Search

Traffic File Update - July 2020

This Traffic IQ Professional update for July 2020 contains the latest application exploits, threats and security evasion techniques along with technical data and high quality security rules.

Traffic IQ Professional

Traffic File Update for July 2020

167 Application Exploits

HTTP Afian FileRun 'search' SQL Injection Vuln S
HTTP Afian FileRun 'search' SQL Injection Vuln_1 S
HTTP Afian FileRun (Add New User) CSRF Vuln (From Server) S
HTTP Afian FileRun (Add New User) CSRF Vuln (To Server) S
HTTP Afian FileRun (Change User's Email address) CSRF Vuln (From Server) S
HTTP Afian FileRun (Change User's Email address) CSRF Vuln (To Server) S
HTTP Afian FileRun File Include Vuln (From Server) S
HTTP Afian FileRun File Include Vuln (To Server) S
HTTP Apartment Visitors Management System Project 1.0 SQL Injection S
HTTP Barangay Management System 1.0 SQL Injection Vuln S
HTTP Barangay Management System 1.0 SQL Injection Vuln_1 S
HTTP Bludit 3.9.2 Directory Traversal S
HTTP Bolt CMS 3.7.0 Shell Upload S
HTTP BSA Radar 1.6.7234.24750 - Authenticated Privilege Escalation S
HTTP BSA Radar 1.6.7234.24750 Change Password CSRF S
HTTP BSA Radar 1.6.7234.24750 Cross Site Scriping S
HTTP BSA Radar 1.6.7234.24750 Local File Inclusion S
HTTP BSA Radar 1.6.7234.24750 User Enumeration S
HTTP Castel NextGen DVR 1.0.0 Privilege Escalation S
HTTP Cisco Adaptive Security Appliance Software 9.11 Local File Inclusion S
HTTP Cisco ASA FTD Remote File Disclosure S
HTTP CMSUno 1.6 Cross Site Request Forgery (From Server) S
HTTP CMSUno 1.6 Cross Site Request Forgery (To Server) S
HTTP Company Visitor Management System (CVMS) 1.0 SQL Injection S
HTTP Daily Expense Tracker 1.0 SQL Injection S
HTTP Directory Management System (DMS) 1.0 'searchdata' SQL Injection S
HTTP Directory Management System (DMS) 1.0 'username' SQL Injection S
HTTP Drobo 5N2 4.1.1 Remote Command Injection S
HTTP e-learning PHP Script 0.1.0 'post_author' SQL Injection Vuln S
HTTP e-learning PHP Script 0.1.0 'post_content' SQL Injection Vuln S
HTTP e-learning PHP Script 0.1.0 'post_date' SQL Injection Vuln S
HTTP e-learning PHP Script 0.1.0 'post_id' SQL Injection Vuln S
HTTP e-learning PHP Script 0.1.0 'post_image' SQL Injection Vuln S
HTTP e-learning PHP Script 0.1.0 'post_keyword' SQL Injection Vuln S
HTTP e-learning PHP Script 0.1.0 'post_title' SQL Injection Vuln S
HTTP e-learning PHP Script 0.1.0 'search' SQL Injection Vuln S
HTTP eGroupWare 1.14 Remote Command Execution S
HTTP Employee Record Management System 1.1 SQL Injection S
HTTP EQDKP Plus CMS 2.3.29 Cross Site Scripting S
HTTP F5 BIG-IP ADC RCE Flaw 'fileRead.jsp' (CVE-2020-5902) S
HTTP F5 BIG-IP ADC RCE Flaw 'tmshCmd.jsp' (CVE-2020-5902) S
HTTP File Management System 1.1 'admin_password' Cross-Site Scripting Vuln S
HTTP File Management System 1.1 'admin_status' Cross-Site Scripting Vuln S
HTTP File Management System 1.1 'admin_user' Cross-Site Scripting Vuln S
HTTP File Management System 1.1 'id' Cross-Site Scripting Vuln S
HTTP File Management System 1.1 'name' Cross-Site Scripting Vuln S
HTTP GitLab 12.9.0 Arbitrary File Read S
HTTP Grafana 7.0.1 Denial Of Service S
HTTP HelloWeb 2.0 Arbitrary File Download S
HTTP Infor Storefront B2B 1.0 'cart.do' SQL Injection S
HTTP Infor Storefront B2B 1.0 'login.do' SQL Injection S
HTTP Joomla J2 JOBS 1.3.0 'js_sortby' SQL Injection Vuln S
HTTP Koken CMS 0.22.24 Shell Upload S
HTTP Kyocera D-COPIA 253MF Plus Directory Traversal Vuln S
HTTP LibreHealth 2.0.0 Authentication Bypass S
HTTP LibreHealth 2.0.0 Remote Code Execution S
HTTP Luatix OpenCTI 'graphql' Cross-Site Scripting Vuln S
HTTP Luatix OpenCTI 3.3.1 Directory Traversal Vuln S
HTTP ManageEngine Applications Manager 13 SQL Injection S
HTTP Microsoft Windows MSHTA.EXE .HTA File XML Injection S
HTTP Nagios XI 5.6.12 Remote Code Execution S
