Traffic IQ Professional
Traffic File Update for March 2018
155 Application Exploits
Asterisk 13.17.2 - 'chan_skinny' Remote Memory Corruption S
Claymore Dual GPU Miner 10.5 - Format String S
CloudMe Sync 1.11.0 - Buffer Overflow S
HTTP Advantech WebAccess 8.3.0 - Remote Code Execution S
HTTP Alienvault OSSIM av-centerd 4.7.0 - 'get_log_line' Command Injection (Metasploit) S
HTTP Alienvault OSSIM av-centerd Util.pm sync_rserver - Command Execution (Metasploit) S
HTTP ASUS DSL-N14U B1 Router 1.1.2.3_345 - Change Administrator Password S
HTTP Axis Communications MPQTPACS - Heap Overflow S
HTTP Axis Communications MPQTPACS - Information Leakage S
HTTP Axis SSI - Information Disclosure S
HTTP Axis SSI - Remote Command Execution S
HTTP Bomgar Remote Support Unauthenticated Code Execution (Metasploit) S
HTTP D-Link DNS-343 ShareCenter 1.05 - 'f_auth' Command Injection S
HTTP D-Link DNS-343 ShareCenter 1.05 - 'f_password' Command Injection S
HTTP D-Link DNS-343 ShareCenter 1.05 - 'f_sender' Command Injection S
HTTP D-Link DNS-343 ShareCenter 1.05 - 'f_sendto' Command Injection S
HTTP D-Link DNS-343 ShareCenter 1.05 - 'f_smtpserver' Command Injection S
HTTP D-Link DNS-343 ShareCenter 1.05 - 'f_username' Command Injection S
HTTP Disk Savvy Enterprise 9.4.18 - Buffer Overflow (SEH) 'win10' S
HTTP Disk Savvy Enterprise 9.4.18 - Buffer Overflow (SEH) 'win7' S
HTTP Dlink DIR Routers - Unauthenticated HNAP Login Stack Buffer Overflow (Metasploit) S
HTTP Drupal Module RESTWS 7.x - Remote PHP Code Execution (Metasploit) S
HTTP Exodus Wallet (ElectronJS Framework) - Remote Code Execution S
HTTP fairsketch RISE Ultimate Project Manager 'search' SQL Injection Vuln S
HTTP FiberHome AN5506 - Unauthenticated Remote DNS Change S
HTTP Fortune Scripts Facebook Clone 'group.php' SQL Injection Vuln S
HTTP Fortune Scripts Freelancer Clone 'profile.php' SQL Injection Vuln S
HTTP Fortune Scripts Grubhub Clone SQL Injection Vuln (From Server) S
HTTP Fortune Scripts Grubhub Clone SQL Injection Vuln (To Server) S
HTTP Fortune Scripts IMDB Clone 'movie.php' SQL Injection Vuln S
HTTP Fortune Scripts IMDB Clone 'show_misc_video.php' SQL Injection Vuln S
HTTP Fortune Scripts IMDB Clone 'tvshow.php' SQL Injection Vuln S
HTTP Fortune Scripts Indiamart Clone 'buyleads-details.php' SQL Injection Vuln S
HTTP Fortune Scripts Indiamart Clone 'catcompany.php' SQL Injection Vuln S
HTTP Fortune Scripts Indiamart Clone 'index.php' SQL Injection Vuln S
HTTP Fortune Scripts Lynda Clone 'keywords' SQL Injection Vuln (From Server) S
HTTP Fortune Scripts Lynda Clone 'keywords' SQL Injection Vuln (To Server) S
HTTP Fortune Scripts Makemytrip Clone 'pages.php' SQL Injection Vuln S
HTTP Fortune Scripts Makemytrip Clone 'show-flight-result.php' SQL Injection Vuln S
HTTP Fortune Scripts Makemytrip Clone 'show-flight-result.php' SQL Injection Vuln_1 S
HTTP Fortune Scripts Monster Clone 'Employer_Details.php' SQL Injection Vuln S
HTTP Fortune Scripts Olx Clone 'message.php' SQL Injection Vuln S
HTTP Fortune Scripts Olx Clone 'subpage.php' SQL Injection Vuln S
HTTP Fortune Scripts Shaadi Clone 'view_profile.php' SQL Injection Vuln S
HTTP Fortune Scripts Shutterstock Clone SQL Injection Vuln (From Server) S
HTTP Fortune Scripts Shutterstock Clone SQL Injection Vuln (To Server) S
HTTP Fortune Scripts Stackoverflow Clone 'keywords' SQL Injection Vuln (From Server) S
HTTP Fortune Scripts Stackoverflow Clone 'keywords' SQL Injection Vuln (To Server) S
HTTP Foxsash ImgHosting 'search' Cross Site Scripting Vuln S
HTTP Gnew 'user.php' CSRF Vuln (From Server) S
HTTP Gnew 'user.php' CSRF Vuln (To Server) S
HTTP GoAhead httpd 2.5 3.6.5 - 'LD_PRELOAD' Fingerprint Remote Code Execution S
