Search

Traffic File Update - May 2017

This Traffic IQ Professional update for May 2017 contains the latest application exploits, threats and security evasion techniques along with technical data and high quality security rules.

Traffic IQ Professional

Traffic File Update for May 2017

167 Application Exploits

FTP PCMan FTP Server 2.0.7 - 'PORT' Command Buffer Overflow S
HTTP Adult Tube Video Script 'search.php' SQL Injection Vulnerability S
HTTP Adult Tube Video Script 'single-video.php' SQL Injection Vulnerability S
HTTP agorum core Pro 7.8.1.4-251 - Cross-Site Request Forgery (From Server) S
HTTP agorum core Pro 7.8.1.4-251 - Cross-Site Request Forgery (To Server) S
HTTP Apache Tomcat 6789 - Information Disclosure S
HTTP Apache Tomcat 6789 - Information Disclosure_1 S
HTTP Apple Safari - 'DateTimeFormat.format' Type Confusion S
HTTP Apple Safari - Array concat Memory Corruption S
HTTP Apple Safari - Builtin JavaScript Allows Function.caller to be Used in Strict Mode S
HTTP Apple Safari - Out-of-Bounds Read when Calling Bound Function S
HTTP Apple Webkit - 'JSCallbackData' Universal Cross-Site Scripting S
HTTP Apple Webkit - Universal XSS by Accessing a Named Property from an Unloaded Window S
HTTP Apple WebKit 10.0.2 (12602.3.12.0.1) - 'disconnectSubframes' Universal XSS S
HTTP Apple WebKit 10.0.2 - 'constructJSReadableStreamDefaultReader' Type Confusion S
HTTP Apple WebKit 10.0.2(12602.3.12.0.1) - 'FramesetDocument (1)' Universal XSS S
HTTP BanManager WebUI 1.5.8 - 'buttons_after' PHP Code Injection S
HTTP BanManager WebUI 1.5.8 - 'buttons_before' PHP Code Injection S
HTTP BanManager WebUI 1.5.8 - 'footer' PHP Code Injection S
HTTP Barracuda Web App Firewall 8.0.1.007Load Balancer 5.4.0.004 - Authenticated RCE S
HTTP Bimedia ImagePro Lazygirls Clone Script 'index.php' SQL Injection Vulnerability S
HTTP Bimedia ImagePro Lazygirls Clone Script 'index.php' SQL Injection Vulnerability_1 S
HTTP Bimedia Sweepstakes Pro Software 'widget_lb.php' SQL Injection Vulnerability S
HTTP Bimedia Sweepstakes Pro Software 'win.php' SQL Injection Vulnerability S
HTTP CloudBees Jenkins 2.32.1 - Java Deserialization S
HTTP CNDSOFT 2.3 - Cross-Site Request Forgery Arbitrary File Upload S
HTTP Codecanyon Clone Script - SQL Injection S
HTTP CouponPHP CMS 'go.php' SQL Injection Vulnerability S
HTTP CouponPHP CMS 'go.php' SQL Injection Vulnerability_1 S
HTTP CouponPHP CMS 'go.php' SQL Injection Vulnerability_2 S
HTTP CouponPHP CMS 'go.php' SQL Injection Vulnerability_3 S
HTTP CouponPHP CMS 'go.php' SQL Injection Vulnerability_4 S
HTTP Eagle Technosys B2B Marketplace Script 'ajax.php' SQL Injection Vulnerability S
HTTP Eagle Technosys B2B Marketplace Script 'ajax.php' SQL Injection Vulnerability_1 S
HTTP Eagle Technosys B2B Marketplace Script 'ajax.php' SQL Injection Vulnerability_2 S
HTTP Eagle Technosys Courier Tracking 'eaglecov6.php' SQL Injection Vulnerability S
HTTP Eagle Technosys Courier Tracking 'eaglecov6.php' SQL Injection Vulnerability_1 S
HTTP Eagle Technosys Hotel & Tour Package Script 'page.php' SQL Injection Vulnerability S
HTTP Eagle Technosys Hotel & Tour Package Script 'view_news.php' SQL Injection Vulnerability S
HTTP EPSON TMNet WebConfig 'oadmin_1' Cross Site Scripting Vulnerability S
