Search

Traffic File Update - March 2020

This Traffic IQ Professional update for March 2020 contains the latest application exploits, threats and security evasion techniques along with technical data and high quality security rules.

Traffic IQ Professional

Traffic File Update for March 2020

153 Application Exploits

CUPS 2.0.3 - Reflected Cross-Site Scripting S
HTTP 60CycleCMS 2.5.2 'etsu' Cross Site Scripting S
HTTP 60CycleCMS 2.5.2 'ltsu' Cross Site Scripting S
HTTP 60CycleCMS 2.5.2 SQL Injection S
HTTP ACE SECURITY WiP-90113 HD Camera Remote Configuration Disclosure S
HTTP Adobe Flash - Type Confusion in IExternalizable.readExternal (CVE-2015-7647) S
HTTP Adobe Flash Overflow In ID3 Tag Parsing S
HTTP Adobe Flash Player ByteArray With Workers Use After Free S
HTTP Adobe Flash Player copyPixelsToByteArray Integer Overflow S
HTTP Adobe Flash Player UncompressViaZlibVariant Uninitialized Memory S
HTTP Adobe Flash TextField.gridFitType Setter - Use-After-Free S
HTTP Amovision AM-Q6320-WIFI HD Camera Remote Configuration Disclosure S
HTTP Aptina AR0130 Camera Remote Configuration Disclosure S
HTTP Avaya Aura Communication Manager 5.2 Remote Code Execution S
HTTP Cacti 1.2.8 Authenticated Remote Code Execution S
HTTP Centos WebPanel 7 'term' SQL Injection Vuln S
HTTP Centreo 19.10.8 Remote Code Execution S
HTTP Centreon Poller Authenticated Remote Command Execution S
HTTP Citrix Gateway 11.1 12.0 12.1 Cache Bypass S
HTTP Citrix Gateway 11.1 12.0 12.1 Cache Poisoning S
HTTP Citrix Gateway 11.1 12.0 12.1 Information Disclosure S
HTTP CUPS 2.0.3 - Remote Command Execution S
HTTP D-Link DGS-1250 Header Injection S
HTTP D-Link DIR-859 Unauthenticated Remote Command Execution S
HTTP DBPower C300 HD Camera Remote Configuration Disclosure S
HTTP Dokeos 'manager.php' CSRF Vuln (From Server) S
HTTP Dokeos 'manager.php' CSRF Vuln (To Server) S
HTTP EnovaNet Chateau-Thierry FormaLog WebService02 eChampagne 7.0 'num' SQL Injection Vuln S
HTTP ESCAM QD-900 WIFI HD Camera Remote Configuration Disclosure S
HTTP Exagate Sysguard 6001 'Add Admin' CSRF Vuln (From Server) S
HTTP Exagate Sysguard 6001 'Add Admin' CSRF Vuln (To Server) S
HTTP FlexNet License Server Manager lmgrd Buffer Overflow S
HTTP GE MDS PulseNET FileDownloadServlet Directory Traversal S
HTTP Google Chrome 67 68 69 Object.create Type Confusion S
HTTP Google Chrome 72 73 Array.map Corruption S
HTTP Google Chrome 80.0.3987.87 Denial Of Service S
HTTP HRSALE 1.1.8 'Add Admin' CSRF Vuln (From Server) S
HTTP HRSALE 1.1.8 'Add Admin' CSRF Vuln (To Server) S
HTTP IBM RICOH InfoPrint 6500 Printer 'destConf.html' HTML Injection Vuln S
HTTP Ingenious 2.3.0 'teacher_profile2.php' Arbitrary File Upload Vuln S
HTTP Intelbras Wireless N 150Mbps WRN240 Authentication Bypass S
HTTP IRISgraphic 1.0 'gallery-slider.php' SQL Injection Vuln S
HTTP IRISgraphic 1.0 'products.php' SQL Injection Vuln S
HTTP Isomorphic Smartclient 'developerConsoleOperations.jsp' File Inclusion Vuln S
HTTP Isomorphic Smartclient 'developerConsoleOperations.jsp' Information Disclosure S
HTTP Isomorphic Smartclient 'developerConsoleOperations.jsp' XXE Information Disclosure S
HTTP iStock Management System 1.0 'user profile' Arbitrary File Upload Vuln S
HTTP Joomla GMapFP 3.30 Arbitrary File Upload S
HTTP Joomla HDWPlayer 4.2 'index.php' SQL Injection Vuln S
HTTP LabVantage 8.3 - Information Disclosure S
HTTP LayerBB 1.1.3 'Change Password' Cross Site Request Forgery (From Server) S
HTTP LayerBB 1.1.3 'Change Password' Cross Site Request Forgery (To Server) S
