Search

Traffic File Update - June 2018

This Traffic IQ Professional update for June 2018 contains the latest application exploits, threats and security evasion techniques along with technical data and high quality security rules.

Traffic IQ Professional

Traffic File Update for June 2018

157 Application Exploits

CyberArk 10 - Memory Disclosure S
HTTP Apache Struts 2 - Struts 1 Plugin Showcase OGNL Code Execution (Metasploit) S
HTTP Auto Car 'car_title' SQL Injection Vuln S
HTTP Cisco SA520W Security Appliance - Path Traversal S
HTTP Contec Smart Home 4.15 - Unauthorized Create User S
HTTP Contec Smart Home 4.15 - Unauthorized Delete User S
HTTP Contec Smart Home 4.15 - Unauthorized Edit User S
HTTP Contec Smart Home 4.15 - Unauthorized List Users S
HTTP D-Link DSL-2750B - OS Command Injection (Metasploit) S
HTTP D-Link DSL-3782 - 'get_sessionKey.asp' Authentication Bypass S
HTTP D-Link DSL-3782 - 'GuestZone.asp' Authentication Bypass S
HTTP D-Link DSL-3782 - 'romfile.cgi' Authentication Bypass S
HTTP D-Link DSL-3782 - 'Settings_24.asp' Authentication Bypass S
HTTP D-Link DSL-3782 - 'Settings_5.asp' Authentication Bypass S
HTTP D-Link DSL-3782 - Admin Password Authentication Bypass S
HTTP D-Link DSL-3782 - Reboot Router Authentication Bypass S
HTTP D-Link DSL-3782 - SSID Password Authentication Bypass S
HTTP D-Link DSL-3782 - Upgrade Firmware Authentication Bypass S
HTTP D-Link DSL-3782 - Upload Config File Authentication Bypass S
HTTP Easy File Sharing Web Server 7.2 - Stack Buffer Overflow S
HTTP Easy File Uploader 'settings-users-edit.php' Cross Site Scripting Vuln S
HTTP Easy File Uploader 'settings-users-edit.php' SQL Injection Vuln S
HTTP EasyService Billing 'customer-new-s.php' Cross Site Scripting Vuln S
HTTP EasyService Billing 'customer-new-s.php' SQL Injection Vuln S
HTTP EasyService Billing 'customer-new-s.php' SQL Injection Vuln_1 S
HTTP EasyService Billing 'template_Receipt.php' Cross Site Scripting Vuln S
HTTP EasyService Billing 'template_Receipt.php' SQL Injection Vuln S
HTTP EasyService Billing 'template_Receipt.php' SQL Injection Vuln_1 S
HTTP EasyService Billing 'template_SBilling.php' Cross Site Scripting Vuln S
HTTP EasyService Billing 'template_SBilling.php' SQL Injection Vuln S
HTTP EasyService Billing 'template_SBilling.php' SQL Injection Vuln_1 S
HTTP EasyService Billing 'template_SBillingPerforma.php' Cross Site Scripting Vuln S
HTTP EasyService Billing 'template_SBillingPerforma.php' SQL Injection Vuln S
HTTP EasyService Billing 'template_SBillingPerforma.php' SQL Injection Vuln_1 S
HTTP EasyService Billing 'template_SBillingQuotation.php' Cross Site Scripting Vuln S
HTTP EasyService Billing 'template_SBillingQuotation.php' SQL Injection Vuln S
HTTP EasyService Billing 'template_SBillingQuotation.php' SQL Injection Vuln_1 S
HTTP Epiphany 3.28.2.1 - Denial of Service S
HTTP Feedy RSS News Ticker 'cat' SQL Injection Vuln S
HTTP Frog CMS 'Add User' CSRF Vuln (From Server) S
HTTP Frog CMS 'Add User' CSRF Vuln (To Server) S
HTTP Gigs 'username' SQL Injection Vuln S
HTTP Google Chrome - Integer Overflow when Processing WebAssembly Locals S
HTTP GreenCMS 2.3.0603 - Information Disclosure S
HTTP Honeywell Scada System - Information Disclosure S
HTTP Horse Market Sell & Rent Portal Script CSRF Vuln (From Server) S
HTTP Horse Market Sell & Rent Portal Script CSRF Vuln (To Server) S
HTTP HPE iMC 7.3 - Remote Code Execution (Metasploit) S
HTTP Infinity Market Classified Ads Script CSRF Vuln (From Server) S
HTTP Infinity Market Classified Ads Script CSRF Vuln (To Server) S
HTTP Intelbras NCLOUD 300 1.0 - Authentication Bypass S
HTTP JasperReports - Administrator Export Controls S
HTTP JasperReports - AWS Configuration Disclosure S
