Search

Traffic File Update - April 2016

This Traffic IQ Professional update for April 2016 contains the latest application exploits, threats and security evasion techniques along with technical data and high quality security rules.

Traffic IQ Professional

Traffic File Update for April 2016

162 Application Exploits

HTTP Asbru Web Content Management System 9.2.7 - 'filenameextension' XSS S
HTTP Asbru Web Content Management System 9.2.7 - 'title' XSS (From Server) S
HTTP Asbru Web Content Management System 9.2.7 - 'title' XSS (To Server) S
HTTP Asbru Web Content Management System 9.2.7 - Add Admin CSRF (From Server) S
HTTP Asbru Web Content Management System 9.2.7 - Add Admin CSRF (To Server) S
HTTP Asbru Web Content Management System 9.2.7 - Open Redirect S
HTTP Brickcom Corporation Network Cameras CSRF Vulnerability (From Server) S
HTTP Brickcom Corporation Network Cameras CSRF Vulnerability (To Server) S
HTTP Brickcom Corporation Network Cameras CSRF Vulnerability_1 (From Server) S
HTTP Brickcom Corporation Network Cameras CSRF Vulnerability_1 (To Server) S
HTTP Brickcom Corporation Network Cameras XSS Vulnerability S
HTTP Cacti 0.8.8g SQL Injection S
HTTP Chamilo LMS Cross Site Scripting Vulnerability_1 S
HTTP CubeCart 6.0.10 - 'char' SQL Injection S
HTTP CubeCart 6.0.10 - 'first_name' XSS (From Server) S
HTTP CubeCart 6.0.10 - 'first_name' XSS (To Server) S
HTTP CubeCart 6.0.10 - 'last_name' XSS (From Server) S
HTTP CubeCart 6.0.10 - 'last_name' XSS (To Server) S
HTTP CubeCart 6.0.10 - Delete Arbitrary File CSRF S
HTTP D-Link DWR-932 Firmware 4.00 - Admin Credentials Disclosure S
HTTP D-Link DWR-932 Firmware 4.00 - Config Information Disclosure S
HTTP D-Link DWR-932 Firmware 4.00 - Wifi Password Disclosure S
HTTP Dating Pro Genie 2015.7 - Admin CSRF (From Server) S
HTTP Dating Pro Genie 2015.7 - Admin CSRF (To Server) S
HTTP Dating Pro Genie 2015.7 - Notification CSRF (From Server) S
HTTP Dating Pro Genie 2015.7 - Notification CSRF (To Server) S
HTTP Disc ORGanizer - DORG - 'q' XSS S
HTTP Disc ORGanizer - DORG - 'search' SQL Injection S
HTTP DotCMS 3.3 SQL Injection S
HTTP eFront Learning CMS Cross Site Scripting S
HTTP Hikvision Digital Video Recorder CSRF (From Server) S
HTTP Hikvision Digital Video Recorder CSRF (To Server) S
HTTP iTop 2.2.1 - CSRF Vulnerability (From Server) S
HTTP iTop 2.2.1 - CSRF Vulnerability (To Server) S
HTTP iTop 2.2.1 - Remote Code Execution S
HTTP Joomla Easy Youtube Gallery 1.0.2 - SQL Injection Vulnerability S
HTTP JSN PowerAdmin Joomla! Extension 2.3.0 - Remote Code Execution (From Server) S
HTTP JSN PowerAdmin Joomla! Extension 2.3.0 - Remote Code Execution (To Server) S
HTTP Liferay Portal 5.1.2 - Persistent XSS S
HTTP MiCollab 7.0 - 'mywindow' SQL Injection Vulnerability (Perc Enc) S
HTTP MiCollab 7.0 - 'mywindow' SQL Injection Vulnerability S
HTTP MiCollab 7.0 - 'PortletSelector' SQL Injection Vulnerability S
HTTP Open Web Analytics Cross Site Scripting Vulnerability S
HTTP perfact mpa Cross Site Scripting Vulnerability S
HTTP perfact mpa Cross Site Scripting Vulnerability_1 S
HTTP pfSense Community Edition CSRF Vulnerability (From Server) S
HTTP pfSense Community Edition CSRF Vulnerability (To Server) S
HTTP pfSense Community Edition XSS Vulnerability S
HTTP pfSense Community Edition XSS Vulnerability_1 S
HTTP pfSense Community Edition XSS Vulnerability_2 S
HTTP pfSense Firewall CSRF Vulnerability (From Server) S
HTTP pfSense Firewall CSRF Vulnerability (To Server) S
HTTP pfSense Firewall CSRF Vulnerability_1 (From Server) S
HTTP pfSense Firewall CSRF Vulnerability_1 (To Server) S
HTTP pfSense Firewall CSRF Vulnerability_2 (From Server) S
HTTP pfSense Firewall CSRF Vulnerability_2 (To Server) S
HTTP pfSense Firewall CSRF Vulnerability_3 (From Server) S
HTTP pfSense Firewall CSRF Vulnerability_3 (To Server) S
