Traffic IQ Professional
Traffic File Update for September 2019
145 Application Exploits
HPE Intelligent Management Center Information Disclosure S
HTTP 2 Plan Team 1.0.4 Cross Site Scripting S
HTTP ACTi ACM-3100 Camera Remote Command Execution S
HTTP Alkacon OpenCMS 10.5.x 'clearhistory.jsp' Local File Inclusion S
HTTP Alkacon OpenCMS 10.5.x 'group_new.jsp' Local File Inclusion S
HTTP Alkacon OpenCMS 10.5.x 'index.jsp' Local File Inclusion S
HTTP Alkacon OpenCMS 10.5.x 'loginmessage.jsp' Local File Inclusion S
HTTP Alkacon OpenCMS 10.5.x 'xmlcontentrepair.jsp' Local File Inclusion S
HTTP Alkacon OpenCMS Cross Site Scripting Vuln S
HTTP Alkacon OpenCMS Cross Site Scripting Vuln_1 S
HTTP Alkacon OpenCMS Cross Site Scripting Vuln_10 S
HTTP Alkacon OpenCMS Cross Site Scripting Vuln_11 S
HTTP Alkacon OpenCMS Cross Site Scripting Vuln_2 S
HTTP Alkacon OpenCMS Cross Site Scripting Vuln_3 S
HTTP Alkacon OpenCMS Cross Site Scripting Vuln_4 S
HTTP Alkacon OpenCMS Cross Site Scripting Vuln_5 S
HTTP Alkacon OpenCMS Cross Site Scripting Vuln_6 S
HTTP Alkacon OpenCMS Cross Site Scripting Vuln_7 S
HTTP Alkacon OpenCMS Cross Site Scripting Vuln_8 S
HTTP Alkacon OpenCMS Cross Site Scripting Vuln_9 S
HTTP API Bearer Auth Plugin for WordPress Cross-Site Scripting Vuln S
HTTP AVCON6 Systems Management Platform Remote Root S
HTTP Belkin N600DB Wireless Router - 'langchg.cgi' Wifi Password Disclosure S
HTTP CentOS Control Web Panel (CWP) 0.9.8.851 phpMyAdmin Password Change S
HTTP Chrome V8 - 'Runtime_RegExpReplace' Integer Overflow S
HTTP Chrome V8 JIT - Empty BytecodeJumpTable Out-of-Bounds Read S
HTTP Cisco Data Center Network Manager Unauthenticated Remote Code Execution S
HTTP Cisco UCS Director Unauthenticated Remote Code Execution S
HTTP Cisco UCS IMC Supervisor Authentication Bypass S
HTTP Cisco UCS IMC Supervisor Command Injection S
HTTP Control Web Panel 0.9.8.851 - Access Other DNS and Delete S
HTTP Control Web Panel 0.9.8.851 - Add forward mail S
HTTP Control Web Panel 0.9.8.851 - Change other email password S
HTTP Control Web Panel 0.9.8.851 - Change target mail usage S
HTTP Control Web Panel 0.9.8.851 - Delete other domain S
HTTP Control Web Panel 0.9.8.851 - Delete other email account S
HTTP Control Web Panel 0.9.8.851 - Delete other mail forwarder S
HTTP Control Web Panel 0.9.8.851 - Delete other sub-domain S
HTTP Control Web Panel 0.9.8.851 - Modify forward mail destination 'Access' S
HTTP Control Web Panel 0.9.8.851 - Modify forward mail destination 'Delete' S
HTTP Control Web Panel 0.9.8.851 - Remove user from phpMyAdmin S
HTTP DASAN Zhone ZNID GPON 2426A EU Cross-Site Scripting Vuln S
HTTP DASAN Zhone ZNID GPON 2426A EU Cross-Site Scripting Vuln_1 S
HTTP DASAN Zhone ZNID GPON 2426A EU Cross-Site Scripting Vuln_2 S
HTTP DIGIT CENTRIS ERP 'datum1' SQL Injection Vuln S
HTTP DIGIT CENTRIS ERP 'datum2' SQL Injection Vuln S
HTTP DIGIT CENTRIS ERP 'KID' SQL Injection Vuln S
