Traffic IQ Professional
Traffic File Update for December 2016
146 Application Exploits
Blacknurse Low Bandwidth Denial of Service Vulnerability S
HTTP ARG-W4 ADSL Router CSRF (Change DNS) Vulnerability (From Server) S
HTTP ARG-W4 ADSL Router CSRF (Change DNS) Vulnerability (To Server) S
HTTP Atbox.io Open Redirect S
HTTP Atlassian Confluence AppFusions Doxygen 1.3.0 - Directory Traversal S
HTTP AVTECH IP Camera NVR and DVR Devices - '.cab' Authentication Bypass S
HTTP AVTECH IP Camera NVR and DVR Devices - 'adcommand.cgi' Command Injection S
HTTP AVTECH IP Camera NVR and DVR Devices - 'CloudSetup.cgi' Command Injection S
HTTP AVTECH IP Camera NVR and DVR Devices - 'Machine.cgi' Information Disclosure S
HTTP AVTECH IP Camera NVR and DVR Devices - 'nobody' Authentication Bypass S
HTTP AVTECH IP Camera NVR and DVR Devices - 'PwdGrp.cgi' Command Injection S
HTTP AVTECH IP Camera NVR and DVR Devices - 'Search.cgi' Command Injection S
HTTP AVTECH IP Camera NVR and DVR Devices - Login Captcha Bypass S
HTTP AXIS Multiple Products - Authenticated Remote Command Execution via devtools Vector S
HTTP BelliniSupercook Wi-Fi Yumi SC200 - Remote Command Execution S
HTTP BirdBlog entries.php CSRF (Add New Post) Vulnerability (From Server) S
HTTP BirdBlog entries.php CSRF (Add New Post) Vulnerability (To Server) S
HTTP Chaordic Search Cross Site Scripting Vulnerability S
HTTP ChatNow login.php SQL Injection Vulnerability S
HTTP Cisco Unified Communications Manager interface Directory Traversal Vulnerability S
HTTP Crestron AirMedia login.cgi Directory Traversal Vulnerability S
HTTP Davolink DV-2051 - 'srvName' Cross Site Scripting S
HTTP Davolink DV-2051 - Unauthenticated Admin Password Change CSRF S
HTTP Davolink DV-2051 - WPA2 Key Change CSRF S
HTTP Disk Pulse Enterprise 9.0.34 - 'Login' Buffer Overflow' (Metasploit) S
HTTP DiskBoss Enterprise 7.4.28 - 'GET' Buffer Overflow S
HTTP e107 Bootstrap CMS Cross Site Scripting Vulnerability S
HTTP e107 Bootstrap CMS Cross Site Scripting Vulnerability_1 S
HTTP e107 Bootstrap CMS CSRF Vulnerability (From Server) S
HTTP e107 Bootstrap CMS CSRF Vulnerability (To Server) S
HTTP EasyPHP Devserver 16.1.1 Cross Site Request Forgery RCE (From Server) S
HTTP EasyPHP Devserver 16.1.1 Cross Site Request Forgery RCE (To Server) S
HTTP Edge SkateShop - Authentication bypass S
HTTP EditMe CMS CSRF (Add New Admin) Vulnerability (From Server) S
HTTP EditMe CMS CSRF (Add New Admin) Vulnerability (To Server) S
HTTP Eir D1000 Wireless Router - WAN Side Remote Command Injection (Metasploit) S
HTTP InfraPower Cross Site Scripting Vulnerability S
HTTP InfraPower Cross Site Scripting Vulnerability_1 S
HTTP InfraPower PPS-02-S Q213V1 - 'ConnPort.php' Insecure Direct Object Reference S
HTTP InfraPower PPS-02-S Q213V1 - 'CSSSource.php' Insecure Direct Object Reference S
HTTP InfraPower PPS-02-S Q213V1 - 'dball.php' Insecure Direct Object Reference S
HTTP InfraPower PPS-02-S Q213V1 - 'doupgrate.php' Insecure Direct Object Reference S
HTTP InfraPower PPS-02-S Q213V1 - 'IPSettings.php' Insecure Direct Object Reference S
HTTP InfraPower PPS-02-S Q213V1 - 'ListFile.php' Insecure Direct Object Reference S
HTTP InfraPower PPS-02-S Q213V1 - 'Menu.php' Insecure Direct Object Reference S
HTTP InfraPower PPS-02-S Q213V1 - 'Ntp.php' Insecure Direct Object Reference S
