Search

Traffic File Update - April 2015

This Traffic IQ Professional update for April 2015 contains the latest application exploits, threats and security evasion techniques along with technical data and high quality security rules.

Traffic IQ Professional

Traffic File Update for April 2015

160 Application Exploits

Adobe Acrobat and Reader 'Geo' Remote Buffer Overflow Vulnerability S
Adobe Acrobat and Reader Integer Overflow Vulnerability S
Adobe Flash Player ByteArray UncompressViaZlibVariant Use After Free Vulnerability S
Blackmoon FTP 'Port' Command Buffer Overflow Vulnerability S
Honeywell ActiveX Control Code Execution Vulnerability S
HP OpenView Storage Data Protector Opcode 259 Overflow Vulnerability S
HP SiteScope Security Bypass Vulnerability S
HTTP BetMore Site Suite 'bid' Parameter SQL Injection Vulnerability (Percent Encoded) S
HTTP BetMore Site Suite 'bid' Parameter SQL Injection Vulnerability S
HTTP Citrix Command Center Credential Disclosure Vulnerability S
HTTP Firefox Proxy Prototype Privileged Javascript Injection Vulnerability S
HTTP iMatix Xitami If-Modified-Since Remote Buffer Overflow Vulnerability S
HTTP Kayako eSupport 'functions.php' SQL Injection Vulnerability (Double Percent Encoded) S
HTTP Kayako eSupport 'functions.php' SQL Injection Vulnerability S
HTTP Nginx 'Transfer-Encoding' Denial of Service Vulnerability S
HTTP Palo Alto Traps Server Persistent XSS Vulnerability (Arguments) S
HTTP Palo Alto Traps Server Persistent XSS Vulnerability (FileName) S
HTTP Palo Alto Traps Server Persistent XSS Vulnerability (URL) S
HTTP phpMyAdmin Cross Site Scripting Vulnerability S
HTTP Wordpress Calculated Fields Form Plugin SQL Injection Vulnerability S
HTTP Wordpress Calculated Fields Form Plugin SQL Injection Vulnerability_1 S
HTTP Wordpress Calculated Fields Form Plugin SQL Injection Vulnerability_2 S
HTTP Wordpress Calculated Fields Form Plugin SQL Injection Vulnerability_3 S
HTTP WordPress FCChat Widget Plugin 'Upload.php' Arbitrary File Upload (Mixed Case URL) S
HTTP WordPress FCChat Widget Plugin 'Upload.php' Arbitrary File Upload S
HTTP WordPress FCChat Widget Plugin 'Upload.php' Arbitrary File Upload_1 (Mixed Case URL) S
HTTP WordPress FCChat Widget Plugin 'Upload.php' Arbitrary File Upload_1 S
HTTP WordPress Flexible Custom Post Type plugin 'id' Parameter XSS (Percent Encoded URL) S
HTTP WordPress Flexible Custom Post Type plugin 'id' Parameter XSS S
HTTP WordPress gSlideShow 0.1 CSRF (Mixed Case URL) S
HTTP WordPress gSlideShow 0.1 CSRF S
HTTP WordPress gSlideShow 0.1 CSRF_1 (Reverse Forward Slash in URL) S
HTTP WordPress gSlideShow 0.1 CSRF_1 S
HTTP WordPress Image Metadata Cruncher CSRF (Mixed Case URL) S
HTTP WordPress Image Metadata Cruncher CSRF S
HTTP WordPress Image Metadata Cruncher XSS (Mixed Case Body Text) S
HTTP WordPress Image Metadata Cruncher XSS S
HTTP WordPress iTwitter 0.04 Cross Site Request Forgery (Mixed Case URL) S
HTTP WordPress iTwitter 0.04 Cross Site Request Forgery S
HTTP WordPress iTwitter 0.04 Cross Site Scripting (Percent Encoded URL) S
HTTP WordPress iTwitter 0.04 Cross Site Scripting S
HTTP WordPress Photo Gallery Plugin CVE-2015-1394 XSS (Reverse Forward Slash in URL) S
HTTP WordPress Photo Gallery Plugin CVE-2015-1394 XSS S
HTTP WordPress Photo Gallery Plugin CVE-2015-1394 XSS_1 (Mixed Case Body Text) S
HTTP WordPress Photo Gallery Plugin CVE-2015-1394 XSS_1 S
HTTP WordPress Photo Gallery Plugin CVE-2015-1394 XSS_2 (Percent Encoded URL) S
HTTP WordPress Photo Gallery Plugin CVE-2015-1394 XSS_2 S
HTTP WordPress PictoBrowser 0.3.1 CSRF (Mixed Case URL) S
HTTP WordPress PictoBrowser 0.3.1 CSRF S
