Search

Traffic File Update - October 2015

This Traffic IQ Professional update for October 2015 contains the latest application exploits, threats and security evasion techniques along with technical data and high quality security rules.

Traffic IQ Professional

Traffic File Update for October 2015

219 Application Exploits

Adobe Flash No Checks on Vector uint Capacity Field DoS Vulnerability S
HTTP 4images Cross Site Scripting Vulnerability S
HTTP Advantech WebAccess 8.0 3.4.3 ActiveX ConvToSafeArray Overflow RCE S
HTTP Advantech WebAccess 8.0 3.4.3 ActiveX FileProcess Overflow RCE S
HTTP Advantech WebAccess 8.0 3.4.3 ActiveX GetLastTagNbr Overflow Overflow RCE S
HTTP Advantech WebAccess 8.0 3.4.3 ActiveX GetRecipeInfo Overflow RCE S
HTTP Advantech WebAccess 8.0 3.4.3 ActiveX GetWideStrCpy Overflow RCE S
HTTP Advantech WebAccess 8.0 3.4.3 ActiveX InterfaceFilter Overflow RCE S
HTTP Advantech WebAccess 8.0 3.4.3 ActiveX UpdateProject Overflow RCE S
HTTP Belkin N150 CVE-2014-2962 Directory Traversal (Percent Encoded) S
HTTP Belkin N150 CVE-2014-2962 Directory Traversal S
HTTP Bosch Security Systems Web Interface XML Parameter Injection Vulnerability S
HTTP Centreon Add Administrator CSRF Vulnerability (From Server) S
HTTP Centreon Add Administrator CSRF Vulnerability (To Server) S
HTTP CubeCart 6.0.6 Administrative Bypass Vulnerability S
HTTP F5 Big-IP 10.2.4 Build 595.0 Hotfix HF3 - File Path Traversal S
HTTP FAROL - SQL Injection Vulnerability S
HTTP FortiManager Cross Site Script Vulnerability S
HTTP FTGate 'web mail' Denial of Service Vulnerability S
HTTP FTGate 'web mail' Denial of Service Vulnerability_1 S
HTTP FTGate 'web mail' Denial of Service Vulnerability_2 S
HTTP FTGate 'web mail' Denial of Service Vulnerability_3 S
HTTP FTGate 7 CSRF Vulnerability (From Server) S
HTTP FTGate 7 CSRF Vulnerability (To Server) S
HTTP FTGate 7 CSRF Vulnerability_1 (From Server) S
HTTP FTGate 7 CSRF Vulnerability_1 (To Server) S
HTTP FTGate 7 CSRF Vulnerability_2 (From Server) S
HTTP FTGate 7 CSRF Vulnerability_2 (To Server) S
HTTP h5ai 0.25.0 Unrestricted File Upload Vulnerability S
HTTP IKEView.exe Fox beta 1 - Stack Buffer Overflow S
HTTP IKEView.exe R60 - Stack Buffer Overflow S
HTTP iTop Cross Site Scripting Vulnerability S
HTTP Mango Automation CSRF Vulnerability (From Server) S
HTTP Mango Automation CSRF Vulnerability (To Server) S
HTTP Mitsubishi Melsec FX3G-24M (SCADA) DoS Vulnerability S
HTTP NETGEAR WMS 2.1.4.15 (Build 1236) - Authentication Bypass S
HTTP NodeBB Cross Site Scripting Vulnerability S
HTTP Octogate UTM 3.0.12 - Admin Interface Directory Traversal S
HTTP Openfire 3.10.2 - 'hostname' parameter XSS (Percent Encoded) S
HTTP Openfire 3.10.2 - 'hostname' parameter XSS S
HTTP Openfire 3.10.2 - 'search' parameter XSS (Percent Encoded) S
HTTP Openfire 3.10.2 - 'search' parameter XSS S
HTTP Openfire 3.10.2 - Add Clients CSRF (To Server) (Percent Encoded) S
HTTP Openfire 3.10.2 - Add Clients CSRF (To Server) S