HTTP EyesOfNetwork 'ajax.php' SQL Injection Vulnerability S
HTTP EyesOfNetwork 'ajax.php' SQL Injection Vulnerability_1 S
HTTP EyesOfNetwork 'function_bp.php' SQL Injection Vulnerability S
HTTP EyesOfNetwork 'function_bp.php' SQL Injection Vulnerability_1 S
HTTP Global In - 'company key' SQL Injection S
HTTP Global In - 'hsearch' SQL Injection S
HTTP Global In - 'people co' SQL Injection S
HTTP Global In - 'people com' SQL Injection S
HTTP Global In - 'people fnm' SQL Injection S
HTTP Global In - 'people industry' SQL Injection S
HTTP Global In - 'people key' SQL Injection S
HTTP Global In - 'people lnm' SQL Injection S
HTTP Global In - 'people sc' SQL Injection S
HTTP Global In - 'people title' SQL Injection S
HTTP Global In - Arbitrary File Upload S
HTTP Gongwalker API Manager 'index.php' CSRF Vulnerability (From Server) S
HTTP Gongwalker API Manager 'index.php' CSRF Vulnerability (To Server) S
HTTP Gongwalker API Manager 'index.php' CSRF Vulnerability_1 (From Server) S
HTTP Gongwalker API Manager 'index.php' CSRF Vulnerability_1 (To Server) S
HTTP Gongwalker API Manager 'index.php' CSRF Vulnerability_2 (From Server) S
HTTP Gongwalker API Manager 'index.php' CSRF Vulnerability_2 (To Server) S
HTTP Joomla! Component AJAX Search for K2 SQL Injection Vulnerability S
HTTP Joomla! Component AJAX Search for K2 SQL Injection Vulnerability_1 S
HTTP Joomla! Component AppointmentBookingPro 'index.php' SQL Injection Vulnerability S
HTTP Joomla! Component Appointments for JomSocial SQL Injection Vulnerability S
HTTP Joomla! Component Appointments for JomSocial SQL Injection Vulnerability_1 S
HTTP Joomla! Component Community Polls SQL Injection Vulnerability S
HTTP Joomla! Component Community Surveys 'index.php' SQL Injection Vulnerability S
HTTP Joomla! Component Directorix Directory Manager 'index.php' SQL Injection Vulnerability S
HTTP Joomla! Component Eventix Events Calendar 'index.php' SQL Injection Vulnerability S
HTTP Joomla! Component Eventix Events Calendar 'index.php' SQL Injection Vulnerability_1 S
HTTP Joomla! Component Eventix Events Calendar 'index.php' SQL Injection Vulnerability_2 S
HTTP Joomla! Component Gnosis 'index.php' SQL Injection Vulnerability S
HTTP Joomla! Component GPS Tools 'index.php' SQL Injection Vulnerability S
HTTP Joomla! Component Intranet Attendance Track 'index.php' SQL Injection Vulnerability S
HTTP Joomla! Component Intranet Attendance Track 'index.php' SQL Injection Vulnerability_1 S
HTTP Joomla! Component Intranet Attendance Track 'index.php' SQL Injection Vulnerability_2 S
HTTP Joomla! Component Intranet Attendance Track 'index.php' SQL Injection Vulnerability_3 S
HTTP Joomla! Component Intranet Attendance Track 'index.php' SQL Injection Vulnerability_4 S
HTTP Joomla! Component Intranet Attendance Track 'index.php' SQL Injection Vulnerability_5 S
HTTP Joomla! Component Intranet Attendance Track 'index.php' SQL Injection Vulnerability_6 S
HTTP Joomla! Component Intranet Attendance Track 'index.php' SQL Injection Vulnerability_7 S
HTTP Joomla! Component Intranet Attendance Track 'index.php' SQL Injection Vulnerability_8 S
HTTP Joomla! Component J-BusinessDirectory 'index.php' SQL Injection Vulnerability S
HTTP Joomla! Component J-BusinessDirectory 'index.php' SQL Injection Vulnerability_1 S
