Search

Traffic File Update - May 2014

This Traffic IQ Professional update for May 2014 contains the latest application exploits, threats and security evasion techniques along with technical data and high quality security rules.

Traffic IQ Professional

Traffic File Update for May 2014

123 Application Exploits

A10 Networks ACOS Remote Buffer Overflow Vulnerability S
AlienVault 4.3.1 - Unauthenticated SQL Injection Vulnerability S
AlienVault 4.3.1 - Unauthenticated SQL Injection Vulnerability_1 S
BarracudaDrive 6.6 Cross Site Scripting Vulnerability S
BarracudaDrive 6.6 Cross Site Scripting Vulnerability_1 S
BarracudaDrive 6.6 Cross Site Scripting Vulnerability_10 S
BarracudaDrive 6.6 Cross Site Scripting Vulnerability_11 S
BarracudaDrive 6.6 Cross Site Scripting Vulnerability_2 S
BarracudaDrive 6.6 Cross Site Scripting Vulnerability_3 S
BarracudaDrive 6.6 Cross Site Scripting Vulnerability_4 S
BarracudaDrive 6.6 Cross Site Scripting Vulnerability_5 S
BarracudaDrive 6.6 Cross Site Scripting Vulnerability_6 S
BarracudaDrive 6.6 Cross Site Scripting Vulnerability_7 S
BarracudaDrive 6.6 Cross Site Scripting Vulnerability_8 S
BarracudaDrive 6.6 Cross Site Scripting Vulnerability_9 S
BarracudaDrive 6.7.1 Cross Site Scripting Vulnerability S
BarracudaDrive 6.7.1 Cross Site Scripting Vulnerability_1 S
BarracudaDrive 6.7.1 Cross Site Scripting Vulnerability_2 S
BarracudaDrive 6.7.1 Cross Site Scripting Vulnerability_3 S
BarracudaDrive 6.7.1 Cross Site Scripting Vulnerability_4 S
Beheer Systeem 'pbs.cgi' Remote Command Execution Vulnerability S
BlazeDVD Pro '.PLF' File Remote Stack Buffer Overflow Vulnerability S
Broadcom PIPA C211 Information Disclosure Vulnerability S
cFos Personal Net 3.09 Heap Corruption Denial Of Service Vulnerability S
CMS Puntopy SQL Injection Vulnerability S
Collabtive 1.2 - SQL Injection Vulnerability S
Collabtive 1.2 - Stored Cross Site Scripting Vulnerability S
CosmoShop ePRO 10.17.00 Authentication Bypass Vulnerability S
Crime24 Stealer Panel 1.0 - Cross Site Scripting Vulnerability S
Crime24 Stealer Panel 1.0 - SQL Injection Vulnerability S
GetSimple CMS 3.3.1 Cross Site Scripting Vulnerability S
GetSimple CMS 3.3.1 Cross Site Scripting Vulnerability_1 S
GetSimple CMS 3.3.1 Cross Site Scripting Vulnerability_2 S
HTTP ASUS RT-AC68U 'apply.cgi' CVE-2014-2925 XSS Vulnerability S
HTTP BIGACE Web CMS index.php Local File Include Vulnerability S
HTTP CIS Manager 'TroncoID' Parameter SQL Injection Vulnerability S
HTTP CMSimple 'wb.php' CVE-2014-2219 XSS Vulnerability S
HTTP Dell SonicWALL NSA 2400 'dashboard.jsp' XSS Vulnerability S
HTTP FRITZ Box webcm lang Parameter OS Command Injection Vulnerability S
HTTP Indeziner CMS 'vendor_profile.php' XSS Vulnerability S
HTTP Joomla eXtplorer Component CVE-2013-5951 admin.php XSS Vulnerability S
HTTP Joomla eXtplorer Component CVE-2013-5951 copy_move.php XSS Vulnerability S
HTTP Joomla eXtplorer Component CVE-2013-5951 functions.php XSS Vulnerability S
HTTP Joomla eXtplorer Component CVE-2013-5951 upload.php XSS Vulnerability S
HTTP Joomla Freichat Component id or xhash Parameter XSS Vulnerability S
HTTP Joomla Freichat Component toname Parameter XSS Vulnerability S
HTTP Joomla Multi Calendar Component 'calid' Parameter XSS Vulnerability S
HTTP Joomla Multi Calendar Component 'paletteDefault' Parameter XSS Vulnerability S
HTTP Joomla Youtube Gallery Component 'flvthumbnail.php' XSS Vulnerability S
HTTP Joomla! 'com_smf' Component 'itemid' Parameter XSS Vulnerability S
HTTP LogiVert 'index.php' Cross Site Scripting Vulnerability S
HTTP OpenSupports verarticulo.php id Parameter SQL Injection Vulnerability S
HTTP OpenX advertiser-delete.php Script CSRF Vulnerability S
HTTP OpenX affiliate-delete.php Script CSRF Vulnerability S
HTTP OpenX agency-user-unlink.php Script CSRF Vulnerability S
HTTP OpenX banner-delete.php Script CSRF Vulnerability S
HTTP OpenX campaign-delete.php Script CSRF Vulnerability S
HTTP OpenX channel-delete.php Script CSRF Vulnerability S
HTTP OpenX zone-delete.php Script CSRF Vulnerability S
HTTP Oracle Identity Manager 'backUrl' Parameter URL Redirection Vulnerability S
HTTP osCmax admin_members.php CSRF Vulnerability S
HTTP OXID eShop searchtag Parameter Cross-Site Scripting Vulnerability S
HTTP PHP-CMDB ci_create.php ci_icon Parameter XSS Vulnerability S
