Search

Traffic File Update - March 2018

This Traffic IQ Professional update for March 2018 contains the latest application exploits, threats and security evasion techniques along with technical data and high quality security rules.

Traffic IQ Professional

Traffic File Update for March 2018

155 Application Exploits

Asterisk 13.17.2 - 'chan_skinny' Remote Memory Corruption S
Claymore Dual GPU Miner 10.5 - Format String S
CloudMe Sync 1.11.0 - Buffer Overflow S
HTTP Advantech WebAccess 8.3.0 - Remote Code Execution S
HTTP Alienvault OSSIM av-centerd 4.7.0 - 'get_log_line' Command Injection (Metasploit) S
HTTP Alienvault OSSIM av-centerd Util.pm sync_rserver - Command Execution (Metasploit) S
HTTP ASUS DSL-N14U B1 Router 1.1.2.3_345 - Change Administrator Password S
HTTP Axis Communications MPQTPACS - Heap Overflow S
HTTP Axis Communications MPQTPACS - Information Leakage S
HTTP Axis SSI - Information Disclosure S
HTTP Axis SSI - Remote Command Execution S
HTTP Bomgar Remote Support Unauthenticated Code Execution (Metasploit) S
HTTP D-Link DNS-343 ShareCenter 1.05 - 'f_auth' Command Injection S
HTTP D-Link DNS-343 ShareCenter 1.05 - 'f_password' Command Injection S
HTTP D-Link DNS-343 ShareCenter 1.05 - 'f_sender' Command Injection S
HTTP D-Link DNS-343 ShareCenter 1.05 - 'f_sendto' Command Injection S
HTTP D-Link DNS-343 ShareCenter 1.05 - 'f_smtpserver' Command Injection S
HTTP D-Link DNS-343 ShareCenter 1.05 - 'f_username' Command Injection S
HTTP Disk Savvy Enterprise 9.4.18 - Buffer Overflow (SEH) 'win10' S
HTTP Disk Savvy Enterprise 9.4.18 - Buffer Overflow (SEH) 'win7' S
HTTP Dlink DIR Routers - Unauthenticated HNAP Login Stack Buffer Overflow (Metasploit) S
HTTP Drupal Module RESTWS 7.x - Remote PHP Code Execution (Metasploit) S
HTTP Exodus Wallet (ElectronJS Framework) - Remote Code Execution S
HTTP fairsketch RISE Ultimate Project Manager 'search' SQL Injection Vuln S
HTTP FiberHome AN5506 - Unauthenticated Remote DNS Change S
HTTP Fortune Scripts Facebook Clone 'group.php' SQL Injection Vuln S
HTTP Fortune Scripts Freelancer Clone 'profile.php' SQL Injection Vuln S
HTTP Fortune Scripts Grubhub Clone SQL Injection Vuln (From Server) S
HTTP Fortune Scripts Grubhub Clone SQL Injection Vuln (To Server) S
HTTP Fortune Scripts IMDB Clone 'movie.php' SQL Injection Vuln S
HTTP Fortune Scripts IMDB Clone 'show_misc_video.php' SQL Injection Vuln S
HTTP Fortune Scripts IMDB Clone 'tvshow.php' SQL Injection Vuln S
HTTP Fortune Scripts Indiamart Clone 'buyleads-details.php' SQL Injection Vuln S
HTTP Fortune Scripts Indiamart Clone 'catcompany.php' SQL Injection Vuln S
HTTP Fortune Scripts Indiamart Clone 'index.php' SQL Injection Vuln S
HTTP Fortune Scripts Lynda Clone 'keywords' SQL Injection Vuln (From Server) S
HTTP Fortune Scripts Lynda Clone 'keywords' SQL Injection Vuln (To Server) S
HTTP Fortune Scripts Makemytrip Clone 'pages.php' SQL Injection Vuln S
HTTP Fortune Scripts Makemytrip Clone 'show-flight-result.php' SQL Injection Vuln S
HTTP Fortune Scripts Makemytrip Clone 'show-flight-result.php' SQL Injection Vuln_1 S
HTTP Fortune Scripts Monster Clone 'Employer_Details.php' SQL Injection Vuln S
HTTP Fortune Scripts Olx Clone 'message.php' SQL Injection Vuln S
HTTP Fortune Scripts Olx Clone 'subpage.php' SQL Injection Vuln S
HTTP Fortune Scripts Shaadi Clone 'view_profile.php' SQL Injection Vuln S
HTTP Fortune Scripts Shutterstock Clone SQL Injection Vuln (From Server) S
HTTP Fortune Scripts Shutterstock Clone SQL Injection Vuln (To Server) S
HTTP Fortune Scripts Stackoverflow Clone 'keywords' SQL Injection Vuln (From Server) S
HTTP Fortune Scripts Stackoverflow Clone 'keywords' SQL Injection Vuln (To Server) S
HTTP Foxsash ImgHosting 'search' Cross Site Scripting Vuln S
HTTP Gnew 'user.php' CSRF Vuln (From Server) S
HTTP Gnew 'user.php' CSRF Vuln (To Server) S
HTTP GoAhead httpd 2.5 3.6.5 - 'LD_PRELOAD' Fingerprint Remote Code Execution S
