Search

Traffic File Update - May 2013

This Traffic IQ Professional update for May 2013 contains the latest application exploits, threats and security evasion techniques along with technical data and high quality security rules.

Traffic IQ Professional

Traffic File Update for May 2013

152 Application Exploits

Apache Struts Parametersinterceptor Remote Code Execution Vulnerability S
Aspen CVE-2013-2619 Directory Traversal Vulnerability S
AudioCoder .m3u Buffer Overflow Vulnerability S
AudioCoder .m3u Buffer Overflow Vulnerability_1 S
B2evolution Admin.php SQL Injection Vulnerability S
B2evolution blogs-admin.php Cross-site Request Forgery Vulnerability S
BigAnt IM Server DDNF 'username' Field Buffer Overflow Vulnerability S
BlazeVideo BlazeDVD '.PLF' File Remote Buffer Overflow Vulnerability S
C2 WebResource 'File' Parameter Cross Site Scripting Vulnerability S
Cisco Linksys E1500 and E2500 Router Directory Traversal Vulnerability S
Cisco Linksys E1500 and E2500 Router Password Change Vulnerability S
Cisco Linksys E1500 and E2500 Router Password Change Vulnerability_1 S
Cisco Linksys E1500 and E2500 Router Redirection Vulnerability S
Cisco Linksys E1500 and E2500 Router XSS Vulnerability S
CMS Cameron McKenna Default.aspx Cross-site Scripting Vulnerability S
CMS Cameron McKenna Default.aspx Cross-site Scripting Vulnerability_1 S
CMS Cameron McKenna Default.aspx Cross-site Scripting Vulnerability_2 S
CMS Cameron McKenna Default.aspx Cross-site Scripting Vulnerability_3 S
CMS Cameron McKenna Default.aspx Cross-site Scripting Vulnerability_4 S
D-Link DIR-600 And DIR-300 Cross-site Request Forgery Vulnerability S
D-Link DIR-600 And DIR-300 Cross-site Scripting Vulnerability S
D-Link DIR-600 And DIR-300 HTTP Header Injection Vulnerability S
D-Link DIR-600 And DIR-300 Information Disclosure Vulnerability_2 S
D-Link DIR-600 And DIR-300 pingIp Command Execution Vulnerability S
D-Link DIR-635 Change Password Cross-site Request Forgery Vulnerability S
D-Link DIR-635 WLAN Cross-site Scripting Vulnerability S
Dotclear player_flv.swf Cross-site Scripting Vulnerability S
Dotclear player_flv.swf Link Injection Vulnerability S
Dotclear player_mp3.swf Link Injection Vulnerability S
Dotclear swfupload.swf Content Spoofing Vulnerability S
Dotclear swfupload.swf Cross-site Scripting Vulnerability S
Dotclear swfupload.swf Cross-site Scripting Vulnerability_1 S
e107 'content_preset.php' Cross Site Scripting Vulnerability S
Elecard MPEG Player 5.8 '.m3u' File Buffer Overflow Vulnerability S
Foxit Reader PDF File Handling Division by Zero DoS S
Free Monthly Websites File_Io.Php Script Security Bypass Vulnerability S
Free Monthly Websites Index.Php Script Security Bypass Vulnerability S
Free Monthly Websites Login.Php Script Security Bypass Vulnerability S
freeSSHd Authentication Mechanism Authentication Bypass Vulnerability S
HTTP Aibolit Information Disclosure Vulnerability S
HTTP AWS XMS 'what' Parameter Directory Traversal Vulnerability S
HTTP AWS XMS 'what' Parameter Directory Traversal Vulnerability_1 S
HTTP Belkin F5D8236-4 Router CVE-2013-3083 CSRF Vulnerability S
HTTP Belkin N300 Router CVE-2013-3089 Cross Site Request Forgery Vulnerability S
HTTP Belkin N900 Router CVE-2013-3086 Cross Site Request Forgery Vulnerability S
HTTP Cisco Linksys E1200 N300 Router 'submit_button' Parameter XSS Vulnerability S
HTTP Cisco Linksys E1200 N300 Router 'submit_button' Parameter XSS Vulnerability_1 S
HTTP Cisco Linksys EA2700 'next_page' Parameter Information Disclosure Vulnerability S
HTTP Cisco Linksys EA2700 Change Password & Enable Remote Management CSRF Vulnerability S
HTTP Cisco Linksys EA2700 Source Code Disclosure Vulnerability S
HTTP Cisco Linksys WRT310N Router Multiple Denial of Service Vulnerabilities S
