Search

Traffic File Update - June 2019

This Traffic IQ Professional update for June 2019 contains the latest application exploits, threats and security evasion techniques along with technical data and high quality security rules.

Traffic IQ Professional

Traffic File Update for June 2019

185 Application Exploits

FTP ABB IDAL FTP Server Buffer Overflow S
FTP ABB IDAL FTP Server Uncontrolled Format String S
HC10 HC.Server Service 10.14 Remote Invalid Pointer Write S
HTTP ABB IDAL HTTP Server Authentication Bypass S
HTTP ABB IDAL HTTP Server Stack-Based Buffer Overflow S
HTTP ABB IDAL HTTP Server Uncontrolled Format String S
HTTP Amcrest IPM-721S Credential Disclosure S
HTTP AROX School-ERP Pro Unauthenticated Remote Code Execution S
HTTP BlogEngine.NET 3.3.6 3.3.7 dirPath Directory Traversal Remote Code Execution S
HTTP BlogEngine.NET 3.3.6 3.3.7 Remote Code Execution S
HTTP Cisco Prime Infrastructure Health Monitor TarArchive Directory Traversal S
HTTP CommSy 'commsy.php' SQL Injection Vuln S
HTTP Darktrace Enterprise Immune System 3.0.9 3.0.10 - Disable Alerting CSRF (From Server) S
HTTP Darktrace Enterprise Immune System 3.0.9 3.0.10 - Disable Alerting CSRF (To Server) S
HTTP Darktrace Enterprise Immune System 3.0.9 3.0.10 - Whitelisting CSRF (From Server) S
HTTP Darktrace Enterprise Immune System 3.0.9 3.0.10 - Whitelisting CSRF (To Server) S
HTTP DeepSound 'description' SQL Injection Vuln S
HTTP DeepSound 'password' SQL Injection Vuln S
HTTP DeepSound 'search_keyword' SQL Injection Vuln S
HTTP Dell KACE System Management Appliance (SMA) 'selvalue' SQL Injection S
HTTP Dlink DCS-1130 Command Injection in Recorder Functionality S
HTTP Dlink DCS-1130 Telnet CSRF S
HTTP dotCMS 'Referer' Cross-Site Scripting Vuln S
HTTP dotProject 2.1.9 'event_id' SQL Injection S
HTTP dotProject 2.1.9 'project_id' SQL Injection S
HTTP eLabFTW 1.8.5 Arbitrary File Upload Remote Code Execution S
HTTP Emerson Network Power Liebert Challenger Cross Site Scripting Vuln S
HTTP Extreme Sistemas CMS 'cat' SQL Injection Vuln S
HTTP Gila CMS 1.9.1 Cross Site Scripting S
HTTP Google Chrome WasmMemoryObjectGrow Use-After-Free S
HTTP Heidelberg Prinect Archive System Cross-Site Scripting Vuln S
HTTP Horde Form Shell Upload S
HTTP Horde Webmail 5.2.22 'app' XSS S
HTTP Horde Webmail 5.2.22 'remove_f' XSS S
HTTP Horde Webmail 5.2.22 'update_f' XSS S
HTTP Horde Webmail 5.2.22 XSS CSRF S
HTTP HTMLy 'content' Cross Site Scripting Vuln S
HTTP HTMLy 'destination' Cross Site Scripting Vuln S
HTTP IBM Websphere Application Server Remote Code Execution S
HTTP IceWarp 10.4.4 Local File Inclusion S
HTTP Kanboard 1.2.7 Cross Site Scripting S
HTTP Laundry CMS - 'cloth_code' SQL Injection S
HTTP Laundry CMS - 'cloth_name' Frame Injection S
HTTP Laundry CMS - 'cloth_name' SQL Injection S
HTTP Laundry CMS - 'expse_type' Frame Injection S
HTTP Laundry CMS - 'service_name' Frame Injection S
HTTP LibreNMS addhost Command Injection S
HTTP microASP CMS 'explode_tree' SQL Injection Vuln S
HTTP Microsoft Internet Explorer Windows 10 1809 17763.316 Memory Corruption S
HTTP Nagios XI 5.6.1 SQL Injection S
HTTP NUUO NVRMini 2 3.9.1 Stack Overflow S
