Search

Traffic File Update - February 2015

This Traffic IQ Professional update for February 2015 contains the latest application exploits, threats and security evasion techniques along with technical data and high quality security rules.

Traffic IQ Professional

Traffic File Update for February 2015

211 Application Exploits

Apache James Server 2.3.2 Remote Command Execution Vulnerability S
Asuswrt 'infosvr' Service Remote Command Execution Vulnerability S
Ettercap DHCP Dissector Heap Based Buffer Overflow Vulnerability S
Ettercap GG Dissector Heap Based Buffer Overflow Vulnerability S
Ettercap MDNS Plugin Heap Based Buffer Overflow Vulnerability S
Ettercap NBNS Plugin Heap Based Buffer Overflow Vulnerability S
Ettercap Postgresql Dissector Heap Based Buffer Overflow Vulnerability S
Ettercap Radius Dissector Heap Based Buffer Overflow Vulnerability S
HP Data Protector EXEC_BAR Command Execution Vulnerability S
HP Data Protector EXEC_INTEGUTIL Command Execution Vulnerability S
HTTP Ansible Tower multiple cross-site scripting (Percent Encode Body Text) S
HTTP Ansible Tower multiple cross-site scripting S
HTTP Ansible Tower multiple cross-site scripting_1 (Double Percent Encoded Body Text) S
HTTP Ansible Tower multiple cross-site scripting_1 S
HTTP Ansible Tower multiple cross-site scripting_2 (Reverse Forward Slash, Mixed Case Method) S
HTTP Ansible Tower multiple cross-site scripting_2 S
HTTP Ansible Tower multiple cross-site scripting_3 (Mixed Case URL, Body Text) S
HTTP Ansible Tower multiple cross-site scripting_3 S
HTTP Ansible Tower multiple cross-site scripting_4 (Percent Encode Body Text) S
HTTP Ansible Tower multiple cross-site scripting_4 S
HTTP Arris TG862G CVE-2014-5438 Cross Site Scripting vulnerability S
HTTP ArticleFR CMS 3.0.5 - Arbitrary File Upload (Mixed Case URL) S
HTTP ArticleFR CMS 3.0.5 - Arbitrary File Upload S
HTTP ArticleFR CMS 3.0.5 - SQL Injection Vulnerability (Mixed Case Body Text) S
HTTP ArticleFR CMS 3.0.5 - SQL Injection Vulnerability S
HTTP Brother MFC-J4410DW cross-site scripting (Percent Encoded URL) S
HTTP Brother MFC-J4410DW cross-site scripting S
HTTP CMS Kajona admin.php cross-site scripting (Double Percent Encoded URL) S
HTTP CMS Kajona admin.php cross-site scripting S
HTTP CMS Sefrengo main.php cross-site scripting (Mixed Case URL) S
HTTP CMS Sefrengo main.php cross-site scripting S
HTTP CMS Sefrengo main.php SQL injection (Reverse Forward Slash in URL) S
HTTP CMS Sefrengo main.php SQL injection S
HTTP CMS Sefrengo main.php SQL injection_1 (Mixed Case Method) S
HTTP CMS Sefrengo main.php SQL injection_1 S
HTTP Creative Contacts Form (Joomla) Shell Upload Vulnerability S
HTTP Croogo Arbitrary PHP Code Execution (create file) S
HTTP Croogo Arbitrary PHP Code Execution (edit file) S
HTTP Croogo Arbitrary PHP Code Execution (upload file) S
HTTP Croogo CMS file_manager_editfile cross-site scripting (Mixed Case Method) S
HTTP Croogo CMS file_manager_editfile cross-site scripting S
HTTP Crystal Player 1.99 - Memory Corruption Vulnerability (Mixed Case URL) S
HTTP Crystal Player 1.99 - Memory Corruption Vulnerability S