HTTP InfraPower PPS-02-S Q213V1 - 'PDUDetails_Ajax_Details.php' Insecure Direct Object Ref S
HTTP InfraPower PPS-02-S Q213V1 - 'PDULog.php' Insecure Direct Object Reference S
HTTP InfraPower PPS-02-S Q213V1 - 'PortSettings.php' Insecure Direct Object Reference S
HTTP InfraPower PPS-02-S Q213V1 - 'production_test1.php' Insecure Direct Object Reference S
HTTP InfraPower PPS-02-S Q213V1 - 'UploadEXE.php' Insecure Direct Object Reference S
HTTP InfraPower PPS-02-S Q213V1 - Unauthenticated Remote Root Command Execution S
HTTP Jobberbase 2.0 - 'category' Local Path Disclosure S
HTTP Jobberbase 2.0 - 'count' Local Path Disclosure S
HTTP Jobberbase 2.0 - 'days_behind' Local Path Disclosure S
HTTP Jobberbase 2.0 - 'days_behind' SQL Injection S
HTTP Jobberbase 2.0 - 'random' Local Path Disclosure S
HTTP Jobberbase 2.0 - 'type' Local Path Disclosure S
HTTP JonhCMS go.php SQL Injection Vulnerability S
HTTP Joomla DT Register index.php SQL Injection Vulnerability S
HTTP Kodi Web Server 16.1 - Denial of Service S
HTTP Le Logicie Llibre Categorizator SQL injection Vulnerability S
HTTP Lepton add.php SQL injection Vulnerability S
HTTP Lepton index.php SQL injection Vulnerability S
HTTP Lepton tool.php SQL injection Vulnerability S
HTTP Maian Weblog CSRF (Add New Post) Vulnerability (From Server) S
HTTP Maian Weblog CSRF (Add New Post) Vulnerability (To Server) S
HTTP Memcached 1.4.33 - 'Add' PoC S
HTTP Memcached 1.4.33 - 'Crash' PoC S
HTTP Memcached 1.4.33 - 'sasl' PoC S
HTTP Micro Focus Filr 2 2.0.0.421, Filr 1.2 1.2.0.846 - CSRF RCE (From Server) S
HTTP Micro Focus Filr 2 2.0.0.421, Filr 1.2 1.2.0.846 - CSRF RCE (To Server) S
HTTP Micro Focus Rumba 9.3 - ActiveX Stack Buffer Overflow S
HTTP Microsoft Edge - 'Function.apply' Information Leak (MS16-119) S
HTTP Microsoft Edge - JSON.parse Info Leak S
HTTP Microsoft Edge - Spread Operator Stack Overflow (MS16-119) S
HTTP MS Internet Explorer jscript9 - Java-Script-Stack-Walker Memory Corruption (MS15-056) S
HTTP My Little Forum XSS Vulnerability_10 (From Server) S
HTTP My Little Forum XSS Vulnerability_10 (To Server) S
HTTP My Little Forum XSS Vulnerability_11 (From Server) S
HTTP My Little Forum XSS Vulnerability_11 (To Server) S
HTTP My Little Forum XSS Vulnerability_3 (From Server) S
HTTP My Little Forum XSS Vulnerability_3 (To Server) S
HTTP My Little Forum XSS Vulnerability_4 (From Server) S
HTTP My Little Forum XSS Vulnerability_4 (To Server) S
HTTP My Little Forum XSS Vulnerability_5 (From Server) S
HTTP My Little Forum XSS Vulnerability_5 (To Server) S
HTTP My Little Forum XSS Vulnerability_6 (From Server) S
HTTP My Little Forum XSS Vulnerability_6 (To Server) S
HTTP My Little Forum XSS Vulnerability_7 (From Server) S
HTTP My Little Forum XSS Vulnerability_7 (To Server) S
HTTP My Little Forum XSS Vulnerability_8 (From Server) S
HTTP My Little Forum XSS Vulnerability_8 (To Server) S
HTTP My Little Forum XSS Vulnerability_9 (From Server) S
HTTP My Little Forum XSS Vulnerability_9 (To Server) S
HTTP OpenCimetiere Blind SQL Injection Vulnerability S
HTTP ownCloud 8.2.1 8.1.4 8.0.9 Information Exposure S
HTTP SAP NetWeaver AS Java NavigationURLTester Cross Site Scripting Vulnerability S
HTTP Schoolhos CMS 'kelas' SQL Injection Vulnerability S
HTTP Schoolhos CMS SQL Injection Vulnerability S
HTTP Shuttle Tech ADSL Wireless 920 WM - 'page' Cross Site Scripting S
