Search

Traffic File Update - January 2020

This Traffic IQ Professional update for January 2020 contains the latest application exploits, threats and security evasion techniques along with technical data and high quality security rules.

Traffic IQ Professional

Traffic File Update for January 2020

152 Application Exploits

HTTP Adive Framework 'Add Admin' CSRF Vuln (From Server) S
HTTP Adive Framework 'Add Admin' CSRF Vuln (To Server) S
HTTP Advie Framework 'userUsername' Cross-Site Scripting Vuln S
HTTP ASTPP 4.0.1 Database Disclosure S
HTTP AVE DOMINAplus 'Password' CSRF Vuln (To Server) S
HTTP Barco WePresent file_transfer.cgi Command Injection (From Server) S
HTTP Barco WePresent file_transfer.cgi Command Injection S
HTTP BloodX 'Password' SQL Injection Vuln S
HTTP Car Rental Project 1.0 Remote Code Execution (From Server) S
HTTP Car Rental Project 1.0 Remote Code Execution S
HTTP Centreon 19.04 - 'command_line' Remote Code Execution S
HTTP Citrix ADC (NetScaler) Directory Traversal Remote Code Execution S
HTTP Citrix Application Delivery Controller Gateway 10.5 Remote Code Execution S
HTTP Codoforum 4.8.3 Cross Site Scripting S
HTTP Complaint Management System 4.0 Remote Code Execution (From Server) S
HTTP Complaint Management System 4.0 Remote Code Execution S
HTTP CTFd 2.1.5 Administrator Account Takeover (From Server) S
HTTP CTFd 2.1.5 Administrator Account Takeover S
HTTP Cups Easy 1.0 Password Change Cross Site Request Forgery (From Server) S
HTTP Cups Easy 1.0 Password Change Cross Site Request Forgery (To Server) S
HTTP Cups Easy 1.0 User Delete Cross Site Request Forgery (From Server) S
HTTP Cups Easy 1.0 User Delete Cross Site Request Forgery (To Server) S
HTTP D-Link DIR-615 Wireless Router 'Name' Cross-Site Scripting Vuln S
HTTP ECTouch ECShop 'brand' SQL Injection Vuln S
HTTP ECTouch ECShop 'filter_attr' SQL Injection Vuln S
HTTP ECTouch ECShop 'id' SQL Injection Vuln S
HTTP ECTouch ECShop 'page' SQL Injection Vuln S
HTTP ECTouch ECShop 'price_max' SQL Injection Vuln S
HTTP ECTouch ECShop 'price_min' SQL Injection Vuln S
HTTP elearning-script 'login.php' SQL Injection Vuln S
HTTP Employee Leaves Management System 2.0 CSRF (From Server) S
HTTP Employee Leaves Management System 2.0 CSRF (To Server) S
HTTP ERPNext 'URI-BASED' Cross-Site Scripting Vuln S
HTTP Fifthplay S.A.M.I 'Password' CSRF Vuln (From Server) S
HTTP Fifthplay S.A.M.I 'Password' CSRF Vuln (To Server) S
HTTP Fifthplay S.A.M.I 'Port' CSRF Vuln (From Server) S
HTTP Fifthplay S.A.M.I 'Port' CSRF Vuln (To Server) S
HTTP Fifthplay S.A.M.I 'Server' CSRF Vuln (From Server) S
HTTP Fifthplay S.A.M.I 'Server' CSRF Vuln (To Server) S
HTTP Fifthplay S.A.M.I 'User' CSRF Vuln (From Server) S
HTTP Fifthplay S.A.M.I 'User' CSRF Vuln (To Server) S
HTTP Freelancy 1.0.0 Remote Code Execution S
HTTP FusionAuth 1.10 Remote Command Execution S
HTTP Huawei HG255 - 'css' Directory Traversal S
HTTP Huawei HG255 - 'js' Directory Traversal S
HTTP Huawei HG255 - 'lib' Directory Traversal S
HTTP Huawei HG255 - 'res' Directory Traversal S
HTTP IBM RICOH Infoprint 1532 Printer Cross-Site Scripting Vuln S
HTTP IceWarp WebMail 'color' Cross-Site Scripting Vuln S
HTTP Jenkins Gitlab Hook Plugin Cross-Site Scripting Vuln S
HTTP Job Portal 1.0 Shell Upload (From Server) S
HTTP Job Portal 1.0 Shell Upload S
HTTP Karakuzu ERP Management 'islem2.php' Cross-Site Scripting Vuln S
HTTP Karakuzu ERP Management Web 'Add Admin' CSRF Vuln (From Server) S
HTTP Karakuzu ERP Management Web 'Add Admin' CSRF Vuln (To Server) S
HTTP Karakuzu ERP Management Web 'Delete User' CSRF Vuln (From Server) S
