Search

Traffic File Update - October 2019

This Traffic IQ Professional update for October 2019 contains the latest application exploits, threats and security evasion techniques along with technical data and high quality security rules.

Traffic IQ Professional

Traffic File Update for October 2019

150 Application Exploits

DNS Request to domain associated with tracking (cpx.to) S
FTP freeFTP 1.0.8 Remote Buffer Overflow S
HTTP Adobe Acrobat Reader DC For Windows JP2 Stream Buffer Overflow S
HTTP Ajenti Remote Command Execution S
HTTP All in One SEO Pack plugin for WordPress 'aiosp_front_meta_tags' XSS Vuln (From Server) S
HTTP All in One SEO Pack plugin for WordPress 'aiosp_front_meta_tags' XSS Vuln (To Server) S
HTTP All in One SEO Pack plugin for WordPress 'aiosp_home_meta_tags' XSS Vuln (From Server) S
HTTP All in One SEO Pack plugin for WordPress 'aiosp_home_meta_tags' XSS Vuln (To Server) S
HTTP Anchor CMS 0.12.3a Information Disclosure S
HTTP Apache CouchDB 2.3.0 - 'Add Option' Cross-Site Scripting S
HTTP Apache CouchDB 2.3.0 - 'Delete Option' Cross-Site Scripting S
HTTP ASUS RT-N10+ 2.0.3.4 CSRF XSS Command Execution (From Server) S
HTTP ASUS RT-N10+ 2.0.3.4 CSRF XSS Command Execution (To Server) S
HTTP AUO SunVeillance Monitoring System 1.1.9e 'mail' Incorrect Access Control S
HTTP AUO SunVeillance Monitoring System 1.1.9e 'MailAdd' SQL Injection S
HTTP AUO SunVeillance Monitoring System 1.1.9e 'picture_manage' SQL Injection S
HTTP AUO SunVeillance Monitoring System 1.1.9e 'swapdl_mvc' SQL Injection S
HTTP AUO SunVeillance Monitoring System 1.1.9e 'Text_Dis_Code' SQL Injection S
HTTP AUO SunVeillance Monitoring System 1.1.9e 'Text_Postal_Code' SQL Injection S
HTTP AUO SunVeillance Monitoring System 1.1.9e Incorrect Access Control S
HTTP Citecodecrashers Pic-A-Point 'Consignment' SQL Injection Vuln S
HTTP CyberArk Password Vault 10.6 Authentication Bypass S
HTTP delpino73 Blue-Smiley-Organizer 1.32 'datetime' SQL Injection S
HTTP Detrix EDMS 1.2.3.1505 SQL Injection S
HTTP Devinim Library Software 19.0504000 Open Redirection S
HTTP Digitus DN-16048 Camera Remote Configuration Disclosure S
HTTP Dongyoung Media DM-AP240TW Wireless Access Point Remote Configuration Disclosure S
HTTP Duplicate-Post 'duplicate_post_blacklist' Cross-Site Scripting Vuln S
HTTP Duplicate-Post 'duplicate_post_increase_menu_order_by' Cross-Site Scripting Vuln S
HTTP Duplicate-Post 'duplicate_post_title_prefix' Cross-Site Scripting Vuln S
HTTP Duplicate-Post 'duplicate_post_title_suffix' Cross-Site Scripting Vuln S
HTTP eBrigade 'chxCal' SQL Injection S
HTTP eBrigade 'cid' SQL Injection S
HTTP eBrigade 'evenement' SQL Injection S
HTTP File Sharing Wizard 1.5.0 DELETE SEH Buffer Overflow S
HTTP File Sharing Wizard 1.5.0 POST SEH Overflow S
HTTP FOSCAM FI8608W Camera Remote Configuration Disclosure S
HTTP Gila CMS 'f' Local File Inclusion Vuln S
HTTP ham3d 1.1 Local File Download S
HTTP Hisilicon Hi3518 HD Camera Remote Configuration Disclosure S
HTTP IBM Bigfix Platform 9.5.9.62 Arbitary File Upload Code Execution (From Server) S
HTTP IBM Bigfix Platform 9.5.9.62 Arbitary File Upload Code Execution (To Server) S
HTTP inoERP 4.15 SQL Injection S
HTTP Intelbras Router WRN150 1.0.18 Cross Site Request Forgery (From Server) S
HTTP Intelbras Router WRN150 1.0.18 Cross Site Request Forgery (To Server) S
HTTP Joomla Cactus 'album' SQL Injection Vuln S
HTTP Joomla Cactus 'album' SQL Injection Vuln_1 S
HTTP Joomla Cactus 'limit' SQL Injection Vuln S
HTTP Joomla Cactus 'limit' SQL Injection Vuln_1 S