HTTP GoAhead httpd 2.5 3.6.5 - 'LD_PRELOAD' Payload Remote Code Execution S
HTTP HitmanPro 3.7.15 Build 281 - Kernel Pool Overflow - Win10_Exploit S
HTTP HitmanPro 3.7.15 Build 281 - Kernel Pool Overflow - Win10_LeakCookie S
HTTP HitmanPro 3.7.15 Build 281 - Kernel Pool Overflow - Win7_Exploit S
HTTP IBM Notes 8.5.x9.0.x - Denial of Service (Metasploit) S
HTTP IPSwitch MoveIt 'human.aspx' Cross Site Scripting Vuln S
HTTP Joomla! Component JEXTN FAQ Pro 'index.php' SQL Injection Vuln S
HTTP Joomla! Component Kubik-Rubik Simple Image Gallery Extended 'print.php' XSS Vuln S
HTTP Joomla! Component NextGen Editor 'index.php' SQL Injection Vuln S
HTTP LibreOffice 6.0.1 - '=WEBSERVICE' Remote Arbitrary File Disclosure S
HTTP LogicalDOC Enterprise 7.7.4 - 'default.antivirus.includes' Root Remote Code Execution S
HTTP LogicalDOC Enterprise 7.7.4 - 'Key Store via OpenSSL' Root Remote Code Execution S
HTTP LogicalDOC Enterprise 7.7.4 - 'ocr.Tesseract.path' Root Remote Code Execution S
HTTP LogicalDOC Enterprise 7.7.4 - Directory Traversal S
HTTP LogicalDOC Enterprise 7.7.4 - User Enumeration S
HTTP Master IP CAM 01 - Unauthenticated Configuration Change S
HTTP Master IP CAM 01 - Unauthenticated Configuration Download S
HTTP Master IP CAM 01 - Unauthenticated Configuration Upload S
HTTP Microsoft Windows LNK CVE-2017-8464 Remote Code Execution Vulnerability S
HTTP MigrateShop Task Rabbit Clone 'single_blog.php' SQL Injection Vuln S
HTTP Multiple OEM - 'index.asp' 'nsd' Remote Stack Format String (PoC) S
HTTP Multiple OEM - 'upgrade.asp' 'nsd' Remote Stack Format String (PoC) S
HTTP Muviko Video SQL Injection Vuln S
HTTP Muviko Video SQL Injection Vuln_1 S
HTTP Muviko Video SQL Injection Vuln_2 S
HTTP Muviko Video SQL Injection Vuln_3 S
HTTP Muviko Video SQL Injection Vuln_4 S
HTTP Muviko Video SQL Injection Vuln_5 S
HTTP Opensource Classified Ads Script 'advance_result.php' SQL Injection Vuln (From Server) S
HTTP Opensource Classified Ads Script 'advance_result.php' SQL Injection Vuln (To Server) S
HTTP pfSense 2.1.4 - 'status_rrd_graph_img.php' Command Injection S
HTTP PHP Scripts Mall Groupon Clone Script 'category_list.php' SQL Injection Vuln S
HTTP PHP Scripts Mall Groupon Clone Script 'city_ajax.php' SQL Injection Vuln S
HTTP PHP Scripts Mall Hot Scripts Clone 'mctid' SQL Injection Vuln S
HTTP PHP Scripts Mall Hot Scripts Clone 'subctid' SQL Injection Vuln S
HTTP PHP Scripts Mall Kickstarter Clone Script 'investcalc.php' SQL Injection Vuln S
HTTP PHP Scripts Mall Laundry Booking Script 'list' SQL Injection Vuln S
HTTP PHP Scripts Mall Lawyer Search Script 'city' SQL Injection Vuln S
HTTP PHP Scripts Mall MLM Forced Matrix 'news-detail.php' SQL Injection Vuln S
HTTP PHP Scripts Mall MLM Forex Market Plan 'event_detail.php' SQL Injection Vuln S
HTTP PHP Scripts Mall MLM Forex Market Plan 'news_detail.php' SQL Injection Vuln S
HTTP PHP Scripts Mall Muslim Matrimonial Script 'success-story.php' SQL Injection Vuln S
HTTP PHP Scripts Mall Nearbuy Clone Script 'city' SQL Injection Vuln S
HTTP PHP Scripts Mall Online Exam Test Application Script 'exams.php' SQL Injection Vuln S
HTTP PHP Scripts Mall Paid To Read Script 'userview.php' SQL Injection S
HTTP PHP Scripts Mall Paid To Read Script 'viewemcamp.php' SQL Injection S
HTTP PHP Scripts Mall Paid To Read Script 'viewvisitcamp.php' SQL Injection S
HTTP PHP Scripts Mall PHP Multivendor Ecommerce 'category.php' SQL Injection Vuln S
HTTP PHP Scripts Mall PHP Multivendor Ecommerce 'category.php' SQL Injection Vuln_1 S
HTTP PHP Scripts Mall PHP Multivendor Ecommerce 'single_detail.php' SQL Injection Vuln S
HTTP PHP Scripts Mall Realestate Crowdfunding Script 'single-cause.php' SQL Injection Vuln S