HTTP Opencart 3.0.3.2 extensionfeedgoogle_base Denial Of Service S
HTTP PasteShr 'password' SQL Injection Vuln S
HTTP pfSense 'acme_accountkeys_edit.php' Cross Site Scripting Vuln S
HTTP pfSense 'acme_accountkeys_edit.php' Cross Site Scripting Vuln_1 S
HTTP PHPads 'click.php3' SQL Injection Vuln S
HTTP phpMyAdmin 4.8 Cross Site Request Forgery (From Server) S
HTTP phpMyAdmin 4.8 Cross Site Request Forgery (To Server) S
HTTP Quest KACE Systems Management Appliance 'Method' Cross Site Scripting Vuln S
HTTP Sahi Pro 7.x 8.x Directory Traversal S
HTTP Sahi Pro 8.x SQL Injection S
HTTP SalesERP 'customer_id' SQL Injection Vuln S
HTTP SalesERP 'product_id' SQL Injection Vuln S
HTTP SalesERP 'supplier_name' SQL Injection Vuln S
HTTP Seo Panel Newsletter 'email' Cross Site Scripting Vuln S
HTTP Shopware createInstanceFromNamedArguments PHP Object Instantiation S
HTTP Smoothwall Express 'CC' Cross-Site Scripting Vuln S
HTTP Smoothwall Express 'COMMENT' Cross-Site Scripting Vuln_2 S
HTTP Smoothwall Express 'COMMENT' Cross-Site Scripting Vuln_3 S
HTTP Smoothwall Express 'COMMENT' Cross-Site Scripting Vuln_4 S
HTTP Smoothwall Express 'COMMENT' Cross-Site Scripting Vuln_5 S
HTTP Smoothwall Express 'COMMENT' Cross-Site Scripting Vuln_6 S
HTTP Smoothwall Express 'DEFAULT_GATEWAY' Cross-Site Scripting Vuln S
HTTP Smoothwall Express 'DEST_IP' Cross-Site Scripting Vuln S
HTTP Smoothwall Express 'DEST_IP' Cross-Site Scripting Vuln_1 S
HTTP Smoothwall Express 'DEST_PORT' Cross-Site Scripting Vuln S
HTTP Smoothwall Express 'DEST_PORT_SEL' Cross-Site Scripting Vuln S
HTTP Smoothwall Express 'DNS1' Cross-Site Scripting Vuln_1 S
HTTP Smoothwall Express 'DNS1_OVERRIDE' Cross-Site Scripting Vuln S
HTTP Smoothwall Express 'DNS2' Cross-Site Scripting Vuln_1 S
HTTP Smoothwall Express 'DNS2_OVERRIDE' Cross-Site Scripting Vuln S
HTTP Smoothwall Express 'EMAIL_PASSWORD' Cross-Site Scripting Vuln S
HTTP Smoothwall Express 'EXT' Cross-Site Scripting Vuln S
HTTP Smoothwall Express 'EXT' Cross-Site Scripting Vuln_1 S
HTTP Smoothwall Express 'FILTER' Cross-Site Scripting Vuln S
HTTP Smoothwall Express 'GREEN_ADDRESS' Cross-Site Scripting Vuln S
HTTP Smoothwall Express 'GREEN_NETMASK' Cross-Site Scripting Vuln S
HTTP Smoothwall Express 'HANGUP' Cross-Site Scripting Vuln S
HTTP Smoothwall Express 'INIT' Cross-Site Scripting Vuln S
HTTP Smoothwall Express 'IP' Cross-Site Scripting Vuln_1 S
HTTP Smoothwall Express 'IP' Cross-Site Scripting Vuln_2 S
HTTP Smoothwall Express 'LEFT' Cross-Site Scripting Vuln S
HTTP Smoothwall Express 'LEFT_SUBNET' Cross-Site Scripting Vuln S
HTTP Smoothwall Express 'MACHINE' Cross-Site Scripting Vuln S
HTTP Smoothwall Express 'MACHINECOMMENT' Cross-Site Scripting Vuln S
HTTP Smoothwall Express 'MACHINES' Cross-Site Scripting Vuln S
HTTP Smoothwall Express 'NAME' Cross-Site Scripting Vuln S
HTTP Smoothwall Express 'PORT' Cross-Site Scripting Vuln S
HTTP Smoothwall Express 'RED_ADDRESS' Cross-Site Scripting Vuln S
HTTP Smoothwall Express 'RED_DHCP_HOSTNAME' Cross-Site Scripting Vuln S
HTTP Smoothwall Express 'RED_MAC' Cross-Site Scripting Vuln S
HTTP Smoothwall Express 'RED_NETMASK' Cross-Site Scripting Vuln S
