Search

Traffic File Update - March 2015

This Traffic IQ Professional update for March 2015 contains the latest application exploits, threats and security evasion techniques along with technical data and high quality security rules.

Traffic IQ Professional

Traffic File Update for March 2015

200 Application Exploits

ClearSCADA Remote Authentication Bypass Vulnerability (SCADA) S
HTTP Acuity CMS 'UserName' Parameter Cross Site Scripting Vulnerability (Mixed Case URL) S
HTTP Acuity CMS 'UserName' Parameter Cross Site Scripting Vulnerability S
HTTP ADSelfservice Plus 5.1 Cross Site Scripting (Mixed Case Body Text) S
HTTP ADSelfservice Plus 5.1 Cross Site Scripting S
HTTP Annuaire PHP 'sites_inscription.php' Multiple Cross Site Scripting (Mixed Case Method) S
HTTP Annuaire PHP 'sites_inscription.php' Multiple Cross Site Scripting S
HTTP Arris TG862G CVE-2014-5438 HTML Injection and XSS Vulnerabilities S
HTTP Arris VAP2500 Authentication Bypass Vulnerability S
HTTP Arris VAP2500 Authentication Bypass Vulnerability_1 S
HTTP Arris VAP2500 Authentication Bypass Vulnerability_2 S
HTTP ArticleFR 'q' Parameter Cross Site Scripting Vuln (Reverse Forward Slash in URL) S
HTTP ArticleFR 'q' Parameter Cross Site Scripting Vulnerability S
HTTP ATutor LCMS 2.2 Cross Site Request Forgery (Mixed Case URL) S
HTTP ATutor LCMS 2.2 Cross Site Request Forgery (Mixed Case URL)_2 S
HTTP ATutor LCMS 2.2 Cross Site Request Forgery S
HTTP ATutor LCMS 2.2 Cross Site Request Forgery_1 (Mixed Case Body Text) S
HTTP ATutor LCMS 2.2 Cross Site Request Forgery_1 S
HTTP ATutor LCMS 2.2 Cross Site Request Forgery_2 S
HTTP ATutor LCMS 2.2 Cross Site Request Forgery_3 (Reverse Forward Slash in URL) S
HTTP ATutor LCMS 2.2 Cross Site Request Forgery_3 S
HTTP ATutor Multiple Cross Site Scripting Vulnerability (Mixed Case Method) S
HTTP ATutor Multiple Cross Site Scripting Vulnerability S
HTTP Banner Effect Header 1.2.7 Cross Site Scripting (Percent Encoded URL) S
HTTP Banner Effect Header 1.2.7 Cross Site Scripting S
HTTP Beehive Forum 101 Cross Site Scripting Vulnerability (Mixed Case URL) S
HTTP Beehive Forum 101 Cross Site Scripting Vulnerability S
HTTP Beehive Forum 101 Cross Site Scripting Vulnerability_1 (Reverse Forward Slash in URL) S
HTTP Beehive Forum 101 Cross Site Scripting Vulnerability_1 S
HTTP Beehive Forum 101 Cross Site Scripting Vulnerability_2 (Mixed Case Method) S
HTTP Beehive Forum 101 Cross Site Scripting Vulnerability_2 S
HTTP Beehive Forum 101 Cross Site Scripting Vulnerability_3 (Mixed Case URL) S
HTTP Beehive Forum 101 Cross Site Scripting Vulnerability_3 S
HTTP Bitweaver 'rankings.php' Local File Include Vulnerability (Percent Encoded URL) S
HTTP Bitweaver 'rankings.php' Local File Include Vulnerability S
HTTP Blubrry PowerPress 6.0 Cross Site Scripting (Double Percent Encoded URL) S
HTTP Blubrry PowerPress 6.0 Cross Site Scripting S
HTTP Bsplayer Response Buffer Overflow Vulnerability S
HTTP Cacti superlinks Plugin 'id' Parameter SQL Injection Vulnerability_1 (Percent Encoded) S
HTTP Cacti superlinks Plugin 'id' Parameter SQL Injection Vulnerability_1 S
HTTP Chamilo LMS 1.9.8 Blind SQL Injection (Mixed Case Body Text) S
HTTP Chamilo LMS 1.9.8 Blind SQL Injection S
HTTP Chamilo LMS 1.9.8 Blind SQL Injection_1 (Reverse Forward Slash in URL) S
HTTP Chamilo LMS 1.9.8 Blind SQL Injection_1 S
HTTP Chemtool Input File Handling Memory Corruption Vulnerability S
