Search

Traffic File Update - January 2017

This Traffic IQ Professional update for January 2017 contains the latest application exploits, threats and security evasion techniques along with technical data and high quality security rules.

Traffic IQ Professional

Traffic File Update for January 2017

180 Application Exploits

HTTP 4Images 'validateimages.php' SQL Injection Vulnerability S
HTTP Adobe Flash Player 24.0.0.186 - 'ActionGetURL2' Out-of-Bounds Memory Corruption S
HTTP b2evolution 6.8.2 - Arbitrary File Upload S
HTTP BoZoN 2.4 - Add User Account CSRF S
HTTP BoZoN 2.4 - Remote Code Execution S
HTTP chatNow - 'login.php' Cross Site Scripting Vulnerability S
HTTP chatNow - 'send_message.php' CSRF Vulnerability (From Server) S
HTTP chatNow - 'send_message.php' CSRF Vulnerability (To Server) S
HTTP Check Box 2016 Q2 Survey - Direct Object Reference S
HTTP Check Box 2016 Q2 Survey - Directory Traversal Vulnerability S
HTTP Check Box 2016 Q2 Survey - Open Redirection S
HTTP CodoForum 'index.php' SQL Injection Vulnerability S
HTTP Compal CH7465LG-LC ModemRouter CH7465LG-NCIP-4.50.18.13-NOSH - 'Ping_Size' Cmd Injection S
HTTP Compal CH7465LG-LC ModemRouter CH7465LG-NCIP-4.50.18.13-NOSH - DoS S
HTTP ConQuest DICOM Server 1.4.17d - Stack Buffer Overflow S
HTTP CumulusClips 2.4.1 - 'description' Cross Site Scripting S
HTTP CumulusClips 2.4.1 - 'tags' Cross Site Scripting S
HTTP CumulusClips 2.4.1 - 'title' Cross Site Scripting S
HTTP CumulusClips 2.4.1 - Add Admin CSRF (From Server) S
HTTP CumulusClips 2.4.1 - Add Admin CSRF (To Server) S
HTTP DCMTK 3.6.0 storescp - Stack Buffer Overflow S
HTTP Dell SonicWALL Global Management System GMS SQL Injection Vulnerability S
HTTP Dell SonicWALL Global Management System GMS SQL Injection Vulnerability_1 S
HTTP Dell SonicWALL Global Management System GMS SQL Injection Vulnerability_2 S
HTTP Dell SonicWALL Global Management System GMS SQL Injection Vulnerability_3 S
HTTP Dell SonicWALL Secure Mobile Access SMA Cross Site Scripting Vulnerability S
HTTP Dell SonicWALL Secure Mobile Access SMA Cross Site Scripting Vulnerability_1 S
HTTP Dell SonicWALL Secure Mobile Access SMA Cross Site Scripting Vulnerability_2 S
HTTP DirectAdmin 1.50.1 - Denial of Service S
HTTP dirLIST 0.3.0 - Arbitrary File Upload S
HTTP DiskBoss Enterprise 7.5.12 - 'POST' Buffer Overflow (SEH) S
HTTP Dual DHCP DNS Server 7.29 - Denial of Service S
HTTP Dup Scout Enterprise 9.1.14 - Buffer Overflow (SEH) S
HTTP Friends in War Make or Break 'index.php' SQL Injection Vulnerability S
HTTP Friends in War My Link Trader 'out.php' SQL Injection Vulnerability S
HTTP Friends in War Starting Page 'category' SQL Injection Vulnerability S
HTTP Friends in War Starting Page 'description' SQL Injection Vulnerability S
HTTP Friends in War Starting Page 'email' SQL Injection Vulnerability S
HTTP Friends in War Starting Page 'name' SQL Injection Vulnerability S
HTTP Friends in War Starting Page 'outing.php' SQL Injection Vulnerability S
HTTP Friends in War Starting Page 'url' SQL Injection Vulnerability S
HTTP Gstreamer 0.10.x Logic Error S
HTTP Horos 2.1.0 DICOM Medical Image Viewer - Denial of Service S
HTTP Horos 2.1.0 Web Portal - Directory Traversal S
HTTP i-Netsolution B2B Portal Script 'view-product.php' SQL Injection Vulnerability S
HTTP i-Netsolution PHP Classifieds Rental Script SQL Injection Vulnerability S
HTTP Inout CareerLamp 1.0 Script - 'accountactivity' Improper Access Restrictions S
HTTP Inout CareerLamp 1.0 Script - 'js_registration_showgraph' Improper Access Restrictions S