HTTP LabCollector 'login' SQL Injection Vuln S
HTTP LabCollector 'user_name' SQL Injection Vuln S
HTTP LG-ERICSSON LN202-003H HomeHub Router Remote Configuration Disclosure S
HTTP Master Data Online CSRF Data Tampering (From Server) S
HTTP Master Data Online CSRF Data Tampering (To Server) S
HTTP MiniShare 1.4.1 CONNECT Remote Buffer Overflow S
HTTP Moxa EDR-810 Information Disclosure S
HTTP News Website Script 2.0.5 - SQL Injection S
HTTP Notepad++ Code Execution Denial Of Service S
HTTP Openfire 'driver' Cross-Site Scripting Vuln S
HTTP Openfire 'password' Cross-Site Scripting Vuln S
HTTP Openfire 'serverURL' Cross-Site Scripting Vuln S
HTTP Openfire 'username' Cross-Site Scripting Vuln S
HTTP Oracle Mojarra JSF Eclipse Mojarra JSF 2.2 2.3 Cross Site Scripting S
HTTP Palo Alto Networks Cross Site Request Forgery (From Server) S
HTTP Palo Alto Networks Cross Site Request Forgery (To Server) S
HTTP ParantezTeknoloji Library Software 16.0519000 Open Redirection S
HTTP pfSense 2.3.4 2.4.4-p3 Remote Code Injection S
HTTP phpIPAM 1.4 SQL Injection S
HTTP PilusCart 1.4.1 - 'send' SQL Injection S
HTTP rConfig 3.9.2 Remote Code Execution S
HTTP Restaurant Management System 1.0 Shell Upload S
HTTP Sahi Pro 8.x Cross Site Scripting S
HTTP Socomec DIRIS A-40 Password Disclosure S
HTTP SQLiteManager 1.2.0 1.2.4 SQL Injection S
HTTP Subrion 'Email' Cross-Site Scripting Vuln S
HTTP Subrion 'Full Name' Cross-Site Scripting Vuln S
HTTP Subrion 'Username' Cross-Site Scripting Vuln S
HTTP Tellion HN-2204AP Router Remote Configuration Disclosure S
HTTP Tellion TE01-005H HomeHub Router Remote Configuration Disclosure S
HTTP Thailand Union Library Management 'MSUBJECT' SQL Injection Vuln S
HTTP Thailand Union Library Management 'MSUBJECT' SQL Injection Vuln_1 S
HTTP Thailand Union Library Management 'MSUBJECT' SQL Injection Vuln_10 S
HTTP Thailand Union Library Management 'MSUBJECT' SQL Injection Vuln_2 S
HTTP Thailand Union Library Management 'MSUBJECT' SQL Injection Vuln_3 S
HTTP Thailand Union Library Management 'MSUBJECT' SQL Injection Vuln_4 S
HTTP Thailand Union Library Management 'MSUBJECT' SQL Injection Vuln_5 S
HTTP Thailand Union Library Management 'MSUBJECT' SQL Injection Vuln_6 S
HTTP Thailand Union Library Management 'MSUBJECT' SQL Injection Vuln_7 S
HTTP Thailand Union Library Management 'MSUBJECT' SQL Injection Vuln_8 S
HTTP Thailand Union Library Management 'MSUBJECT' SQL Injection Vuln_9 S
HTTP Thesystem 'add_server - operating_system' Cross-Site Scripting Vuln (From Server) S
HTTP Thesystem 'add_server - operating_system' Cross-Site Scripting Vuln (To Server) S
HTTP Thesystem 'add_server - server_name' Cross-Site Scripting Vuln (From Server) S
HTTP Thesystem 'add_server - server_name' Cross-Site Scripting Vuln (To Server) S
HTTP Thesystem 'add_server - system_description' Cross-Site Scripting Vuln (From Server) S
HTTP Thesystem 'add_server - system_description' Cross-Site Scripting Vuln (To Server) S
HTTP Thesystem 'add_server - system_owner' Cross-Site Scripting Vuln (From Server) S
HTTP Thesystem 'add_server - system_owner' Cross-Site Scripting Vuln (To Server) S
HTTP Thesystem 'add_server - system_password' Cross-Site Scripting Vuln (From Server) S
HTTP Thesystem 'add_server - system_password' Cross-Site Scripting Vuln (To Server) S
HTTP Thesystem 'add_server - system_username' Cross-Site Scripting Vuln (From Server) S
HTTP Thesystem 'add_server - system_username' Cross-Site Scripting Vuln (To Server) S
HTTP Thesystem 'server_name' SQL Injection Vuln (From Server) S
