Traffic IQ Professional
Traffic File Update for September 2016
159 Application Exploits
Adobe Flash Color.setTransform Use-After-Free Vulnerability S
Adobe Flash Color.setTransform Use-After-Free Vulnerability_1 S
Adobe Flash JXR Processing Double Free CVE-2016-4136 Vulnerability S
Adobe Flash LMZA Property Decoding Heap Corruption vulnerability S
Adobe Flash Player DefineBitsJPEG2 Memory Corruption Vulnerability S
Adobe Flash Player DefineSprite Memory Corruption Vulnerability S
Adobe Flash Player SceneAndFrameData Memory Corruption Vulnerability S
Adobe Flash Stack Parameter Access in Object.unwatch UaF Fix Vulnerability S
Adobe Flash Stack Parameter Access in Object.unwatch UaF Fix Vulnerability_1 S
Adobe Flash TextField.maxChars Use-After-Free CVE-2015-8426 Vulnerability_1 S
Adobe Flash URLStream.readObject Use-After-Free Vulnerability S
Adobe Photoshop CC & Bridge CC .IFF File Parsing Vulnerability S
Adobe Photoshop CC & Bridge CC .PNG File Parsing Vulnerability S
Adobe Photoshop CC & Bridge CC .PNG File Parsing Vulnerability_1 S
HTTP Apache Struts Dynamic Method Invocation Remote Code Execution S
HTTP Apache Struts REST Plugin With Dynamic Method Invocation Remote Code Execution S
HTTP ArcSight Logger - Arbitrary File Upload (Code Execution) S
HTTP Baidu Spark Browser 43.23.1000.476 - Address Bar URL Spoofing S
HTTP Belkin Router AC1200 Firmware 1.00.27 - Authentication Bypass S
HTTP BuilderEngine 3.5.0 - Arbitrary File Upload S
HTTP Clear Voyager Hotspot Arbitrary File Disclosure Vulnerability S
HTTP ClipperCMS 1.3.0 Code Execution S
HTTP ClipperCMS 1.3.0 File Upload S
HTTP Dolphin 7.3.0 - Error-Based SQL Injection S
HTTP ElasticSearch - Unauthenticated Remote Code Execution S
HTTP Endian Firewall 3.0.0 - OS Command Injection (Python PoC) S
HTTP Flash Boundless Tunes - Universal SOP Bypass Through ActionScript's Sound Object S
HTTP Joomla Guru Pro Component SQL Injection Vulnerability S
HTTP jQuery jui_filter_rules PHP Code Execution S
HTTP NASdeluxe NDL-2400r 2.01.09 - OS Command Injection S
HTTP Novell ZENworks Configuration Management Arbitrary File Upload S
HTTP NUUO NVRmini Arbitrary File Deletion Vulnerability S
HTTP OPAC KpwinSQL SQL Injection Vulnerability S
HTTP OpenFire 3.10.2 - 4.0.1 - 'domain' Cross Site Scripting S
HTTP OpenFire 3.10.2 - 4.0.1 - 'groupchatJID' Cross Site Scripting S
HTTP OpenFire 3.10.2 - 4.0.1 - 'groupchatName' Cross Site Scripting S
HTTP OpenFire 3.10.2 - 4.0.1 - 'groups' Cross Site Scripting S
HTTP OpenFire 3.10.2 - 4.0.1 - 'mucdesc' Cross Site Scripting (From Server) S
HTTP OpenFire 3.10.2 - 4.0.1 - 'mucdesc' Cross Site Scripting (To Server) S
HTTP OpenFire 3.10.2 - 4.0.1 - 'propValue' Cross Site Scripting S
HTTP OpenFire 3.10.2 - 4.0.1 - 'remotePort' Cross Site Scripting S
HTTP OpenFire 3.10.2 - 4.0.1 - 'searchname' Cross Site Scripting (From Server) S
HTTP OpenFire 3.10.2 - 4.0.1 - 'searchname' Cross Site Scripting (To Server) S
HTTP OpenFire 3.10.2 - 4.0.1 - 'serverName' Cross Site Scripting (From Server) S
HTTP OpenFire 3.10.2 - 4.0.1 - 'serverName' Cross Site Scripting (To Server) S
HTTP OpenFire 3.10.2 - 4.0.1 - 'users' Cross Site Scripting S
HTTP Option CloudGate XSS Vulnerability S
HTTP Option CloudGate XSS Vulnerability_1 S
HTTP Option CloudGate XSS Vulnerability_2 S
HTTP PHP File Vault Directory Traversal Vulnerability S
HTTP PHP Power Browse Directory Traversal Vulnerability S
HTTP PHP Property Agent RealeState Script Sql Injection Vulnerability S
HTTP phpATM 1.32 - Remote Command Execution (Shell Upload) on Windows Servers S
HTTP PIKATEL 96338WS, 96338L-2M-8M - Unauthenticated DNS Change S
HTTP PLANET VDR-300NU ADSL Router - Unauthenticated DNS Change S
HTTP PLC Wireless Router Arbitrary File Disclosure Vulnerability S
HTTP Riverbed SteelCentral NetProfiler & NetExpress Code Execution Vulnerability S