HTTP Chevereto Image Upload Script Information Disclosure (Mixed Case Method) S
HTTP Chevereto Image Upload Script Information Disclosure S
HTTP Chevereto Image Upload Script XSS (Mixed Case URL) S
HTTP Chevereto Image Upload Script XSS S
HTTP Cit e Net 6 Cross Site Scripting (Reverse Forward Slash in URL) S
HTTP Cit e Net 6 Cross Site Scripting S
HTTP Cit e Net 6 Cross Site Scripting_1 (Mixed Case Method) S
HTTP Cit e Net 6 Cross Site Scripting_1 S
HTTP Cit e Net 6 Cross Site Scripting_2 (Mixed Case URL) S
HTTP Cit e Net 6 Cross Site Scripting_2 S
HTTP Cit e Net 6 Cross Site Scripting_3 (Percent Encoded URL) S
HTTP Cit e Net 6 Cross Site Scripting_3 S
HTTP Cit e Net 6 Cross Site Scripting_4 (Double Percent Encoded URL) S
HTTP Cit e Net 6 Cross Site Scripting_4 S
HTTP Cit e Net 6 Cross Site Scripting_5 (Mixed Case Method URL) S
HTTP Cit e Net 6 Cross Site Scripting_5 S
HTTP Clipbucket 2.7 RC3 0.9 - Blind SQL Injection (Reverse Forward Slash in URL) S
HTTP Clipbucket 2.7 RC3 0.9 - Blind SQL Injection S
HTTP CMS Balitbang 'hal' Parameter Multiple SQL Injection (Reverse Forward Slash in URL) S
HTTP CMS Balitbang 'hal' Parameter Multiple SQL Injection S
HTTP CMS Balitbang 'hal' Parameter Multiple SQL Injection_1 (Mixed Case Method) S
HTTP CMS Balitbang 'hal' Parameter Multiple SQL Injection_1 S
HTTP CMS Balitbang 'hal' Parameter Multiple SQL Injection_2 (Mixed Case URL) S
HTTP CMS Balitbang 'hal' Parameter Multiple SQL Injection_2 S
HTTP CMS Balitbang 'hal' Parameter Multiple SQL Injection_3 (Percent Encoded URL) S
HTTP CMS Balitbang 'hal' Parameter Multiple SQL Injection_3 S
HTTP CMS Balitbang 'hal' Parameter Multiple SQL Injection_4 (Double Percent Encoded URL) S
HTTP CMS Balitbang 'hal' Parameter Multiple SQL Injection_4 S
HTTP CMS Websitebaker 2.8.3 SP3 Cross Site Scripting (Mixed Case Method) S
HTTP CMS Websitebaker 2.8.3 SP3 Cross Site Scripting S
HTTP CrushFTP 7.2.0 CSRF (Mixed Case URL) S
HTTP CrushFTP 7.2.0 CSRF S
HTTP CrushFTP 7.2.0 CSRF_1 (Mixed Case Body Text) S
HTTP CrushFTP 7.2.0 CSRF_1 S
HTTP CrushFTP 7.2.0 XSS (Mixed Case Body Text) S
HTTP CrushFTP 7.2.0 XSS S
HTTP CrushFTP 7.2.0 XSS_1 (Percent Encoded URL) S
HTTP CrushFTP 7.2.0 XSS_1 S
HTTP D-Link DSL-2640B - Unauthenticated Remote DNS Change Exploit (Mixed Case URL) S
HTTP D-Link DSL-2640B - Unauthenticated Remote DNS Change Exploit S
HTTP Desktop Central Add Administrator (Mixed Case Method) S
HTTP Desktop Central Add Administrator S
HTTP eTouch SamePage 4.4.0.0.239 Arbitrary File Read (Mixed Case Method) S
HTTP eTouch SamePage 4.4.0.0.239 Arbitrary File Read S
HTTP eTouch SamePage 4.4.0.0.239 SQL Injection (Percent Encoded URL) S
HTTP eTouch SamePage 4.4.0.0.239 SQL Injection S
HTTP EventSentry 'pageId' Parameter Cross Site Scripting Vulnerability (Mixed Case Method) S
HTTP EventSentry 'pageId' Parameter Cross Site Scripting Vulnerability S
HTTP Exponent CMS 'index.php' Cross Site Scripting Vulnerability (Percent Encoded URL) S
HTTP Exponent CMS 'index.php' Cross Site Scripting Vulnerability S
HTTP Exponent CMS 2.3.1 - Cross Site Scripting Vulnerability (Mixed Case URL) S
HTTP Exponent CMS 2.3.1 - Cross Site Scripting Vulnerability S
HTTP Fancybox for WordPress 3.0.2 - Stored XSS (Mixed Case URL) S
HTTP Fancybox for WordPress 3.0.2 - Stored XSS S
HTTP Fancybox for WordPress 3.0.2 - Stored XSS_1 (Mixed Case URL Body Text) S
HTTP Fancybox for WordPress 3.0.2 - Stored XSS_1 S
HTTP Fat Free CRM 0.13.5 Cross Site Request Forgery (Mixed Case URL) S
