Search

Traffic File Update - March 2017

This Traffic IQ Professional update for March 2017 contains the latest application exploits, threats and security evasion techniques along with technical data and high quality security rules.

Traffic IQ Professional

Traffic File Update for March 2017

197 Application Exploits

HTTP Alstrasoft e-Friends 'index.php' SQL Injection Vulnerability S
HTTP Alstrasoft e-Friends 'index.php' SQL Injection Vulnerability_1 S
HTTP Alstrasoft e-Friends 'index.php' SQL Injection Vulnerability_2 S
HTTP Alstrasoft EPay Enterprise 'products.htm' SQL Injection Vulnerability S
HTTP Alstrasoft EPay Enterprise 'subscriptions.htm' SQL Injection Vulnerability S
HTTP Alstrasoft EPay Enterprise 'userinfo.htm' SQL Injection Vulnerability S
HTTP Alstrasoft FMyLife Pro CSRF Vulnerability (From Server) S
HTTP Alstrasoft FMyLife Pro CSRF Vulnerability (To Server) S
HTTP Alstrasoft Template Seller Pro 3.25e - 'tempid' Parameter SQL Injection S
HTTP Alstrasoft Video Share Enterprise 'album.php' SQL Injection Vulnerability S
HTTP Alstrasoft Video Share Enterprise 'channel_detail.php' SQL Injection Vulnerability S
HTTP Alstrasoft Video Share Enterprise 'gmembers.php' SQL Injection Vulnerability S
HTTP Alstrasoft Video Share Enterprise 'uprofile.php' SQL Injection Vulnerability S
HTTP Apache ActiveMQ 5.11.1 5.13.2 Command Execution S
HTTP Apache ActiveMQ 5.11.1 5.13.2 Directory Traversal S
HTTP Apache Struts 2.3.5 2.3.31 - 2.5 2.5.10 - Remote Code Execution S
HTTP Apache Struts CVE-2017-5638 'Content-Type' Command Execution Vulnerability S
HTTP Apache Struts CVE-2017-5638 'Content-Type' Command Execution Vulnerability_1 S
HTTP Artifectx Takas Classified 'index.php' SQL Injection Vulnerability S
HTTP Artifectx Takas Classified 'index.php' SQL Injection Vulnerability_1 S
HTTP Artifectx Takas Classified 'index.php' SQL Injection Vulnerability_2 S
HTTP Artifectx Takas Classified 'index.php' SQL Injection Vulnerability_3 S
HTTP Artifectx Takas Classified 'index.php' SQL Injection Vulnerability_4 S
HTTP Artifectx Takas Classified 'index.php' SQL Injection Vulnerability_5 S
HTTP ASUSWRT RT-AC53 (3.0.0.4.380.6038) - Reboot Command Execution S
HTTP ASUSWRT RT-AC53 (3.0.0.4.380.6038) - Syslog Information Disclosure S
HTTP Atlassian Confluence 'doeditattachment.action' Cross Site Scripting Vulnerability S
HTTP Atlassian JIRA CVE-2016-6285 Cross Site Scripting Vulnerabiliy S
HTTP Automated Job Portal Script 'jobdetail.php' SQL Injection Vulnerability S
HTTP Automated Job Portal Script 'search.php' SQL Injection Vulnerability S
HTTP Automated Job Portal Script 'search.php' SQL Injection Vulnerability_1 S
HTTP Blackboard LMS 'profile.form' Cross Site Scripting Vulnerability S
HTTP BullIBM AIX ClusterwatchWatchware - Remote Command Execution S
HTTP BullIBM AIX ClusterwatchWatchware - Shellcode Upload S
HTTP Cerberus FTP Server 8.0.10.1 - Denial of Service S
HTTP Chrome Blink SpeechRecognitionController Use-After-Free S
HTTP CmsLite Creative Management System SQL injection Vulnerability S
HTTP codecanyon Viavi Product Review 'category.php' SQL Injection Vulnerability S
HTTP CodePaul ClipMass Video Portal Site 'search' SQL Injection Vulnerability S
HTTP codePaul Uploadr 'download' SQL Injection Vulnerability S
HTTP Disk Pulse Enterprise 9.1.16 Buffer Overflow S
HTTP Disk Savvy Enterprise 9.1.14 - 'GET' Buffer Overflow S
HTTP Disk Savvy Enterprise 9.1.14 Buffer Overflow S
HTTP Disk Sorter Enterprise 9.1.12 Buffer Overflow S
HTTP dnaLIMS DNA Sequencing - 'navUserName' Cross Site Scripting S
HTTP dnaLIMS DNA Sequencing - 'viewAppletFsa.cgi' Cross Site Scripting S
HTTP dnaLIMS DNA Sequencing - Directory Traversal S
HTTP dnaLIMS DNA Sequencing - Password File Information Disclosure S
HTTP dnaLIMS DNA Sequencing - Remote Command Execution S
