Search

Traffic File Update - April 2017

This Traffic IQ Professional update for April 2017 contains the latest application exploits, threats and security evasion techniques along with technical data and high quality security rules.

Traffic IQ Professional

Traffic File Update for April 2017

168 Application Exploits

ExtraPuTTY 0.29-RC2 - 'read' - Denial of Service S
ExtraPuTTY 0.29-RC2 - 'write' - Denial of Service S
HTTP Album Lock 4.0 iOS - Directory Traversal S
HTTP Alibaba Clone Script - 'count_classified' SQL Injection S
HTTP Alibaba Clone Script - 'count_product' SQL Injection S
HTTP Alibaba Clone Script - 'count_tradeleade' SQL Injection S
HTTP Apple WebKit - 'ComposedTreeIteratortraverseNextInShadowTree' Use-After-Free S
HTTP Apple WebKit - 'DocumentadoptNode' Use-After-Free S
HTTP Apple WebKit - 'FormSubmissioncreate' Use-After-Free S
HTTP Apple WebKit - 'JSCB3ProcedureresetReachability' Use-After-Free S
HTTP Apple WebKit - 'JSCSymbolTableEntryisWatchable' Heap Buffer Overflow S
HTTP Apple WebKit - 'RenderLayer' Use-After-Free S
HTTP Apple WebKit - 'table' Use-After-Free S
HTTP Apple WebKit - 'WebCoretoJS' Use-After-Free S
HTTP Apple WebKit - Negative-Size memmove in HTMLFormElement S
HTTP Apple WebKit 10.0.2 - HTMLInputElement Use-After-Free S
HTTP AXIS Communications - Cross-Site Scripting Content Injection S
HTTP Cesanta Mongoose OS - Use-After-Free S
HTTP CommVault Edge 11 SP6 - Stack Buffer Overflow (PoC) S
HTTP D-Link DIR-615 CSRF Vulnerability (From Server) S
HTTP D-Link DIR-615 CSRF Vulnerability (To Server) S
HTTP e107 Bootstrap CMS 'plugin.php' CSRF Vulnerability (From Server) S
HTTP e107 Bootstrap CMS 'plugin.php' CSRF Vulnerability (To Server) S
HTTP Ecommerce Mix PHP Marketplace Script SQL Injection Vulnerability S
HTTP Ecommerce Mix PHP Marketplace Script SQL Injection Vulnerability_1 S
HTTP Ecommerce Mix PHP Marketplace Script SQL Injection Vulnerability_2 S
HTTP EyesOfNetwork (EON) 5.0 - 'module' Remote Code Execution S
HTTP EyesOfNetwork (EON) 5.0 - 'selected_events' Remote Code Execution S
HTTP Faveo Helpdesk Community 'rolechangeadmin' CSRF Vulnerability (From Server) S
HTTP Faveo Helpdesk Community 'rolechangeadmin' CSRF Vulnerability (To Server) S
HTTP GeoMoose 'download.php' Directory Traversal Vulnerability S
HTTP HelpDEZK 1.1.1 - 'Add Admin' Cross-Site Request Forgery (From Server) S
HTTP HelpDEZK 1.1.1 - 'Add Admin' Cross-Site Request Forgery (To Server) S
HTTP HelpDEZK 1.1.1 - 'Login Page' Remote Code Execution (From Server) S
HTTP HelpDEZK 1.1.1 - 'Login Page' Remote Code Execution (To Server) S
HTTP HelpDEZK 1.1.1 - 'Page Header' Remote Code Execution (From Server) S
HTTP HelpDEZK 1.1.1 - 'Page Header' Remote Code Execution (To Server) S
HTTP HelpDEZK 1.1.1 - 'Reports Logo' Remote Code Execution (From Server) S
HTTP HelpDEZK 1.1.1 - 'Reports Logo' Remote Code Execution (To Server) S
HTTP HttpServer 1.0 - Directory Traversal S
HTTP inoERP 'content.php' SQL Injection Vulnerability S
HTTP inoERP 'form.php' Cross Site Scripting Vulnerability S
HTTP inoERP 'form.php' CSRF Vulnerability (From Server) S
HTTP inoERP 'form.php' CSRF Vulnerability (To Server) S
HTTP inoERP 'form.php' SQL Injection Vulnerability S