HTTP Namirial SIGNificant SignAnyWhere 6.10.x Cross Site Scripting S
HTTP NeonLMS 4.6 File Upload Vuln (From Server) S
HTTP NeonLMS 4.6 File Upload Vuln (To Server) S
HTTP Newsportal 3 'searchtitle' SQL Injection S
HTTP Newsportal 3 'username' SQL Injection S
HTTP OCS Inventory NG 2.7 Remote Code Execution S
HTTP Online Birth Certificate System 1.0 SQL Injection Code Execution S
HTTP Online Course Registration 1.0 Remote Code Execution S
HTTP Online DJ Booking Management System Project Report 1.0 SQL Injection Code Execution S
HTTP Online Farm Management System 0.1.0 'pid' Cross-Site Scripting Vuln S
HTTP Online Polling System 'mypassword' SQL Injection Vuln S
HTTP Online Polling System 'myusername' SQL Injection Vuln S
HTTP Online Student Enrollment System File Upload Vuln (From Server) S
HTTP Online Student Enrollment System File Upload Vuln (To Server) S
HTTP openSIS 7.4 Local File Inclusion S
HTTP openSIS 7.4 Unauthenticated PHP Code Execution S
HTTP Pandora FMS 7.0 NG 7XX Remote Command Execution S
HTTP PHPGuruku User Registration And Login And User Management System 2.1 SQL Inj Vuln S
HTTP PHPGuruku User Registration And Login And User Management System 2.1 SQL Inj Vuln_1 S
HTTP PHPGuruku User Registration And Login And User Management System 2.1 SQL Inj Vuln_2 S
HTTP PHPGuruku User Registration And Login And User Management System 2.1 SQL Inj Vuln_3 S
HTTP PHPGuruku User Registration And Login And User Management System 2.1 SQL Inj Vuln_4 S
HTTP PHPGuruku User Registration And Login And User Management System 2.1 SQL Inj Vuln_5 S
HTTP PHPGurukul Client Management System 1.0 'searchdata' SQL Injection Vuln S
HTTP PHPGurukul Complaint Management System 4.2 'contactno' Cross-Site Scripting Vuln S
HTTP PHPGurukul Complaint Management System 4.2 'email' Cross-Site Scripting Vuln S
HTTP PHPGurukul Complaint Management System 4.2 'fullname' Cross-Site Scripting Vuln S
HTTP PHPGurukul Complaint Management System 4.2 'password' Cross-Site Scripting Vuln S
HTTP PHPGurukul Complaint Management System 4.2 'password' SQL Injection Vuln S
HTTP PHPGurukul Complaint Management System 4.2 'username' SQL Injection Vuln S
HTTP PHPGurukul Curfew E-Pass Management System 1.0 SQL Injection Vuln S
HTTP PHPGurukul Cyber Cafe Management System 'email' SQL Injection Vuln S
HTTP PHPGurukul Cyber Cafe Management System 'searchdata' SQL Injection Vuln S
HTTP PHPGurukul Cyber Cafe Management System 'username' SQL Injection Vuln S
HTTP PHPGurukul Online Shopping Portal 3.1 'email' SQL Injection Vuln S
HTTP PHPGurukul Park Ticketing Management System 1.0 'password' SQL Injection Vuln S
HTTP PHPGurukul Park Ticketing Management System 1.0 'username' SQL Injection Vuln S
HTTP PHPGurukul Park Ticketing Management System 1.0 'viewid' SQL Injection Vuln S
HTTP PHPGurukul Small CRM 2.0 'id' SQL Injection Vuln S
HTTP PHPGurukul Teachers Record Management System 1.0 'searchteacher' SQL Injection Vuln S
HTTP PHPGurukul User Management System 2.0 'contact' Cross-Site Scripting Vuln S
HTTP PHPGurukul User Management System 2.0 'email' Cross-Site Scripting Vuln S
HTTP PHPGurukul User Management System 2.0 'fname' Cross-Site Scripting Vuln S
HTTP PHPGurukul User Management System 2.0 'lname' Cross-Site Scripting Vuln S
HTTP PHPGurukul User Management System 2.0 'password' Cross-Site Scripting Vuln S
HTTP PHPGurukul User Management System 2.0 'password' SQL Injection Vuln S
HTTP PHPGurukul User Management System 2.0 'username' SQL Injection Vuln S
HTTP Plex Unpickle Dict Windows Remote Code Execution S
HTTP Plexus anblick Digital Signage Management 3.1.13 Open Redirect S
HTTP PMB 5.6 'filename' Cross-Site Scripting Vuln S
HTTP RauLink Software Domotica Web 2.0 'usuario' SQL Injection Vuln S
HTTP Reside Property Management 3.0 'profile' SQL Injection Vuln S
HTTP Responsive Online Blog 1.0 'id' SQL Injection Vuln S
HTTP RiteCMS 2.2.1 Remote Code Execution S