HTTP dnaLIMS DNA Sequencing - System Information Disclosure S
HTTP Domains & Hostings Manager PRO 'edit.php' SQL Injection Vulnerability S
HTTP Domains & Hostings Manager PRO 'list.php' SQL Injection Vulnerability S
HTTP Dup Scout Enterprise 9.1.14 Buffer Overflow S
HTTP Easy Support Tools 'blog.php' SQL Injection Vulnerability S
HTTP Easy Support Tools 'faq.php' SQL Injection Vulnerability S
HTTP Easy Support Tools 'support.php' SQL Injection Vulnerability S
HTTP Easy Web Search 'all.php' SQL Injection Vulnerability S
HTTP Easy Web Search 'go.php' SQL Injection Vulnerability S
HTTP EasyCom For PHP 4.0.0 - Denial of Service S
HTTP Evostream Media Server 1.7.1 (x64) - Denial of Service S
HTTP Examplo 'index.php' SQL Injection Vulnerability S
HTTP Examplo 'index.php' SQL Injection Vulnerability_1 S
HTTP Fiyo CMS 2.0.6.1 - Privilege Escalation S
HTTP Flippa Clone MarketPlace Script 'subadminadd.php' CSRF Vulnerability (From Server) S
HTTP Flippa Clone MarketPlace Script 'subadminadd.php' CSRF Vulnerability (To Server) S
HTTP Flippy DamnFacts Viral Fun Facts Sharing Script 'fact.php' SQL Injection Vulnerability S
HTTP Forum Pay Per Post Exchange Script 'index.php' SQL Injection Vulnerability S
HTTP Funny Image and Video Script 'post.php' SQL Injection Vulnerability S
HTTP GOM Player 2.3.10.5266 - '.fpx' Denial of Service S
HTTP Google Chrome - 'layout' Out-of-Bounds Read S
HTTP HelpDeskZ 1.0.2 - Authenticated SQL Injection S
HTTP Hindu Matrimonial Script - 'cms.php' Authentication Bypass S
HTTP Hindu Matrimonial Script - 'communitymanagement.php' Authentication Bypass S
HTTP Hindu Matrimonial Script - 'countrymanagement.php' Authentication Bypass S
HTTP Hindu Matrimonial Script - 'generalsettings.php' Authentication Bypass S
HTTP Hindu Matrimonial Script - 'newsletter1.php' Authentication Bypass S
HTTP Hindu Matrimonial Script - 'payment.php' Authentication Bypass S
HTTP Hindu Matrimonial Script - 'renewaldue.php' Authentication Bypass S
HTTP Hindu Matrimonial Script - 'searchview.php' Authentication Bypass S
HTTP Hindu Matrimonial Script - 'success_story.php' Authentication Bypass S
HTTP Hindu Matrimonial Script - 'usermanagement.php' Authentication Bypass S
HTTP Infoblox Network Automation CVE-2016-6484 HTTP Response Splitting Vulnerability S
HTTP IPS Community Suite 4.1.12.3 - PHP Code Injection S
HTTP iTechScripts Job Portal Script 'career_advice_details.php' SQL Injection Vulnerability S
HTTP iTechScripts Job Portal Script 'news_details_us.php' SQL Injection Vulnerability S
HTTP iTechScripts Job Portal Script 'search_result_alluser.php' XSS Vulnerability S
HTTP iTechScripts Job Portal Script 'search_result_alluser.php' XSS Vulnerability_1 S
HTTP iTechScripts Job Portal Script 'search_result_alluser.php' XSS Vulnerability_2 S
HTTP iTechScripts Job Portal Script 'search_result_alluser.php' XSS Vulnerability_3 S
HTTP iTechScripts Job Portal Script 'search_result_alluser.php' XSS Vulnerability_4 S
HTTP iTechScripts Travel Portal Script 'content.php' SQL Injection Vulnerability S
HTTP iTechScripts Travel Portal Script 'showCity.php' SQL Injection Vulnerability S
HTTP Joomla! Component JTAG Calendar SQL Injection Vulnerability S
HTTP Joomla! Component onisMusic 'index.php' SQL Injection Vulnerability S
HTTP Joomla! Component Soccer Bet 'index.php' SQL Injection Vulnerability S
HTTP Joomla! Component Sponsor Wall 'index.php' SQL Injection Vulnerability S
HTTP Joomla! Component Vik Booking 'index.php' SQL Injection Vulnerability S
HTTP Maian Weblog 'second-blog.html' SQL Injection Vulnerability S
HTTP ManageEngine ADManager Plus 6.5.40 - 'action' Cross Site Scripting S
HTTP ManageEngine ADManager Plus 6.5.40 - 'attrColName' SQL Injection S
HTTP ManageEngine ADManager Plus 6.5.40 - 'attrTabName' SQL Injection S