HTTP Smoothwall Express 'RIGHT' Cross-Site Scripting Vuln S
HTTP Smoothwall Express 'RIGHT_SUBNET' Cross-Site Scripting Vuln S
HTTP Smoothwall Express 'SECRET1' Cross-Site Scripting Vuln S
HTTP Smoothwall Express 'SECRET2' Cross-Site Scripting Vuln S
HTTP Smoothwall Express 'SECTIONTITLE' Cross-Site Scripting Vuln S
HTTP Smoothwall Express 'SMTPSERVER' Cross-Site Scripting Vuln S
HTTP Smoothwall Express 'SOURCE_IP' Cross-Site Scripting Vuln S
HTTP Smoothwall Express 'SPEAKER_OFF' Cross-Site Scripting Vuln S
HTTP Smoothwall Express 'SPEAKER_ON' Cross-Site Scripting Vuln S
HTTP Smoothwall Express 'SRC_IP' Cross-Site Scripting Vuln S
HTTP Smoothwall Express 'SRC_IP' Cross-Site Scripting Vuln_1 S
HTTP Smoothwall Express 'SRC_PORT' Cross-Site Scripting Vuln S
HTTP Smoothwall Express 'SRC_PORT_SEL' Cross-Site Scripting Vuln S
HTTP Smoothwall Express 'WRAP' Cross-Site Scripting Vuln S
HTTP SOCA Access Control System 180612 Cross Site Request Forgery (From Server) S
HTTP SOCA Access Control System 180612 Cross Site Request Forgery (To Server) S
HTTP SOCA Access Control System 180612 Cross Site Scripting S
HTTP Spring Security OAuth 2.3 Open Redirection S
HTTP Supra Smart Cloud TV Remote File Inclusion S
HTTP UliCMS 2019.1 'name' Cross Site Scripting S
HTTP UliCMS 2019.1 'systemname' Cross Site Scripting S
HTTP Veralite Veraedge Router Command Injection in Proxy Services S
HTTP Veralite Veraedge Router Command Injection in Relay Services S
HTTP Veralite Veraedge Router Directory Traversal in UPNP daemon S
HTTP Veralite Veraedge Router Unauthenticated Reflected Cross-Site Scripting S
HTTP Veralite Veraedge Router Unauthenticated Stored Cross-Site Scripting S
HTTP Wampserver 3.1.8 Cross Site Request Forgery (From Server) S
HTTP Wampserver 3.1.8 Cross Site Request Forgery (To Server) S
HTTP Webmin 1.910 Remote Command Execution S
HTTP WordPress 4DMayi 4.6 Open Redirection S
HTTP WordPress Ad-Manager 1.1.2 Open Redirection S
HTTP WordPress Aliyun 5.2 Open Redirection S
HTTP WordPress Antena_Ri Institute 2.0 Open Redirection S
HTTP WordPress Chrome-Extensions 1.0 Open Redirection S
HTTP WordPress Dankov Planer 1.1.2 Open Redirection S
HTTP WordPress DingTalk LTS 4.6 Open Redirection S
HTTP WordPress Divi-Child 1.0 Open Redirection S
HTTP WordPress Howsci 1.8 Open Redirection S
HTTP WordPress Inkblot Theme 4.9.10 Cross Site Request Forgery (From Server) S
HTTP WordPress Inkblot Theme 4.9.10 Cross Site Request Forgery (To Server) S
HTTP WordPress jilijilibegin LTS 4.6 Open Redirection S
HTTP WordPress Jingke 1.0 Open Redirection S
HTTP WordPress LaneMotorSport Responsive 1.8.4 Open Redirection S
HTTP WordPress Ninger 4.6 Open Redirection S
HTTP XOOPS CMS 'cid' SQL Injection Vuln S
HTTP Zoho ManageEngine ADSelfService Plus Cross Site Scripting Vuln S
HTTP Zoho ManageEngine ADSelfService Plus Cross Site Scripting Vuln_1 S
HTTP Zoho ManageEngine ADSelfService Plus Cross Site Scripting Vuln_2 S
HTTP Zoho ManageEngine ADSelfService Plus Cross Site Scripting Vuln_3 S
HTTP Zoho ManageEngine Netflow Analyzer Professional 'popup1.jsp' Cross Site Scripting Vuln S
HTTP Zoho ManageEngine Netflow Analyzer Professional 'popup1.jsp' Cross Site Scripting Vuln_1 S