HTTP ClipShare 'gid' Parameter SQL Injection Vulnerability S
HTTP Crafty Syntax Live Help 'xmlhttp.php' Path Disclosure Vulnerability S
HTTP D-Link 'DevInfo.txt' Request Information Disclosure Vulnerability S
HTTP D-Link 'version.txt' Request Information Disclosure Vulnerability S
HTTP D-Link DIR-865L CVE-2013-3095 Cross Site Request Forgery Vulnerability S
HTTP D-Link Products CVE-2013-1599 Command Injection Vulnerability S
HTTP D-Link Products CVE-2013-1600 Authentication Bypass Vulnerability S
HTTP FoeCMS 1.6.5 Cross Site Scripting Vulnerability S
HTTP FoeCMS 1.6.5 SQL Injection Vulnerability S
HTTP Fork CMS 'file' Parameter Local File Include Vulnerability S
HTTP Fork CMS Add ADMIN Account Cross Site Request Forgery Vulnerability S
HTTP Fork CMS Delete Users Cross Site Request Forgery Vulnerability S
HTTP Fork CMS Delete Web Pages Cross Site Request Forgery Vulnerability S
HTTP Fork CMS private_en_blog_settings report Parameter Cross Site Scripting S
HTTP Fork CMS private_en_users_index error Parameter Cross Site Scripting S
HTTP Foscam IP Cameras Multiple CSRF Vulnerabilities S
HTTP jPlayer 'Jplayer.swf' Script CVE-2013-1942 Cross Site Scripting Vulnerability S
HTTP jPlayer 'Jplayer.swf' Script CVE-2013-1942 Cross Site Scripting Vulnerability_1 S
HTTP jPlayer 'Jplayer.swf' Script CVE-2013-1942 Cross Site Scripting Vulnerability_2 S
HTTP jPlayer 'Jplayer.swf' Script CVE-2013-1942 Cross Site Scripting Vulnerability_3 S
HTTP KNet Web Server Buffer Overflow Vulnerability S
HTTP KNet Web Server Buffer Overflow Vulnerability_1 S
HTTP KrisonAV CMS CVE-2013-2712 Cross Site Scripting Vulnerability S
HTTP KrisonAV CMS CVE-2013-2713 Cross Site Request Forgery Vulnerability S
HTTP Light HTTPD Stack-Based Buffer Overflow Vulnerability S
HTTP MinaliC Host Header Handling Remote Buffer Overflow Vulnerability S
HTTP MinaliC Host Header Handling Remote Buffer Overflow Vulnerability_1 S
HTTP nginx ngx_http_request.h zero_in_uri URL Null Byte Handling Remote Code Execution S
HTTP nginx ngx_http_request.h zero_in_uri URL Null Byte Handling Remote Code Execution_1 S
HTTP Oracle WebCenter Sites CVE-2013-1509 HTTP Header Injection Vulnerability S
HTTP Personal File Share 'filename' Denial of Service Vulnerability S
HTTP PHP Address Book 'delete.php' SQL Injection Vulnerability S
HTTP PHP Address Book 'edit.php' SQL Injection Vulnerability S
HTTP PHP Address Book 'index.php' SQL Injection Vulnerability S
HTTP PHP Address Book 'view.php' SQL Injection Vulnerability S
HTTP phpMyAdmin 'visualizationSettings[height]' Parameter XSS Vulnerability S
HTTP phpMyAdmin 'visualizationSettings[width]' Parameter XSS Vulnerability S
HTTP phpVMS Virtual Airline Administration 'itemid' SQL Injection Vulnerability S
HTTP Request Tracker 'ShowPending' Parameter SQL Injection Vulnerability S
HTTP Sosci Survey 'receiver.edit' Cross Site Scripting Vulnerability S
HTTP STUNSHELL Web Shell Remote PHP Code Execution (gen_shell_bind_tcp) S
HTTP STUNSHELL Web Shell Remote PHP Code Execution (php_exec) S
HTTP Todoo Forum 'id_post' Parameter Cross Site Scripting Vulnerability S
HTTP Todoo Forum 'pg' Parameter Cross Site Scripting Vulnerability S
HTTP TP-Link TD-8817 Router Admin Password CSRF Vulnerability S
HTTP TP-Link TL-WR1043N Router CVE-2013-2645 Cross Site Request Forgery Vulnerability S
HTTP TP-LINK TL-WR741N and TL-WR741ND Routers Denial of Service Vulnerability S
HTTP TP-LINK TL-WR741N and TL-WR741ND Routers Denial of Service Vulnerability_1 S
HTTP v0pCr3w Web Shell Remote Code Execution (gen_exec) S
HTTP v0pCr3w Web Shell Remote Code Execution (win_adduser) S
HTTP Vanilla Forums 'passwordrequest' SQL Injection Vulnerability S
HTTP Vanilla Forums 'signin' SQL Injection Vulnerability S
HTTP Vanilla Forums Multiple Cross Site Request Forgery Vulnerabilities S