HTTP GoAhead httpd 2.5 3.6.5 - 'LD_PRELOAD' Payload Remote Code Execution S
HTTP HitmanPro 3.7.15 Build 281 - Kernel Pool Overflow - Win10_Exploit S
HTTP HitmanPro 3.7.15 Build 281 - Kernel Pool Overflow - Win10_LeakCookie S
HTTP HitmanPro 3.7.15 Build 281 - Kernel Pool Overflow - Win7_Exploit S
HTTP IBM Notes 8.5.x9.0.x - Denial of Service (Metasploit) S
HTTP IPSwitch MoveIt 'human.aspx' Cross Site Scripting Vuln S
HTTP Joomla! Component JEXTN FAQ Pro 'index.php' SQL Injection Vuln S
HTTP Joomla! Component Kubik-Rubik Simple Image Gallery Extended 'print.php' XSS Vuln S
HTTP Joomla! Component NextGen Editor 'index.php' SQL Injection Vuln S
HTTP LibreOffice 6.0.1 - '=WEBSERVICE' Remote Arbitrary File Disclosure S
HTTP LogicalDOC Enterprise 7.7.4 - 'default.antivirus.includes' Root Remote Code Execution S
HTTP LogicalDOC Enterprise 7.7.4 - 'Key Store via OpenSSL' Root Remote Code Execution S
HTTP LogicalDOC Enterprise 7.7.4 - 'ocr.Tesseract.path' Root Remote Code Execution S
HTTP LogicalDOC Enterprise 7.7.4 - Directory Traversal S
HTTP LogicalDOC Enterprise 7.7.4 - User Enumeration S
HTTP Master IP CAM 01 - Unauthenticated Configuration Change S
HTTP Master IP CAM 01 - Unauthenticated Configuration Download S
HTTP Master IP CAM 01 - Unauthenticated Configuration Upload S
HTTP Microsoft Windows LNK CVE-2017-8464 Remote Code Execution Vulnerability S
HTTP MigrateShop Task Rabbit Clone 'single_blog.php' SQL Injection Vuln S
HTTP Multiple OEM - 'index.asp' 'nsd' Remote Stack Format String (PoC) S
HTTP Multiple OEM - 'upgrade.asp' 'nsd' Remote Stack Format String (PoC) S
HTTP Muviko Video SQL Injection Vuln S
HTTP Muviko Video SQL Injection Vuln_1 S
HTTP Muviko Video SQL Injection Vuln_2 S
HTTP Muviko Video SQL Injection Vuln_3 S
HTTP Muviko Video SQL Injection Vuln_4 S
HTTP Muviko Video SQL Injection Vuln_5 S
HTTP Opensource Classified Ads Script 'advance_result.php' SQL Injection Vuln (From Server) S
HTTP Opensource Classified Ads Script 'advance_result.php' SQL Injection Vuln (To Server) S
HTTP pfSense 2.1.4 - 'status_rrd_graph_img.php' Command Injection S
HTTP PHP Scripts Mall Groupon Clone Script 'category_list.php' SQL Injection Vuln S
HTTP PHP Scripts Mall Groupon Clone Script 'city_ajax.php' SQL Injection Vuln S
HTTP PHP Scripts Mall Hot Scripts Clone 'mctid' SQL Injection Vuln S
HTTP PHP Scripts Mall Hot Scripts Clone 'subctid' SQL Injection Vuln S
HTTP PHP Scripts Mall Kickstarter Clone Script 'investcalc.php' SQL Injection Vuln S
HTTP PHP Scripts Mall Laundry Booking Script 'list' SQL Injection Vuln S
HTTP PHP Scripts Mall Lawyer Search Script 'city' SQL Injection Vuln S
HTTP PHP Scripts Mall MLM Forced Matrix 'news-detail.php' SQL Injection Vuln S
HTTP PHP Scripts Mall MLM Forex Market Plan 'event_detail.php' SQL Injection Vuln S
HTTP PHP Scripts Mall MLM Forex Market Plan 'news_detail.php' SQL Injection Vuln S
HTTP PHP Scripts Mall Muslim Matrimonial Script 'success-story.php' SQL Injection Vuln S
HTTP PHP Scripts Mall Nearbuy Clone Script 'city' SQL Injection Vuln S
HTTP PHP Scripts Mall Online Exam Test Application Script 'exams.php' SQL Injection Vuln S
HTTP PHP Scripts Mall Paid To Read Script 'userview.php' SQL Injection S
HTTP PHP Scripts Mall Paid To Read Script 'viewemcamp.php' SQL Injection S
HTTP PHP Scripts Mall Paid To Read Script 'viewvisitcamp.php' SQL Injection S
HTTP PHP Scripts Mall PHP Multivendor Ecommerce 'category.php' SQL Injection Vuln S
HTTP PHP Scripts Mall PHP Multivendor Ecommerce 'category.php' SQL Injection Vuln_1 S
HTTP PHP Scripts Mall PHP Multivendor Ecommerce 'single_detail.php' SQL Injection Vuln S
HTTP PHP Scripts Mall Realestate Crowdfunding Script 'single-cause.php' SQL Injection Vuln S
HTTP PHP Scripts Mall Responsive Realestate Script 'property-listtbud' SQL Injection Vuln S
HTTP PHP Scripts Mall Resume Clone Script 'preview.php' SQL Injection Vuln S