HTTP DIGIT CENTRIS ERP 'PID' SQL Injection Vuln S
HTTP Dolibarr ERP-CRM 'card.php' SQL Injection Vuln S
HTTP Dolibarr ERP-CRM 'card.php' SQL Injection Vuln_1 S
HTTP Dolibarr ERP-CRM 'card.php' SQL Injection Vuln_2 S
HTTP Dolibarr ERP-CRM 'elemid' SQL Injection Vuln S
HTTP Download Manager plugin for WordPress 'orderby' Cross-Site Scripting Vuln S
HTTP Download Manager plugin for WordPress 'orderby' Cross-Site Scripting Vuln_1 S
HTTP Enigma NMS 65.0.0 Cross Site Request Forgery (From Server) S
HTTP Enigma NMS 65.0.0 Cross Site Request Forgery (To Server) S
HTTP Enigma NMS 65.0.0 OS Command Injection S
HTTP eWON Flexy 13.0 Authentication Bypass S
HTTP File Sharing Wizard 1.5.0 SEH Buffer Overflow S
HTTP FileThingie 2.5.7 Remote Command Execution S
HTTP FileThingie 2.5.7 Remote Shell Unzip S
HTTP FileThingie 2.5.7 Remote Shell Upload S
HTTP FusionPBX 4.4.8 Remote Code Execution S
HTTP Generic Zip Slip Traversal S
HTTP Gila CMS Local File Inclusion S
HTTP GOautodial 'title' Cross-Site Scripting Vuln S
HTTP Heatmiser Wifi Thermostat 1.7 - CSRF (Update Admin) (From Server) S
HTTP Heatmiser Wifi Thermostat 1.7 - CSRF (Update Admin) (To Server) S
HTTP HumHub 1.3.12 Cross Site Scripting S
HTTP IntelBras TELEFONE IP TIP200200 LITE 60.61.75.15 Arbitrary File Read S
HTTP Jobberbase 2.0 subscribe SQL Injection S
HTTP Joomla JS Support Ticket 1.1.6 SQL Injection S
HTTP JSC YarrJIT initParenContextFreeList Byte Overwrite S
HTTP Legrand BTicino Driver Manager F454 1.0.51 Cross Site Scripting (From Server) S
HTTP Legrand BTicino Driver Manager F454 1.0.51 Cross Site Scripting (To Server) S
HTTP LimeSurvey 'surveyid' Cross-Site Scripting Vuln S
HTTP LimeSurvey 3.17.13 Cross Site Scripting S
HTTP Live Call Support Widget 1.5 - CSRF (Add Admin) (From Server) S
HTTP Live Call Support Widget 1.5 - CSRF (Add Admin) (To Server) S
HTTP Microsoft Edge Chakra JIT - ImplicitCallFlags Checks Bypass S
HTTP Microsoft Edge Chakra JIT - Memory Corruption S
HTTP Nessus 8.2.1 - Cross-Site Scripting S
HTTP NetSAS Enigma NMS 'search_pattern' SQL Injection Vuln S
HTTP Nimble Streamer 3.x Directory Traversal S
HTTP NPMJS gitlabhook 0.0.17 Remote Command Execution S
HTTP October CMS Upload Protection Bypass Code Execution S
HTTP OpenEdx Ironwood 'course_id' Cross-Site Scripting Vuln S
HTTP OpenEdx Ironwood 'user' Cross-Site Scripting Vuln S
HTTP OpenProject 8.3.1 SQL Injection S
HTTP phpMyAdmin 4.9.0.1 Cross Site Request Forgery (From Server) S
HTTP phpMyAdmin 4.9.0.1 Cross Site Request Forgery (To Server) S
HTTP Ping Identity Agentless Integration Kit Cross Site Scripting S
HTTP Piwigo 'account_billing' CSRF Vuln (From Server) S
HTTP Piwigo 'account_billing' CSRF Vuln (To Server) S
HTTP Piwigo 'account_billing' CSRF Vuln_1 (From Server) S
HTTP Piwigo 'account_billing' CSRF Vuln_1 (To Server) S
HTTP Piwigo 'account_billing' CSRF Vuln_2 (From Server) S
HTTP Piwigo 'account_billing' CSRF Vuln_2 (To Server) S
