Search

Traffic File Update - September 2017

This Traffic IQ Professional update for September 2017 contains the latest application exploits, threats and security evasion techniques along with technical data and high quality security rules.

Traffic IQ Professional

Traffic File Update for September 2017

171 Application Exploits

HTTP AbanteCart 1.2.7 Reflected Cross Site Scripting S
HTTP AbanteCart 1.2.7 SQL Injection S
HTTP AbanteCart 1.2.7 Stored Cross Site Scripting S
HTTP Apache Struts REST Plugin Code Execution (CVE-2017-9805) S
HTTP Aruba AirWave 8.2.3 - Cross-Site Scripting S
HTTP Aruba AirWave 8.2.3 - XML External Entity Injection S
HTTP ATutor 2.2.2 - Cross-Site Request Forgery (Add New Course) (From Server) S
HTTP ATutor 2.2.2 - Cross-Site Request Forgery (Add New Course) (To Server) S
HTTP DALIM SOFTWARE ES Core 5.0 build 7184.1 - Server-Side Request Forgery S
HTTP DALIM SOFTWARE ES Core Directory Traversal Vuln S
HTTP DALIM SOFTWARE ES Core Directory Traversal Vuln_1 S
HTTP DALIM SOFTWARE ES Core Directory Traversal Vuln_2 S
HTTP DALIM SOFTWARE ES Core Directory Traversal Vuln_3 S
HTTP DALIM SOFTWARE ESPRIT Core Cross Site Scripting Vuln (From Server) S
HTTP DALIM SOFTWARE ESPRIT Core Cross Site Scripting Vuln (To Server) S
HTTP DALIM SOFTWARE ESPRIT Core Cross Site Scripting Vuln_1 (From Server) S
HTTP DALIM SOFTWARE ESPRIT Core Cross Site Scripting Vuln_1 (To Server) S
HTTP DALIM SOFTWARE ESPRIT Core Cross Site Scripting Vuln_2 (From Server) S
HTTP DALIM SOFTWARE ESPRIT Core Cross Site Scripting Vuln_2 (To Server) S
HTTP DALIM SOFTWARE ESPRIT Core Cross Site Scripting Vuln_3 (From Server) S
HTTP DALIM SOFTWARE ESPRIT Core Cross Site Scripting Vuln_3 (To Server) S
HTTP DALIM SOFTWARE ESPRIT Core Cross Site Scripting Vuln_4 (From Server) S
HTTP DALIM SOFTWARE ESPRIT Core Cross Site Scripting Vuln_4 (To Server) S
HTTP DALIM SOFTWARE ESPRIT Core Cross Site Scripting Vuln_5 (From Server) S
HTTP DALIM SOFTWARE ESPRIT Core Cross Site Scripting Vuln_5 (To Server) S
HTTP DALIM SOFTWARE ESPRIT Core Cross Site Scripting Vuln_6 (From Server) S
HTTP DALIM SOFTWARE ESPRIT Core Cross Site Scripting Vuln_6 (To Server) S
HTTP DALIM SOFTWARE ESPRIT Core Cross Site Scripting Vuln_7 (From Server) S
HTTP DALIM SOFTWARE ESPRIT Core Cross Site Scripting Vuln_7 (To Server) S
HTTP DALIM SOFTWARE ESPRIT Core Cross Site Scripting Vuln_8 (From Server) S
HTTP DALIM SOFTWARE ESPRIT Core Cross Site Scripting Vuln_8 (To Server) S
HTTP Django CMS 3.3.0 - (Editor Snippet) 'name' Persistent Cross-Site Scripting S
HTTP DLink DSL-2730U Wireless N 150 - Admin Account Cross-Site Request Forgery S
HTTP DLink DSL-2730U Wireless N 150 - Disable Firewall Cross-Site Request Forgery S
HTTP DLink DSL-2730U Wireless N 150 - Enable Firewall Cross-Site Request Forgery S
HTTP DLink DSL-2730U Wireless N 150 - Modify DNS Cross-Site Request Forgery S
HTTP DLink DSL-2730U Wireless N 150 - Support Account Cross-Site Request Forgery S
HTTP DLink DSL-2730U Wireless N 150 - User Account Cross-Site Request Forgery S
HTTP eCom Cart 'charge.php' SQL Injection Vuln S
HTTP EDUMOD Pro 1.3 - SQL Injection S
HTTP Friends in War Make or Break 'index.php' SQL Injection Vuln S