HTTP PHP Scripts Mall Secure E-commerce Script 'category.php' SQL Injection Vuln S
HTTP PHP Scripts Mall Secure E-commerce Script 'category.php' SQL Injection Vuln_1 S
HTTP PHP Scripts Mall Secure E-commerce Script 'single_detail.php' SQL Injection Vuln S
HTTP PHP Scripts Mall Yoga Class Script 'listcity' SQL Injection Vuln S
HTTP PHPSUGAR PHP Melody 'ajax.php' SQL Injection Vuln S
HTTP Picture Calendar component for Joomla! 'list.php' Directory Traversal Vuln S
HTTP Piwigo 'admin.php' SQL Injection Vuln S
HTTP Putra RSVP Invitation Online 'account.php' (Update Admin) CSRF Vuln (From Server) S
HTTP Putra RSVP Invitation Online 'account.php' (Update Admin) CSRF Vuln (To Server) S
HTTP RainbowFish Software PACSOne Server 'nocache.php' Directory Trasversal Vuln S
HTTP RAVPower 2.000.056 - Memory Disclosure S
HTTP Readymade Video Sharing Script 'single-video-detail.php' SQL Injection Vuln S
HTTP Reservo Image Hosting Script Cross Site Scripting Vuln S
HTTP Single Theater Booking Script 'findcity.php' SQL Injection Vuln S
HTTP TypeSetter CMS User Permissions page CSRF Vuln (From Server) S
HTTP TypeSetter CMS User Permissions page CSRF Vuln (To Server) S
HTTP Uniview - Remote Command Execution Check Active Capture (PoC) S
HTTP Uniview - Remote Command Execution Download Capture (PoC) S
HTTP Uniview - Remote Command Execution Export Config (PoC) S
HTTP Uniview - Remote Command Execution Get File (PoC) S
HTTP Uniview - Remote Command Execution Start Capture (PoC) S
HTTP Uniview - Remote Command Execution Stop Capture (PoC) S
HTTP Vanilla Forums Cross Site Request Forgery Vuln (From Server) S
HTTP Vanilla Forums Cross Site Request Forgery Vuln (To Server) S
HTTP Vitek - Gateway Information Disclosure S
HTTP Vitek - Network Information Disclosure S
HTTP Vitek - PHP Remote Command Execution S
HTTP Vivotek IP Cameras - 'POST' - Remote Stack Overflow (PoC) S
HTTP Vivotek IP Cameras - 'PUT' - Remote Stack Overflow (PoC) S
HTTP Wachipi Events Calendar plugin for WordPress 'event.php' SQL Injection Vuln S
HTTP Wavpack 5.1.0 - Denial of Service S
HTTP Website Auction Marketplace 'search.php' SQL Injection Vuln S
HTTP WordPress Core - 'load-scripts.php' Denial of Service S
HTTP WordPress Plugin Email Subscribers & Newsletters Info Disclosure Vuln (From Server) S
HTTP WordPress Plugin Email Subscribers & Newsletters Info Disclosure Vuln (To Server) S
JBoss Remoting 6.14.18 - Port 4447 Denial of Service S
JBoss Remoting 6.14.18 - Port 9999 Denial of Service S
Malware GET Request Associated with GandCrab Ransomware (gandcrab.bit) S
Malware GET Request Associated with GandCrab Ransomware (nomoreransom.bit) S
Malware GET Request Associated with GandCrab Ransomware (nomoreransom.coin) S
Malware GET Request Associated with GlobeImposter Ransomware (198.100.119.11) S
Malware GET Request Associated with GlobeImposter Ransomware (psoeiras.net) S
Malware GET Request Associated with Sigma Ransomware (ip-api.com) S
Malware GET Request Associated with Sigma Ransomware (onlinedocuments.ir) S
Malware GET Request Associated with Sigma Ransomware (yowl2ugopitfzzwb.onion) S
Malware GET Request Associated with Sigma Ransomware (yowl2ugopitfzzwb.onion.link) S
SMB Samba - 'is_known_pipename()' Arbitrary Module Load (Metasploit) S
TFTP Cloudview NMS 2.00b - Writable Directory Traversal Execution (Metasploit) S
UDP Netcore Netis Routers - UDP Backdoor Access S
UDP Siemens SIPROTEC 4 and SIPROTEC Compact EN100 Ethernet Module 4.25 - Denial of Service S


idappcom - Auditing, verifying and enhancing the capabilities of corporate security defences.

We do not use cookies for tracking users, displaying customised content or storing information about users, other than that required to maintain 'session state' for the login system for registered users. Please read our cookie policy for more information. Please note that by using this site you are consenting to the use of cookies.