Search

Traffic File Update - September 2016

This Traffic IQ Professional update for September 2016 contains the latest application exploits, threats and security evasion techniques along with technical data and high quality security rules.

Traffic IQ Professional

Traffic File Update for September 2016

159 Application Exploits

Adobe Flash Color.setTransform Use-After-Free Vulnerability S
Adobe Flash Color.setTransform Use-After-Free Vulnerability_1 S
Adobe Flash JXR Processing Double Free CVE-2016-4136 Vulnerability S
Adobe Flash LMZA Property Decoding Heap Corruption vulnerability S
Adobe Flash Player DefineBitsJPEG2 Memory Corruption Vulnerability S
Adobe Flash Player DefineSprite Memory Corruption Vulnerability S
Adobe Flash Player SceneAndFrameData Memory Corruption Vulnerability S
Adobe Flash Stack Parameter Access in Object.unwatch UaF Fix Vulnerability S
Adobe Flash Stack Parameter Access in Object.unwatch UaF Fix Vulnerability_1 S
Adobe Flash TextField.maxChars Use-After-Free CVE-2015-8426 Vulnerability_1 S
Adobe Flash URLStream.readObject Use-After-Free Vulnerability S
Adobe Photoshop CC & Bridge CC .IFF File Parsing Vulnerability S
Adobe Photoshop CC & Bridge CC .PNG File Parsing Vulnerability S
Adobe Photoshop CC & Bridge CC .PNG File Parsing Vulnerability_1 S
HTTP Apache Struts Dynamic Method Invocation Remote Code Execution S
HTTP Apache Struts REST Plugin With Dynamic Method Invocation Remote Code Execution S
HTTP ArcSight Logger - Arbitrary File Upload (Code Execution) S
HTTP Baidu Spark Browser 43.23.1000.476 - Address Bar URL Spoofing S
HTTP Belkin Router AC1200 Firmware 1.00.27 - Authentication Bypass S
HTTP BuilderEngine 3.5.0 - Arbitrary File Upload S
HTTP Clear Voyager Hotspot Arbitrary File Disclosure Vulnerability S
HTTP ClipperCMS 1.3.0 Code Execution S
HTTP ClipperCMS 1.3.0 File Upload S
HTTP Dolphin 7.3.0 - Error-Based SQL Injection S
HTTP ElasticSearch - Unauthenticated Remote Code Execution S
HTTP Endian Firewall 3.0.0 - OS Command Injection (Python PoC) S
HTTP Flash Boundless Tunes - Universal SOP Bypass Through ActionScript's Sound Object S
HTTP Joomla Guru Pro Component SQL Injection Vulnerability S
HTTP jQuery jui_filter_rules PHP Code Execution S
HTTP NASdeluxe NDL-2400r 2.01.09 - OS Command Injection S
HTTP Novell ZENworks Configuration Management Arbitrary File Upload S
HTTP NUUO NVRmini Arbitrary File Deletion Vulnerability S
HTTP OPAC KpwinSQL SQL Injection Vulnerability S
HTTP OpenFire 3.10.2 - 4.0.1 - 'domain' Cross Site Scripting S
HTTP OpenFire 3.10.2 - 4.0.1 - 'groupchatJID' Cross Site Scripting S
HTTP OpenFire 3.10.2 - 4.0.1 - 'groupchatName' Cross Site Scripting S
HTTP OpenFire 3.10.2 - 4.0.1 - 'groups' Cross Site Scripting S
HTTP OpenFire 3.10.2 - 4.0.1 - 'mucdesc' Cross Site Scripting (From Server) S
HTTP OpenFire 3.10.2 - 4.0.1 - 'mucdesc' Cross Site Scripting (To Server) S
HTTP OpenFire 3.10.2 - 4.0.1 - 'propValue' Cross Site Scripting S
HTTP OpenFire 3.10.2 - 4.0.1 - 'remotePort' Cross Site Scripting S