HTTP ManageEngine ADManager Plus 6.5.40 - 'HDTTemplates.do' Cross Site Scripting S
HTTP ManageEngine ADManager Plus 6.5.40 - 'ObjectProperties.do' Cross Site Scripting S
HTTP MC Hosting Coupons Script 'setting.php' CSRF Vulnerability (From Server) S
HTTP MC Hosting Coupons Script 'setting.php' CSRF Vulnerability (To Server) S
HTTP Meme Maker Script 2.1 - 'user' Parameter SQL Injection S
HTTP Microsoft Edge - 'Array.splice' Heap Overflow S
HTTP Microsoft Excel Starter 2010 XXE Injection S
HTTP Microsoft IE 8-9 MSHTML SRunPointerSpanQualifierRunType Out-Of-Bounds Read S
HTTP Microsoft IE11 - MSHTML CSpliceTreeEngineRemoveSplice Use-After-Free (MS14-035) S
HTTP Microsoft Internet Explorer 9 MSHTML CDispNodeInsertSiblingNode Use-After-Free S
HTTP Microsoft Internet Explorer MSHTML CDispNodeInsertSiblingNode Use-After-Free S
HTTP Multilanguage Estate Agency Pro 'property_show.php' SQL injection Vulnerability S
HTTP Muviko Video CMS 'category.php' SQL Injection Vulnerability S
HTTP Muviko Video CMS 'search.php' SQL Injection Vulnerability S
HTTP MySQL Blob Uploader 'download.php' SQL Injection Vulnerability S
HTTP MySQL Blob Uploader 'download.php' SQL Injection Vulnerability_1 S
HTTP NetGain Enterprise Manager 7.2.562 - 'Ping' Command Injection S
HTTP NETGEAR DGN2200v1v2v3v4 - 'dnslookup.cgi' Remote Command Execution S
HTTP NETGEAR DGN2200v1v2v3v4 - 'ping.cgi' Remote Command Execution S
HTTP NETGEAR DGN2200v1v2v3v4 - Cross-Site Request Forgery (From Server) S
HTTP NETGEAR DGN2200v1v2v3v4 - Cross-Site Request Forgery (To Server) S
HTTP NewsBee CMS SQL Injection Vulnerability S
HTTP NewsBee Fully Featured News CMS 'video.php' SQL Injection Vulnerability S
HTTP NUUO NVRmini 2 3.0.8 - Remote Code Execution (Shellshock) S
HTTP Osticket 1.9.14 - 'X-Forwarded-For' Cross-Site Scripting S
HTTP PHP Form Zigaform SQL Injection Vulnerability S
HTTP phpMyAdmin 4.6.2 - Authenticated Remote Code Execution S
HTTP Property Listing Script 'property_view.php' SQL Injection Vulnerability S
HTTP QNAP - Admin Shell via Bash Environment Variable Code Injection S
HTTP Rage Faces Script 1.3 - 'create.php' SQL Injection S
HTTP Rage Faces Script 1.3 - 'face.php' SQL Injection S
HTTP REXBD CLUB-8 EMS 'editwatch.php' SQL Injection Vulnerability S
HTTP SlimarUSER Management 'inbox.php' SQL Injection Vulnerability S
HTTP SOA School Management 'document.php' SQL Injection Vulnerability S
HTTP SonicDICOM PACS 'providers API' Cross Site Scripting Vulnerability (From Server) S
HTTP SonicDICOM PACS 'providers API' Cross Site Scripting Vulnerability (To Server) S
HTTP SonicDICOM PACS 'sendsettings API' Cross Site Scripting Vulnerability (From Server) S
HTTP SonicDICOM PACS 'sendsettings API' Cross Site Scripting Vulnerability (To Server) S
HTTP SonicDICOM PACS 'settings API' Cross Site Scripting Vulnerability (From Server) S
HTTP SonicDICOM PACS 'settings API' Cross Site Scripting Vulnerability (To Server) S
HTTP Splunk 6.1.1 - 'Referer' Header Cross-Site Scripting S
HTTP SugarCRM 6.5.18 - PHP Code Injection S
HTTP Symantec Endpoint Protection Manager Authentication Bypass and Code Execution S
HTTP Synchronet BBS 3.16c - Denial of Service S
HTTP ThisIsWhyImBroke Clone Script 'listing.php' SQL Injection Vulnerability S
HTTP Tiki-Wiki CMS Calendar 14.2, 12.5 LTS, 9.11 LTS, and 6.15 - Remote Code Execution S
HTTP TM RG4332 Wireless Router Directory Traversal Vulnerability S
HTTP Ultimate Viral Media Script 'picture.php' SQL Injection Vulnerability S
HTTP Upworthy Clone Script 'post.php' SQL Injection Vulnerability S
HTTP Visual Link Sharing Websites Builder Script 'cat.php' SQL Injection Vulnerability S
HTTP Visual Link Sharing Websites Builder Script 'profile.php' SQL Injection Vulnerability S