HTTP Rittal Products - Command Injection S
HTTP RSA IG+L Aveksa 7.1.1 Remote Code Execution S
HTTP Ruby On Rails 5.0.1 Remote Code Execution S
HTTP Savsoft Quiz 5 'contact_no' Cross-Site Scripting Vuln S
HTTP Savsoft Quiz 5 'email' Cross-Site Scripting Vuln S
HTTP Savsoft Quiz 5 'first_name' Cross-Site Scripting Vuln S
HTTP Savsoft Quiz 5 'gid' Cross-Site Scripting Vuln S
HTTP Savsoft Quiz 5 'last_name' Cross-Site Scripting Vuln S
HTTP Savsoft Quiz 5 'password' Cross-Site Scripting Vuln S
HTTP Sellacious eCommerce Shop 'Address' Cross-Site Scripting Vuln S
HTTP Sellacious eCommerce Shop 'Company' Cross-Site Scripting Vuln S
HTTP Sellacious eCommerce Shop 'First name' Cross-Site Scripting Vuln S
HTTP Sellacious eCommerce Shop 'Full name' Cross-Site Scripting Vuln S
HTTP Sellacious eCommerce Shop 'Landmark' Cross-Site Scripting Vuln S
HTTP Sellacious eCommerce Shop 'Last name' Cross-Site Scripting Vuln S
HTTP Sellacious eCommerce Shop 'Middle name' Cross-Site Scripting Vuln S
HTTP Sellacious eCommerce Shop 'PO Box' Cross-Site Scripting Vuln S
HTTP Sickbeard 0.1 Cross Site Request Forgery (From Server) S
HTTP Sickbeard 0.1 Cross Site Request Forgery (To Server) S
HTTP Sistem Informasi Pengumuman Kelulusan Online 1.0 CSRF Vuln (From Server) S
HTTP Sistem Informasi Pengumuman Kelulusan Online 1.0 CSRF Vuln (To Server) S
HTTP Socket.io-file 2.0.31 Arbitrary File Upload S
HTTP Sophos VPN Web Panel 2020 Denial Of Service S
HTTP SuperMicro IPMI 03.40 (Add Admin) CSRF Vuln (From Server) S
HTTP SuperMicro IPMI 03.40 (Add Admin) CSRF Vuln (To Server) S
HTTP UBICOD Medivision Digital Signage 1.5.1 (Add Super Admin) CSRF Vuln (From Server) S
HTTP UBICOD Medivision Digital Signage 1.5.1 (Add Super Admin) CSRF Vuln (To Server) S
HTTP Vehicle Parking Management System 1.0 'index.php' SQL Injection S
HTTP Vehicle Parking Management System 1.0 'print.php' SQL Injection S
HTTP Webtareas 2.1 2.1p 'addextension.php' Cross-Site Scripting Vuln S
HTTP Webtareas 2.1 2.1p 'add_announcement.php' Cross-Site Scripting Vuln S
HTTP Webtareas 2.1 2.1p 'claim_type.php' Cross-Site Scripting Vuln S
HTTP Webtareas 2.1 2.1p 'departments.php' Cross-Site Scripting Vuln S
HTTP Webtareas 2.1 2.1p 'editclient.php' Cross-Site Scripting Vuln S
HTTP Webtareas 2.1 2.1p 'editclient.php' Cross-Site Scripting Vuln_1 S
HTTP Webtareas 2.1 2.1p 'editclient.php' Cross-Site Scripting Vuln_2 S
HTTP Webtareas 2.1 2.1p 'editclient.php' Cross-Site Scripting Vuln_3 S
HTTP Webtareas 2.1 2.1p 'editclient.php' Cross-Site Scripting Vuln_4 S
HTTP Webtareas 2.1 2.1p 'editproject.php' Cross-Site Scripting Vuln S
HTTP Webtareas 2.1 2.1p 'locations.php' Cross-Site Scripting Vuln S
HTTP Webtareas 2.1 2.1p 'newnotifications.php' Cross-Site Scripting Vuln S
HTTP Webtareas 2.1 2.1p File Upload Information Disclosure S
HTTP Wing FTP Server 6.3.8 Remote Code Execution S
HTTP WordPress Email Subscribers And Newsletters 4.2.2 'hash' SQL Injection S
HTTP WordPress Email Subscribers And Newsletters 4.2.2 File Disclosure S
HTTP WordPress Maintenance Mode By SeedProd 5.1.1 Cross Site Scripting S
HTTP WordPress NexosReal Estate Theme 1.7 Cross Site Scripting S
HTTP WordPress NexosReal Estate Theme 1.7 SQL Injection S
HTTP WordPress Powie's WHOIS Domain Check 0.9.31 Cross Site Scripting S
HTTP YesWiki cercopitheque 2020.04.18.1 'id' SQL Injection Vuln S
HTTP ZenTao Pro 8.8.2 Command Injection S
Malware GET Request Associated with Formbook Malware (sagc.be) S


idappcom - Auditing, verifying and enhancing the capabilities of corporate security defences.

We do not use cookies for tracking users, displaying customised content or storing information about users, other than that required to maintain 'session state' for the login system for registered users. Please read our cookie policy for more information. Please note that by using this site you are consenting to the use of cookies.