HTTP JasperReports - Bypass Access Controls S
HTTP JasperReports - Local File Inclusion S
HTTP Joomla! Component Alexandria Book Library 'index.php' SQL Injection Vuln S
HTTP Joomla! Component CheckList 'index.php' SQL Injection Vuln S
HTTP Joomla! Component CheckList 'index.php' SQL Injection Vuln_1 S
HTTP Joomla! Component CheckList 'index.php' SQL Injection Vuln_2 S
HTTP Joomla! Component CheckList 'index.php' SQL Injection Vuln_3 S
HTTP Joomla! Component CheckList 'index.php' SQL Injection Vuln_4 S
HTTP Joomla! Component CW Tags 'index.php' SQL Injection Vuln S
HTTP Joomla! Component Ek Rishta 'index.php' SQL Injection Vuln S
HTTP Joomla! Component Ek Rishta 'index.php' SQL Injection Vuln_1 S
HTTP Joomla! Component Ek Rishta 'index.php' SQL Injection Vuln_2 S
HTTP Joomla! Component Ek Rishta 'index.php' SQL Injection Vuln_3 S
HTTP Joomla! Component Ek Rishta 'index.php' SQL Injection Vuln_4 S
HTTP Joomla! Component Ek Rishta 'index.php' SQL Injection Vuln_5 S
HTTP Joomla! Component Ek Rishta 'index.php' SQL Injection Vuln_6 S
HTTP Joomla! Component EkRishta SQL Injection Vuln (From Server) S
HTTP Joomla! Component EkRishta SQL Injection Vuln (To Server) S
HTTP Joomla! Component OS Property Real Estate SQL Injection Vuln S
HTTP Joomla! Component OS Property Real Estate SQL Injection Vuln_1 S
HTTP Joomla! Component OS Property Real Estate SQL Injection Vuln_2 S
HTTP Joomla! Component PrayerCenter 'index.php' SQL Injection Vuln S
HTTP MachForm 4.2.3 - SQL Injection S
HTTP ManageEngine Recovery Manager Plus Cross Site Scripting Vuln S
HTTP Microsoft Edge Chakra - EntrySimpleObjectSlotGetter Type Confusion S
HTTP Microsoft Edge Chakra JIT - Bound Check Elimination Bug S
HTTP Microsoft Edge Chakra JIT - Magic Value Type Confusion S
HTTP MySQL Blob Uploader 'home-filet-edit.php' SQL Injection Vuln S
HTTP MySQL Blob Uploader 'id' Cross Site Scripting Vuln S
HTTP MySQL Smart Reports 'id' Cross Site Scripting Vuln S
HTTP MySQL Smart Reports 'system-settings-user-edit2.php' SQL Injection Vuln S
HTTP NetWin SurgeFTP 'surgeftpmgr.cgi' Cross Site Scripting Vuln S
HTTP NewsBee CMS 'download.php' SQL Injection Vuln S
HTTP NewsBee CMS 'home-text-edit.php' SQL Injection Vuln S
HTTP NodAPS 'search' SQL Injection Vuln S
HTTP NodAPS accountSetting CSRF Vuln (From Server) S
HTTP NodAPS accountSetting CSRF Vuln (To Server) S
HTTP Nordex Wind Turbine Web Server 'login' SQL Injection Vuln S
HTTP NUUO NVRmini2 NVRsolo - Arbitrary File Upload S
HTTP Office Tracker parameter 'logincount' Cross Site Scripting Vuln (From Server) S
HTTP Office Tracker parameter 'logincount' Cross Site Scripting Vuln (To Server) S
HTTP Oracle WebCenter FatWire Content Server 7 - 'FlushTables' Improper Access Control S
HTTP Oracle WebCenter FatWire Content Server 7 - GET 'tablelistHTML' Improper Access Control S
HTTP Oracle WebCenter FatWire Content Server 7 - Improper Access Control SQL Injection S
HTTP Oracle WebCenter FatWire Content Server 7 - Installed Site Disclosure S
HTTP Oracle WebCenter FatWire Content Server 7 - POST 'tablelistHTML' Improper Access Control S
HTTP PaulPrinting CMS Printing SQL Injection Vuln S
HTTP PHP Dashboards 'user.php' SQL Injection Vuln S
HTTP Redatam Web Server 7 - Directory Traversal S
HTTP Rockwell Automation Allen-Bradley 'CompactLogix' Cross Site Scripting Vuln S
HTTP RSA Authentication Manager 8.2.1.4.0-build1394922 8.3 P1 - Cross-Site Flashing S
HTTP RSA Authentication Manager 8.2.1.4.0-build1394922 8.3 P1 - DOM Based XSS S
HTTP RSA Authentication Manager 8.2.1.4.0-build1394922 8.3 P1 - XML Ext Entity Injection S
HTTP SAP NetWeaver Web Dynpro 6.4 7.5 - Information Disclosure S
HTTP Schools Alert Management Script - Arbitrary File Deletion S