HTTP Simple Forum PHP admin.php SQL Injection Vulnerability S
HTTP Simple Forum PHP admin.php SQL Injection Vulnerability_1 S
HTTP Simple Personal Message plugin for WordPress SQL Injection Vulnerability S
HTTP Simple Shopping Cart Application SQL Injection Vulnerability S
HTTP SweetRice Cross Site Request Forgery Vulnerability (From Server) S
HTTP SweetRice Cross Site Request Forgery Vulnerability (To Server) S
HTTP TP-LINK TD-W8951ND - Denial of Service S
HTTP WordPress Image Gallery Plugin Cross Site Scripting Vulnerability (From Server) S
HTTP WordPress Image Gallery Plugin Cross Site Scripting Vulnerability (To Server) S
HTTP WordPress Insert HTML Snippet CSRF Vulnerability (From Server) S
HTTP WordPress Insert HTML Snippet CSRF Vulnerability (To Server) S
HTTP WordPress MailChimp admin.php Cross Site Scripting Vulnerability S
HTTP Wordpress Plugin Answer My Question SQL Injection Vulnerability (From Server) S
HTTP Wordpress Plugin Answer My Question SQL Injection Vulnerability (To Server) S
HTTP Wordpress Plugin BBS e-Franchise SQL Injection Vulnerability S
HTTP WordPress Plugin Instagram Feed CSRF Vulnerability (From Server) S
HTTP WordPress Plugin Instagram Feed CSRF Vulnerability (To Server) S
HTTP Wordpress Plugin Olimometer SQL Injection Vulnerability S
HTTP Wordpress Plugin Product Catalog SQL Injection Vulnerability (From Server) S
HTTP Wordpress Plugin Product Catalog SQL Injection Vulnerability (To Server) S
HTTP Wordpress Plugin Sirv SQL Injection Vulnerability (From Server) S
HTTP Wordpress Plugin Sirv SQL Injection Vulnerability (To Server) S
HTTP X5 Webserver 5.0 Remote Denial Of Service S
HTTP Xfinity Gateway - Remote Code Execution S
Malware DNS Request (TCP) for domain related to Chthonic Trojan (pationare.bit) S
Malware DNS Request for domain related to Chthonic Trojan (pationare.bit) S
Malware DNS Request for domain related to Sundown EK (ah.0346.mobi) S
Malware DNS Request for domain related to Sundown EK (fp.0498.mobi) S
Malware DNS Request for domain related to Sundown EK (iw.0541.mobi) S
Malware DNS Request for domain related to Sundown EK (mu.0547.mobi) S
Malware DNS Request for domain related to Sundown EK (sof.0144.mobi) S
Malware DNS Request for domain related to Sundown EK (zwh.0142.mobi) S
Malware DNS Request for domain related to Terdot-A-Zloader (settledness.ru) S
Malware GET Request for Exploit File Related to Sundown EK (ah.0346.mobi) S
Malware GET Request for Exploit File Related to Sundown EK (fp.0498.mobi) S
Malware GET Request for Exploit File Related to Sundown EK (iw.0541.mobi) S
Malware GET Request for Payload Related to Sundown EK (sof.0144.mobi) S
Malware GET Request for Payload Related to Sundown EK (sof.0144.mobi)_1 S
Malware GET Request for Payload Related to Sundown EK (zwh.0142.mobi) S
Malware Landing Page Request and File Download Related to Sundown EK (ah.0346.mobi) S
Malware Landing Page Request and File Download Related to Sundown EK (fp.0498.mobi) S
Malware Landing Page Request and File Download Related to Sundown EK (iw.0541.mobi) S
Malware Landing Page Request and File Download Related to Sundown EK (mu.0547.mobi) S
Malware Post Infection POST Request initialted by Chthonic Trojan (pationare.bit) S
Malware Post Infection POST Request initialted by Terdot-A-Zloader (settledness.ru) S