HTTP Inout CareerLamp 1.0 Script - 'js_showgraph' Improper Access Restrictions S
HTTP Inout Celebrities 1.0 Script - 'addrsssettings' Improper Access Restrictions S
HTTP Inout Celebrities 1.0 Script - 'managersssettings' Improper Access Restrictions S
HTTP Inout QuerySpace 1.0 Script - 'search' Improper Access Restrictions S
HTTP Inout Search Engine Ultimate Edition 7-8 Script - 'manage_suggestion' Improper Access S
HTTP Inout Search Engine Ultimate Edition 7.0 8.0 Script - 'add' Improper Access Restrictions S
HTTP Inout Search Engine Ultimate Edition 7.0 8.0 Script - 'manage' Improper Access S
HTTP Inout Search Engine Ultimate Edition 7.0 8.0 Script - 'managesettings' Improper Access S
HTTP Inout SmartDeal 1.0 Script - 'addbank' Improper Access Restrictions S
HTTP Inout SmartDeal 1.0 Script - 'addcountry' Improper Access Restrictions S
HTTP Inout SmartDeal 1.0 Script - 'changepassword' Improper Access Restrictions S
HTTP Inout SocialTiles 2.0 Script - 'newad' Improper Access Restrictions S
HTTP Inout SocialTiles 2.0 Script - 'statussettings' Improper Access Restrictions S
HTTP iTechScripts Business Networking 'home.php' Cross Site Scripting Vulnerability S
HTTP iTechScripts Business Networking 'show_group_members.php' SQL Injection Vulnerability S
HTTP iTechScripts Dating Script 'see_more_details.php' SQL Injection Vulnerability S
HTTP iTechScripts Image Sharing Script 'categorypage.php' Cross Site Scripting Vulnerability S
HTTP iTechScripts Image Sharing Script 'postComment.php' Cross Site Scripting Vulnerability S
HTTP iTechScripts Image Sharing Script 'searchpin.php' Cross Site Scripting Vulnerability S
HTTP iTechScripts Image Sharing Script SQL Injection Vulnerability S
HTTP iTechScripts Image Sharing Script SQL Injection Vulnerability_1 S
HTTP iTechScripts Image Sharing Script SQL Injection Vulnerability_2 S
HTTP iTechScripts Image Sharing Script SQL Injection Vulnerability_3 S
HTTP iTechScripts Movie Portal Script 'artist.php' SQL Injection Vulnerability S
HTTP iTechScripts Movie Portal Script 'movie.php' SQL Injection Vulnerability S
HTTP iTechScripts School Management Software 'notice edit.php' SQL Injection Vulnerability S
HTTP iTechScripts Travel Portal Script 'holiday.php' SQL Injection Vulnerability S
HTTP iTechScripts Travel Portal Script 'hotel.php' SQL Injection Vulnerability S
HTTP iTechScripts Travel Portal Script 'pages.php' SQL Injection Vulnerability S
HTTP Joomla! Component aWeb Cart Watching System for Virtuemart SQL Injection Vulnerability S
HTTP Joomla! Component Blog Calendar - 'index.php' SQL Injection Vulnerability S
HTTP LEPTON 2.2.2 - Remote Code Execution S
HTTP MC Buy and Sell Cars Script 'car.php' SQL Injection Vulnerability S
HTTP MC Buy and Sell Cars Script 'car.php' SQL Injection Vulnerability_1 S
HTTP MC Buy and Sell Cars Script 'category.php' SQL Injection Vulnerability S
HTTP MC Documentation Creator Script 'dashbaord.php' SQL Injection Vulnerability S
HTTP MC Documentation Creator Script 'dashbaord.php' SQL Injection Vulnerability_1 S
HTTP MC Smart Shop Script 'category.php' SQL Injection Vulnerability S
HTTP MC Smart Shop Script 'category.php' SQL Injection Vulnerability_1 S
HTTP MC Smart Shop Script 'product.php' SQL Injection Vulnerability S
HTTP MC Yellow Pages Script 'category.php' SQL Injection Vulnerability S
HTTP MC Yellow Pages Script 'details.php' SQL Injection Vulnerability S
HTTP MESSOA IP Cameras (Multiple Models) - Unauthenticated Password Change S