HTTP Openfire 3.10.2 - Add User CSRF (To Server) (Percent Encoded) S
HTTP Openfire 3.10.2 - Add User CSRF (To Server) S
HTTP Openfire 3.10.2 - Admin Password CSRF (From Server) S
HTTP Openfire 3.10.2 - Admin Password CSRF (To Server) S
HTTP Openfire 3.10.2 - Privilege Escalation (Percent Encoded) S
HTTP Openfire 3.10.2 - Privilege Escalation S
HTTP Openfire 3.10.2 - Remote File Inclusion (Percent Encoded) S
HTTP Openfire 3.10.2 - Remote File Inclusion S
HTTP Openfire 3.10.2 - Server SSL CSRF (To Server) (Percent Encoded) S
HTTP Openfire 3.10.2 - Server SSL CSRF (To Server) S
HTTP Pentaho 5.2.x BA Suite PDI Information Disclosure Vulnerability S
HTTP PHP Fusion 7.02.07 Blind SQL Injection (Percent Encoded) S
HTTP PHP Fusion 7.02.07 Blind SQL Injection S
HTTP Pligg CMS 2.0.2 - (load_data_for_search.php) SQL Injection (Percent Encoded) S
HTTP Pligg CMS 2.0.2 - (load_data_for_search.php) SQL Injection S
HTTP RealtyScript Cross Site Scripting Vulnerability (From Server) S
HTTP RealtyScript Cross Site Scripting Vulnerability (To Server) S
HTTP RealtyScript Cross Site Scripting Vulnerability_1 (From Server) S
HTTP RealtyScript Cross Site Scripting Vulnerability_1 (To Server) S
HTTP RealtyScript CSRF Vulnerability (From Server) S
HTTP RealtyScript CSRF Vulnerability (To Server) S
HTTP RealtyScript CSRF Vulnerability_1 (From Server) S
HTTP RealtyScript CSRF Vulnerability_1 (To Server) S
HTTP RealtyScript CSRF Vulnerability_2 (From Server) S
HTTP RealtyScript CSRF Vulnerability_2 (To Server) S
HTTP Refbase 0.9.6 rss.php 'where' Parameter SQL Injection Vulnerability S
HTTP Refbase 0.9.6 rss.php 'where' Parameter SQL Injection Vulnerability_1 S
HTTP Refbase 0.9.6 rss.php 'where' Parameter SQL Injection Vulnerability_2 S
HTTP Secure MFT CSRF Vulnerability (From Server) S
HTTP Secure MFT CSRF Vulnerability (To Server) S
HTTP Serena Dimensions CM Cross Site Scripting Vulnerability S
HTTP Serena Dimensions CM CSRF Vulnerability (From Server) S
HTTP Serena Dimensions CM CSRF Vulnerability (To Server) S
HTTP Silver Peak VXOA 6.2.11 - 'users' Mass Assignment S
HTTP Silver Peak VXOA 6.2.11 - Command Injection S
HTTP Silver Peak VXOA 6.2.11 - Default Account S
HTTP Silver Peak VXOA 6.2.11 - Shell Upload S
HTTP SourceBans Cross Site Scripting Vulnerability S
HTTP Synology Video Station 1.5-0757 - 'audiotrack.cgi' SQL Injection S
HTTP Synology Video Station 1.5-0757 - 'watchstatus.cgi' SQL Injection S
HTTP Synology Video Station 1.5-0757 - Command Injection S
HTTP TestLink 1.9.13 SQL Injection (Percent Encoded) S
HTTP TestLink 1.9.13 SQL Injection S
HTTP TestLink Cross Site Scripting Vulnerability S
HTTP TestLink Cross Site Scripting Vulnerability_1 S
HTTP TestLink Cross Site Scripting Vulnerability_2 S
HTTP TestLink Cross Site Scripting Vulnerability_3 S
HTTP TestLink Cross Site Scripting Vulnerability_4 S
HTTP TestLink Cross Site Scripting Vulnerability_5 S
HTTP TestLink Cross Site Scripting Vulnerability_6 S
HTTP TestLink Cross Site Scripting Vulnerability_7 S
HTTP TestLink Cross Site Scripting Vulnerability_8 S