HTTP Schools Alert Management Script - Arbitrary File Read S
HTTP Seagate Media Server Path Traversal S
HTTP Shipping System CMS 'username' SQL Injection Vuln S
HTTP Siemens SIMATIC S7-1200 Cross Site Scripting Vuln S
HTTP Skia and Firefox - Integer Overflow in SkTDArray Leading to Out-of-Bounds Write S
HTTP SKT LTE Wi-Fi SDT-CW3B1 - Unauthorized Admin Credential Change S
HTTP SKT LTE Wi-Fi SDT-CW3B1 - Unauthorized Firmware Access S
HTTP SKT LTE Wi-Fi SDT-CW3B1 - Unauthorized System Statistics Disclosure S
HTTP SKT LTE Wi-Fi SDT-CW3B1 - Unauthorized WAN Settings Disclosure S
HTTP Splunk 7.0.1 - Information Disclosure S
HTTP TAC Xenta 511-911 - Directory Traversal S
HTTP Teradek VidiU Pro 3.0.3 - 'url' Server-Side Request Forgery S
HTTP Teradek VidiU Pro 3.0.3 - 'xml_url' Server-Side Request Forgery S
HTTP TP-Link TL-WA850RE - Remote Command Execution S
HTTP TP-Link TL-WR840NTL-WR841N - DMZ Authenticaton Bypass S
HTTP TP-Link TL-WR840NTL-WR841N - Enable Guest Network Authenticaton Bypass S
HTTP TP-Link TL-WR840NTL-WR841N - Port Forwarding Authenticaton Bypass S
HTTP TP-Link TL-WR840NTL-WR841N - Reboot Router Authenticaton Bypass S
HTTP TP-Link TL-WR840NTL-WR841N - WiFi Password Change Authenticaton Bypass S
HTTP userSpice 4.3.24 - Username Enumeration S
HTTP WebKit - 'WebCorejsElementScrollHeightGetter' Use-After-Free S
HTTP WebKit - Use-After-Free when Resuming Generator S
HTTP WebKit - WebAssembly Compilation Info Leak S
HTTP Wecodex GPS Tracker 'id' SQL Injection Vuln S
HTTP Wecodex Online Store System CMS 'email' SQL Injection Vuln S
HTTP Wecodex Store Paypal 'id' SQL Injection Vuln S
HTTP Western Bridge Cobub Razor 'modifychannel' CSRF Vuln (From Server) S
HTTP Western Bridge Cobub Razor 'modifychannel' CSRF Vun (To Server) S
HTTP WhatsApp 2.18.31 - Memory Corruption S
HTTP WordPress Affiliate Ads for Clickbank Products 'text_ads_ajax.php' XSS Vuln S
HTTP WordPress Share This Image 'sharer.php' Cross Site Scripting Vuln S
HTTP WordPress Z-URL Preview plugin 'class.zlinkpreview.php' XSS Vuln S
HTTP WP Smart Marketing SMS and Newsletters Forms plugin 'egoi-for-wp-form_egoi.php' XSS Vuln S
HTTP XiongMai uc-httpd 1.0.0 - Buffer Overflow S
HTTP Yosoro 1.0.4 - Remote Code Execution S
HTTP Zenario Content Management System 'current_page' Cross Site Scripting Vuln S
Malware DNS Request Associated with CoinMiner Trojan (microsup.ru) S
Malware DNS Request Associated with CoinMiner Trojan (users.atw.hu) S
Malware DNS Request Associated with CoinMiner Trojan (whattom.tk) S
Malware DNS Request Associated with CoinMiner Trojan (www.apl.com.pk) S
Malware GET Request to Domain Associated with CoinMiner Trojan (users.atw.hu) S
Malware GET Request to Domain Associated with CoinMiner Trojan (www.apl.com.pk) S
Malware GET Request to Domain Associated with CoinMiner Trojan (www.apl.com.pk)_1 S
Malware GET Request to Domain Associated with CoinMiner Trojan (www.apl.com.pk)_2 S
Malware POST Request to Domain Associated with CoinMiner Trojan (microsup.ru) S
Malware Request To Domain Associated with Coin Miner Malspam (92.63.197.60) S
Malware Request To Domain Associated with Coin Miner Malspam (booomaahuuoooapl.ru) S
Malware Request To Domain Associated with Coin Miner Malspam (monerohash.com) S
rtorrent 0.9.6 - Denial of Service S


idappcom - Auditing, verifying and enhancing the capabilities of corporate security defences.

We do not use cookies for tracking users, displaying customised content or storing information about users, other than that required to maintain 'session state' for the login system for registered users. Please read our cookie policy for more information. Please note that by using this site you are consenting to the use of cookies.