HTTP PHP-CMDB index.php s_text Parameter XSS Vulnerability S
HTTP PHP-CMDB search_advanced.php s_text Parameter XSS Vulnerability S
HTTP PHP-CMDB u_create_run.php u_login Parameter XSS Vulnerability S
HTTP php-font-lib 'name' Parameter XSS CVE-2014-2570 Vulnerability S
HTTP phpMyID 'openid_error' Parameter CVE-2014-2890 XSS Vulnerability S
HTTP PrestaShop 'product.php' Cross Site Scripting Vulnerability S
HTTP Proxmox Mail Gateway CVE-2014-2325 XSS Vulnerability S
HTTP PTC Effect edit_loginad.php SQL Injection Vulnerability S
HTTP qEngine Database Backup Information Disclosure Vulnerability S
HTTP rexx Recruitment 'fname' Parameter XSS Vulnerability S
HTTP SoftGov 'email.php' Cross Site Scripting Vulnerability S
HTTP Symphony CVE-2013-7346 Cross Site Request Forgery Vulnerability S
HTTP Trixbox 'config.php' tech Parameter XSS Vulnerability S
HTTP Trixbox 'config.php' usersnum Parameter XSS Vulnerability S
HTTP vBulletin folderid Parameter XSS Vulnerability S
HTTP vBulletin help fragment indicator XSS Vulnerability S
HTTP vBulletin PATH_INFO XSS Vulnerability S
HTTP vBulletin view Parameter XSS Vulnerability S
HTTP VideoCharge Studio cc.dll Remote Buffer Overflow Vulnerability S
HTTP VideoWhisper Live Streaming lb_logout.php message Parameter XSS Vulnerability S
HTTP VideoWhisper Live Streaming Plugin bp.php Path Disclosure S
HTTP VideoWhisper Live Streaming Plugin rtmp.inc.php Path Disclosure S
HTTP VideoWhisper Live Streaming Plugin videowhisper_streaming.php Path Disclosure S
HTTP vTiger CRM browse.php file Parameter Remote Path Traversal Vulnerability S
HTTP WatchGuard Fireware XTM 'poll_name' Parameter XSS Vulnerability S
HTTP Webmin 'view.cgi' Cross Site Scripting Vulnerability S
HTTP WordPress Quick Page Post Redirect Plugin Multiple Input Validation Vulnerabilities S
HTTP WordPress WP Forum Server 'addforum' Parameter XSS Vulnerability S
HTTP WordPress WP Js External link Info Plugin 'redirect.php' XSS Vulnerability S
HTTP XCloner Standalone CVE-2014-2579 CSRF Vulnerability S
HTTP Xpression News 'index.php' Cross Site Scripting Vulnerability S
innoEDIT 'innoedit.cgi' Remote Command Execution Vulnerability S
JORJWEB Ltda SQL Injection Vulnerability S
Jzip Remote Stack Buffer Overflow Vulnerability S
Kaspersky Internet Security Regular Expressions DoS Vulnerability S
mAdserve SQL Injection Vulnerability S
mAdserve SQL Injection Vulnerability_1 S
mAdserve SQL Injection Vulnerability_2 S
miSecureMessages 4.0.1 Unauthorized Access Vulnerability S
miSecureMessages 4.0.1 Unauthorized Access Vulnerability_1 S
Offiria Cross Site Scripting Vulnerability S
Oracle Supply Chain Products Suite CVE-2013-5877 Remote Security Vulnerability S
Oracle Supply Chain Products Suite CVE-2014-0372 SQL Injection Vulnerability S
OrangeHRM 3.1.1 Cross Site Scripting Vulnerability S
OrbiTeam BSCW Information Disclosure Vulnerability S
PCMan's FTP Server Crafted Long Command Handling Buffer Overflow Vulnerability S
Primo Interactive CMS 'pcm.cgi' Remote Command Execution Vulnerability S
SpiceWorks 7.2.00174 Cross Site Scripting Vulnerability S
Symantec Endpoint Protection Manager CVE-2013-5014 XML Vulnerability S
TAO Cross Site Request Forgery Vulnerability S
TAO Cross Site Request Forgery Vulnerability_1 S
Tapatalk Forum 'welcome.php' Cross Site Scripting Vulnerability S
Ultra Mini HTTPD 'POST' Request Stack-Based Buffer Overflow Vulnerability S
Unitrends Enterprise Backup Command Execution Vulnerability S
VM Turbo Operations Manager Directory Traversal Vulnerability S
WordPress Bonuspressx Cross Site Scripting Vulnerability S
WordPress Photo-Gallery Cross Site Request Forgery Vulnerability S
WordPress Photo-Gallery Cross Site Request Forgery Vulnerability_1 S
WordPress WP Affiliate Platform Cross Site Scripting Vulnerability S
Xerox DocuShare 'ResultBackgroundJobMultiple' SQL Injection Vulnerability S


idappcom - Auditing, verifying and enhancing the capabilities of corporate security defences.

We do not use cookies for tracking users, displaying customised content or storing information about users, other than that required to maintain 'session state' for the login system for registered users. Please read our cookie policy for more information. Please note that by using this site you are consenting to the use of cookies.