HTTP PHP Scripts Mall Responsive Realestate Script 'property-listtbud' SQL Injection Vuln S
HTTP PHP Scripts Mall Resume Clone Script 'preview.php' SQL Injection Vuln S
HTTP PHP Scripts Mall Secure E-commerce Script 'category.php' SQL Injection Vuln S
HTTP PHP Scripts Mall Secure E-commerce Script 'category.php' SQL Injection Vuln_1 S
HTTP PHP Scripts Mall Secure E-commerce Script 'single_detail.php' SQL Injection Vuln S
HTTP PHP Scripts Mall Yoga Class Script 'listcity' SQL Injection Vuln S
HTTP PHPSUGAR PHP Melody 'ajax.php' SQL Injection Vuln S
HTTP Picture Calendar component for Joomla! 'list.php' Directory Traversal Vuln S
HTTP Piwigo 'admin.php' SQL Injection Vuln S
HTTP Putra RSVP Invitation Online 'account.php' (Update Admin) CSRF Vuln (From Server) S
HTTP Putra RSVP Invitation Online 'account.php' (Update Admin) CSRF Vuln (To Server) S
HTTP RainbowFish Software PACSOne Server 'nocache.php' Directory Trasversal Vuln S
HTTP RAVPower 2.000.056 - Memory Disclosure S
HTTP Readymade Video Sharing Script 'single-video-detail.php' SQL Injection Vuln S
HTTP Reservo Image Hosting Script Cross Site Scripting Vuln S
HTTP Single Theater Booking Script 'findcity.php' SQL Injection Vuln S
HTTP TypeSetter CMS User Permissions page CSRF Vuln (From Server) S
HTTP TypeSetter CMS User Permissions page CSRF Vuln (To Server) S
HTTP Uniview - Remote Command Execution Check Active Capture (PoC) S
HTTP Uniview - Remote Command Execution Download Capture (PoC) S
HTTP Uniview - Remote Command Execution Export Config (PoC) S
HTTP Uniview - Remote Command Execution Get File (PoC) S
HTTP Uniview - Remote Command Execution Start Capture (PoC) S
HTTP Uniview - Remote Command Execution Stop Capture (PoC) S
HTTP Vanilla Forums Cross Site Request Forgery Vuln (From Server) S
HTTP Vanilla Forums Cross Site Request Forgery Vuln (To Server) S
HTTP Vitek - Gateway Information Disclosure S
HTTP Vitek - Network Information Disclosure S
HTTP Vitek - PHP Remote Command Execution S
HTTP Vivotek IP Cameras - 'POST' - Remote Stack Overflow (PoC) S
HTTP Vivotek IP Cameras - 'PUT' - Remote Stack Overflow (PoC) S
HTTP Wachipi Events Calendar plugin for WordPress 'event.php' SQL Injection Vuln S
HTTP Wavpack 5.1.0 - Denial of Service S
HTTP Website Auction Marketplace 'search.php' SQL Injection Vuln S
HTTP WordPress Core - 'load-scripts.php' Denial of Service S
HTTP WordPress Plugin Email Subscribers & Newsletters Info Disclosure Vuln (From Server) S
HTTP WordPress Plugin Email Subscribers & Newsletters Info Disclosure Vuln (To Server) S
JBoss Remoting 6.14.18 - Port 4447 Denial of Service S
JBoss Remoting 6.14.18 - Port 9999 Denial of Service S
Malware GET Request Associated with GandCrab Ransomware (gandcrab.bit) S
Malware GET Request Associated with GandCrab Ransomware (nomoreransom.bit) S
Malware GET Request Associated with GandCrab Ransomware (nomoreransom.coin) S
Malware GET Request Associated with GlobeImposter Ransomware (198.100.119.11) S
Malware GET Request Associated with GlobeImposter Ransomware (psoeiras.net) S
Malware GET Request Associated with Sigma Ransomware (ip-api.com) S
Malware GET Request Associated with Sigma Ransomware (onlinedocuments.ir) S
Malware GET Request Associated with Sigma Ransomware (yowl2ugopitfzzwb.onion) S
Malware GET Request Associated with Sigma Ransomware (yowl2ugopitfzzwb.onion.link) S
SMB Samba - 'is_known_pipename()' Arbitrary Module Load (Metasploit) S
TFTP Cloudview NMS 2.00b - Writable Directory Traversal Execution (Metasploit) S
UDP Netcore Netis Routers - UDP Backdoor Access S
UDP Siemens SIPROTEC 4 and SIPROTEC Compact EN100 Ethernet Module 4.25 - Denial of Service S