HTTP Fat Free CRM 0.13.5 Cross Site Request Forgery S
HTTP Fat Free CRM 0.13.5 Cross Site Request Forgery_1 (Mixed Case Body Text) S
HTTP Fat Free CRM 0.13.5 Cross Site Request Forgery_1 S
HTTP Flatnux Cross Site Request Forgery Vulnerability (Mixed Case URL) S
HTTP Flatnux Cross Site Request Forgery Vulnerability S
HTTP Flatnux Cross Site Request Forgery Vulnerability_1 (Percent Encoded URL) S
HTTP Flatnux Cross Site Request Forgery Vulnerability_1 S
HTTP Flatnux File Traversal Vulnerability (Mixed Case Method) S
HTTP Flatnux File Traversal Vulnerability S
HTTP Fork CMS 3.8.3 Cross Site Scripting (Reverse Forward Slash in URL) S
HTTP Fork CMS 3.8.3 Cross Site Scripting S
HTTP Fork CMS 3.8.5 - SQL Injection (Mixed Case Method) S
HTTP Fork CMS 3.8.5 - SQL Injection S
HTTP Fork CMS 3.8.5 - SQL Injection_1 (Double Percent Encoded URL) S
HTTP Fork CMS 3.8.5 - SQL Injection_1 S
HTTP Frams's Fast File EXchange Cross Site Scripting (Mixed Case URL) S
HTTP Frams's Fast File EXchange Cross Site Scripting S
HTTP Frams's Fast File EXchange Cross Site Scripting_1 (Mixed Case URL) S
HTTP Frams's Fast File EXchange Cross Site Scripting_1 S
HTTP Frams's Fast File EXchange Cross Site Scripting_2 (Reverse Forward Slash in URL) S
HTTP Frams's Fast File EXchange Cross Site Scripting_2 S
HTTP Free MP3 CD Ripper '.wav' File Buffer Overflow Vulnerability S
HTTP Free MP3 CD Ripper '.wav' File Buffer Overflow Vulnerability_1 S
HTTP Freelance Zone SQL Injection Vulnerability (Double Percent Encoded) S
HTTP Freelance Zone SQL Injection Vulnerability S
HTTP ImgPals Photo Host Input Validation Vulnerability (Double Percent Encoded) S
HTTP ImgPals Photo Host Input Validation Vulnerability S
HTTP Jetty CVE-2015-2080 Information Disclosure Vulnerability S
HTTP Joomla! SQL Injection Vulnerability S
HTTP MyClientBase SQL Injection Vulnerability (Percent Encoded) S
HTTP MyClientBase SQL Injection Vulnerability S
HTTP MyClientBase SQL Injection Vulnerability_1 (Percent Encoded) S
HTTP MyClientBase SQL Injection Vulnerability_1 S
HTTP NetDecision Traffic Grapher Server Source Code Disclosure Vulnerability S
HTTP Open Realty Directory Traversal Vulnerability (Double Percent Encoded) S
HTTP Open Realty Directory Traversal Vulnerability S
HTTP OSClass Cross Site Scripting Vulnerability S
HTTP OSClass Cross Site Scripting Vulnerability_1 S
HTTP OSClass Cross Site Scripting Vulnerability_2 S
HTTP OSClass Cross Site Scripting Vulnerability_3 S
HTTP OSClass SQL Injection Vulnerability S
HTTP PHP Ticket 'p' Parameter SQL Injection Vulnerability S
HTTP PHP Volunteer Management SQL Injection Vulnerability S
HTTP PHPKIT WCMS 'include.php' Cross Site Scripting Vulnerability S
HTTP Pimcore 'name' SQL injection Vulnerability (Double Percent Encoded) S
HTTP Pimcore 'name' SQL injection Vulnerability S
HTTP Pirelli Routers 'rebootinfo.cgi' Remote Access Vulnerability S
HTTP Pirelli Routers 'resetrouter.html' Remote Access Vulnerability S
HTTP Pirelli Routers 'wlcfg.html' Remote Access Vulnerability S
HTTP Pirelli Routers 'wlsecurity.html' Remote Access Vulnerability S
HTTP Quick.CMS 'p' Parameter Cross Site Scripting Vulnerability S
HTTP Redaxscript CMS SQL Injection Vulnerability (Percent Encoded) S
HTTP Redaxscript CMS SQL Injection Vulnerability S
HTTP Samsung SmartViewer 'CNC_Ctrl' CVE-2014-9265 Buffer Overflow Vulnerability S
HTTP Shuttle Tech ADSL Modem-Router 915 WM - Unauth Remote DNS Change Exp (Mixed Case URL) S