HTTP Riverbed SteelCentral NetProfiler & NetExpress Code Execution Vulnerability_1 S
HTTP Riverbed SteelCentral NetProfiler & NetExpress Code Execution Vulnerability_2 S
HTTP Riverbed SteelCentral NetProfiler & NetExpress Code Execution Vulnerability_3 S
HTTP Riverbed SteelCentral NetProfiler & NetExpress Code Execution Vulnerability_4 S
HTTP Riverbed SteelCentral NetProfiler & NetExpress SQL Injection Vulnerability S
HTTP Riverbed SteelCentral NetProfiler & NetExpress SQL Injection Vulnerability_1 S
HTTP Riverbed SteelCentral NetProfiler & NetExpress SQL Injection Vulnerability_2 S
HTTP Riverbed SteelCentral NetProfiler & NetExpress SQL Injection Vulnerability_3 S
HTTP Riverbed SteelCentral NetProfiler & NetExpress SQL Injection Vulnerability_4 S
HTTP Roxy Fileman Arbitrary File Upload Vulnerability S
HTTP Sakai 10.7 - 'job_name' parameter XSS S
HTTP Sakai 10.7 - File Upload 'filename' parameter XSS S
HTTP Sakai 10.7 - Local File Inclusion S
HTTP Sakai 10.7 - XSS in URI S
HTTP Samsung Smart Home Camera SNH-P-6410 - Command Injection S
HTTP SAP NetWeaver AS JAVA 7.4 XXE Injection S
HTTP SAP NetWeaver AS JAVA XML Information Disclosure Vulnerability S
HTTP SIEMENS IP Camera CCMW1025 x.2.2.1798 - Remote Admin Credentials Change S
HTTP SIEMENS IP Cameras (Multiple Models) - 'config.ini' Disclosure Configuration S
HTTP SIEMENS IP Cameras (Multiple Models) - 'ikwd03conf.ini' Disclosure Configuration S
HTTP SIEMENS IP-Camera CVMS2025-IR CCMS2025 - Credentials Disclosure S
HTTP Symantec Messaging Gateway 10.6.1 - Directory Traversal S
HTTP Tenda ADSL22+ Modem 963281TAN - Unauthenticated DNS Change S
HTTP Tiki Wiki CMS Arbitrary File Download Vulnerability S
HTTP TOSHIBA IP-Camera IK-WP41A - Authentication Bypass Configuration Download S
HTTP Trend Micro Deep Discovery 3.7 3.8 SP1 (3.81) 3.8 SP2 (3.82) - hotfix_upload.cgi RCE S
HTTP TrendMicro Node.js HTTP Server Command Execution S
HTTP Ubee EVW3226 ModemRouter 1.0.20 - Authentication Bypass S
HTTP Ubee EVW3226 ModemRouter 1.0.20 - Backup File Disclosure S
HTTP Ubee EVW3226 ModemRouter 1.0.20 - Local File Inclusion S
HTTP Ubiquiti Administration Portal - CSRF to Remote Command Execution (From Server) S
HTTP Ubiquiti Administration Portal - CSRF to Remote Command Execution (To Server) S
HTTP Vanderbilt IP-Camera CCPW3025-IR CVMW3025-IR - Credentials Disclosure S
HTTP WebKit - TypedArray.copyWithin Memory Corruption S
HTTP WebKit - TypedArray.fill Memory Corruption S
HTTP WebNMS Framework Server 5.2 5.2 SP1 - Credentials Disclosure S
HTTP WebNMS Framework Server 5.2 5.2 SP1 - Directory Traversal In File Download S
HTTP WebNMS Framework Server 5.2 5.2 SP1 - Directory Traversal In File Upload S
HTTP WebNMS Framework Server 5.2 5.2 SP1 - User Account Hijacking S
HTTP WordPress Double Opt-In for Download Plugin SQL Injection Vulnerability (From Server) S
HTTP WordPress Double Opt-In for Download Plugin SQL Injection Vulnerability (To Server) S
HTTP WordPress Huge-IT Image Gallery Plugin SQL Injection Vulnerability S
HTTP WordPress Huge-IT Image Gallery Plugin SQL Injection Vulnerability_1 S
HTTP WordPress Huge-IT Image Gallery Plugin SQL Injection Vulnerability_2 S
HTTP WordPress Huge-IT Image Gallery Plugin SQL Injection Vulnerability_3 S
HTTP WordPress Huge-IT Image Gallery Plugin SQL Injection Vulnerability_4 S
HTTP WordPress Plugin CYSTEME Finder 1.3 - Arbitrary File Disclosure - JSON S
HTTP WordPress Plugin CYSTEME Finder 1.3 - Arbitrary File Disclosure S
HTTP WordPress Plugin CYSTEME Finder 1.3 - File Upload S
HTTP WordPress Plugin WP Mobile Detector Arbitrary File Upload Vulnerability S
HTTP WordPress Q and A (Focus Plus) FAQ Plugin Full Path Disclosure Vulnerability S
HTTP WordPress Q and A (Focus Plus) FAQ Plugin Full Path Disclosure Vulnerability_1 S
HTTP WordPress Q and A (Focus Plus) FAQ Plugin Full Path Disclosure Vulnerability_2 S