HTTP pfSense Firewall CSRF Vulnerability_4 (From Server) S
HTTP pfSense Firewall CSRF Vulnerability_4 (To Server) S
HTTP pfSense Firewall CSRF Vulnerability_5 (From Server) S
HTTP pfSense Firewall CSRF Vulnerability_5 (To Server) S
HTTP PivotX 2.3.11 - 'del' Directory Traversal S
HTTP PivotX 2.3.11 - 'file' Directory Traversal S
HTTP PQI Air Pen Express 6W51-0000R2 and 6W51-0000R2XXX 'addHostFilter' XSS S
HTTP PQI Air Pen Express 6W51-0000R2 and 6W51-0000R2XXX 'addURLFilter' XSS S
HTTP PQI Air Pen Express 6W51-0000R2 and 6W51-0000R2XXX 'admpass' XSS (Perc Enc) S
HTTP PQI Air Pen Express 6W51-0000R2 and 6W51-0000R2XXX 'admpass' XSS S
HTTP PQI Air Pen Express 6W51-0000R2 and 6W51-0000R2XXX 'connectionType' XSS S
HTTP PQI Air Pen Express 6W51-0000R2 and 6W51-0000R2XXX 'hostname' XSS S
HTTP PQI Air Pen Express 6W51-0000R2 and 6W51-0000R2XXX 'mssid_0' XSS S
HTTP PQI Air Pen Express 6W51-0000R2 and 6W51-0000R2XXX 'ssid' XSS S
HTTP PQI Air Pen Express 6W51-0000R2 and 6W51-0000R2XXX 'User3G' XSS S
HTTP PQI Air Pen Express 6W51-0000R2 and 6W51-0000R2XXX Access Point CSRF (From Server) S
HTTP PQI Air Pen Express 6W51-0000R2 and 6W51-0000R2XXX Access Point CSRF (To Server) S
HTTP PQI Air Pen Express 6W51-0000R2 and 6W51-0000R2XXX Admin CSRF (From Server) S
HTTP PQI Air Pen Express 6W51-0000R2 and 6W51-0000R2XXX Admin CSRF (To Server) S
HTTP PQI Air Pen Express 6W51-0000R2 and 6W51-0000R2XXX Credentials Info Disclosure S
HTTP SocialEngine 4.8.9 - SQL Injection (Perc Enc) S
HTTP SocialEngine 4.8.9 - SQL Injection S
HTTP Webutler CMS Cross-Site Request Forgery Vulnerability (From Server) S
HTTP Webutler CMS Cross-Site Request Forgery Vulnerability (To Server) S
HTTP WordPress Abtest Plugin - Local File Inclusion S
HTTP WordPress Advanced Video Plugin 1.0 - Local File Inclusion (LFI) S
HTTP Wordpress Beauty and Clean Theme 1.0.8 - Arbitrary File Upload (From Server) S
HTTP Wordpress Beauty and Clean Theme 1.0.8 - Arbitrary File Upload (To Server) S
HTTP WordPress Best Web Soft Captcha Plugin 4.1.5 - XSS (From Server) S
HTTP WordPress Best Web Soft Captcha Plugin 4.1.5 - XSS (To Server) S
HTTP WordPress Brandfolder Plugin 3.0 - LFI Vulnerability (Perc Enc) S
HTTP WordPress Brandfolder Plugin 3.0 - LFI Vulnerability S
HTTP WordPress Brandfolder Plugin 3.0 - RFI Vulnerability S
HTTP WordPress Bulletproof Cross Site Scripting Vulnerability S
HTTP WordPress Bulletproof Cross Site Scripting Vulnerability_1 S
HTTP WordPress CP Polls Cross Site Scripting Vulnerability (From Server) S
HTTP WordPress CP Polls Cross Site Scripting Vulnerability (To Server) S
HTTP WordPress Dharma booking Plugin 2.38.3 - Local File Inclusion Vulnerability S
HTTP WordPress Dharma booking Plugin 2.38.3 - Remote File Inclusion Vulnerability S
HTTP WordPress DW Question Answer XSS Vulnerability S
HTTP WordPress DZS Videogallery Plugin 8.60 - 'playlistseditor' XSS S
HTTP WordPress DZS Videogallery Plugin 8.60 - 'tagseditor' XSS S
HTTP WordPress DZS Videogallery Plugin 8.60 - 'type' parameter XSS S
HTTP WordPress DZS Videogallery Plugin 8.60 - 'width' parameter XSS S
HTTP WordPress eBook Download Plugin 1.1 - Directory Traversal S
HTTP WordPress Email Encoder Bundle Cross Site Scripting Vulnerability S
HTTP WordPress Email Encoder Bundle Cross Site Scripting Vulnerability_1 S
HTTP WordPress Email Encoder Bundle Cross Site Scripting Vulnerability_2 S
HTTP WordPress Email Encoder Bundle Cross Site Scripting Vulnerability_3 S
HTTP WordPress Email Encoder Bundle Cross Site Scripting Vulnerability_4 S
HTTP WordPress Extra User Details 0.4.2 Privilege Escalation S
HTTP WordPress GravityForms Cross Site Scripting Vulnerability S
HTTP WordPress HB Audio Gallery Lite Plugin 1.0.0 - Arbitrary File Download S
HTTP WordPress Image Export Plugin 1.1.0 - Arbitrary File Disclosure (Perc Enc) S
HTTP WordPress Image Export Plugin 1.1.0 - Arbitrary File Disclosure S
