Search

Traffic File Update - September 2015

This Traffic IQ Professional update for September 2015 contains the latest application exploits, threats and security evasion techniques along with technical data and high quality security rules.

Traffic IQ Professional

Traffic File Update for September 2015

247 Application Exploits

Boxoft WAV To MP3 Converter Buffer Overflow Vulnerability S
Cogent DataHub Command Injection Vulnerability S
D-Link v1.00 HNAP Request Remote Buffer Overflow Vulnerability S
D-Link v1.06 HNAP Request Remote Buffer Overflow Vulnerability S
D-Link v1.07 HNAP Request Remote Buffer Overflow Vulnerability S
Dell NetVault Backup CVE 2015 5696 Denial of Service S
FHFS - HTTP File Server 2.1.2 Remote Command Execution Vulnerability S
GOM Audio 'gas' File Type Denial of Service Vulnerability S
HP Release Control Authenticated XXE File Download Vulnerability S
HP Release Control Authenticated XXE File Upload Vulnerability S
HTTP AirLink101 SkyIPCam1620W 'snwrite.cgi' OS Command Injection Vulnerability S
HTTP Ajax Pagination Plugin for WordPress admin-ajax.php loop Parameter LFI S
HTTP ArticleFR CVE-2015-5529 'name' Categories XSS Vulnerability S
HTTP ArticleFR CVE-2015-5529 'rel' Links XSS Vulnerability S
HTTP ArticleFR CVE-2015-5529 'title' Links XSS Vulnerability S
HTTP ArticleFR CVE-2015-5529 'url' Ping Server XSS Vulnerability S
HTTP ArticleFR CVE-2015-5530 Add Admin CSRF Vulnerability S
HTTP Auto-Exchanger 5.1.0 - CSRF Vulnerability (From Server) S
HTTP Auto-Exchanger 5.1.0 - CSRF Vulnerability (To Server) S
HTTP Bedita XSS Vulnerability S
HTTP Bedita XSS Vulnerability_1 S
HTTP Bedita XSS Vulnerability_2 S
HTTP Cerb Cross Site Request Forgery Vulnerability (From Server) S
HTTP Cerb Cross Site Request Forgery Vulnerability (To Server) S
HTTP Cyberoam CR500iNG XP SQL Injection Vulnerability S
HTTP Cyberoam CR500iNG XP SQL Injection Vulnerability_1 S
HTTP DataTables 1.10.8 Cross Site Scripting (Percent Encoded) S
HTTP DataTables 1.10.8 Cross Site Scripting S
HTTP DirectAdmin Web Control Panel 1.483 - 'path' XSS (From Server) S
HTTP DirectAdmin Web Control Panel 1.483 - 'path' XSS (To Server) S
HTTP DirectAdmin Web Control Panel 1.483 - Create And Edit CSRF (From Server) S
HTTP DirectAdmin Web Control Panel 1.483 - Create And Edit CSRF (To Server) S
HTTP DirectAdmin Web Control Panel 1.483 - Create DB CSRF (From Server) S
HTTP DirectAdmin Web Control Panel 1.483 - Create DB CSRF (To Server) S
HTTP DirectAdmin Web Control Panel 1.483 - Create Email Forwarder CSRF (From Server) S
HTTP DirectAdmin Web Control Panel 1.483 - Create Email Forwarder CSRF (To Server) S
HTTP DirectAdmin Web Control Panel 1.483 - Create Folder CSRF (From Server) S
HTTP DirectAdmin Web Control Panel 1.483 - Create Folder CSRF (To Server) S
HTTP DirectAdmin Web Control Panel 1.483 - Create FTP Acct CSRF (From Server) S
HTTP DirectAdmin Web Control Panel 1.483 - Create FTP Acct CSRF (To Server) S
HTTP DirectAdmin Web Control Panel 1.483 - Rename File CSRF (From Server) S
HTTP DirectAdmin Web Control Panel 1.483 - Rename File CSRF (To Server) S
HTTP Dogma India dogmaindia CMS Authentication Bypass Vulnerability S
HTTP Easy Address Book Web Server 1.6 - USERID Remote Buffer Overflow S
HTTP Easy File Sharing Web Server 6.9 - USERID Buffer Overflow Vulnerability S