HTTP inoERP 'json_blank_search.php' Cross Site Scripting Vulnerability S
HTTP inoERP 'program.php' Cross Site Scripting Vulnerability S
HTTP Intellinet NFC-30IR Camera - Local File Inclusion Through CGI File Reader S
HTTP Intellinet NFC-30IR Camera - Manufacturer Backdoor Vulnerability S
HTTP iTechScripts B2B 'buyleads-details.php' SQL Injection Vulnerability S
HTTP iTechScripts B2B 'catcompany.php' SQL Injection Vulnerability S
HTTP iTechScripts B2B 'my-contactdetails.php' Cross Site Scripting Vulnerability S
HTTP iTechScripts B2B 'search.php' Cross Site Scripting Vulnerability S
HTTP iTechScripts B2B 'search.php' Cross Site Scripting Vulnerability_1 S
HTTP iTechScripts B2B 'search.php' SQL Injection Vulnerability S
HTTP iTechScripts B2B 'search.php' SQL Injection Vulnerability_1 S
HTTP iTechScripts B2B 'sendMessage.php' Cross Site Scripting Vulnerability S
HTTP Joomla! Component Bazaar Platform 'index.php' SQL Injection Vulnerability S
HTTP Joomla! Component Bazaar Platform 'index.php' SQL Injection Vulnerability_1 S
HTTP Joomla! Component Bazaar Platform 'index.php' SQL Injection Vulnerability_2 S
HTTP Joomla! Component EShop 'index.php' SQL Injection Vulnerability S
HTTP Joomla! Component Google Map Store Locator 'filter_time' SQL Injection Vulnerability S
HTTP Joomla! Component Groovy Gallery 'index.php' SQL Injection Vulnerability S
HTTP Joomla! Component Groovy Gallery 'index.php' SQL Injection Vulnerability_1 S
HTTP Joomla! Component Hbooking 'index.php' SQL Injection Vulnerability S
HTTP Joomla! Component JE Auction 'index.php' SQL Injection Vulnerability S
HTTP Joomla! Component JE Auto 'index.php' SQL Injection Vulnerability S
HTTP Joomla! Component JE Awd Song 'index.php' SQL Injection Vulnerability S
HTTP Joomla! Component JE Awd Song 'index.php' SQL Injection Vulnerability_1 S
HTTP Joomla! Component JE Classify Ads 'index.php' SQL Injection Vulnerability S
HTTP Joomla! Component JE Directory 'index.php' SQL Injection Vulnerability S
HTTP Joomla! Component JE Form Creator 'index.php' SQL Injection Vulnerability S
HTTP Joomla! Component JE Gallery 'index.php' SQL Injection Vulnerability S
HTTP Joomla! Component JE Grid Folio 'index.php' SQL Injection Vulnerability S
HTTP Joomla! Component JE K2 Multiple Form Story 'index.php' SQL Injection Vulnerability S
HTTP Joomla! Component JE Messanger 'index.php' SQL Injection Vulnerability S
HTTP Joomla! Component JE Messanger 'index.php' SQL Injection Vulnerability_1 S
HTTP Joomla! Component JE Messanger 'index.php' SQL Injection Vulnerability_2 S
HTTP Joomla! Component JE Portfolio Creator 'index.php' SQL Injection Vulnerability S
HTTP Joomla! Component JE Property Finder 'index.php' SQL Injection Vulnerability S
HTTP Joomla! Component JE Property Finder 'index.php' SQL Injection Vulnerability_1 S
HTTP Joomla! Component JE Quiz 'index.php' SQL Injection Vulnerability S
HTTP Joomla! Component JE Quiz 'index.php' SQL Injection Vulnerability_1 S
HTTP Joomla! Component JE Quote Form 'index.php' SQL Injection Vulnerability S
HTTP Joomla! Component JE Ticket System 'index.php' SQL Injection Vulnerability S
HTTP Joomla! Component JE Tour 'index.php' SQL Injection Vulnerability S
HTTP Joomla! Component JE Tour 'index.php' SQL Injection Vulnerability_1 S