HTTP Typo3 CMS 6.2.14 4.5.40 - 'redirect_url' parameter XSS (Percent Encoded) S
HTTP Typo3 CMS 6.2.14 4.5.40 - 'redirect_url' parameter XSS S
HTTP Typo3 CMS 6.2.14 4.5.40 - 'returnUrl' parameter XSS S
HTTP Ubee EVW3200 CSRF Vulnerability (From Server) S
HTTP Ubee EVW3200 CSRF Vulnerability (To Server) S
HTTP up.time Cross Site Scripting Vulnerability S
HTTP up.time Cross Site Scripting Vulnerability_1 S
HTTP up.time Cross Site Scripting Vulnerability_2 S
HTTP up.time Cross Site Scripting Vulnerability_3 S
HTTP up.time Cross Site Scripting Vulnerability_4 S
HTTP Windows Media Center - Command Execution (MS15-100) S
HTTP WordPress Contact Form Generator 2.0.1 - Create Field CSRF (From Server) S
HTTP WordPress Contact Form Generator 2.0.1 - Create Field CSRF (To Server) S
HTTP WordPress Contact Form Generator 2.0.1 - Create Form CSRF (From Server) S
HTTP WordPress Contact Form Generator 2.0.1 - Create Form CSRF (To Server) S
HTTP WordPress Contact Form Generator 2.0.1 - Create Template CSRF (From Server) S
HTTP WordPress Contact Form Generator 2.0.1 - Create Template CSRF (To Server) S
HTTP WordPress Contact Form Generator 2.0.1 - Delete Fields CSRF (From Server) S
HTTP WordPress Contact Form Generator 2.0.1 - Delete Fields CSRF (To Server) S
HTTP WordPress Contact Form Generator 2.0.1 - Delete Form CSRF (From Server) S
HTTP WordPress Contact Form Generator 2.0.1 - Delete Form CSRF (To Server) S
HTTP WordPress Contact Form Generator 2.0.1 - Delete Template CSRF (From Server) S
HTTP WordPress Contact Form Generator 2.0.1 - Delete Template CSRF (To Server) S
HTTP WordPress Contact Form Generator 2.0.1 - Edit Template CSRF (From Server) S
HTTP WordPress Contact Form Generator 2.0.1 - Edit Template CSRF (To Server) S
HTTP WordPress Contact Form Generator 2.0.1 - Update Field CSRF (From Server) S
HTTP WordPress Contact Form Generator 2.0.1 - Update Field CSRF (To Server) S
HTTP WordPress Contact Form Generator 2.0.1 - Update Form CSRF (From Server) S
HTTP WordPress Contact Form Generator 2.0.1 - Update Form CSRF (To Server) S
HTTP WordPress CP Reservation Calendar Plugin 1.1.6 - 'dex_item' SQL Injection S
HTTP WordPress CP Reservation Calendar Plugin 1.1.6 - 'id' SQL Injection S
HTTP WordPress Symposium Plugin 'get_album_item.php' SQL Injection (Percent Encoded) S
HTTP WordPress Symposium Plugin 'get_album_item.php' SQL Injection S
HTTP X2Engine Cross Site Scripting Vulnerability S
HTTP X2Engine CSRF Vulnerability (From Server) S
HTTP X2Engine CSRF Vulnerability (To Server) S
HTTP YesWiki 0.2 - Path Traversal Vulnerability (Percent Encoded) S
HTTP YesWiki 0.2 - Path Traversal Vulnerability S
HTTP ZeusCart 4.0 - 'description' parameter SQL Injection S
HTTP ZeusCart 4.0 - 'maincatid' parameter SQL Injection (Percent Encoded) S
HTTP ZeusCart 4.0 - 'maincatid' parameter SQL Injection S
HTTP ZeusCart CSRF Vulnerability (From Server) S
HTTP ZeusCart CSRF Vulnerability (To Server) S
HTTP Zhone ADSL2+ 4P Bridge Router (Broadcom) - 'password.cgi' Auth Bypass S