HTTP Zoho ManageEngine Netflow Analyzer Professional 'popup1.jsp' Cross Site Scripting Vuln_2 S
HTTP Zoho ManageEngine Netflow Analyzer Professional 'scheduleConfig.jsp' XSS Vuln S
HTTP Zoho ManageEngine Netflow Analyzer Professional 'scheduleConfig.jsp' XSS Vuln_1 S
HTTP Zoho ManageEngine Netflow Analyzer Professional 'scheduleConfig.jsp' XSS Vuln_10 S
HTTP Zoho ManageEngine Netflow Analyzer Professional 'scheduleConfig.jsp' XSS Vuln_11 S
HTTP Zoho ManageEngine Netflow Analyzer Professional 'scheduleConfig.jsp' XSS Vuln_12 S
HTTP Zoho ManageEngine Netflow Analyzer Professional 'scheduleConfig.jsp' XSS Vuln_13 S
HTTP Zoho ManageEngine Netflow Analyzer Professional 'scheduleConfig.jsp' XSS Vuln_14 S
HTTP Zoho ManageEngine Netflow Analyzer Professional 'scheduleConfig.jsp' XSS Vuln_15 S
HTTP Zoho ManageEngine Netflow Analyzer Professional 'scheduleConfig.jsp' XSS Vuln_16 S
HTTP Zoho ManageEngine Netflow Analyzer Professional 'scheduleConfig.jsp' XSS Vuln_2 S
HTTP Zoho ManageEngine Netflow Analyzer Professional 'scheduleConfig.jsp' XSS Vuln_3 S
HTTP Zoho ManageEngine Netflow Analyzer Professional 'scheduleConfig.jsp' XSS Vuln_4 S
HTTP Zoho ManageEngine Netflow Analyzer Professional 'scheduleConfig.jsp' XSS Vuln_5 S
HTTP Zoho ManageEngine Netflow Analyzer Professional 'scheduleConfig.jsp' XSS Vuln_6 S
HTTP Zoho ManageEngine Netflow Analyzer Professional 'scheduleConfig.jsp' XSS Vuln_7 S
HTTP Zoho ManageEngine Netflow Analyzer Professional 'scheduleConfig.jsp' XSS Vuln_8 S
HTTP Zoho ManageEngine Netflow Analyzer Professional 'scheduleConfig.jsp' XSS Vuln_9 S
HTTP Zoho ManageEngine Netflow Analyzer Professional 'selectDevice.jsp' XSS Vuln S
HTTP Zoho ManageEngine Netflow Analyzer Professional 'selectDevice.jsp' XSS Vuln_1 S
HTTP Zoho ManageEngine Netflow Analyzer Professional 'userManagementForm.jsp' XSS Vuln S
HTTP Zoho ManageEngine Netflow Analyzer Professional 'userManagementForm.jsp' XSS Vuln_1 S
HTTP Zoho ManageEngine Netflow Analyzer Professional 'userManagementForm.jsp' XSS Vuln_2 S
HTTP Zoho ManageEngine Netflow Analyzer Professional 'userManagementForm.jsp' XSS Vuln_3 S
HTTP Zoho ManageEngine ServiceDesk Plus 9.3 'searchText' Cross Site Scripting S
HTTP Zoho ManageEngine ServiceDesk Plus 9.3 'SELECTSITE' Cross Site Scripting S
HTTP Zoho ManageEngine ServiceDesk Plus 9.3 'serviceRequestId' Cross Site Scripting S
HTTP Zoho ManageEngine ServiceDesk Plus 9.3 'userConfigID' Cross Site Scripting S
Malware GET Request Associated with Rig Exploit Kit (188.225.26.48) S
Malware GET Request Associated with Rig Exploit Kit (makemoneyeasywith.me) S
UDP Shekar Endoscope 'SetWifiName' Memory Corruption S
UDP Shekar Endoscope 'SetWifiPassword' Memory Corruption S


idappcom - Auditing, verifying and enhancing the capabilities of corporate security defences.

We do not use cookies for tracking users, displaying customised content or storing information about users, other than that required to maintain 'session state' for the login system for registered users. Please read our cookie policy for more information. Please note that by using this site you are consenting to the use of cookies.