HTTP Edimax BR6228nS and BR6228nC Cross Site Scripting Vulnerability S
HTTP Edimax BR6228nS and BR6228nC CSRF Vulnerability S
HTTP Edimax BR6228nS and BR6228nC Enable Remote Access CSRF Vulnerability S
HTTP Edimax BR6228nS and BR6228nC HTTP Response Splitting Vulnerability S
HTTP Edimax BR6228nS and BR6228nC Information Disclosure Vulnerability S
HTTP Edimax BR6228nS and BR6228nC Information Disclosure Vulnerability_1 S
HTTP Edimax BR6228nS and BR6228nC Reboot CSRF Vulnerability S
HTTP Edimax CSRF Vulnerability (From Server) S
HTTP Edimax CSRF Vulnerability (To Server) S
HTTP Edimax CSRF Vulnerability_1 (From Server) S
HTTP Edimax CSRF Vulnerability_1 (To Server) S
HTTP Edimax CSRF Vulnerability_2 (From Server) S
HTTP Edimax CSRF Vulnerability_2 (To Server) S
HTTP Edimax HTTP Response Splitting Vulnerability S
HTTP Edimax PS-1206MF Web Admin Auth Bypass Vulnerability S
HTTP Enorth Webpublisher CMS 'cbNewsId' SQL Injection (Percent Encoded) S
HTTP Enorth Webpublisher CMS 'cbNewsId' SQL Injection S
HTTP EZ SQL Reports 4.11.37 - Arbitrary Code Execution S
HTTP EZ SQL Reports 4.11.37 - Download Arbitrary File (Percent Encoded) S
HTTP EZ SQL Reports 4.11.37 - Download Arbitrary File S
HTTP GeniXCMS 'index.php' XSS Vulnerability S
HTTP GeoCore index.php b Parameter Blind SQL Injection Vulnerability S
HTTP GeoCore index.php b Parameter Blind SQL Injection Vulnerability_1 S
HTTP Google Analyticator XSS Vulnerability S
HTTP Google Analyticator XSS Vulnerability_1 S
HTTP Google Analyticator XSS Vulnerability_2 S
HTTP Google Analyticator XSS Vulnerability_3 S
HTTP Google Analyticator XSS Vulnerability_4 S
HTTP GPON Home Router FTP G-93RG1 CSRF Command Execution Vulnerability S
HTTP HooToo Tripmate HT-TM01 2.000.022 - Admin Password CSRF (From Server) S
HTTP HooToo Tripmate HT-TM01 2.000.022 - Admin Password CSRF (To Server) S
HTTP HooToo Tripmate HT-TM01 2.000.022 - Change Device Name CSRF (From Server) S
HTTP HooToo Tripmate HT-TM01 2.000.022 - Change Device Name CSRF (To Server) S
HTTP HooToo Tripmate HT-TM01 2.000.022 - Change Region CSRF (From Server) S
HTTP HooToo Tripmate HT-TM01 2.000.022 - Change Region CSRF (To Server) S
HTTP HooToo Tripmate HT-TM01 2.000.022 - Change Settings CSRF (From Server) S
HTTP HooToo Tripmate HT-TM01 2.000.022 - Change Settings CSRF (To Server) S
HTTP HooToo Tripmate HT-TM01 2.000.022 - Logout Admin CSRF (From Server) S
HTTP HooToo Tripmate HT-TM01 2.000.022 - Logout Admin CSRF (To Server) S
HTTP HooToo Tripmate HT-TM01 2.000.022 - Network Info CSRF (From Server) S
HTTP HooToo Tripmate HT-TM01 2.000.022 - Network Info CSRF (To Server) S
HTTP HooToo Tripmate HT-TM01 2.000.022 - Reboot Device CSRF (From Server) S
HTTP HooToo Tripmate HT-TM01 2.000.022 - Reboot Device CSRF (To Server) S
HTTP HooToo Tripmate HT-TM01 2.000.022 - Wifi Security CSRF (From Server) S
HTTP HooToo Tripmate HT-TM01 2.000.022 - Wifi Security CSRF (To Server) S
HTTP Jenkins CSRF Vulnerability (From Server) S
HTTP Jenkins CSRF Vulnerability (To Server) S
HTTP Jenkins CSRF Vulnerability_1 (From Server) S
HTTP Jenkins CSRF Vulnerability_1 (To Server) S
HTTP Jenkins CSRF Vulnerability_2 (From Server) S
HTTP Jenkins CSRF Vulnerability_2 (To Server) S
HTTP Joomla J2Store 3.1.6 SQL Injection Vulnerability S