HTTP Joomla! Component J-CruiseReservation Standard SQL Injection Vulnerability S
HTTP Joomla! Component J-HotelPortal 'index.php' SQL Injection Vulnerability S
HTTP Joomla! Component JO Facebook Gallery 'index.php' SQL Injection Vulnerability S
HTTP Joomla! Component JO Facebook Gallery 'index.php' SQL Injection Vulnerability_1 S
HTTP Joomla! Component JO Facebook Gallery 'index.php' SQL Injection Vulnerability_2 S
HTTP Joomla! Component JomSocial SQL Injection Vulnerability S
HTTP Joomla! Component JomSocial SQL Injection Vulnerability_1 S
HTTP Joomla! Component JomSocial SQL Injection Vulnerability_2 S
HTTP Joomla! Component JooDatabase 'index.php' SQL Injection Vulnerability S
HTTP Joomla! Component JooDatabase 'index.php' SQL Injection Vulnerability_1 S
HTTP Joomla! Component Magic Deals Web 'index.php' SQL Injection Vulnerability S
HTTP Joomla! Component Magic Deals Web 'index.php' SQL Injection Vulnerability_1 S
HTTP Joomla! Component Magic Deals Web 'index.php' SQL Injection Vulnerability_2 S
HTTP Joomla! Component My MSG 'index.php' SQL Injection Vulnerability S
HTTP Joomla! Component My MSG 'index.php' SQL Injection Vulnerability_1 S
HTTP Joomla! Component My MSG 'index.php' SQL Injection Vulnerability_2 S
HTTP Joomla! Component OneVote! 'results.php' SQL Injection Vulnerability S
HTTP Joomla! Component Spinner 360 SQL Injection Vulnerability S
HTTP Just Another Video Script 'ajaxglobalfunc.php' SQL Injection Vulnerability S
HTTP Just Another Video Script 'ajaxglobalfunc.php' SQL Injection Vulnerability_1 S
HTTP Just Another Video Script 'ajaxplay.php' SQL Injection Vulnerability S
HTTP Ladder System 'news.php' SQL Injection Vulnerability S
HTTP Logsign 4.4.2 4.4.137 - Remote Command Injection (Metasploit) S
HTTP Maian Greetings 'index.php' SQL Injection Vulnerability S
HTTP Maian Survey 'index.php' SQL Injection Vulnerability S
HTTP Maian Uploader 'index.php' SQL Injection Vulnerability S
HTTP MC Coming Soon Script - 'launch_message.php' Improper Access Restrictions S
HTTP MC Coming Soon Script - 'launch_time.php' Improper Access Restrictions S
HTTP MC Coming Soon Script - 'send_message.php' Improper Access Restrictions S
HTTP MC Coming Soon Script - 'settings.php' Improper Access Restrictions S
HTTP MC Coming Soon Script - 'subscribers.php' Improper Access Restrictions S
HTTP MC Coming Soon Script - 'users.php' Improper Access Restrictions S
HTTP Microsoft IIS 6.0 - WebDAV 'ScStoragePathFromUrl' Buffer Overflow S
HTTP Microsoft Internet Explorer 11 - 'CMarkupDestroySplayTree' Use-After-Free S
HTTP Moxa MX AOPC-Server 1.5 - XML External Entity Injection S
HTTP MS IE 11.576.14393.0 - 'CStyleSheetArray-BuildListOfMatchedRules' Memory Corruption S
HTTP MS Windows - Uniscribe Font Processing Out-of-Bounds Read in usp10!otlChainRuleSetTable S
HTTP MVPower DVR TV-7104HE 1.8.4 115215B9 - Shell Unauthenticated RCE S
HTTP My Classified Portal Software 'search-result.php' SQL Injection Vulnerability S
HTTP My Classified Portal Software 'search-result.php' SQL Injection Vulnerability_1 S
HTTP My Gaming Ladder Combo System 'game.php' SQL Injection Vulnerability S
HTTP My Gaming Ladder Combo System 'match.php' SQL Injection Vulnerability S
HTTP My Gaming Ladder Combo System 'news.php' SQL Injection Vulnerability S