HTTP ZHONE S3.0.501 - 'snmpSysContact' parameter XSS S
HTTP ZHONE S3.0.501 - 'snmpSysLocation' parameter XSS S
HTTP ZHONE S3.0.501 - 'snmpSysName' parameter XSS S
HTTP ZHONE S3.0.501 - Privilege Escalation S
HTTP ZHONE S3.0.501 - Remote Code Execution S
Kallithea 0.2.9 HTTP Response Splitting Vulnerability S
Kaseya Virtual System Administrator Code Execution Vulnerability S
Malware Andromeda-Gamarue DNS Request for Malicious Domain (731pro.pw) S
Malware Andromeda-Gamarue DNS Request for Malicious Domain (mindfucktoys.com) S
Malware Andromeda-Gamarue DNS Request for Malicious Domain (mommycums.com) S
Malware Andromeda-Gamarue DNS Request for Malicious Domain (motherbeing-news.com) S
Malware Andromeda-Gamarue DNS Request for Malicious Domain (musictocheer.com) S
Malware Angler EK DNS Request for Malicious Domain (lsd.extremeorvexpo.com) S
Malware Angler EK DNS Request for Malicious Domain (powerwestmost.com) S
Malware Angler EK Web Communication to Compromised Site (To Server) S
Malware CryptoWall DNS Request for Malicious Domain (colinplatt.com) S
Malware CryptoWall DNS Request for Malicious Domain (contrasttraining.com) S
Malware CryptoWall DNS Request for Malicious Domain (dorothygilstrp.com) S
Malware CryptoWall DNS Request for Malicious Domain (dramaldental.com) S
Malware CryptoWall DNS Request for Malicious Domain (eliosbatterie.com) S
Malware CryptoWall DNS Request for Malicious Domain (floworldonline.com) S
Malware CryptoWall DNS Request for Malicious Domain (goatsinacoat.com) S
Malware CryptoWall DNS Request for Malicious Domain (hanecaklaw.com) S
Malware CryptoWall DNS Request for Malicious Domain (homopop.com) S
Malware CryptoWall DNS Request for Malicious Domain (ip-addr.es) S
Malware CryptoWall DNS Request for Malicious Domain (javlab.org) S
Malware CryptoWall DNS Request for Malicious Domain (jostuwatko.xyz) S
Malware CryptoWall DNS Request for Malicious Domain (konrad.szalapak.eu) S
Malware CryptoWall DNS Request for Malicious Domain (kroentro.com) S
Malware CryptoWall DNS Request for Malicious Domain (quali-man.com) S
Malware CryptoWall Post Infection Traffic (colinplatt.com) S
Malware CryptoWall Post Infection Traffic (contrasttraining.com) S
Malware CryptoWall Post Infection Traffic (dorothygilstrap.com) S
Malware CryptoWall Post Infection Traffic (dorothygilstrap.com)_1 S
Malware CryptoWall Post Infection Traffic (eliosbatterie.com) S
Malware CryptoWall Post Infection Traffic (floworldonline.com) S
Malware CryptoWall Post Infection Traffic (goatsinacoat.com) S
Malware CryptoWall Post Infection Traffic (hanecaklaw.com) S
Malware CryptoWall Post Infection Traffic (homopop.com) S
Malware CryptoWall Post Infection Traffic (homopop.com)_1 S
Malware CryptoWall Post Infection Traffic (homopop.com)_2 S
Malware CryptoWall Post Infection Traffic (ip-addr.es) S
Malware CryptoWall Post Infection Traffic (javlab.org) S
Malware CryptoWall Post Infection Traffic (javlab.org)_1 S
Malware CryptoWall Post Infection Traffic (javlab.org)_2 S