HTTP JSPMySQL Administrador - 'bd' parameter XSS (Percent Encoded) S
HTTP JSPMySQL Administrador - 'bd' parameter XSS S
HTTP JSPMySQL Administrador - Drop DB CSRF (From Server) S
HTTP JSPMySQL Administrador - Drop DB CSRF (To Server) S
HTTP JSPMySQL Cross Site Scriptng Vulnerability S
HTTP JSPMySQL CSRF Vulnerability (From Server) S
HTTP JSPMySQL CSRF Vulnerability (To Server) S
HTTP Kerio Control Blind SQL Injection Vulnerability S
HTTP Kerio Control Blind SQL Injection Vulnerability_1 S
HTTP KnowledgeTree OSS Cross Site Scripting Vulnerability S
HTTP LinuxOptic CMS 2009 Auth Bypass Session Vulnerability S
HTTP ManageEngine EventLog Analyzer 10.6 build 10060 - SQLi S
HTTP Merethis Centreon 'getStats.php' Remote Command Execution Vulnerability S
HTTP Merethis Centreon 'getStats.php' Remote Command Execution Vulnerability_1 S
HTTP Merethis Centreon 'isUserAdmin()' Function SQL Injection Vulnerability S
HTTP Merethis Centreon 'isUserAdmin()' Function SQL Injection Vulnerability_1 S
HTTP Microsoft Internet Explorer 11 Stack Underflow Vulnerability S
HTTP Microsoft Windows UDDI Services CVE-2015-2475 XSS (Percent Encoded) S
HTTP Microsoft Windows UDDI Services CVE-2015-2475 XSS S
HTTP Monsta FTP 1.6.2 - 'openFolder' XSS (Percent Encoded) S
HTTP Monsta FTP 1.6.2 - 'openFolder' XSS S
HTTP Monsta FTP 1.6.2 - Delete Files CSRF (From Server) S
HTTP Monsta FTP 1.6.2 - Delete Files CSRF (To Server) S
HTTP NETGEAR Wireless Management System Password Change Vulnerability S
HTTP Netsweeper Authentication Bypass Vulnerability S
HTTP NibbleBlog Cross Site Request Forgery Vulnerability (From Server) S
HTTP NibbleBlog Cross Site Request Forgery Vulnerability (To Server) S
HTTP Open-Letters Remote PHP Code Injection Vulnerability S
HTTP Open-Letters Remote PHP Code Injection Vulnerability_1 S
HTTP OpenDocMan XSS Vulnerability S
HTTP Oracle Demantra 12.2.1 - Stored XSS Vulnerability (From Server) S
HTTP Oracle Demantra 12.2.1 - Stored XSS Vulnerability (To Server) S
HTTP Page2Flip 2.5 Missing Access Control Vulnerability S
HTTP Page2Flip 2.5 Missing Access Control Vulnerability_1 S
HTTP Page2Flip 2.5 Privilege Escalation Vulnerability S
HTTP Page2Flip XSS Vulnerability S
HTTP PHPLiteAdmin XSS Vulnerability S
HTTP PHPLiteAdmin XSS Vulnerability_1 S
HTTP PhpWiki 'pagename' Parameter GET XSS Vulnerability S
HTTP PhpWiki 'pagename' Parameter POST XSS Vulnerability S
HTTP PhpWiki 'source' Parameter GET Local File Inclusion Vulnerability S
HTTP PhpWiki 'source' Parameter POST Local File Inclusion Vulnerability S
HTTP PhpWiki Cross Site Request Forgery Vulnerability S
HTTP PHPWiki Cross Site Scripting Vulnerability S
HTTP PHPWiki CSRF Vulnerability (From Server) S
HTTP PHPWiki CSRF Vulnerability (To Server) S
HTTP Pimcore CMS 'dir' parameter Directory Traversal Vulnerability S
HTTP Pluck CMS 4.7.3 Cross Site Request Forgery Vulnerability S
HTTP Pluck CMS 4.7.3 Cross Site Scripting Vulnerability S
HTTP Pluck CMS admin.php 'action' Function LFI Vulnerability S
HTTP Pluck CMS admin.php 'action' Function LFI Vulnerability_1 S
HTTP Serendipity Blind SQL Injection Vulnerability S
HTTP Shopizer 1.1.5 - 'productId' Remote Command Execution (Percent Encoded) S
HTTP Shopizer 1.1.5 - 'productId' Remote Command Execution S
HTTP Shopizer 1.1.5 - 'productIsFree' Access Vulnerability (Percent Encoded) S