HTTP WordPress Import CSV Plugin 1.0 - Directory Traversal S
HTTP WordPress Memphis Document Library Plugin 3.1.5 - Arbitrary File Download S
HTTP WordPress Photocart Link Plugin 1.6 - Local File Inclusion S
HTTP Wordpress Plugin IMDb Profile Widget 1.0.8 - Local File Inclusion S
HTTP Wordpress Site Import Plugin 1.0.1 - Local File Inclusion S
HTTP Wordpress Site Import Plugin 1.0.1 - Remote Local File Inclusion S
HTTP WordPress SiteMile Project Theme 2.0.9.5 - 'advanced-search' XSS S
HTTP WordPress SiteMile Project Theme 2.0.9.5 - 'my_message' XSS S
HTTP WordPress SiteMile Project Theme 2.0.9.5 - Password CSRF (From Server) S
HTTP WordPress SiteMile Project Theme 2.0.9.5 - Password CSRF (To Server) S
HTTP WordPress SP Projects And Document Manager SQL Injection Vulnerability S
HTTP WordPress SP Projects And Document Manager SQL Injection Vulnerability_1 S
HTTP WordPress SP Projects And Document Manager SQL Injection Vulnerability_2 S
HTTP WordPress SP Projects And Document Manager SQL Injection Vulnerability_3 S
HTTP WordPress SP Projects And Document Manager XSS Vulnerability S
HTTP WordPress WP Advanced Comment Plugin XSS Vulnerability (From Server) S
HTTP WordPress WP Advanced Comment Plugin XSS Vulnerability (To Server) S
HTTP WordPress WP Mailto Links Cross Site Scripting Vulnerability S
HTTP WordPress WP Ultimate Exporter Cross Site Scripting Vulnerability S
HTTP WordPress WP Ultimate Exporter Cross Site Scripting Vulnerability_1 S
HTTP WordPress WP Ultimate Exporter SQL Injection Vulnerability S
HTTP WP Good News Themes Cross Site Scripting Vulnerability S
HTTP Zimbra Cross Site Request Forgery Vulnerability (From Server) S
HTTP Zimbra Cross Site Request Forgery Vulnerability (To Server) S
Malware Darkleech DNS Connected with Angler Exploit Kit (masper.co.uk) S
Malware Darkleech DNS Connected with Bedep Trojan (babsbarwjyfihsfsti.com) S
Malware Darkleech DNS Connected with Bedep Trojan (enyxkzyvkfonqnq.com) S
Malware Darkleech DNS Connected with Bedep Trojan (irahapafutsjibo.com) S
Malware Darkleech DNS Connected with Bedep Trojan (psnehgrgrwpgxmtc.com) S
Malware Darkleech DNS Connected with Click-Fraud (cetinhechinhis.com) S
Malware Darkleech DNS Connected with Click-Fraud (kimpelasomasot.com) S
Malware Darkleech DNS Connected with Click-Fraud (ranetardinghap.com) S
Malware Darkleech DNS Connected with Click-Fraud (rerobloketbo.com) S
Malware Darkleech DNS Connected with Click-Fraud (tedgeroatref.com) S
Malware Darkleech DNS Connected with Click-Fraud (tonthishessici.com) S
Malware Darkleech HTTP GET Request caused by Click-Fraud S
Malware Darkleech HTTP GET Request caused by Click-Fraud_1 S
Malware Darkleech HTTP GET Request caused by Click-Fraud_2 S
Malware Darkleech HTTP GET Request caused by Click-Fraud_3 S
Malware Darkleech HTTP GET Request caused by Click-Fraud_4 S
Malware Darkleech HTTP POST Request caused by Bedep Trojan S
Malware Darkleech HTTP POST Request caused by Bedep Trojan_1 S
Malware Darkleech HTTP POST Request caused by Bedep Trojan_2 S
Malware Darkleech HTTP POST Request caused by Bedep Trojan_3 S
Malware Darkleech HTTP POST Request caused by Bedep Trojan_4 S
Malware Darkleech HTTP POST Request caused by Bedep Trojan_5 S
Malware Darkleech HTTP POST Request caused by Bedep Trojan_6 S
Malware Darkleech HTTP POST Request caused by Bedep Trojan_7 S
Malware Darkleech HTTP Response containing Malicious Code delivered by Angler Exploit Kit S


idappcom - Auditing, verifying and enhancing the capabilities of corporate security defences.

We do not use cookies for tracking users, displaying customised content or storing information about users, other than that required to maintain 'session state' for the login system for registered users. Please read our cookie policy for more information. Please note that by using this site you are consenting to the use of cookies.