HTTP My Gaming Ladder Combo System 'teams.php' SQL Injection Vulnerability S
HTTP Nuxeo 6.0 7.1 7.2 7.3 - File Upload Remote Code Execution (Metasploit) S
HTTP PDF Shaper Buffer Overflow S
HTTP PHP Only FAQ Script 'categorySearch' SQL Injection Vulnerability S
HTTP PHP Only Social Directory Script 'index.php' SQL Injection Vulnerability S
HTTP PHP Only Social Directory Script 'index.php' SQL Injection Vulnerability_1 S
HTTP PHP Only Social Directory Script 'searchtopic.php' SQL Injection Vulnerability S
HTTP Php Real Estate Property Script - 'prc_max' SQL Injection S
HTTP Php Real Estate Property Script - 'prc_min' SQL Injection S
HTTP phpFileManager 0.9.8 Remote Code Execution (Metasploit) S
HTTP QNAP TVS-663 QTS 4.2.4 build 20170313 - 'reboot_notice_msg' Command Injection S
HTTP QNAP TVS-663 QTS 4.2.4 build 20170313 - 'userConfig.cgi' Command Injection S
HTTP QNAP TVS-663 QTS 4.2.4 build 20170313 - 'utilRequest.cgi' Command Injection S
HTTP Ruby on Rails Development Web Console (v2) Code Execution S
HTTP SAP SAPCAR 721.510 - Heap-Based Buffer Overflow S
HTTP SchoolDir 'search' SQL Injection Vulnerability S
HTTP SchoolDir 'sortsearch' SQL Injection Vulnerability S
HTTP sNews 1.7.1 - Arbitrary File Upload S
HTTP Sync Breeze Enterprise 9.5.16 - 'GET' Buffer Overflow (SEH) S
HTTP Tenable Appliance 4.5 - Unauthenticated Root Remote Code Execution S
HTTP Tiki Wiki 15.1 - Unauthenticated File Upload (Metasploit) S
HTTP UCanCode - ActiveX Controls File Overwrite S
HTTP WePresent WiPG-1000 - Command Injection (Metasploit) S
HTTP WordPress Ninja Forms Unauthenticated File Upload S
HTTP WordPress Plugin Apptha Slider Gallery 1.0 - Arbitrary File Download S
HTTP WordPress Plugin CopySafe Web Protect 'admin.php' CSRF Vulnerability (From Server) S
HTTP WordPress Plugin CopySafe Web Protect 'admin.php' CSRF Vulnerability (To Server) S
HTTP WordPress Plugin Firewall 2 'options-general.php' CSRF Vulnerability (From Server) S
HTTP WordPress Plugin Firewall 2 'options-general.php' CSRF Vulnerability (To Server) S
HTTP WordPress Plugin Global Content Blocks 'general.php' CSRF Vulnerability (From Server) S
HTTP WordPress Plugin Global Content Blocks 'general.php' CSRF Vulnerability (To Server) S
HTTP XLineSoft Calendar Template 'caldaily_view.php' SQL Injection Vulnerability S
HTTP XLineSoft Document Management Template 'share_add.php' SQL Injection Vulnerability S
HTTP XLineSoft Invoice Template 'invoices_view.php' SQL Injection Vulnerability S
HTTP ZeeScripts Membership Formula 'member.area.directory.php' SQL Injection Vulnerability S
MySQL 5.6.35 5.7.17 - Integer Overflow S
SMB Microsoft Windows - Unauthenticated SMB Remote Code Execution (MS17-010) (Metasploit) S
SMB MS17-010 EternalBlue SMB Remote Windows Kernel Pool Corruption S
UDP RPCBind libtirpc - Denial of Service S


idappcom - Auditing, verifying and enhancing the capabilities of corporate security defences.

We do not use cookies for tracking users, displaying customised content or storing information about users, other than that required to maintain 'session state' for the login system for registered users. Please read our cookie policy for more information. Please note that by using this site you are consenting to the use of cookies.