HTTP Shopizer 1.1.5 - 'productIsFree' Access Vulnerability S
HTTP Shopizer 1.1.5 - 'productlist.action' XSS Vulnerability (Percent Encoded) S
HTTP Shopizer 1.1.5 - 'productlist.action' XSS Vulnerability S
HTTP Shopizer 1.1.5 - 'search' Remote Command Execution (Percent Encoded) S
HTTP Shopizer 1.1.5 - 'search' Remote Command Execution S
HTTP Shopizer 1.1.5 - 'searchcriteria.action' XSS Vulnerability (Percent Encoded) S
HTTP Shopizer 1.1.5 - 'searchcriteria.action' XSS Vulnerability S
HTTP Shopizer 1.1.5 - Customer Data Access Vulnerability S
HTTP Shopizer 1.1.5 - Customer Data Overwrite Vulnerability (Percent Encoded) S
HTTP Shopizer 1.1.5 - Customer Data Overwrite Vulnerability S
HTTP Shopizer 1.1.5 - Price Data Access Vulnerability (Percent Encoded) S
HTTP Shopizer 1.1.5 - Price Data Access Vulnerability S
HTTP Shopizer 1.1.5 - Product Access Vulnerability (Percent Encoded) S
HTTP Shopizer 1.1.5 - Product Access Vulnerability S
HTTP Shopizer 1.1.5 - Product Review CSRF Vulnerability (Percent Encoded) S
HTTP Shopizer 1.1.5 - Product Review CSRF Vulnerability S
HTTP SOPlanning feries.php Directory Traversal Vulnerability S
HTTP SOPlanning groupe_list.php SQL-injection Vulnerability S
HTTP SOPlanning planning.php SQL-injection Vulnerability S
HTTP SOPlanning projets.php SQL-injection Vulnerability S
HTTP SOPlanning user_groupes.php SQL-injection Vulnerability S
HTTP SOPlanning user_list.php SQL-injection Vulnerability S
HTTP sysPass 1.0.9 - SQL Injection S
HTTP TOTOLINK Router Models - Activate Admin CSRF Bypass (From Server) S
HTTP TOTOLINK Router Models - Activate RC Management (From Server) S
HTTP TOTOLINK Router Models - Activate RC Management (To Server) S
HTTP TOTOLINK Router Models - Change DNS Config (From Server) S
HTTP TOTOLINK Router Models - Change DNS Config (To Server) S
HTTP TOTOLINK Router Models - Change DNS CSRF Bypass (From Server) S
HTTP Watu PRO Cross Site Scripting Vulnerability S
HTTP Watu PRO CSRF Vulnerability (From Server) S
HTTP Watu PRO CSRF Vulnerability (To Server) S
HTTP Watu PRO Play CSRF Vulnerability (From Server) S
HTTP Watu PRO Play CSRF Vulnerability (To Server) S
HTTP Winmail Server badlogin.php parameter XSS Vulnerability S
HTTP WordPress BuddyPress Activity Plus Plugin 1.5 - CSRF (From Server) S
HTTP WordPress BuddyPress Activity Plus Plugin 1.5 - CSRF (To Server) S
HTTP WordPress Easy2Map SQL Injection Vulnerability S
HTTP WordPress Googmonify Plugin CSRF Vulnerability (From Server) S
HTTP WordPress Googmonify Plugin CSRF Vulnerability (To Server) S
HTTP WordPress Navis DocumentCloud XSS Vulnerability S
HTTP Wordpress Participants Database SQL Injection Vulnerability S
HTTP WordPress Private Only CSRF Vulnerability (From Server) S
HTTP WordPress Private Only CSRF Vulnerability (To Server) S
HTTP WordPress Reflex Gallery Upload Vulnerability S
HTTP WordPress SE HTML5 Album Audio Player Plugin CVE-2015-4414 LFI (Percent Encoded) S
HTTP WordPress SE HTML5 Album Audio Player Plugin CVE-2015-4414 LFI S
HTTP WordPress sourceAFRICA Cross Site Scripting Vulnerability S
HTTP WordPress Swim Team Plugin 1.44.10777 - Arbitrary File Download (Percent Encoded) S
HTTP WordPress Swim Team Plugin 1.44.10777 - Arbitrary File Download S
HTTP WordPress Unite Gallery Lite Plugin 1.4.6 - 'galleryid' SQLi (Percent Encoded) S