HTTP Microsoft Edge (Windows 10) - 'chakra.dll' Info Leak Type Confusion RCE S
HTTP Microsoft Edge - Internationalization Initialization Type Confusion (MS16-144) S
HTTP Microsoft Edge CVE-2016-7286 Remote Memory Corruption Vulnerability S
HTTP Microsoft Internet Explorer 9 - IEFRAME CMarkupPointer - Move-To-Gap Use-After-Free S
HTTP Microsoft Internet Explorer 9 - IEFRAME CView - EnsureSize Use-After-Free (MS13-021) S
HTTP Mozilla Firefox 50.1.0 - Use-After-Free S
HTTP My PHP Dating 'view_image.php' SQL Injection Vulnerability S
HTTP My PHP Dating 'view_profile.php' SQL Injection Vulnerability S
HTTP Nagios Log Server 1.4.1 - Security Bypass S
HTTP Netgear R7000 Command Injection S
HTTP nGrinder 'description' Cross Site Scripting Vulnerability S
HTTP nGrinder 'email' Cross Site Scripting Vulnerability S
HTTP nGrinder 'username' Cross Site Scripting Vulnerability S
HTTP NodCMS - PHP Code Execution (From Server) S
HTTP NodCMS - PHP Code Execution (To Server) S
HTTP NUUO NVRmini 2 3.0.8 - 'address' OS Command Injection S
HTTP NUUO NVRmini 2 3.0.8 - 'bfile' OS Command Injection S
HTTP NUUO NVRmini 2 3.0.8 - 'devname' OS Command Injection S
HTTP OpenExpert 'expert_wizard.php' SQL Injection Vulnerability S
HTTP Orthanc DICOM Server 1.1.0 - Memory Corruption S
HTTP OsiriX DICOM Viewer 8.0.1 - Memory Corruption S
HTTP Peplink NGxxxLCxxx VPN-Firewall Open Redirect S
HTTP PHPMailer 5.2.18 - Remote Code Execution (Bash) S
HTTP PHPMailer 5.2.18 - Remote Code Execution (Python) S
HTTP PHPMailer 5.2.20 - Remote Code Execution S
HTTP Pirelli DRG A115 ADSL Router - Unauthenticated DNS Change S
HTTP Professional Service Booking Script 'best_pro_details.php' SQL Injection Vulnerability S
HTTP Professional Service Booking Script 'content.php' SQL Injection Vulnerability S
HTTP Puppet Enterprise CVE-2016-5715 Incomplete Fix Open Redirection Vulnerability S
HTTP Rapid PHP Editor 14.1 - Remote Command Execution (From Server) S
HTTP Rapid PHP Editor 14.1 - Remote Command Execution (To Server) S
HTTP SAP Solman Information Disclosure Vulnerability S
HTTP SAP xMII 'title' Cross Site Scripting Vulnerability S
HTTP School Full CBT 'show.php' SQL Injection Vulnerability S
HTTP Serva 3.0.0 HTTP Server Denial Of Service S
HTTP Simple Dynamic Web 'page.php' SQL Injection Vulnerability S
HTTP Smart Guard Network Manager - 'search_all_history.php' SQL Injection Vulnerability S
HTTP Tenda ADSL22+ Modem D840R - Unauthenticated DNS Change S
HTTP TP-LINK TD-W8151N - Denial of Service S
HTTP UCanCode Remote Code Execution Denial Of Service S
HTTP Web Based Alumni Tracking System 'index.php' SQL Injection Vulnerability S
HTTP WHMCS Addon VMPanel 'index.php' SQL Injection Vulnerability S
HTTP WordPress Plugin Multisite Post Duplicator 'tools.php' CSRF Vulnerability (From Server) S
HTTP WordPress Plugin Multisite Post Duplicator 'tools.php' CSRF Vulnerability (To Server) S
HTTP WordPress Plugin Private Messages 'wpu_private_messages.php' SQL Injection Vulnerability S
HTTP WordPress Plugin Quiz And Survey Master 'admin.php' CSRF Vulnerability (From Server) S
HTTP WordPress Plugin Quiz And Survey Master 'admin.php' CSRF Vulnerability (To Server) S
HTTP WordPress Plugin Responsive Ticket System SQL Injection Vulnerability (From Server) S
HTTP WordPress Plugin Responsive Ticket System SQL Injection Vulnerability (To Server) S
HTTP WordPress Plugin Simply Poll - 'admin-ajax.php' SQL Injection Vulnerability S
HTTP WordPress Plugin Ultimate Product Catalog 'id' SQL Injection Vulnerability S