HTTP Joomla! Component JE Video Rate 'index.php' SQL Injection Vulnerability S
HTTP Joomla! Component JE Video Rate 'index.php' SQL Injection Vulnerability_1 S
HTTP Joomla! Component JEmbedAl 'index.php' SQL Injection Vulnerability S
HTTP Joomla! Component JEmbedAl 'index.php' SQL Injection Vulnerability_1 S
HTTP Joomla! Component JomWALL 'index.php' SQL Injection Vulnerability S
HTTP Joomla! Component JoomBlog 'index.php' SQL Injection Vulnerability S
HTTP Joomla! Component Joomloc-CAT 'index.php' SQL Injection Vulnerability S
HTTP Joomla! Component Joomloc-Lite 'index.php SQL Injection Vulnerability S
HTTP Joomla! Component JSP Store Locator 'index.php SQL Injection Vulnerability S
HTTP Joomla! Component JSP Store Locator 'index.php SQL Injection Vulnerability_1 S
HTTP Joomla! Component Most Wanted Real Estate SQL Injection Vulnerability S
HTTP Joomla! Component Most Wanted Real Estate SQL Injection Vulnerability_1 S
HTTP Joomla! Component Most Wanted Real Estate SQL Injection Vulnerability_2 S
HTTP Joomla! Component onisPetitions 'index.php' SQL Injection Vulnerability S
HTTP Joomla! Component onisQuotes 'index.php' SQL Injection Vulnerability S
HTTP Joomla! Component OS Property 'index.php' SQL Injection Vulnerability S
HTTP Joomla! Component OS Services Booking 'index.php' SQL Injection Vulnerability S
HTTP Joomla! Component OS Services Booking 'index.php' SQL Injection Vulnerability_1 S
HTTP Joomla! Component OS Services Booking 'index.php' SQL Injection Vulnerability_2 S
HTTP Joomla! Component OS Services Booking 'index.php' SQL Injection Vulnerability_3 S
HTTP Joomla! Component Room Management SQL Injection Vulnerability S
HTTP Joomla! Component Room Management SQL Injection Vulnerability_1 S
HTTP Joomla! Component Room Management SQL Injection Vulnerability_2 S
HTTP Joomla! Component Soccer Bet 'index.php' SQL Injection Vulnerability_1 S
HTTP Joomla! Component Spider Calendar Lite 'index.php' SQL Injection Vulnerability S
HTTP Joomla! Component Spider Calendar Lite 'index.php' SQL Injection Vulnerability_1 S
HTTP Joomla! Component Spider Catalog Lite 'index.php' SQL Injection Vulnerability S
HTTP Joomla! Component Spider Catalog Lite 'index.php' SQL Injection Vulnerability_1 S
HTTP Joomla! Component Spider Facebook 'index.php' SQL Injection Vulnerability S
HTTP Joomla! Component Spider FAQ Lite 'index.php' SQL Injection Vulnerability S
HTTP Joomla! Component Team Display 'index.php' SQL Injection Vulnerability S
HTTP Joomla! Component WMT Content Timeline 'index.php' SQL Injection Vulnerability S
HTTP Kodi 17.1 - Arbitrary File Disclosure S
HTTP Lock Photos Album&Videos Safe 4.3 - Directory Traversal S
HTTP Microsoft Edge - TypedArray.sort Use-After-Free (MS16-145) S
HTTP Microsoft Internet Explorer 10 MSHTML CEditAdornerDetach Use-After-Free S
HTTP Microsoft Internet Explorer 9 CDocExecuteScriptUri Use-After-Free S
HTTP Microsoft Office PowerPoint 2010 - 'MSO!Ordinal5429' Length Check Heap Corruption S
HTTP Microsoft Office PowerPoint 2010 - GDI 'GDI32!ConvertDxArray' Insufficient Bounds Check S
HTTP Microsoft Office PowerPoint 2010 - MSOOART Heap Out-of-Bounds Access S
HTTP Microsoft Outlook - HTML Email Denial of Service S
HTTP Microsoft Windows-'gdi32.dll' EMR_SETDIBITSTODEVICE Heap-Based OOB Reads-Memory Disc S