HTTP Vivotek IP Camera Products CVE-2013-1594 Information Disclosure Vulnerability S
HTTP Vivotek IP Camera Products CVE-2013-1594 Information Disclosure Vulnerability_1 S
HTTP Vivotek IP Camera Products CVE-2013-1595 Remote Buffer Overflow Vulnerability S
HTTP Vivotek IP Camera Products CVE-2013-1597 Directory Traversal Vulnerability S
HTTP VoipNow 'screen' Parameter Local File Include Vulnerability S
HTTP WordPress Colormix Theme Cross Site Scripting Vulnerability S
HTTP WordPress Spiffy XSPF Player Plugin 'playlist_id' Parameter SQL Injection S
HTTP WordPress Traffic Analyzer Plugin 'aoid' Parameter XSS Vulnerability S
HTTP ZAPms 'pid' Parameter SQL Injection Vulnerability S
Konftel 300IP 'dorestart.cgi' Remote Denial of Service Vulnerability S
memcached Remote Denial of Service Vulnerability S
NetGear DGN1000B Wireless Router Device XSS Vulnerability S
NetGear DGN1000B Wireless Router h_skeyword XSS Vulnerability S
NetGear DGN1000B Wireless Router Keyword Domain XSS Vulnerability S
NetGear DGN1000B Wireless Router TimeToLive Security Vulnerability S
NetGear DGN1000B Wireless Router TimeToLive Security Vulnerability_1 S
Novell Groupwise Client InvokeContact Remote Code Execution Vulnerability S
Novell Groupwise Client SecManageRecipientCertificates Remote Code Execution Vulnerability S
Novell Sentinel Log Manager Unauthorized Access Vulnerability S
Oracle Java SE Applet Reflection Code Execution Vulnerability S
Oracle Java SE CVE-2013-1493 Remote Code Execution Vulnerability S
Oracle Java SE CVE-2013-2419 Remote Memory Corruption Vulnerability S
PHP Address Book Admin Index SQL Injection Vulnerability S
PHP Address Book Delete User SQL Injection Vulnerability S
PHP Address Book Edit User Save SQL Injection Vulnerability S
PHP Address Book Edit User SQL Injection Vulnerability S
PHP Address Book Link Tick SQL Injection Vulnerability S
PHP Address Book Reset Password Save SQL Injection Vulnerability S
PHP Address Book Reset Password SQL Injection Vulnerability S
PHP Address Book Traffic SQL Injection Vulnerability S
PHP Address Book Username SQL Injection Vulnerability S
PowerTCP WebServer 'DartWebserver.dll' CVE-2012-5389 DoS Vulnerability S
RadioCMS 'playlist_id' Parameter SQL Injection Vulnerability S
Sophos Web Protection Appliance errdoc.php Cross Site Scripting Vulnerability S
Sophos Web Protection Appliance ftp_redirect.php Cross Site Scripting Vulnerability S
Sophos Web Protection Appliance index.php Cross Site Scripting Vulnerability S
Sophos Web Protection Appliance rss.php Cross Site Scripting Vulnerability S
SWFUpload Swfupload.swf Code Execution Vulnerability S
SWFUpload Swfupload.swf Cross-site Request Forgery Vulnerability S
SWFUpload Swfupload.swf MovieName Parameter Cross-site Scripting Vulnerability S
Symphony 'sort' Parameter SQL Injection Vulnerability S
Sysax Multi Server SSH Component NULL Pointer Dereference Vulnerability S
Syslog Watcher Pro 'Date' Parameter Cross Site Scripting Vulnerability S
Syslog Watcher Pro 'Date' Parameter Cross Site Scripting Vulnerability_1 S
TFTP AT-TFTP Server Stack Buffer Overflow Vulnerability S
Tienda Online Comunicados_listado.php Cross-site Scripting Vulnerability S
VirtualDJ MP3 ID3v2 Tag Title Processing Buffer Overflow Vulnerability S
WordPress Feedweb Plugin 'wp_post_id' Parameter Cross Site Scripting Vulnerability S


idappcom - Auditing, verifying and enhancing the capabilities of corporate security defences.

We do not use cookies for tracking users, displaying customised content or storing information about users, other than that required to maintain 'session state' for the login system for registered users. Please read our cookie policy for more information. Please note that by using this site you are consenting to the use of cookies.