HTTP D-Link 2730B Cross Site Scripting Vulnerability (Mixed Case URL & Percent Encoded URL) S
HTTP D-Link 2730B Cross Site Scripting Vulnerability S
HTTP D-Link DSL-2740R - Unauthenticated Remote DNS Change Exploit (Mixed Case URL) S
HTTP D-Link DSL-2740R - Unauthenticated Remote DNS Change Exploit S
HTTP DotNetNuke DNNspot Store Arbitary File Upload Vulnerability S
HTTP ecommerceMajor - SQL Injection Vulnerability (Reverse Forward Slash in URL) S
HTTP ecommerceMajor - SQL Injection Vulnerability S
HTTP EntryPass N5200 CVE-2014-8868 User Credentials Disclosure Vulnerability S
HTTP EntryPass N5200 CVE-2014-9303 User Credentials Disclosure Vulnerability S
HTTP F5 iControl Remote Root Command Execution (generic_shell_reverse_tcp) S
HTTP F5 iControl Remote Root Command Execution S
HTTP ferretCMS 1.0.4-alpha - Cross Site Scripting Vulnerability (Mixed Case Method) S
HTTP ferretCMS 1.0.4-alpha - Cross Site Scripting Vulnerability S
HTTP ferretCMS 1.0.4-alpha - File Upload Vulnerability (Reverse Forward Slash in URL) S
HTTP ferretCMS 1.0.4-alpha - File Upload Vulnerability S
HTTP ferretCMS 1.0.4-alpha - File Upload Vulnerability_1 (Mixed Case Method) S
HTTP ferretCMS 1.0.4-alpha - File Upload Vulnerability_1 S
HTTP ferretCMS 1.0.4-alpha - SQL Injection Vulnerability (Mixed Case URL) S
HTTP ferretCMS 1.0.4-alpha - SQL Injection Vulnerability S
HTTP ferretCMS 1.0.4-alpha - SQL Injection Vulnerability_1 (Percent Encoded URL) S
HTTP ferretCMS 1.0.4-alpha - SQL Injection Vulnerability_1 S
HTTP ferretCMS 1.0.4-alpha - SQL Injection Vulnerability_2 (Double Percent Encoded URL) S
HTTP ferretCMS 1.0.4-alpha - SQL Injection Vulnerability_2 S
HTTP ferretCMS 1.0.4-alpha - SQL Injection Vulnerability_3 (Reverse Forward Slash in URL) S
HTTP ferretCMS 1.0.4-alpha - SQL Injection Vulnerability_3 S
HTTP ferretCMS 1.0.4-alpha - SQL Injection Vulnerability_4 (Mixed Case Method) S
HTTP ferretCMS 1.0.4-alpha - SQL Injection Vulnerability_4 S
HTTP ferretCMS 1.0.4-alpha - SQL Injection Vulnerability_5 S
HTTP ferretCMS 1.0.4-alpha - SQL Injection Vulnerability_6 (Double Percent Encoded URL) S
HTTP ferretCMS 1.0.4-alpha - SQL Injection Vulnerability_6 S
HTTP ferretCMS 1.0.4-alpha - SQL Injection Vuln_5 (Mixed Case URL, Percent Encoded URL) S
HTTP Gecko CMS Cross Site Request Forgery (from server) Vulnerability S
HTTP Gecko CMS Cross Site Request Forgery (to server) Vulnerability S
HTTP Gecko CMS SQL Injection Vulnerability S
HTTP GLPI getDropdownValue.php CVE-2014-9258 SQL Injection Vulnerability S
HTTP Hewlett-Packard UCMDB - JMX-Console Authentication Bypass (Percent Encoded URL) S
HTTP Hewlett-Packard UCMDB - JMX-Console Authentication Bypass S
HTTP HP LoadRunner CVE-2013-4798 Remote Code Execution Vulnerability S
HTTP IceCream Ebook Reader 1.41 - Crash PoC (Mixed Case URL) S
HTTP IceCream Ebook Reader 1.41 - Crash PoC S
HTTP IceCream Ebook Reader 1.41 - Crash PoC_1 (Mixed Case URL) S
HTTP IceCream Ebook Reader 1.41 - Crash PoC_1 S
HTTP Incredible PBX Remote Command Execution Vulnerability S
HTTP IPCop ipinfo.cgi CVE-2013-7417 CSRF Vulnerability S
HTTP IPCop ipinfo.cgi CVE-2013-7417 XSS Vulnerability S