HTTP Moxa MXview 2.8 - Denial of Service S
HTTP Moxa MXview 2.8 - Private Key Disclosure S
HTTP Opera foreignObject textNoderemoveChild Use-After-Free S
HTTP PHP Utility Belt Remote Code Execution (MSF) S
HTTP Pixie 1.0.4 - Arbitrary File Upload S
HTTP Pixie 1.0.4 - Remote Code Execution S
HTTP Quadz School Management System 'index.php' SQL Injection Vulnerability S
HTTP Quadz School Management System 'index.php' SQL Injection Vulnerability_1 S
HTTP SixApart MovableType - Storable Perl Code Execution S
HTTP Solare Datensysteme Solar-Log Devices 2.8.4-56 3.5.2-85 - Arbitrary File Upload S
HTTP Solare Datensysteme Solar-Log Devices 2.8.4-56 3.5.2-85 - Change Password CSRF S
HTTP Solare Datensysteme Solar-Log Devices 2.8.4-56 3.5.2-85 - ChipCfg Information Disclosure S
HTTP Solare Datensysteme Solar-Log Devices 2.8.4-56 3.5.2-85 - Config Information Disclosure S
HTTP Solare Datensysteme Solar-Log Devices 2.8.4-56 3.5.2-85 - Remove Password CSRF S
HTTP SonicDICOM PACS (Add Admin) CSRF Vulnerability (From Server) S
HTTP SonicDICOM PACS (Add Admin) CSRF Vulnerability (To Server) S
HTTP SonicDICOM PACS 2.3.2 - Privilege Escalation S
HTTP SpyCamLizard 1.230 - Denial of Service S
HTTP Sun Secure Global Desktop and Oracle Global Desktop 4.61.915 - ShellShock Exploit S
HTTP TI Online Examination System 'edit_notice.php' SQL Injection Vulnerability S
HTTP TI Online Examination System 'exam_edit.php' SQL Injection Vulnerability S
HTTP TI Online Examination System 'student_edit.php' SQL Injection Vulnerability S
HTTP Viavi Movie Review 'genres.php' SQL Injection Vulnerability S
HTTP Viavi Real Estate 'buysalerent.php' SQL Injection Vulnerability S
HTTP Viavi Real Estate 'property-detail.php' SQL Injection Vulnerability S
HTTP WordPress Multiple Plugins - 'mobile-app-builder-by-wappress' Arbitrary File Upload S
HTTP WordPress Multiple Plugins - 'mobile-friendly-app-builder-by-easytouch' File Upload S
HTTP WordPress Multiple Plugins - 'webapp-builder' Arbitrary File Upload S
HTTP WordPress Multiple Plugins - 'wp2android-turn-wp-site-into-android-app' File Upload S
HTTP WordPress Multiple Plugins - 'zen-mobile-app-native' Arbitrary File Upload S
HTTP WordPress Plugin Mail Masta 'admin-ajax.php' SQL Injection Vulnerability S
HTTP WordPress Plugin Mail Masta 'admin.php' SQL Injection Vulnerability S
HTTP WordPress Plugin Mail Masta 'csvexport.php' SQL Injection Vulnerability S
HTTP Wordpress Plugin Membership Simplified 1.58 - Arbitrary File Download S
HTTP Zabbix 2.2 - 3.0.3 - 'auth' RCE with API JSON-RPC S
HTTP Zabbix 2.2 - 3.0.3 - 'execute' RCE with API JSON-RPC S
HTTP Zabbix 2.2 - 3.0.3 - 'update' RCE with API JSON-RPC S
HTTP Zemra Botnet CnC Web Panel Remote Code Execution S
HTTP Zyxel - EMG2926 V1.00(AAQT.4)b8 - OS Command Injection S


idappcom - Auditing, verifying and enhancing the capabilities of corporate security defences.

We do not use cookies for tracking users, displaying customised content or storing information about users, other than that required to maintain 'session state' for the login system for registered users. Please read our cookie policy for more information. Please note that by using this site you are consenting to the use of cookies.