HTTP OpenFire 3.10.2 - 4.0.1 - 'searchname' Cross Site Scripting (From Server) S
HTTP OpenFire 3.10.2 - 4.0.1 - 'searchname' Cross Site Scripting (To Server) S
HTTP OpenFire 3.10.2 - 4.0.1 - 'serverName' Cross Site Scripting (From Server) S
HTTP OpenFire 3.10.2 - 4.0.1 - 'serverName' Cross Site Scripting (To Server) S
HTTP OpenFire 3.10.2 - 4.0.1 - 'users' Cross Site Scripting S
HTTP Option CloudGate XSS Vulnerability S
HTTP Option CloudGate XSS Vulnerability_1 S
HTTP Option CloudGate XSS Vulnerability_2 S
HTTP PHP File Vault Directory Traversal Vulnerability S
HTTP PHP Power Browse Directory Traversal Vulnerability S
HTTP PHP Property Agent RealeState Script Sql Injection Vulnerability S
HTTP phpATM 1.32 - Remote Command Execution (Shell Upload) on Windows Servers S
HTTP PIKATEL 96338WS, 96338L-2M-8M - Unauthenticated DNS Change S
HTTP PLANET VDR-300NU ADSL Router - Unauthenticated DNS Change S
HTTP PLC Wireless Router Arbitrary File Disclosure Vulnerability S
HTTP Riverbed SteelCentral NetProfiler & NetExpress Code Execution Vulnerability S
HTTP Riverbed SteelCentral NetProfiler & NetExpress Code Execution Vulnerability_1 S
HTTP Riverbed SteelCentral NetProfiler & NetExpress Code Execution Vulnerability_2 S
HTTP Riverbed SteelCentral NetProfiler & NetExpress Code Execution Vulnerability_3 S
HTTP Riverbed SteelCentral NetProfiler & NetExpress Code Execution Vulnerability_4 S
HTTP Riverbed SteelCentral NetProfiler & NetExpress SQL Injection Vulnerability S
HTTP Riverbed SteelCentral NetProfiler & NetExpress SQL Injection Vulnerability_1 S
HTTP Riverbed SteelCentral NetProfiler & NetExpress SQL Injection Vulnerability_2 S
HTTP Riverbed SteelCentral NetProfiler & NetExpress SQL Injection Vulnerability_3 S
HTTP Riverbed SteelCentral NetProfiler & NetExpress SQL Injection Vulnerability_4 S
HTTP Roxy Fileman Arbitrary File Upload Vulnerability S
HTTP Sakai 10.7 - 'job_name' parameter XSS S
HTTP Sakai 10.7 - File Upload 'filename' parameter XSS S
HTTP Sakai 10.7 - Local File Inclusion S
HTTP Sakai 10.7 - XSS in URI S
HTTP Samsung Smart Home Camera SNH-P-6410 - Command Injection S
HTTP SAP NetWeaver AS JAVA 7.4 XXE Injection S
HTTP SAP NetWeaver AS JAVA XML Information Disclosure Vulnerability S
HTTP SIEMENS IP Camera CCMW1025 x.2.2.1798 - Remote Admin Credentials Change S
HTTP SIEMENS IP Cameras (Multiple Models) - 'config.ini' Disclosure Configuration S
HTTP SIEMENS IP Cameras (Multiple Models) - 'ikwd03conf.ini' Disclosure Configuration S
HTTP SIEMENS IP-Camera CVMS2025-IR CCMS2025 - Credentials Disclosure S
HTTP Symantec Messaging Gateway 10.6.1 - Directory Traversal S
HTTP Tenda ADSL22+ Modem 963281TAN - Unauthenticated DNS Change S
HTTP Tiki Wiki CMS Arbitrary File Download Vulnerability S
HTTP TOSHIBA IP-Camera IK-WP41A - Authentication Bypass Configuration Download S
HTTP Trend Micro Deep Discovery 3.7 3.8 SP1 (3.81) 3.8 SP2 (3.82) - hotfix_upload.cgi RCE S
HTTP TrendMicro Node.js HTTP Server Command Execution S
HTTP Ubee EVW3226 ModemRouter 1.0.20 - Authentication Bypass S
HTTP Ubee EVW3226 ModemRouter 1.0.20 - Backup File Disclosure S