HTTP IPCop iptablesgui.cgi CVE-2013-7418 Code Execution Vulnerability S
HTTP IPCop iptablesgui.cgi CVE-2013-7418 Code Execution Vulnerability_1 S
HTTP IPFire Cgi Web Interface Authenticated Bash Code Injection Vulnerability S
HTTP jclassifiedsmanager - Cross Site Scripting Vulnerability (Reverse Forward Slash in URL) S
HTTP jclassifiedsmanager - Cross Site Scripting Vulnerability S
HTTP jclassifiedsmanager - SQL Injection Vulnerability (Percent Encoded URL) S
HTTP jclassifiedsmanager - SQL Injection Vulnerability S
HTTP JourneyMap Mod for Minecraft Screenshot Saving Remote DoS Vulnerability S
HTTP Lexmark MarkVision Enterprise Remote Code Execution Vulnerability S
HTTP Maarch Products 'file_to_index.php' Arbitrary File Upload Vulnerability S
HTTP ManageEngine Authenticated File Upload Vulnerability S
HTTP ManageEngine Desktop Central 9 Build 90087 - CSRF Vuln (Mixed Case URL) S
HTTP ManageEngine Desktop Central 9 Build 90087 - CSRF Vuln S
HTTP ManageEngine Desktop Central 9 Build 90087 - CSRF Vuln_1 (Mixed Case Body Text) S
HTTP ManageEngine Desktop Central 9 Build 90087 - CSRF Vuln_1 S
HTTP ManageEngine EventLog Analyzer 9.0 - Cross Site Scripting (Reverse Forward Slash in URL) S
HTTP ManageEngine EventLog Analyzer 9.0 - Cross Site Scripting S
HTTP ManageEngine EventLog Analyzer 9.0 - Cross Site Scripting_1 (Mixed Case URL) S
HTTP ManageEngine EventLog Analyzer 9.0 - Cross Site Scripting_1 S
HTTP ManageEngine EventLog Analyzer 9.0 - Directory Traversal (Reverse Forward Slash in URL) S
HTTP ManageEngine EventLog Analyzer 9.0 - Directory Traversal S
HTTP ManageEngine EventLog Analyzer 9.0 - Directory Traversal_1 (Mixed Case URL, Method) S
HTTP ManageEngine EventLog Analyzer 9.0 - Directory Traversal_1 S
HTTP ManageEngine EventLog Analyzer 9.0 - Directory Traversal_2 (Double Percent Encoded URL) S
HTTP ManageEngine EventLog Analyzer 9.0 - Directory Traversal_2 S
HTTP ManageEngine Firewall Analyzer 8.0 - Cross Site Scripting (Mixed Case Method) S
HTTP ManageEngine Firewall Analyzer 8.0 - Cross Site Scripting S
HTTP ManageEngine Firewall Analyzer 8.0 - Directory Traversal (Reverse Forward Slash in URL) S
HTTP ManageEngine Firewall Analyzer 8.0 - Directory Traversal S
HTTP ManageEngine Firewall Analyzer 8.0 - Directory Traversal_1 (Percent Encoded URL) S
HTTP ManageEngine Firewall Analyzer 8.0 - Directory Traversal_1 S
HTTP ManageEngine Firewall Analyzer 8.0 - Directory Traversal_2 (Double Percent Encoded URL) S
HTTP ManageEngine Firewall Analyzer 8.0 - Directory Traversal_2 S
HTTP ManageEngine ServiceDesk Plus 9.0 (Bld 9031)-User Priv Mgmt Vuln (Mixed Case URL) S
HTTP ManageEngine ServiceDesk Plus 9.0 (Bld 9031)-User Priv Mgmt Vuln S
HTTP ManageEngine ServiceDesk Plus 9.0 (Bld 9031)-User Priv Mgmt Vuln_1 (Mixed Case URL) S
HTTP ManageEngine ServiceDesk Plus 9.0 (Bld 9031)-User Priv Mgmt Vuln_1 S
HTTP ManageEngine ServiceDesk Plus 9.0 (Bld 9031)-User Priv Mgmt Vuln_2 (Percent Encoded URL) S
HTTP ManageEngine ServiceDesk Plus 9.0 (Bld 9031)-User Priv Mgmt Vuln_2 S
HTTP ManageEngine ServiceDesk Plus 9.0 (Bld 9031)-User Priv Mgmt Vuln_3 (Mixed Case Method) S