HTTP Friends in War Make or Break 'useruploads.php' SQL Injection Vuln S
HTTP Friends in War Make or Break CSRF (Change Admin Password) Vuln (From Server) S
HTTP Friends in War Make or Break CSRF (Change Admin Password) Vuln (To Server) S
HTTP Google Chrome - Out-of-Bounds Access in RegExp Stubs S
HTTP IBM Informix Dynamic Server Informix Open Admin Tool - 'config.php' RCE S
HTTP IBM Informix Dynamic Server Informix Open Admin Tool - 'welcomeService.php' RCE S
HTTP INFOR EAM 'WSJOBS.xmlhttp' SQL Injection Vuln S
HTTP Joomla! Component CCNewsLetter 'index.php' SQL Injection Vuln S
HTTP Joomla! Component Event Registration Pro Calendar 'index.php' SQL Injection Vuln S
HTTP Joomla! Component JoomRecipe 'results.html' SQL Injection Vuln S
HTTP Joomla! Component LMS King Professional 'index.php' SQL Injection Vuln S
HTTP Joomla! Component PHP-Bridge 'index.php' SQL Injection Vuln S
HTTP Joomla! Component SIMGenealogy 'index.php' SQL Injection Vuln S
HTTP Kronos Telestaff 2.92EU29 - 'user' parameter SQL Injection S
HTTP Kronos Telestaff 2.92EU29 - Remote Code Execution S
HTTP Mailcow 'admin.php' Add Admin CSRF Vuln (From Server) S
HTTP Mailcow 'admin.php' Add Admin CSRF Vuln (To Server) S
HTTP Mailcow 'admin.php' Admin Password Reset CSRF Vuln (From Server) S
HTTP Mailcow 'admin.php' Admin Password Reset CSRF Vuln (To Server) S
HTTP Microsoft Edge - 'CssParserRecordProperty' Type Confusion S
HTTP Microsoft Edge 38.14393.1066.0 - 'textarea.defaultValue' Memory Disclosure S
HTTP Microsoft IE 11.0.9600.18617 - 'CMarkupDestroySplayTree' Memory Corruption S
HTTP Microsoft IE 11.1066.14393.0 - VBScript Arithmetic Functions Type Confusion S
HTTP Microsoft Internet Explorer - 'mshtml.dll' Remote Code Execution (MS17-007) S
HTTP Navetti PricePoint 4.6.0.0 - 'AddEdit' Cross Site Scripting S
HTTP Navetti PricePoint 4.6.0.0 - 'Quality105' parameter Cross Site Scripting S
HTTP Navetti PricePoint 4.6.0.0 - 'SaveGroup' Cross Site Scripting S
HTTP Navetti PricePoint 4.6.0.0 - 'searchString' SQL Injection S
HTTP Navetti PricePoint 4.6.0.0 - Cross Site Request Forgery S
HTTP NEC UNIVERGE UM4730 'index.php' SQL Injection Vuln S
HTTP NTFS 3.1 - Master File Table Denial of Service S
HTTP Oracle E-Business Suite 12.x - Server-Side Request Forgery S
HTTP OV3 Online Administration 3.0 - Remote Code Execution S
HTTP PaulShop CMS member's profile Cross Site Scripting Vuln S
HTTP PaulShop CMS member's profile Cross Site Scripting Vuln_1 S
HTTP PaulShop CMS member's profile Cross Site Scripting Vuln_10 S
HTTP PaulShop CMS member's profile Cross Site Scripting Vuln_11 S
HTTP PaulShop CMS member's profile Cross Site Scripting Vuln_2 S
HTTP PaulShop CMS member's profile Cross Site Scripting Vuln_3 S
HTTP PaulShop CMS member's profile Cross Site Scripting Vuln_4 S
HTTP PaulShop CMS member's profile Cross Site Scripting Vuln_5 S
HTTP PaulShop CMS member's profile Cross Site Scripting Vuln_6 S
HTTP PaulShop CMS member's profile Cross Site Scripting Vuln_7 S
HTTP PaulShop CMS member's profile Cross Site Scripting Vuln_8 S
HTTP PaulShop CMS member's profile Cross Site Scripting Vuln_9 S
HTTP PaulShop CMS member's profile SQL Injection Vuln S
HTTP PEGA Platform 'JavaBean viewer' Cross Site Scripting Vuln S