HTTP Ubee EVW3226 ModemRouter 1.0.20 - Local File Inclusion S
HTTP Ubiquiti Administration Portal - CSRF to Remote Command Execution (From Server) S
HTTP Ubiquiti Administration Portal - CSRF to Remote Command Execution (To Server) S
HTTP Vanderbilt IP-Camera CCPW3025-IR CVMW3025-IR - Credentials Disclosure S
HTTP WebKit - TypedArray.copyWithin Memory Corruption S
HTTP WebKit - TypedArray.fill Memory Corruption S
HTTP WebNMS Framework Server 5.2 5.2 SP1 - Credentials Disclosure S
HTTP WebNMS Framework Server 5.2 5.2 SP1 - Directory Traversal In File Download S
HTTP WebNMS Framework Server 5.2 5.2 SP1 - Directory Traversal In File Upload S
HTTP WebNMS Framework Server 5.2 5.2 SP1 - User Account Hijacking S
HTTP WordPress Double Opt-In for Download Plugin SQL Injection Vulnerability (From Server) S
HTTP WordPress Double Opt-In for Download Plugin SQL Injection Vulnerability (To Server) S
HTTP WordPress Huge-IT Image Gallery Plugin SQL Injection Vulnerability S
HTTP WordPress Huge-IT Image Gallery Plugin SQL Injection Vulnerability_1 S
HTTP WordPress Huge-IT Image Gallery Plugin SQL Injection Vulnerability_2 S
HTTP WordPress Huge-IT Image Gallery Plugin SQL Injection Vulnerability_3 S
HTTP WordPress Huge-IT Image Gallery Plugin SQL Injection Vulnerability_4 S
HTTP WordPress Plugin CYSTEME Finder 1.3 - Arbitrary File Disclosure - JSON S
HTTP WordPress Plugin CYSTEME Finder 1.3 - Arbitrary File Disclosure S
HTTP WordPress Plugin CYSTEME Finder 1.3 - File Upload S
HTTP WordPress Plugin WP Mobile Detector Arbitrary File Upload Vulnerability S
HTTP WordPress Q and A (Focus Plus) FAQ Plugin Full Path Disclosure Vulnerability S
HTTP WordPress Q and A (Focus Plus) FAQ Plugin Full Path Disclosure Vulnerability_1 S
HTTP WordPress Q and A (Focus Plus) FAQ Plugin Full Path Disclosure Vulnerability_2 S
HTTP WordPress Q and A (Focus Plus) FAQ Plugin Full Path Disclosure Vulnerability_3 S
HTTP WordPress Q and A (Focus Plus) FAQ Plugin Full Path Disclosure Vulnerability_4 S
HTTP WordPress Q and A (Focus Plus) FAQ Plugin Full Path Disclosure Vulnerability_5 S
HTTP WordPress Q and A (Focus Plus) FAQ Plugin Full Path Disclosure Vulnerability_6 S
HTTP WordPress Q and A (Focus Plus) FAQ Plugin Full Path Disclosure Vulnerability_7 S
HTTP WordPress Q and A (Focus Plus) FAQ Plugin Full Path Disclosure Vulnerability_8 S
HTTP WordPress Q and A (Focus Plus) FAQ Plugin Full Path Disclosure Vulnerability_9 S
HTTP WordPress Q and A (Focus Plus) FAQ Plugin SQL Injection Vulnerability S
HTTP WordPress Q and A (Focus Plus) FAQ Plugin SQL Injection Vulnerability_1 S
HTTP WordPress Simple Backup Plugin Arbitrary File Deletion Vulnerability S
HTTP WordPress Simple Backup Plugin Directory Traversal Vulnerability S
HTTP WordPress Simple Backup Plugin File Download Vulnerability S
HTTP Wowza Streaming Engine Cross Site Scripting Vulnerability S
HTTP Wowza Streaming Engine Cross Site Scripting Vulnerability_1 S
HTTP Wowza Streaming Engine Cross Site Scripting Vulnerability_10 S
HTTP Wowza Streaming Engine Cross Site Scripting Vulnerability_11 S