HTTP WordPress Unite Gallery Lite Plugin 1.4.6 - 'galleryid' SQLi S
HTTP WordPress Unite Gallery Lite Plugin 1.4.6 - 'id' SQLi (Percent Encoded) S
HTTP WordPress Unite Gallery Lite Plugin 1.4.6 - 'id' SQLi S
HTTP WordPress Users Ultra Plugin 'admin-ajax.php' SQL Injection Vulnerability S
HTTP WordPress WP e-Commerce Shop Styling Plugin 2.5 - Arbitrary File Download S
HTTP ZenPhoto 1.4.8 - 'admin-upload.php' XSS S
HTTP ZenPhoto 1.4.8 - 'admin.php' XSS (Percent Encoded) S
HTTP ZenPhoto 1.4.8 - 'admin.php' XSS S
HTTP ZenPhoto 1.4.8 - 'backup_restore.php' XSS S
HTTP ZenPhoto 1.4.8 - Directory Traversal (Percent Encoded) S
HTTP ZenPhoto 1.4.8 - Directory Traversal S
HTTP ZeroCMS 'zero_transact_article.php' SQL Injection Vulnerability S
HTTP Zoho SupportCenter Plus CVE-2015-5150 - 'compAcct' XSS (Percent Encoded) S
HTTP Zoho SupportCenter Plus CVE-2015-5150 - 'compAcct' XSS S
HTTP Zoho SupportCenter Plus CVE-2015-5150 - 'query' XSS (Percent Encoded) S
HTTP Zoho SupportCenter Plus CVE-2015-5150 - 'query' XSS S
HTTP Zoho SupportCenter Plus CVE-2015-5150 - 'redirectTo' XSS (Percent Encoded) S
HTTP Zoho SupportCenter Plus CVE-2015-5150 - 'redirectTo' XSS S
Keeper IP Camera 3.2.2.10 Authentication Bypass Vulnerability S
Magento eCommerce Remote Code Execution Vulnerability S
Microsoft Office 2007 msxml5.dll DoS Vulnerability S
Microsoft Word CVE-2015-0064 Memory Corruption Vulnerability S
Microsoft Word CVE-2015-0065 Memory Corruption Vulnerability S
Microsoft Word CVE-2015-0065 Memory Corruption Vulnerability_1 S
Mock SMTP Server 1.0 Remote DoS Vulnerability S
Mozilla Firefox CVE-2015-0802 Security Bypass Vulnerability S
Mpxplay Multimedia Commander .m3u Buffer Overflow Vulnerability S
Multiple AirLive Products Multiple OS Command Injection Vulnerabilities S
PCMan FTP Server GET Command Buffer Overflow Vulnerability S
PCMan FTP Server RENAME Command Buffer Overflow Vulnerability S
Photo Transfer (2) 1.0 iOS Denial of Service Vulnerability S
Photo Transfer (2) 1.0 iOS Denial of Service Vulnerability_1 S
Ricoh DC (SR10) 1.1.0.8 Denial of Service Vulnerability S
Samsung SyncThruWeb SMB Hash Disclosure Vulnerability S
Sixnet Sixview URI Remote Path Traversal File Access Vulnerability S
SphereFTP Server 2.0 Denial of Service Vulnerability S
Symantec Endpoint Protection Manager Arbitrary File Write Vulnerability S
Unitrends Enterprise Backup 7.3.0 Remote Code Execution Vulnerability S
Viber 4.2.0 Non-Printable Characters Handling DoS Vulnerability S
VLC Media Player 2.2.1 m3u8 and m3u DoS Vulnerability S
Zhone ADSL2 4P Authentiation Bypass Information Disclosure Vulnerability S
Zhone ADSL2 4P Authentiation Bypass Information Disclosure Vulnerability_1 S
Zhone ADSL2 4P Authentiation Bypass Information Disclosure Vulnerability_2 S
ZYXEL P-660HN-T1H_IPv6 Remote Configuration Editor Vulnerability S


idappcom - Auditing, verifying and enhancing the capabilities of corporate security defences.

We do not use cookies for tracking users, displaying customised content or storing information about users, other than that required to maintain 'session state' for the login system for registered users. Please read our cookie policy for more information. Please note that by using this site you are consenting to the use of cookies.