HTTP WordPress PictoBrowser 0.3.1 CSRF_1 (Mixed Case Body Text) S
HTTP WordPress PictoBrowser 0.3.1 CSRF_1 S
HTTP WordPress Pods 2.4.3 Cross Site Scripting (Reverse Forward Slash in URL) S
HTTP WordPress Pods 2.4.3 Cross Site Scripting S
HTTP WordPress Pods 2.4.3 Cross Site Scripting_1 (Mixed Case URL) S
HTTP WordPress Pods 2.4.3 Cross Site Scripting_1 S
HTTP WordPress Pods 2.4.3 CSRF (Mixed Case URL) S
HTTP WordPress Pods 2.4.3 CSRF S
HTTP WordPress Pods 2.4.3 CSRF_1 (Percent Encoded URL) S
HTTP WordPress Pods 2.4.3 CSRF_1 S
HTTP WordPress Pods 2.4.3 CSRF_2 (Mixed Case URL) S
HTTP WordPress Pods 2.4.3 CSRF_2 S
HTTP WordPress Pods 2.4.3 CSRF_3 (Mixed Case Body Text) S
HTTP WordPress Pods 2.4.3 CSRF_3 S
HTTP WordPress Pods 2.4.3 CSRF_4 (Mixed Case URL) S
HTTP WordPress Pods 2.4.3 CSRF_4 S
HTTP WordPress Pods 2.4.3 CSRF_5 (Double Percent Encoded URL) S
HTTP WordPress Pods 2.4.3 CSRF_5 S
HTTP WordPress Pods 2.4.3 CSRF_6 (Mixed Case URL) S
HTTP WordPress Pods 2.4.3 CSRF_6 S
HTTP WordPress Pods 2.4.3 CSRF_7 (Reverse Forward Slash in URL) S
HTTP WordPress Pods 2.4.3 CSRF_7 S
HTTP WordPress PWG Random 1.11 CSRF (Mixed Case URL) S
HTTP WordPress PWG Random 1.11 CSRF S
HTTP WordPress PWG Random 1.11 CSRF_1 (Mixed Case Body Text) S
HTTP WordPress PWG Random 1.11 CSRF_1 S
HTTP WordPress Quick Post Widget Plugin Cross Site Scripting Vulnerability S
HTTP WordPress Simple Security 1.1.5 Cross Site Scripting (Reverse Forward Slash in URL) S
HTTP WordPress Simple Security 1.1.5 Cross Site Scripting S
HTTP WordPress Simple Security 1.1.5 Cross Site Scripting_1 (Percent Encoded URL) S
HTTP WordPress Simple Security 1.1.5 Cross Site Scripting_1 S
HTTP WordPress SimpleFlickr 3.0.3 CSRF (Mixed Case URL) S
HTTP WordPress SimpleFlickr 3.0.3 CSRF S
HTTP WordPress SimpleFlickr 3.0.3 CSRF_1 (Mixed Case Body Text) S
HTTP WordPress SimpleFlickr 3.0.3 CSRF_1 S
HTTP WordPress Simplelife 1.2 CSRF (Mixed Case URL) S
HTTP WordPress Simplelife 1.2 CSRF S
HTTP WordPress Simplelife 1.2 CSRF_1 (Percent Encoded URL) S
HTTP WordPress Simplelife 1.2 CSRF_1 S
HTTP Wordpress Survey and Poll Plugin 1.1 - Blind SQL Injection (Mixed Case URL) S
HTTP Wordpress Survey and Poll Plugin 1.1 - Blind SQL Injection S
HTTP WordPress TweetScribe 1.1 CSRF (Mixed Case URL) S
HTTP WordPress TweetScribe 1.1 CSRF S
HTTP WordPress TweetScribe 1.1 CSRF_1 (Reverse Forward Slash in URL) S
HTTP WordPress TweetScribe 1.1 CSRF_1 S
HTTP WordPress twimp wp Cross Site Request Forgery (Mixed Case URL) S
HTTP WordPress twimp wp Cross Site Request Forgery S
HTTP WordPress twimp wp Cross Site Request Forgery_1 (Percent Encoded URL) S
HTTP WordPress twimp wp Cross Site Request Forgery_1 S
HTTP WordPress Twitter 0.7 CSRF (Mixed Case URL) S
HTTP WordPress Twitter 0.7 CSRF S
HTTP WordPress Twitter 0.7 CSRF_1 (Mixed Case URL Body Text) S
HTTP WordPress Twitter 0.7 CSRF_1 S
HTTP WordPress Twitter LiveBlog 1.1.2 CSRF (Mixed Case URL) S
HTTP WordPress Twitter LiveBlog 1.1.2 CSRF S
HTTP WordPress Twitter LiveBlog 1.1.2 CSRF_1 (Reverse Forward Slash in URL) S
HTTP WordPress Twitter LiveBlog 1.1.2 CSRF_1 S
HTTP Wordpress Video Gallery 2.7.0 - SQL Injection Vulnerability (Percent Encoded URL) S
HTTP Wordpress Video Gallery 2.7.0 - SQL Injection Vulnerability S
HTTP WordPress WP Limit Posts Automatically 0.7 CSRF (Mixed Case URL) S
HTTP WordPress WP Limit Posts Automatically 0.7 CSRF S
HTTP WordPress WP Limit Posts Automatically 0.7 CSRF_1 (Mixed Case Body Text) S
HTTP WordPress WP Limit Posts Automatically 0.7 CSRF_1 S
HTTP WordPress WP Unique Article Header Image 1.0 CSRF (Mixed Case URL) S
HTTP WordPress WP Unique Article Header Image 1.0 CSRF S