HTTP WordPress Q and A (Focus Plus) FAQ Plugin Full Path Disclosure Vulnerability_3 S
HTTP WordPress Q and A (Focus Plus) FAQ Plugin Full Path Disclosure Vulnerability_4 S
HTTP WordPress Q and A (Focus Plus) FAQ Plugin Full Path Disclosure Vulnerability_5 S
HTTP WordPress Q and A (Focus Plus) FAQ Plugin Full Path Disclosure Vulnerability_6 S
HTTP WordPress Q and A (Focus Plus) FAQ Plugin Full Path Disclosure Vulnerability_7 S
HTTP WordPress Q and A (Focus Plus) FAQ Plugin Full Path Disclosure Vulnerability_8 S
HTTP WordPress Q and A (Focus Plus) FAQ Plugin Full Path Disclosure Vulnerability_9 S
HTTP WordPress Q and A (Focus Plus) FAQ Plugin SQL Injection Vulnerability S
HTTP WordPress Q and A (Focus Plus) FAQ Plugin SQL Injection Vulnerability_1 S
HTTP WordPress Simple Backup Plugin Arbitrary File Deletion Vulnerability S
HTTP WordPress Simple Backup Plugin Directory Traversal Vulnerability S
HTTP WordPress Simple Backup Plugin File Download Vulnerability S
HTTP Wowza Streaming Engine Cross Site Scripting Vulnerability S
HTTP Wowza Streaming Engine Cross Site Scripting Vulnerability_1 S
HTTP Wowza Streaming Engine Cross Site Scripting Vulnerability_10 S
HTTP Wowza Streaming Engine Cross Site Scripting Vulnerability_11 S
HTTP Wowza Streaming Engine Cross Site Scripting Vulnerability_2 S
HTTP Wowza Streaming Engine Cross Site Scripting Vulnerability_3 S
HTTP Wowza Streaming Engine Cross Site Scripting Vulnerability_4 S
HTTP Wowza Streaming Engine Cross Site Scripting Vulnerability_5 S
HTTP Wowza Streaming Engine Cross Site Scripting Vulnerability_6 S
HTTP Wowza Streaming Engine Cross Site Scripting Vulnerability_7 S
HTTP Wowza Streaming Engine Cross Site Scripting Vulnerability_8 S
HTTP Wowza Streaming Engine Cross Site Scripting Vulnerability_9 S
HTTP Wowza Streaming Engine CSRF Vulnerability (From Server) S
HTTP Wowza Streaming Engine CSRF Vulnerability (To Server) S
HTTP WSO2 Identity Server 5.1.0 - XXE Information Disclosure S
Malware Afraidgate URL return with iframe pointing to Rig EK (add.thedocumentarywebsite.com) S
Malware Compromised Web Page linking to EITest Gate and Flash download (www.erotic-news.top) S
Malware Compromised Web Page with link to Afraidgate and Rig EK (human.neurogaming.net ) S
Malware DNS Request for domain associated with Afraidgate and Rig EK (human.neurogaming.net) S
Malware DNS Request for domain associated with Afraidgate and Rig EK (www.languagerealm.com) S
Malware DNS Request for domain associated with GozNym Banking Trojan (carsi12.com) S
Malware DNS Request for domain associated with GozNym Banking Trojan (humzka.com) S
Malware DNS Request for domain associated with GozNym Banking Trojan (kcrznhnlpw.com) S
Malware DNS Request for domain associated with GozNym Banking Trojan (mbcqjsuqsd.com) S
Malware DNS Request for domain associated with GozNym Banking Trojan (morelikestoday.com) S
Malware DNS Request for domain associated with GozNym Banking Trojan (sociallyvital.com) S
Malware DNS Request for domain associated with Locky Ransomware (crocotan.com) S
Malware DNS Request for domain associated with Rig EK (add.thedocumentarywebsite.com) S
Malware DNS Request for domain name associated with EITest Gate (www.erotic-news.top) S
Malware DNS Request for domain name associated with Rig EK (z2qnft1lmn.top) S
Malware Download of malicious Flash File from EITest Gate (www.erotic-news.top) S
Malware GET Request for malicious File associated with EITest Gate (www.erotic-news.top) S
Malware GET Request for malicious File associated with Rig EK (z2qnft1lmn.top) S
Malware HTTP Exchange between Client and Rig EK Server (add.thedocumentarywebsite.com) S
Malware HTTP Exchange between Client and Rig EK Server (add.thedocumentarywebsite.com)_1 S
Malware Locky Ransomware Downloader (crocotan.com) S
Malware Locky Ransomware Post Infection Chat (crocotan.com) S