HTTP Karakuzu ERP Management Web 'Delete User' CSRF Vuln (To Server) S
HTTP Karakuzu ERP Management Web 'Edit User' CSRF Vuln (From Server) S
HTTP Karakuzu ERP Management Web 'Edit User' CSRF Vuln (To Server) S
HTTP Karakuzu ERP Management Web 'k_adi_duz' SQL Injection Vuln S
HTTP Karakuzu ERP Management Web 'k_email_duz' SQL Injection Vuln S
HTTP Karakuzu ERP Management Web 'k_grup_duz' SQL Injection Vuln S
HTTP Karakuzu ERP Management Web 'k_sifre_duz' SQL Injection Vuln S
HTTP Karakuzu ERP Management Web 'k_yetki_duz' SQL Injection Vuln S
HTTP Kepler Wallpaper Script 1.1 - SQL Injection S
HTTP ManageEngine Network Configuration Manager 'apiKey' SQL Injection Vuln S
HTTP Octeth Oempro 'CampaignID' SQL Injection Vuln S
HTTP OkayCMS 2.3.4 'comparison' Remote Code Execution S
HTTP OkayCMS 2.3.4 'price_filter' Remote Code Execution S
HTTP OLK Web Store 2020 Cross Site Request Forgery (From Server) S
HTTP OLK Web Store 2020 Cross Site Request Forgery (To Server) S
HTTP Online Book Store 1.0 Arbitrary File Upload (From Server) S
HTTP Online Book Store 1.0 Arbitrary File Upload (To Server) S
HTTP Online Book Store 1.0 Remote Code Execution S
HTTP Online Course Registration 2.0 Authentication Bypass S
HTTP Online Course Registration 2.0 Remote Code Execution (From Server) S
HTTP Online Course Registration 2.0 Remote Code Execution S
HTTP Pandora 7.0NG Remote Code Execution (From Server) S
HTTP Pandora 7.0NG Remote Code Execution S
HTTP PHPGurukul Complaint Management System 'cid' SQL Injection Vuln S
HTTP PHPGurukul Dairy Farm Shop Management System 'adminname' SQL Injection Vuln S
HTTP PHPGurukul Dairy Farm Shop Management System 'Category' Cross-Site Scripting Vuln S
HTTP PHPGurukul Dairy Farm Shop Management System 'category' SQL Injection Vuln S
HTTP PHPGurukul Dairy Farm Shop Management System 'CategoryCode' Cross-Site Scripting Vuln S
HTTP PHPGurukul Dairy Farm Shop Management System 'categorycode' SQL Injection Vuln S
HTTP PHPGurukul Dairy Farm Shop Management System 'CompanyName' Cross-Site Scripting Vuln S
HTTP PHPGurukul Dairy Farm Shop Management System 'companyname' SQL Injection Vuln S
HTTP PHPGurukul Dairy Farm Shop Management System 'emailid' SQL Injection Vuln S
HTTP PHPGurukul Dairy Farm Shop Management System 'fromdate' SQL Injection Vuln S
HTTP PHPGurukul Dairy Farm Shop Management System 'mobilenumber' SQL Injection Vuln S
HTTP PHPGurukul Dairy Farm Shop Management System 'ProductName' Cross-Site Scripting Vuln S
HTTP PHPGurukul Dairy Farm Shop Management System 'productname' SQL Injection Vuln S
HTTP PHPGurukul Dairy Farm Shop Management System 'productprice' SQL Injection Vuln S
HTTP PHPGurukul Dairy Farm Shop Management System 'todate' SQL Injection Vuln S
HTTP PHPGurukul Hospital Management System 'bp' SQL Injection Vuln S
HTTP PHPGurukul Hospital Management System 'cpass' SQL Injection Vuln S
HTTP PHPGurukul Hospital Management System 'doctorspecilization' Cross-Site Scripting Vuln S
HTTP PHPGurukul Hospital Management System 'patname' SQL Injection Vuln S
HTTP PHPGurukul Hospital Management System 'searchdata' SQL Injection Vuln S
HTTP PHPGurukul Hospital Management System 'viewid' SQL Injection Vuln S
HTTP PHPGurukul Hostel Management System 'id' SQL Injection Vuln S
HTTP PHPGurukul Park Ticketing Management System 'search ticket' Cross-Site Scripting Vuln S
HTTP PixelStor 5000 K4.0.1580-20150629 Remote Code Execution (From Server) S
HTTP PixelStor 5000 K4.0.1580-20150629 Remote Code Execution S
HTTP Projectworlds Online Book Store 'bookisbn' SQL Injection Vuln S