HTTP WordPress WP Unique Article Header Image 1.0 CSRF_1 (Mixed Case Body Text) S
HTTP WordPress WP Unique Article Header Image 1.0 CSRF_1 S
HTTP X CART e Commerce 5.1.8 Cross Site Scripting (Percent Encoded URL) S
HTTP X CART e Commerce 5.1.8 Cross Site Scripting S
HTTP X CART e Commerce 5.1.8 Cross Site Scripting_1 (Reverse Forward Slash in URL) S
HTTP X CART e Commerce 5.1.8 Cross Site Scripting_1 S
HTTP Zeuscart v.4 Cross Site Scripting Vulnerability (Mixed Case URL) S
HTTP Zeuscart v.4 Cross Site Scripting Vulnerability S
HTTP Zeuscart v.4 Cross Site Scripting Vulnerability_1 (Mixed Case URL) S
HTTP Zeuscart v.4 Cross Site Scripting Vulnerability_1 S
HTTP Zeuscart v.4 Cross Site Scripting Vulnerability_2 (Percent Encoded URL) S
HTTP Zeuscart v.4 Cross Site Scripting Vulnerability_2 S
HTTP Zeuscart v.4 Information Disclosure Vulnerability (Double Percent Encoded URL) S
HTTP Zeuscart v.4 Information Disclosure Vulnerability S
HTTP Zeuscart v.4 SQL Injection Vulnerability (Mixed Case URL) S
HTTP Zeuscart v.4 SQL Injection Vulnerability S
HTTP Zeuscart v.4 SQL Injection Vulnerability_1 (Percent Encoded URL) S
HTTP Zeuscart v.4 SQL Injection Vulnerability_1 S
HTTP Zeuscart v.4 SQL Injection Vulnerability_2 (Reverse Forward Slash in URL) S
HTTP Zeuscart v.4 SQL Injection Vulnerability_2 S
HTTP Zoho SupportCenter Plus 'HomePage.do' XSS (Reverse Forward Slash in URL) S
HTTP Zoho SupportCenter Plus 'HomePage.do' XSS S
HTTP Zoho SupportCenter Plus 'HomePage.do' XSS_1 (Mixed Case URL) S
HTTP Zoho SupportCenter Plus 'HomePage.do' XSS_1 S
HTTP Zoho SupportCenter Plus 'HomePage.do' XSS_2 (Mixed Case URL Body Text) S
HTTP Zoho SupportCenter Plus 'HomePage.do' XSS_2 S
ISC BIND Regular Expression Denial of Service Vulnerability S
Microsoft Internet Explorer Telnet URI Code Execution Vulnerability S
Microsoft Remote Desktop ActiveX Control Remote Code Execution Vulnerability S
Microsoft SharePoint Cross Site Scripting Vulnerability S
Microsoft Visual FoxPro FPOLE.OCX ActiveX FoxDoCmd Command Execution Vulnerability S
Microsoft Windows File Names Handling Arbitrary Command Injection Vulnerability S
Microsoft Windows WSDAPI Stack Based Buffer Overflow Vulnerability S
Mozilla Firefox 'stroke-width' Buffer Overflow Vulnerability S
Mozilla Firefox Layout Engine Code Execution Vulnerability S
MySQL and MariaDB Envelope Query Denial Of Service Vulnerability S
MySQL and MariaDB Geometry Query Denial Of Service Vulnerability S
Novell GroupWise Messenger Client Buffer Overflow Vulnerability S
Oracle Business Transaction Management 'WriteToFile' Directory Traversal Vulnerability S
Squid 'strHdrAcptLangGetItem' Function Remote Denial of Service Vulnerability S
WebGate Control Center GetThumbnail Stack Overflow Vulnerability S
WebGate eDVR Manager LoadImage Stack Buffer Overflow Vulnerability S
WebGate eDVR Manager SiteName Stack Overflow Vulnerability S
WebGate WinRDS StopSiteAllChannel Stack Overflow Vulnerability S
Zhone GPON 2520 Denial of Service Vulnerability (Double Percent Encoded) S
Zhone GPON 2520 Denial of Service Vulnerability S

1 Standard Protocol Traffic

Microsoft Windows HTTP Protocol Stack Code Execution Vulnerability S


idappcom - Auditing, verifying and enhancing the capabilities of corporate security defences.

We do not use cookies for tracking users, displaying customised content or storing information about users, other than that required to maintain 'session state' for the login system for registered users. Please read our cookie policy for more information. Please note that by using this site you are consenting to the use of cookies.