HTTP Piwigo 'account_billing' CSRF Vuln_3 (From Server) S
HTTP Piwigo 'account_billing' CSRF Vuln_3 (To Server) S
HTTP Piwigo 'notification_by_mail' CSRF Vuln (From Server) S
HTTP Piwigo 'notification_by_mail' CSRF Vuln (To Server) S
HTTP Piwigo 'notification_by_mail' CSRF Vuln_1 (From Server) S
HTTP Piwigo 'notification_by_mail' CSRF Vuln_1 (To Server) S
HTTP Piwigo 'notification_by_mail' CSRF Vuln_2 (From Server) S
HTTP Piwigo 'notification_by_mail' CSRF Vuln_2 (To Server) S
HTTP Piwigo 'notification_by_mail' CSRF Vuln_3 (From Server) S
HTTP Piwigo 'notification_by_mail' CSRF Vuln_3 (To Server) S
HTTP Piwigo 'notification_by_mail' CSRF Vuln_4 (From Server) S
HTTP Piwigo 'notification_by_mail' CSRF Vuln_4 (To Server) S
HTTP Piwigo 'notification_by_mail' CSRF Vuln_5 (From Server) S
HTTP Piwigo 'notification_by_mail' CSRF Vuln_5 (To Server) S
HTTP Piwigo 2.9.5 Cross Site Scripting Command Execution S
HTTP Portrait-Archiv-Shop Plugin for WordPress Cross-Site Scripting Vuln S
HTTP Pulse Secure 8.1R15.1 8.2 8.3 9.0 SSL VPN Remote Code Execution S
HTTP Sentrifugo 3.2 - File Upload Restriction Bypass S
HTTP Spryng Payments WooCommerce Plugin for WordPress Cross-Site Scripting Vuln S
HTTP Tibco JasperSoft 'resource' Directory Traversal Vuln S
HTTP Totaljs CMS 12.0 'author' Cross Site Scripting S
HTTP Totaljs CMS 12.0 'template' Path Traversal S
HTTP Totaljs CMS 12.0 Information Disclosure S
HTTP VX Search Enterprise 10.4.16 Denial Of Service S
HTTP Webmin 1.920 rpc.cgi Remote Root S
HTTP Western Digital My Book World II NAS 1.02.12 Hardcoded Credential S
HTTP WordPress Checklist 'fill' Cross-Site Scripting Vuln S
HTTP WordPress Ecpay Logistics For WooCommerce 'CVSStoreName' Cross-Site Scripting Vuln S
HTTP WordPress Ellipsis Human Presence Technology 'page' Cross-Site Scripting Vuln S
HTTP WordPress Photo Gallery 'album_id' SQL Injection Vuln S
HTTP WordPress Qwiz Online Quizzes And Flashcards 'qname' Cross-Site Scripting Vuln S
HTTP WordPress SlickQuiz 'email' Cross-Site Scripting Vuln S
HTTP WordPress SlickQuiz 'id' SQL Injection Vuln S
HTTP WordPress SlickQuiz 'id' SQL Injection Vuln_1 S
HTTP WordPress SlickQuiz 'id' SQL Injection Vuln_2 S
HTTP WordPress SlickQuiz 'name' Cross-Site Scripting Vuln S
HTTP WordPress SlickQuiz 'score' Cross-Site Scripting Vuln S
HTTP YouPHPTube 7.4 Remote Code Execution S
HTTP Zurmo 3.2.6 Persistent Cross Site Scripting S
HTTP Zyxel USG UAG ATP VPN NXC External DNS Requests - GET Request S
HTTP Zyxel USG UAG ATP VPN NXC External DNS Requests - POST Request S
HTTP µTorrent (uTorrent) ClassicWeb - Change Download Directory CSRF S
HTTP µTorrent (uTorrent) ClassicWeb - Information Disclosure S
Malware GET Request Associated with Emotet Malspam (fitchciapara.com) S
Malware GET Request Associated with Emotet Malspam (komatireddy.net) S
Malware GET Request Associated with Emotet Malspam (www.sirijayareddypsychologist.com) S
UDP AwindInc SNMP Service Command Injection S