HTTP PEGA Platform 'MainPage' Cross Site Scripting Vuln S
HTTP PEGA Platform 'System database schema modification' Cross Site Scripting Vuln S
HTTP Pelco SarixSpectra Cameras CSRF (Add Admin) Vuln (From Server) S
HTTP Pelco SarixSpectra Cameras CSRF (Add Admin) Vuln (To Server) S
HTTP Pelco SarixSpectra Cameras CSRF (Enable SSH Root Access) Vuln (From Server) S
HTTP Pelco SarixSpectra Cameras CSRF (Enable SSH Root Access) Vuln (To Server) S
HTTP Peplink Balance Routers 'hasync.cg' Cross Site Scripting Vuln S
HTTP Piwigo Plugin Facetag 0.0.3 - Cross-Site Scripting S
HTTP Robert 'beneficiaires_actions.php' Cross Site Scripting Vuln S
HTTP Robert 'beneficiaires_actions.php' Cross Site Scripting Vuln_1 S
HTTP Robert 'beneficiaires_actions.php' Cross Site Scripting Vuln_2 S
HTTP Robert 'downloader.php' Directory Traversal Vuln S
HTTP Robert 'index.php' Cross Site Scripting Vuln S
HTTP Robert 'matos_actions.php' Cross Site Scripting Vuln S
HTTP Robert 'matos_actions.php' Cross Site Scripting Vuln_1 S
HTTP Robert 'matos_actions.php' Cross Site Scripting Vuln_2 S
HTTP Robert 'packs_actions.php' Cross Site Scripting Vuln S
HTTP Robert 'packs_actions.php' Cross Site Scripting Vuln_1 S
HTTP Robert 'packs_actions.php' Cross Site Scripting Vuln_2 S
HTTP Robert 'personnel_list_techniciens.php' Cross Site Scripting Vuln S
HTTP Robert 'plans_actions.php' Directory Traversal Vuln S
HTTP Robert 'plans_actions.php' SQL Injection Vuln S
HTTP Robert 'tekos_actions.php' Cross Site Scripting Vuln S
HTTP Robert 'tekos_actions.php' Cross Site Scripting Vuln_1 S
HTTP Robert 'tekos_actions.php' Cross Site Scripting Vuln_2 S
HTTP Robert 'tekos_actions.php' Cross Site Scripting Vuln_3 S
HTTP Robert 'tekos_actions.php' Cross Site Scripting Vuln_4 S
HTTP Robert 'tekos_actions.php' Cross Site Scripting Vuln_5 S
HTTP Robert 'tekos_actions.php' Cross Site Scripting Vuln_6 S
HTTP Robert 'user_actions.php' Change Admin Password CSRF Vuln (From Server) S
HTTP Robert 'user_actions.php' Change Admin Password CSRF Vuln (To Server) S
HTTP Robert 'user_actions.php' New Admin CSRF Vuln (From Server) S
HTTP Robert 'user_actions.php' New Admin CSRF Vuln (To Server) S
HTTP Server-U FTP Voyager Scheduler CSRF Vuln (From Server) S
HTTP Server-U FTP Voyager Scheduler CSRF Vuln (To Server) S
HTTP Server-U FTP Voyager Scheduler CSRF Vuln_1 (From Server) S
HTTP Server-U FTP Voyager Scheduler CSRF Vuln_1 (To Server) S
HTTP SOL.Connect ISET-mpp meter 'user' SQL Injection Vuln S
HTTP unrar 5.40 - 'VMSF_DELTA' Filter Arbitrary Memory Write S
HTTP VehicleWorkshop 'viewvehiclestoremore.php' SQL Injection Vuln S
HTTP VICIdial 2.9 RC 1 to 2.13 RC1 - user_authorization Unauthenticated RCE (Metasploit) S
HTTP WatchGuard XTMv 11.12 Build 516911 - User Management CSRF (From Server) S
HTTP WatchGuard XTMv 11.12 Build 516911 - User Management CSRF (To Server) S
HTTP WebKit - 'CachedFrameBaserestore' Universal Cross-Site Scripting S
HTTP WebKit - 'WebCoreAccessibilityNodeObjecttextUnderElement' Use-After-Free S
HTTP WebKit - 'WebCoreAccessibilityRenderObjecthandleAriaExpandedChanged' Use-After-Free S
HTTP WebKit - 'WebCoregetCachedWrapper' Use-After-Free S