HTTP Wowza Streaming Engine Cross Site Scripting Vulnerability_2 S
HTTP Wowza Streaming Engine Cross Site Scripting Vulnerability_3 S
HTTP Wowza Streaming Engine Cross Site Scripting Vulnerability_4 S
HTTP Wowza Streaming Engine Cross Site Scripting Vulnerability_5 S
HTTP Wowza Streaming Engine Cross Site Scripting Vulnerability_6 S
HTTP Wowza Streaming Engine Cross Site Scripting Vulnerability_7 S
HTTP Wowza Streaming Engine Cross Site Scripting Vulnerability_8 S
HTTP Wowza Streaming Engine Cross Site Scripting Vulnerability_9 S
HTTP Wowza Streaming Engine CSRF Vulnerability (From Server) S
HTTP Wowza Streaming Engine CSRF Vulnerability (To Server) S
HTTP WSO2 Identity Server 5.1.0 - XXE Information Disclosure S
Malware Afraidgate URL return with iframe pointing to Rig EK (add.thedocumentarywebsite.com) S
Malware Compromised Web Page linking to EITest Gate and Flash download (www.erotic-news.top) S
Malware Compromised Web Page with link to Afraidgate and Rig EK (human.neurogaming.net ) S
Malware DNS Request for domain associated with Afraidgate and Rig EK (human.neurogaming.net) S
Malware DNS Request for domain associated with Afraidgate and Rig EK (www.languagerealm.com) S
Malware DNS Request for domain associated with GozNym Banking Trojan (carsi12.com) S
Malware DNS Request for domain associated with GozNym Banking Trojan (humzka.com) S
Malware DNS Request for domain associated with GozNym Banking Trojan (kcrznhnlpw.com) S
Malware DNS Request for domain associated with GozNym Banking Trojan (mbcqjsuqsd.com) S
Malware DNS Request for domain associated with GozNym Banking Trojan (morelikestoday.com) S
Malware DNS Request for domain associated with GozNym Banking Trojan (sociallyvital.com) S
Malware DNS Request for domain associated with Locky Ransomware (crocotan.com) S
Malware DNS Request for domain associated with Rig EK (add.thedocumentarywebsite.com) S
Malware DNS Request for domain name associated with EITest Gate (www.erotic-news.top) S
Malware DNS Request for domain name associated with Rig EK (z2qnft1lmn.top) S
Malware Download of malicious Flash File from EITest Gate (www.erotic-news.top) S
Malware GET Request for malicious File associated with EITest Gate (www.erotic-news.top) S
Malware GET Request for malicious File associated with Rig EK (z2qnft1lmn.top) S
Malware HTTP Exchange between Client and Rig EK Server (add.thedocumentarywebsite.com) S
Malware HTTP Exchange between Client and Rig EK Server (add.thedocumentarywebsite.com)_1 S
Malware Locky Ransomware Downloader (crocotan.com) S
Malware Locky Ransomware Post Infection Chat (crocotan.com) S


idappcom - Auditing, verifying and enhancing the capabilities of corporate security defences.

We do not use cookies for tracking users, displaying customised content or storing information about users, other than that required to maintain 'session state' for the login system for registered users. Please read our cookie policy for more information. Please note that by using this site you are consenting to the use of cookies.