HTTP Visual Link Sharing Websites Builder Script 'user_posts.php' SQL Injection Vulnerability S
HTTP VT Creators Gram Post 'index.php' SQL Injection Vulnerability S
HTTP VT Creators Youtube Analytics Multi Channel 'index.php' SQL Injection Vulnerability S
HTTP Web Inspiration Gallery Script 'site.php' SQL Injection Vulnerability S
HTTP Web interface for DNSmasq Mikrotik - SQL Injection S
HTTP webhelios WhizBiz 'index.php' SQL Injection Vulnerability S
HTTP Windows Media Center 6.1.7600 XXE Injection S
HTTP Windows System Information 6.1.7601 XXE Injection S
HTTP WordPress Plugin Private Messages SQL Injection Vulnerability (From Server) S
HTTP WordPress Plugin Private Messages SQL Injection Vulnerability (To Server) S
HTTP xandr QWIKIA 'search' SQL Injection Vulnerability S
HTTP Ynet Interactive Fome SMS Portal 'compose.php' SQL Injection Vulnerability S
HTTP Ynet Interactive Fome SMS Portal 'compose.php' SQL Injection Vulnerability_1 S
HTTP Ynet Interactive MobIketa 'index.php' SQL Injection Vulnerability S
HTTP Ynet Interactive MobIketa 'index.php' SQL Injection Vulnerability_1 S
HTTP Ynet Interactive Sendroid 'compose.php' SQL Injection Vulnerability S
HTTP ZoneMinder 'index.php' Cross Site Request Forgery Vulnerability (From Server) S
HTTP ZoneMinder 'index.php' Cross Site Request Forgery Vulnerability (To Server) S
HTTP ZoneMinder 'index.php' Cross Site Scripting Vulnerability S
HTTP ZoneMinder 'index.php' Cross Site Scripting Vulnerability_1 S
HTTP ZoneMinder 'index.php' SQL injection Vulnerability S
Malware DNS Request to Server Connected to Dridex Campaign (kapil.50webs.com) S
Malware DNS Request to Server Connected to Dridex Campaign (mkcslava.ru) S
Malware DNS Request to Server Connected to Dridex Campaign (newohioreview.com) S
Malware DNS Request to Server Connected to Dridex Campaign (omurongen.com) S
Malware DNS Request to Server Connected to Dridex Campaign (pk10kaijiang.com) S
Malware DNS Request to Server Connected to Dridex Campaign (roylgrafix.com) S
Malware DNS Request to Server Connected to Dridex Campaign (signwaves.net) S
Malware DNS Request to Server Connected to Dridex Campaign (testsite.prosun.com) S
Malware DNS Request to Server Connected to Dridex Campaign (trumppsdetroit.com) S
Malware DNS Request to Server Connected to Dridex Campaign (ww.visual.hu) S
Malware DNS Request to Server Connected to Dridex Campaign (www.yuechiwang.com) S
Malware GET Request to Server Connected to Dridex Campaign (kapil.50webs.com) S
Malware GET Request to Server Connected to Dridex Campaign (mkcslava.ru) S
Malware GET Request to Server Connected to Dridex Campaign (newohioreview.com) S
Malware GET Request to Server Connected to Dridex Campaign (omurongen.com) S
Malware GET Request to Server Connected to Dridex Campaign (pk10kaijiang.com) S
Malware GET Request to Server Connected to Dridex Campaign (roylgrafix.com) S
Malware GET Request to Server Connected to Dridex Campaign (signwaves.net) S
Malware GET Request to Server Connected to Dridex Campaign (testsite.prosun.com) S
Malware GET Request to Server Connected to Dridex Campaign (trumppsdetroit.com) S
Malware GET Request to Server Connected to Dridex Campaign (ww.visual.hu) S
Malware GET Request to Server Connected to Dridex Campaign (www.yuechiwang.com) S
Malware Infection Delivered by Dridex Malspam S
MobaXterm Personal Edition 9.4 - Directory Traversal S


idappcom - Auditing, verifying and enhancing the capabilities of corporate security defences.

We do not use cookies for tracking users, displaying customised content or storing information about users, other than that required to maintain 'session state' for the login system for registered users. Please read our cookie policy for more information. Please note that by using this site you are consenting to the use of cookies.