HTTP WebKit - 'WebCoreInputTypeelement' Use-After-Free S
HTTP WebKit - 'WebCoreNodenextSibling' Use-After-Free S
HTTP WebKit - 'WebCoreRenderObject' with Accessibility Enabled Use-After-Free S
HTTP WebKit - 'WebCoreRenderSearchFieldaddSearchResult' Heap Buffer Overflow S
HTTP WebKit JSC - 'arrayProtoFuncSplice' Uninitialized Memory Reference S
HTTP WebKit JSC - 'DFGByteCodeParserflush(InlineStackEntry inlineStackEntry)' Incorr Handling S
HTTP WebKit JSC - 'JSObjectputInlineSlow and JSValueputToPrimitive' Universal XSS S
HTTP Wordpress Plugin BackWPup v3.4.1 - Unauthorised Information Disclosure S
HTTP WordPress Plugin Contact Form Manager 'admin.php' CSRF Vuln (From Server) S
HTTP WordPress Plugin Contact Form Manager 'admin.php' CSRF Vuln (To Server) S
HTTP WordPress Plugin Contact Form Manager 'admin.php' CSRF Vuln_1 (From Server) S
HTTP WordPress Plugin Contact Form Manager 'admin.php' CSRF Vuln_1 (To Server) S
HTTP WordPress Plugin Contact Form Manager 'admin.php' CSRF Vuln_2 (From Server) S
HTTP WordPress Plugin Contact Form Manager 'admin.php' CSRF Vuln_2 (To Server) S
HTTP WordPress Plugin Event List 'admin.php' SQL Injection Vuln S
HTTP WordPress Plugin Huge-IT Video Gallery 'admin.php' SQL Injection Vuln S
HTTP WordPress Plugin IBPS Online Exam 'admin.php' Cross Site Scripting Vuln S
HTTP WordPress Plugin IBPS Online Exam 'admin.php' SQL Injection Vuln S
HTTP WordPress Plugin WebDorado Gallery 'adminajax.php' SQL Injection Vuln S
Malware DNS Request for domain associated with CCleaner (ab1145b758c30.com) S
Malware DNS Request for domain associated with CCleaner (ab1abad1d0c2a.com) S
Malware DNS Request for domain associated with CCleaner (ab1c403220c27.com) S
Malware DNS Request for domain associated with CCleaner (ab2da3d400c20.com) S
Malware DNS Request for domain associated with CCleaner (ab3520430c23.com) S
Malware DNS Request for domain associated with CCleaner (ab3d685a0c37.com) S
Malware DNS Request for domain associated with CCleaner (ab6d54340c1a.com) S
Malware DNS Request for domain associated with CCleaner (ab70a139cc3a.com) S
Malware DNS Request for domain associated with CCleaner (ab890e964c34.com) S
Malware DNS Request for domain associated with CCleaner (ab8cee60c2d.com) S
Malware DNS Request for domain associated with CCleaner (aba9a949bc1d.com) S
Malware GET Request for Payload Related to Hancitor Malware (EAFGI.COM) S
Malware GET Request for Payload Related to Hancitor Malware (elefson.info) S
Malware GET Request for Payload Related to Hancitor Malware (elefsonhvac.biz) S
Malware GET Request for Payload Related to Hancitor Malware (TRUSTDEEDCAPITAL.NET) S
Malware GET Request for Payload Related to Hancitor Malware (TRUSTDEEDCAPITAL.ORG) S
Malware GET Request for Payload Related to Hancitor Malware (wpipm.org) S


idappcom - Auditing, verifying and enhancing the capabilities of corporate security defences.

We do not use cookies for tracking users, displaying customised content or storing information about users, other than that required to maintain 'session state' for the login system for registered users. Please read our cookie policy for more information. Please note that by using this site you are consenting to the use of cookies.