenMRS 2.1 Reflected XSS Vulnerability_2 S
HTTP OpenMRS 2.1 Reflected XSS Vulnerability_3 S
HTTP ParsaDev CMS Cross Site Scripting Vulnerability S
HTTP SavySoda WiFi HD Cross Site Request Forgery Vulnerability S
HTTP Snitz Forums 2000 Information Disclosure Vulnerability S
HTTP Spider Calendar Plugin for Joomla! index.php SQL Injection Vulnerability S
HTTP Toast Forums Information Disclosure Vulnerability S
HTTP TWiki 'debugenableplugins' Parameter Remote Code Execution Vulnerability S
HTTP UniFi Controller Admin Setting Manipulation CSRF Vulnerability S
HTTP WordPress EWWW Image Optimizer 2.0.1 Cross Site Scripting Vulnerability S
HTTP WordPress Google Calendar Events 2.0.1 Cross Site Scripting Vulnerability S
HTTP WordPress Video Player Plugin 'settings.php' SQL Injection Vulnerability S
HTTP WordPress WP Backup Plus Plugin Arbitrary File Download Vulnerabilitiy S
HttpCombiner ASP.NET - Remote File Disclosure Vulnerability S
Libpng Row Data Buffer Overflow Vulnerability S
LiteCart search.php Cross Site Scripting Vulnerability S
ManageEngine Desktop Central File Upload Vulnerability S
ManageEngine Desktop Central File Upload Vulnerability_1 S
ManageEngine Desktop Central File Upload Vulnerability_2 S
MaxButtons plugin for WordPress id Cross Site Scripting Vulnerability S
Megapolis.Portal Manager Cross Site Scripting Vulnerability S
Megapolis.Portal Manager Cross Site Scripting Vulnerability_1 S
Microsoft HTML Help Workshop Command Line Crafted String Handling Vulnerability S
Microsoft Windows CVE-2014-6352 OLE Remote Code Execution Vulnerability (MS14-064) S
Microsoft Windows CVE-2014-6352 OLE Remote Code Execution Vulnerability (MS14-064)_1 S
Mini-stream ASX to MP3 .m3u file Converter buffer overflow Vulnerability S
Mozilla Firefox And Thunderbird Onreadystatechange Events Denial Of Service Vulnerability S
Mozilla Firefox Cow Privilege Escalation Vulnerability S
Mozilla Firefox Crmf Code Execution Vulnerability S
Mozilla Firefox CVE-2013-0753 Code Execution Vulnerability S
Mozilla Firefox Domattrmodified Code Execution Vulnerability S
Mozilla Firefox Nsglobalwindow.Cpp Privilege Escalation Vulnerability S
Mozilla FirefoxReduceright Code Execution Vulnerability S
Multiple Mozilla Products Xslt Stylesheet Code Execution Vulnerability S
Multiple Xerox Products Postscript Code Execution Vulnerability S
MyBB MyBBlog 'mybblog.php' Cross Site Scripting Vulnerability S
Onlineon E-Ticaret Database Urun.Mdb Information Disclosure Vulnerability S
Pagekit Cross Site Scripting Vulnerability S
Pagekit Cross Site Scripting Vulnerability_1 S
Pagekit Open Redirection Vulnerability S
SAP Netweaver Enqueue Server Trace Pattern Denial Of Service Vulnerability S
Tenda A32 Router - CSRF Vulnerability S
Tenda A32 Router - CSRF Vulnerability_1 S
TomatoCart 1.x - SQL Injection Vulnerability S
TP-LINK WDR4300 Cross Site Scripting Vulnerability S
TWiki .htaccess File Upload Vulnerability S
vBulletin 4.x Verify Email Before Registration Plugin - SQL Injection Vulnerability S
WordPress Contact Form DB Plugin Cross Site Scripting Vulnerability S
WordPress Contact Form DB Plugin Cross Site Scripting Vulnerability_1 S
Wordpress CP Multi View Event Calendar 1.01 - SQL Injection Vulnerability S
WordPress Video Player Plugin 'settings.php' SQL Injection Vulnerability S
WordPress-Download-Manager-Arbitrary-File-Download Vulnerability S
WP Google Maps plugin for WordPress admin.php Cross Site Scripting Vulnerability S
WP Google Maps plugin for WordPress admin.php Cross Site Scripting Vulnerability_1 S
WP Google Maps plugin for WordPress admin.php Cross Site Scripting Vulnerability_2 S
YourMembers Plugin - Blind SQL Injection Vulnerability S
ZeroCMS 1.0 - Persistent Cross-Site Scripting Vulnerability S
ZeroCMS 1.0 - Persistent Cross-Site Scripting Vulnerability_1 S
ZeroCMS 1.0 - Persistent Cross-Site Scripting Vulnerability_2 S
ZTE Modem ZXDSL 531BIIV7.3.0f_D09_IN - Stored XSS Vulnerability S


idappcom - Auditing, verifying and enhancing the capabilities of corporate security defences.

We do not use cookies for tracking users, displaying customised content or storing information about users, other than that required to maintain 'session state' for the login system for registered users. Please read our cookie policy for more information. Please note that by using this site you are consenting to the use of cookies.