HTTP Xfinity Gateway - 'ajaxSet_add_blockedSite.php' CSRF Vulnerability (From Server) S
HTTP Xfinity Gateway - 'ajaxSet_add_blockedSite.php' CSRF Vulnerability (To Server) S
HTTP Xfinity Gateway - 'ajaxSet_add_blockedSite.php' CSRF Vulnerability_1 (From Server) S
HTTP Xfinity Gateway - 'ajaxSet_add_blockedSite.php' CSRF Vulnerability_1 (To Server) S
HTTP Xfinity Gateway - 'ajaxSet_enable_manageSite.php' CSRF Vulnerability (From Server) S
HTTP Xfinity Gateway - 'ajaxSet_enable_manageSite.php' CSRF Vulnerability (To Server) S
HTTP Xfinity Gateway - 'ajaxSet_firewall_config.php' CSRF Vulnerability (From Server) S
HTTP Xfinity Gateway - 'ajaxSet_firewall_config.php' CSRF Vulnerability (To Server) S
HTTP Xfinity Gateway - 'ajaxSet_remove_blockedSite.php' CSRF Vulnerability (From Server) S
HTTP Xfinity Gateway - 'ajaxSet_remove_blockedSite.php' CSRF Vulnerability (To Server) S
HTTP Xfinity Gateway - 'ajaxSet_trust_computer.php' CSRF Vulnerability (From Server) S
HTTP Xfinity Gateway - 'ajaxSet_trust_computer.php' CSRF Vulnerability (To Server) S
HTTP Xfinity Gateway - 'ajax_managed_devices.php' CSRF Vulnerability S
HTTP Xfinity Gateway - 'ajax_managed_devices.php' CSRF Vulnerability_1 (From Server) S
HTTP Xfinity Gateway - 'ajax_managed_devices.php' CSRF Vulnerability_1 (To Server) S
HTTP Xfinity Gateway - 'ajax_managed_devices.php' CSRF Vulnerability_2 (From Server) S
HTTP Xfinity Gateway - 'ajax_managed_devices.php' CSRF Vulnerability_2 (To Server) S
HTTP Xfinity Gateway - 'ajax_managed_services.php' CSRF Vulnerability (From Server) S
HTTP Xfinity Gateway - 'ajax_managed_services.php' CSRF Vulnerability (To Server) S
HTTP Xfinity Gateway - 'ajax_managed_services.php' CSRF Vulnerability_1 S
HTTP Xfinity Gateway - 'ajax_managed_services.php' CSRF Vulnerability_2 (From Server) S
HTTP Xfinity Gateway - 'ajax_managed_services.php' CSRF Vulnerability_2 (To Server) S
HTTP Xfinity Gateway - 'ajax_port_forwarding.php' CSRF Vulnerability (From Server) S
HTTP Xfinity Gateway - 'ajax_port_forwarding.php' CSRF Vulnerability (To Server) S
HTTP Xfinity Gateway - 'ajax_port_forwarding.php' CSRF Vulnerability_1 S
HTTP Xfinity Gateway - 'ajax_port_forwarding.php' CSRF Vulnerability_2 (From Server) S
HTTP Xfinity Gateway - 'ajax_port_forwarding.php' CSRF Vulnerability_2 (To Server) S
HTTP Xfinity Gateway - 'ajax_port_forwarding.php' CSRF Vulnerability_3 (From Server) S
HTTP Xfinity Gateway - 'ajax_port_forwarding.php' CSRF Vulnerability_3 (To Server) S
HTTP Xfinity Gateway - 'ajax_remote_management.php' CSRF Vulnerability (From Server) S
HTTP Xfinity Gateway - 'ajax_remote_management.php' CSRF Vulnerability (To Server) S
HTTP Zeroshell 3.6.03.7.0 Net Services - 'type' GET Remote Code Execution S
HTTP Zeroshell 3.6.03.7.0 Net Services - 'user' GET Remote Code Execution S
HTTP Zeroshell 3.6.03.7.0 Net Services - 'user' POST Remote Code Execution S
HTTP Zeroshell 3.6.03.7.0 Net Services - 'x509type' GET Remote Code Execution S
NTP 4.2.8p3 Denial Of Service S
SapLPD 7.40 - Denial of Service S
WinaXe Plus 8.7 - Buffer Overflow S


idappcom - Auditing, verifying and enhancing the capabilities of corporate security defences.

We do not use cookies for tracking users, displaying customised content or storing information about users, other than that required to maintain 'session state' for the login system for registered users. Please read our cookie policy for more information. Please note that by using this site you are consenting to the use of cookies.