HTTP LayerBB 1.1.3 'Edit Category' Cross Site Request Forgery (From Server) S
HTTP LayerBB 1.1.3 'Edit Category' Cross Site Request Forgery (To Server) S
HTTP LayerBB 1.1.3 'Edit Node' Cross Site Request Forgery (From Server) S
HTTP LayerBB 1.1.3 'Edit Node' Cross Site Request Forgery (To Server) S
HTTP LayerBB 1.1.3 'Edit User' Cross Site Request Forgery (From Server) S
HTTP LayerBB 1.1.3 'Edit User' Cross Site Request Forgery (To Server) S
HTTP LayerBB 1.1.3 'Edit UserGroup' Cross Site Request Forgery (From Server) S
HTTP LayerBB 1.1.3 'Edit UserGroup' Cross Site Request Forgery (To Server) S
HTTP LayerBB 1.1.3 'Forgot Password' Cross Site Request Forgery (From Server) S
HTTP LayerBB 1.1.3 'Forgot Password' Cross Site Request Forgery (To Server) S
HTTP LayerBB 1.1.3 'New UserGroup' Cross Site Request Forgery (From Server) S
HTTP LayerBB 1.1.3 'New UserGroup' Cross Site Request Forgery (To Server) S
HTTP LayerBB 1.1.3 'Reset Password' Cross Site Request Forgery (From Server) S
HTTP LayerBB 1.1.3 'Reset Password' Cross Site Request Forgery (To Server) S
HTTP LayerBB 1.1.3 'System Settings' Cross Site Request Forgery (From Server) S
HTTP LeptonCMS 4.5.0 'content' Cross-Site Scripting Vuln S
HTTP Liferay CE Portal 6.0.2 Remote Command Execution S
HTTP ManageEngine Desktop Central 9 FileUploadServlet ConnectionId S
HTTP Mezzanine 4.2.0 'author name' Cross-Site Scripting Vuln S
HTTP Microsoft Internet Explorer - CTreeNodeGetCascadedLang Use-After-Free (MS15-079) S
HTTP Microsoft Internet Explorer 8 - jscript 'Reg-Exp-BaseFBad-Header' UAF (MS15-018) S
HTTP MiladWorkShop VIP System 1.0 'lang' SQL Injection Vuln S
HTTP Nagios XI Authenticated Remote Command Execution S
HTTP Netis WF2419 2.2.36123 Remote Code Execution S
HTTP Netlink GPON Router 1.0.11 Remote Code Execution S
HTTP Oce Colorwave 500 'openSI' Cross Site Scripting S
HTTP Oce Colorwave 500 'settingId' Cross Site Scripting S
HTTP Orange Inventel LiveBox 'Change Admin Password' CSRF Vuln (From Server) S
HTTP Orange Inventel LiveBox 'Change Admin Password' CSRF Vuln (To Server) S
HTTP Orange Inventel LiveBox 'Change SSID' CSRF Vuln (From Server) S
HTTP Orange Inventel LiveBox 'Change SSID' CSRF Vuln (To Server) S
HTTP Persian VIP Download Script 1.0 'cart_edit.php' SQL Injection Vuln S
HTTP Phoenix Contact TC Router TC Cloud Client Command Injection S
HTTP phpEnter 4.2.7 (Add New Post) CSRF Vuln (From Server) S
HTTP phpEnter 4.2.7 (Add New Post) CSRF Vuln (To Server) S
HTTP PHPKB Multi-Language 9 Authenticated Directory Traversal S
HTTP PHPKB Multi-Language 9 Authenticated Remote Code Execution S
HTTP PHPKB Multi-Language 9 image-upload.php Code Execution S
HTTP PHPStudy Backdoor Remote Code Execution S
HTTP rConfig 3.9.3 Remote Code Execution S
HTTP rConfig 3.9.4 'db_payload' SQL Injection Vuln S
HTTP rConfig 3.9.4 'device_payload' SQL Injection Vuln S
HTTP rConfig 3.9.4 'searchColumn' SQL Injection Vuln S
HTTP rConfig 3.9.4 'user1_payload' SQL Injection Vuln S
HTTP rConfig 3.9.4 Remote Command Injection S
HTTP rConfig 3.93 Authenticated Remote Code Execution S
HTTP Rconfig 3.x 'commands.inc.php' SQL Injection S
HTTP Revotech I6032B-P Remote Configuration Disclosure S
HTTP Rocket Servergraph Admin Center tsmRequest Command Injection S
HTTP Satellian 1.12 Remote Code Execution S
HTTP SecuSTATION IPCAM-130 HD Camera Remote Configuration Disclosure S
HTTP SecuSTATION SC-831 HD Camera Remote Configuration Disclosure S
HTTP Sentrifugo HRMS 3.2 'id' SQL Injection Vuln S
HTTP SharePoint Workflows XOML Injection S
HTTP SialWeb CMS eCommerce 1.0 1.1 'id' SQL Injection Vuln S