HTTP ManageEngine ServiceDesk Plus 9.0 (Bld 9031)-User Priv Mgmt Vuln_3 S
HTTP ManageEngine ServiceDesk Plus 9.0 - SQL Injection Vuln (Reverse Forward Slash in URL) S
HTTP ManageEngine ServiceDesk Plus 9.0 - SQL Injection Vulnerability S
HTTP ManageEngine ServiceDesk Plus 9.0 - User Enumeration Vuln (Mixed Case Percent Enc URL) S
HTTP ManageEngine ServiceDesk Plus 9.0 - User Enumeration Vulnerability S
HTTP ManageEngine ServiceDesk Plus 9.0 - User Enumeration Vulnerability_1 S
HTTP ManageEngine ServiceDesk Plus 9.0 - User Enumeration Vuln_1 (Mixed Case Method) S
HTTP Manageengine WsDiscoveryServlet file upload (Mixed Case URL) S
HTTP Manageengine WsDiscoveryServlet file upload S
HTTP Manageengine WsDiscoveryServlet file upload_1 (Mixed Case URL) S
HTTP Manageengine WsDiscoveryServlet file upload_1 S
HTTP Mangallam CMS - SQL Injection Web Vulnerability (Double Percent Encoded URL) S
HTTP Mangallam CMS - SQL Injection Web Vulnerability S
HTTP MantisBT login page open redirect (Percent Encoded URL) S
HTTP MantisBT login page open redirect S
HTTP miniBB 'bb_func_unsub.php' CVE-2014-9254 SQL Injection Vulnerability S
HTTP Mozilla Firefox and Thunderbird CVE-2013-1670 Cross Site Scripting Vulnerability S
HTTP Mulesoft ESB Runtime Privilege Escalation Vulnerability S
HTTP NetIQ Access Manager CVE-2014-5215 debug.jsp Vulnerability S
HTTP NetIQ Access Manager CVE-2014-5215 dev_services.jsp Vulnerability S
HTTP NetIQ Access Manager CVE-2014-5216 Multiple XSS Vulnerabilities S
HTTP NetIQ Access Manager CVE-2014-5216 Multiple XSS Vulnerabilities_1 S
HTTP NetIQ Access Manager CVE-2014-5216 Multiple XSS Vulnerabilities_2 S
HTTP NetIQ Access Manager CVE-2014-5216 Multiple XSS Vulnerabilities_3 S
HTTP NetIQ Access Manager CVE-2014-5216 Multiple XSS Vulnerabilities_4 S
HTTP NetIQ Access Manager CVE-2014-5216 Multiple XSS Vulnerabilities_5 S
HTTP NPDS CMS Revolution-13 - SQL Injection Vulnerability (Mixed Case Body Text) S
HTTP NPDS CMS Revolution-13 - SQL Injection Vulnerability S
HTTP OpenEMR SQL Injection Vulnerability (Double Percent Encoded) S
HTTP OpenEMR SQL Injection Vulnerability S
HTTP OpenEMR SQL Injection Vulnerability_1 (Percent Encoded) S
HTTP OpenEMR SQL Injection Vulnerability_1 S
HTTP OpenEMR SQL Injection Vulnerability_2 (Double Percent Encoded) S
HTTP OpenEMR SQL Injection Vulnerability_2 S
HTTP OpenEMR SQL Injection Vulnerability_3 (Percent Encoded) S
HTTP OpenEMR SQL Injection Vulnerability_3 S
HTTP OpenEMR SQL Injection Vulnerability_4 (Double Percent Encoded) S
HTTP OpenEMR SQL Injection Vulnerability_4 S
HTTP OpenEMR SQL Injection Vulnerability_5 (Double Percent Encoded) S
HTTP OpenEMR SQL Injection Vulnerability_5 S
HTTP Photo Gallery plugin for WordPress admin-ajax.php SQL injection Vulnerability S
HTTP PHP Webquest 2.6 - SQL Injection (Reverse Forward Slash in URL) S
HTTP PHP Webquest 2.6 - SQL Injection S
HTTP PROLiNK PRN2001 autboot.htm Direct Request Vulnerability S
HTTP RefinedWiki Original Theme 'versionComment' Parameter HTML Injection Vulnerability S
HTTP Sefrango CMS SQL Injection Vulnerability S
HTTP Sefrango CMS SQL Injection Vulnerability_1 S