HTTP Realtek SDK Code Execution S
HTTP Realtek SDK Information Disclosure S
HTTP Rukovoditel Project Management CRM 'filters' SQL Injection Vuln S
HTTP Rukovoditel Project Management CRM 'reports_id' SQL Injection Vuln S
HTTP Rumpus FTP Web File Manager 8.2.9.1 Cross Site Scripting S
HTTP Shopping Portal ProVersion 3.0 File Upload (From Server) S
HTTP Shopping Portal ProVersion 3.0 File Upload S
HTTP TheJshen contentManagementSystem 1.04 SQL Injection S
HTTP Thejshen Globitek CMS 1.4 SQL Injection S
HTTP Thrive Smart Home 'ip_data' Cross-Site Scripting Vuln S
HTTP Thrive Smart Home 1.1 SQL Injection S
HTTP TP-Link TP-SG105E 1.0.0 Unauthenticated Remote Reboot S
HTTP Umbraco CMS 'Delete User' CSRF Vuln (From Server) S
HTTP Umbraco CMS 'Delete User' CSRF Vuln (To Server) S
HTTP Umbraco CMS 'Disable User' CSRF Vuln (From Server) S
HTTP Umbraco CMS 'Disable User' CSRF Vuln (To Server) S
HTTP Umbraco CMS 'Enable User' CSRF Vuln (From Server) S
HTTP Umbraco CMS 'Enable User' CSRF Vuln (To Server) S
HTTP Voyager 'VoyagerController.php' Directory Traversal Vuln S
HTTP Wave 'category' SQL Injection Vuln S
HTTP WebKit URI Synchronous Page Loads Universal Cross Site Scripting S
HTTP Webtareas 'id' SQL Injection Vuln S
HTTP WEMS Enterprise Manager 'Email' Cross-Site Scripting Vuln S
HTTP WordPress InfiniteWP Client 1.9.4.5 Authentication Bypass S
HTTP WordPress Plugin Audio Record 1.0 - Arbitrary File Upload (From Server) S
HTTP WordPress Plugin Audio Record 1.0 - Arbitrary File Upload S
HTTP WordPress Plugin Baggage Freight Shipping Australia 0.1.0 - File Upload (From Server) S
HTTP WordPress Plugin Baggage Freight Shipping Australia 0.1.0 - File Upload (To Server) S
HTTP WordPress Plugin Baggage Freight Shipping Australia 0.1.0 - Remote Code Execution S
HTTP WordPress Resim Ara 'kelime' Cross-Site Scripting Vuln S
HTTP WordPress Time Capsule 1.21.16 Authentication Bypass S
HTTP WordPress Time Capsule 1.21.16 Shell Upload (From Server) S
HTTP WordPress Time Capsule 1.21.16 Shell Upload S
HTTP XEROX WorkCentre Printers 'Add Admin' CSRF Vuln (From Server) S
HTTP XEROX WorkCentre Printers 'Add Admin' CSRF Vuln (To Server) S
HTTP ZOHO ManageEngine ServiceDeskPlus Cross-Site Scripting Vuln S
Malware GET Request Associated with Ursnif Malware 'emblareppy.com' Attempt S
Malware GET Request Associated with Ursnif Malware 'estate-advice.at' '109.175.7.8' Attempt S
Malware GET Request Associated with Ursnif Malware 'estate-advice.at' '185.95.185.58' Attempt S
Malware GET Request Associated with Ursnif Malware 'limpopo.at' Attempt S
Malware GET Request Associated with Ursnif Malware 'n60peablo.com' Attempt S
Malware GET Request Associated with Ursnif Malware 'pzhmnbarguerite4819.com' Attempt S
Malware GET Request Associated with Ursnif Malware 'sweetlights.at' 'g32' Attempt S
Malware GET Request Associated with Ursnif Malware 'sweetlights.at' 'g64' Attempt S
Malware POST Request Associated with Ursnif Malware 'estate-advice.at' '5.56.73.146' Attempt S
Malware POST Request Associated with Ursnif Malware 'estate-advice.at' '51.223.47.15' Attempt S
Malware POST Request Associated with Ursnif Malware 'limpopo.at' Attempt S


idappcom - Auditing, verifying and enhancing the capabilities of corporate security defences.

We do not use cookies for tracking users, displaying customised content or storing information about users, other than that required to maintain 'session state' for the login system for registered users. Please read our cookie policy for more information. Please note that by using this site you are consenting to the use of cookies.