HTTP Thesystem 'server_name' SQL Injection Vuln (To Server) S
HTTP Thesystem 'username' SQL Injection Vuln (From Server) S
HTTP Thesystem 'username' SQL Injection Vuln (To Server) S
HTTP thesystem 1.0 Command Injection S
HTTP ThinVNC 1.0b1 Authentication Bypass S
HTTP TP-Link TL-WR1043ND 2 Authentication Bypass S
HTTP V-SOL GPON-EPON OLT Platform 'add admin' CSRF Vuln (From Server) S
HTTP V-SOL GPON-EPON OLT Platform 'add admin' CSRF Vuln (To Server) S
HTTP V-SOL GPON-EPON OLT Platform 'enable SSH' CSRF Vuln (From Server) S
HTTP V-SOL GPON-EPON OLT Platform 'enable SSH' CSRF Vuln (To Server) S
HTTP V-SOL GPON-EPON OLT Platform 'parent' Cross-Site Scripting Vuln S
HTTP V-SOL GPON-EPON OLT Platform 'sntp_server' Cross-Site Scripting Vuln S
HTTP V-SOL GPON-EPON OLT Platform 2.03 'action' Unauthenticated Configuration Download S
HTTP V-SOL GPON-EPON OLT Platform 2.03 'device' Unauthenticated Configuration Download S
HTTP V-SOL GPONEPON OLT Platform 2.03 Link Manipulation S
HTTP V-SOL GPONEPON OLT Platform 2.03 Remote Privilege Escalation S
HTTP vBulletin 'where' SQL Injection Vuln S
HTTP vBulletin 'where' SQL Injection Vuln_1 S
HTTP vBulletin 5.x 0-Day Pre-Auth Remote Command Execution S
HTTP vBulletin 5.x Pre-Auth Remote Code Execution S
HTTP vBulletin 5.x Pre-Auth Remote Code Execution_2 S
HTTP VMware VeloCloud 3.3.0 3.2.2 Authorization Bypass S
HTTP waldronmatt FullCalendar-BS4-PHP-MySQL-JSON 1.21 'color' SQL Injection S
HTTP waldronmatt FullCalendar-BS4-PHP-MySQL-JSON 1.21 'description' SQL Injection S
HTTP waldronmatt FullCalendar-BS4-PHP-MySQL-JSON 1.21 'end' SQL Injection S
HTTP waldronmatt FullCalendar-BS4-PHP-MySQL-JSON 1.21 'start' SQL Injection S
HTTP waldronmatt FullCalendar-BS4-PHP-MySQL-JSON 1.21 'title' SQL Injection S
HTTP Webkit JSC JIT ArgumentsEliminationPhasetransform Uninitialized Variable Access S
HTTP WebKit WebCoreReplacementFragmentReplacementFragment User-Agent Shadow Root Leak S
HTTP WiKID Systems 2FA Enterprise Server 4.2.0-b2032 - 'domain' SQL Injection S
HTTP WiKID Systems 2FA Enterprise Server 4.2.0-b2032 - 'key' SQL Injection S
HTTP WiKID Systems 2FA Enterprise Server 4.2.0-b2032 - 'source' SQL Injection S
HTTP WiKID Systems 2FA Enterprise Server 4.2.0-b2032 - 'substring' SQL Injection S
HTTP WiKID Systems 2FA Enterprise Server 4.2.0-b2032 - 'uid' SQL Injection S
HTTP WiKID Systems 2FA Enterprise Server 4.2.0-b2032 - 'usr' XSS S
HTTP WiKID Systems 2FA Enterprise Server 4.2.0-b2032 - Admin User CSRF S
HTTP WordPress FooGallery 1.8.12 Cross Site Scripting S
HTTP WordPress Sliced Invoices 3.8.2 Cross Site Scripting S
HTTP WordPress Sliced Invoices 3.8.2 SQL Injection S
HTTP WordPress Soliloquy Lite 2.5.6 Cross Site Scripting S
HTTP WordPress WebARX Website Firewall 4.9.8 XSS Bypass S
HTTP YouPHPTube Encoder base64Url 'getImage.php' Command Injection S
HTTP YouPHPTube Encoder base64Url 'getImageMP4.php' Command Injection S
HTTP YouPHPTube Encoder base64Url 'getSpiritsFromVideo.php' Command Injection S
HTTP Zabbix 4.2 - Authentication Bypass S
HTTP Zuz Music 2.1 - 'zuzconsole___contact ' Persistent Cross-Site Scripting S
PBS Professional 19.2.3 Authentication Bypass S


idappcom - Auditing, verifying and enhancing the capabilities of corporate security defences.

We do not use cookies for tracking users, displaying customised content or storing information about users, other than that required to maintain 'session state' for the login system for registered users. Please read our cookie policy for more information. Please note that by using this site you are consenting to the use of cookies.