HTTP Shopping Cart plugin for WordPress banneruploaderscript.php file upload (Mixed Case URL) S
HTTP Shopping Cart plugin for WordPress banneruploaderscript.php file upload S
HTTP Soitec SmartEnergy SCADA login Parameter SQL Injection Vulnerability S
HTTP SWFupload 2.5.0 - Cross Frame Scripting (XFS) Vulnerability (Mixed Case URL) S
HTTP SWFupload 2.5.0 - Cross Frame Scripting (XFS) Vulnerability S
HTTP SWFupload 2.5.0 - Cross Frame Scripting (XFS) Vulnerability_1 (Percent Encoded URL) S
HTTP SWFupload 2.5.0 - Cross Frame Scripting (XFS) Vulnerability_1 S
HTTP Symantec Data Center Security SQL Injection (add to admin group) Vulnerability S
HTTP Symantec Data Center Security SQL Injection (add to USR table) Vulnerability S
HTTP Symantec Data Center Security XSS Vulnerability (Mixed Case & Percent Encoded) S
HTTP Symantec Data Center Security XSS Vulnerability S
HTTP Symantec Data Center Security XSS Vulnerability_1 (Mixed Case & Percent Encoded) S
HTTP Symantec Data Center Security XSS Vulnerability_1 S
HTTP Symantec EPM CVE-2014-3438 Multiple XSS Vulnerabilities S
HTTP Symantec EPM CVE-2014-3438 Multiple XSS Vulnerabilities_1 S
HTTP SysAid Server getRdsLogFile CVE-2014-9436 File Access Vulnerability S
HTTP SysAid Server getRdsLogFile CVE-2014-9436 File Access Vulnerability_1 S
HTTP Tapatalk Plugin for WoltLab Burning Board welcome.php xss (Percent Encoded URL) S
HTTP Tapatalk Plugin for WoltLab Burning Board welcome.php xss S
HTTP TechSmith Camtasia Studio ProjectName_controller.swf xss (Double Percent Encoded URL) S
HTTP TechSmith Camtasia Studio ProjectName_controller.swf xss S
HTTP TechSmith Camtasia Studio ProjectName_controller.swf xss_1 (Rev Forward Slash in URL) S
HTTP TechSmith Camtasia Studio ProjectName_controller.swf xss_1 S
HTTP vBulletin MicroCART Arbitrary Directory Deletion Vulnerability S
HTTP vBulletin MicroCART Arbitrary File Deletion Vulnerability (Double Percent Encoded) S
HTTP vBulletin MicroCART Arbitrary File Deletion Vulnerability (Percent Encoded) S
HTTP vBulletin MicroCART Arbitrary File Deletion Vulnerability S
HTTP WellinTech Products ActiveX Remote Code Execution Vulnerability (SCADA) S
HTTP WoltLab Tapatalk Plugin for Burning Board welcome.php open redirect (Mixed Case URL) S
HTTP WoltLab Tapatalk Plugin for Burning Board welcome.php open redirect S
HTTP WP Photo Gallery Plugin 'asc_or_desc' SQL Injection Vulnerability (Mixed Case URL) S
HTTP WP Photo Gallery Plugin 'asc_or_desc' SQL Injection Vulnerability S
Liferay Portal liferay_portal7.sh Apache Felix Remote Command Execution S
Malware 'Chuingam' IOC DNS Request for Malicious Domain S
Malware Linux BackDoor XNote 1 DNS Query for Malicious Domain S
TNFTP Client Side BSD Redirect Vulnerability S


idappcom - Auditing, verifying and enhancing the capabilities of corporate security defences.

We do not use cookies for tracking users, displaying customised content or storing information about users, other than that required to maintain 'session state' for the login system for registered users. Please read our cookie policy for more information. Please note that by using this site you are consenting to the use of cookies.