Malware Nuclear EK DNS Request for Malicious Domain (bara34bawechka34.ga) S
Malware Nuclear EK DNS Request for Malicious Domain (europe.pool.ntp.org) S
Malware Nuclear EK Web Communication to Compromised Site (From Server) S
Malware Nuclear EK Web Communication to Compromised Site (To Server) S
Malware TeslaCrypt DNS Request for Malicious Domain (dgdsgweewtew.ml) S
Malware TeslaCrypt DNS Request for Malicious Domain (dgdsgweewtew545435.tk) S
Malware TeslaCrypt DNS Request for Malicious Domain (dpaulick.de) S
Malware TeslaCrypt DNS Request for Malicious Domain (levant.hr) S
Malware TeslaCrypt Web Communication to Compromised Site (From Server) S
Malware TeslaCrypt Web Communication to Compromised Site (To Server) S
Malware TeslaCrypt Web Request to Compromised Site (breastinvestigators.com) S
Malware TeslaCrypt Web Request to Compromised Site (www.straightpathsql.com) S
Microsoft Office 2007 And 2010 RTF Frmtxtbrl EIP Corruption Vulnerability S
Microsoft Office CVE-2015-2520 Memory Corruption Vulnerability S
Microsoft Office CVE-2015-2520 Memory Corruption Vulnerability_1 S
Microsoft Office CVE-2015-2521 Memory Corruption Vulnerability S
Microsoft Office CVE-2015-2521 Memory Corruption Vulnerability_1 S
Microsoft Office CVE-2015-2523 Memory Corruption Vulnerability S
Microsoft Office CVE-2015-2523 Memory Corruption Vulnerability_1 S
Microsoft Windows OpenType Fonts CVE-2015-2432 Remote Code Execution Vulnerability S
Microsoft Windows OpenType Fonts CVE-2015-2432 Remote Code Execution Vulnerability_1 S
Microsoft Windows OpenType Fonts CVE-2015-2462 Remote Code Execution Vulnerability S
Microsoft Windows OpenType Fonts CVE-2015-2462 Remote Code Execution Vulnerability_1 S
Microsoft Windows OpenType Fonts CVE-2015-2510 Buffer Overflow Vulnerability S
Microsoft Windows OpenType Fonts CVE-2015-2510 Buffer Overflow Vulnerability_1 S
Microsoft Windows TrueType Fonts CVE-2015-2456 Remote Code Execution Vulnerability S
Microsoft Windows TrueType Fonts CVE-2015-2456 Remote Code Execution Vulnerability_1 S
Microsoft Windows TrueType Fonts CVE-2015-2456 Remote Code Execution Vulnerability_2 S
Microsoft Windows TrueType Fonts CVE-2015-2456 Remote Code Execution Vulnerability_3 S
Microsoft Windows TrueType Fonts CVE-2015-2456 Remote Code Execution Vulnerability_4 S
Microsoft Windows TrueType Fonts CVE-2015-2456 Remote Code Execution Vulnerability_5 S
OpenLDAP 2.4.42 - ber_get_next Denial of Service S
Ricoh FTP Server 1.1.0.6 Buffer Overflow Vulnerability S
SAP Netweaver 7.01 XML External Entity Injection Vulnerability S


idappcom - Auditing, verifying and enhancing the capabilities of corporate security defences.

We do not use cookies for tracking users, displaying customised content or storing information about users, other than that required to maintain 'session state' for the login system for registered users. Please read our cookie policy for more information. Please note that by using this site you are consenting to the use of cookies.