HTTP Shuttle Tech ADSL Modem-Router 915 WM - Unauth Remote DNS Change Exp S
HTTP SkinCrafter SkinCrafter3_vs2005 Buffer Overflow Vulnerability S
HTTP SkinCrafter SkinCrafter3_vs2008 Buffer Overflow Vulnerability S
HTTP SkinCrafter SkinCrafter3_vs2010 Buffer Overflow Vulnerability S
HTTP Symantec Encryption Management Server Local Command Injection Vulnerability S
HTTP vBulletin vBSSO Single Sign-On SQL Injection Vulnerability S
HTTP WonderPlugin Audio Player 2.0 - Blind SQL Injection (Mixed Case URL) S
HTTP WonderPlugin Audio Player 2.0 - Blind SQL Injection S
HTTP WonderPlugin Audio Player 2.0 - Blind SQL Injection_1 (Mixed Case Method) S
HTTP WonderPlugin Audio Player 2.0 - Blind SQL Injection_1 S
HTTP WonderPlugin Audio Player 2.0 - XSS (Mixed Case URL) S
HTTP WonderPlugin Audio Player 2.0 - XSS S
HTTP WonderPlugin Audio Player 2.0 - XSS_1 (Percent Encoded URL) S
HTTP WonderPlugin Audio Player 2.0 - XSS_1 S
HTTP WordPress Alert Before Your Post Plugin 'name' Parameter XSS (Mixed Case URL) S
HTTP WordPress Alert Before Your Post Plugin 'name' Parameter XSS S
HTTP WordPress Download Manager plugin File Upload Vulnerability S
HTTP Wordpress Download Manager Remote Code Execution Vulnerability S
HTTP WordPress Easy Social Icons Plugin 1.2.2 - CSRF Vulnerability (Mixed Case URL) S
HTTP WordPress Easy Social Icons Plugin 1.2.2 - CSRF Vulnerability S
HTTP WordPress Easy Social Icons Plugin 1.2.2 - CSRF Vulnerability_1 (Mixed Case Body Text) S
HTTP WordPress Easy Social Icons Plugin 1.2.2 - CSRF Vulnerability_1 S
HTTP WordPress Infusionsoft Gravity Forms Plugin Upload Vulnerability S
HTTP WordPress Leaflet Plugin XSS Vulnerability S
HTTP WordPress Leaflet Plugin XSS Vulnerability_1 (Double Percent Encoded) S
HTTP WordPress Leaflet Plugin XSS Vulnerability_1 S
HTTP WordPress LeagueManager Plugin XSS Vulnerability (Double Percent Encoded) S
HTTP WordPress LeagueManager Plugin XSS Vulnerability S
HTTP WordPress LeagueManager Plugin XSS Vulnerability_1 S
HTTP WordPress Photo Gallery Plugin CVE-2014-9312 File Upload Vulnerability S
HTTP WP Easing Slider Plugin CVE-2015-1436 Multiple Cross Site Scripting (Mixed Case Method) S
HTTP WP Easing Slider Plugin CVE-2015-1436 Multiple Cross Site Scripting S
HTTP WP Easing Slider Plugin CVE-2015-1436 Multiple Cross Site Scripting_1 (Mixed Case URL) S
HTTP WP Easing Slider Plugin CVE-2015-1436 Multiple Cross Site Scripting_1 S
HTTP WPress Advanced Text Widget Plugin 'page' Parameter XSS (Reverse Forward Slash in URL) S
HTTP WPress Advanced Text Widget Plugin 'page' Parameter XSS S
HTTP X360 Video Player VideoPlayer.ocx Buffer Overflow Vulnerability S
JetAudio .mp4 Denial of Service Vulnerability S
MooPlayer M3U File Handling Buffer Overflow Vulnerability S
Sim Editor Short Message File Parsing Vulnerability S
Sim Editor Short Message File Parsing Vulnerability_1 S
SMTP Exim ESMTP GHOST Denial Of Service Vulnerability S
Winamp .flv Denial of Service Vulnerability S


idappcom - Auditing, verifying and enhancing the capabilities of corporate security defences.

We do not use cookies for tracking users, displaying customised content or storing information about users, other than that required to maintain 'session state' for the login system for registered users. Please read our cookie policy for more information. Please note that by using this site you are consenting to the use of cookies.