HTTP Simple Forum PHP 2.4 'admin.php' (Edit Options) CSRF Vuln (From Server) S
HTTP Simple Forum PHP 2.4 'admin.php' (Edit Options) CSRF Vuln (To Server) S
HTTP Soluzione Globale Ecommerce CMS 1 'id' SQL Injection Vuln S
HTTP Spacemarc News (Add New Post) CSRF Vuln (From Server) S
HTTP Spacemarc News (Add New Post) CSRF Vuln (To Server) S
HTTP SPIP 3.1.2 CSRF Vuln (From Server) S
HTTP SPIP 3.1.2 CSRF Vuln (To Server) S
HTTP SuiteCRM 7.11.11 'parent_module' Local File Inclusion Vuln S
HTTP SuiteCRM 7.11.11 'parent_type' Local File Inclusion Vuln S
HTTP TP-Link Archer C50 V3 Denial of Service S
HTTP TP-Link TL-WR849N 0.9.1 4.16 Authentication Bypass S
HTTP TP-Link TL-WR849N Remote Code Execution S
HTTP troubletickets module for Ovidentia 'statistique_evolution.php' File Inclusion Vuln S
HTTP UADMIN Botnet 'link' SQL Injection Vuln S
HTTP UCM6202 1.0.18.13 Remote Command Injection S
HTTP UliCMS 2020.1 'content' Cross-Site Scripting Vuln S
HTTP UniSharp Laravel File Manager 'file' Directory Traversal Vuln S
HTTP Visual Mining NetCharts Server saveFile.jsp Directory Traversal S
HTTP Wago PFC200 Remote Code Execution S
HTTP WatchGuard Fireware AD Helper 5.8.5.10317 Credential Disclosure S
HTTP Wing FTP Server 6.2.3 'Delete Admin User' CSRF Vuln (From Server) S
HTTP Wing FTP Server 6.2.3 'Delete Admin User' CSRF Vuln (To Server) S
HTTP WordPress Ghost Plugin 0.5.5 'tools.php' Information Disclosure S
HTTP WordPress Plugin Add From Server 3.3.2 Arbitrary File Upload Vuln S
HTTP WordPress Plugin File Manager 3.0.1 CSRF Vuln (From Server) S
HTTP WordPress Plugin File Manager 3.0.1 CSRF Vuln (To Server) S
HTTP WordPress Plugin Tribulant Newsletters 4.6.4.2 'file' Directory Traversal Vuln S
HTTP WordPress Plugin Tribulant Newsletters 4.6.4.2 'id' Cross-Site Scripting Vuln S
HTTP WordPress Plugin Tribulant Newsletters 4.6.4.2 'id' Cross-Site Scripting Vuln_1 S
HTTP WordPress Plugin Tribulant Newsletters 4.6.4.2 'method' Cross-Site Scripting Vuln S
HTTP WordPress Plugin Tribulant Newsletters 4.6.4.2 'order' Cross-Site Scripting Vuln S
HTTP WordPress Plugin Tribulant Newsletters 4.6.4.2 'value' Cross-Site Scripting Vuln S
HTTP WordPress Plugin Tribulant Newsletters 4.6.4.2 'wpmlmessage' Cross-Site Scripting Vuln S
HTTP WordPress Plugin Tribulant Newsletters 4.6.4.2 'wpmlsearchterm' XSS Vuln S
HTTP WordPress StatTraq 1.3.0 'limitNumber' SQL Injection Vuln S
HTTP WordPress WP Forms 1.5.8.2 'Field Description' Cross-Site Scripting Vuln (From Server) S
HTTP WordPress WP Forms 1.5.8.2 'Field Description' Cross-Site Scripting Vuln (To Server) S
HTTP WordPress WP Forms 1.5.8.2 'Form Description' Cross-Site Scripting Vuln (From Server) S
HTTP WordPress WP Forms 1.5.8.2 'Form Description' Cross-Site Scripting Vuln (To Server) S
HTTP XOO Scripts XOO Digital 'p' SQL Injection Vuln S
HTTP YzmCMS 5.5 'url' Cross-Site Scripting Vuln S
HTTP ZKTeco ZKBioSecurity baseAction!getPageXML.action Directory Traversal Vuln S
SMB Connection To Port 445 S
SMB Microsoft Windows SMB 3.1.1 Remote Code Execution S
UDP Cisco ASA Software 8.x 9.x - IKEv1 and IKEv2 Buffer Overflow S
UDP HP Network Node Manager I - PMD Buffer Overflow (Metasploit) S


idappcom - Auditing, verifying and enhancing the capabilities of corporate security defences.

We do not use cookies for tracking users, displaying customised content or storing information about users, other than that required to maintain 'session state' for the login system for registered users. Please read our cookie policy for more information. Please note that by using this site you are consenting to the use of cookies.