Search

Traffic File Update - February 2017

This Traffic IQ Professional update for February 2017 contains the latest application exploits, threats and security evasion techniques along with technical data and high quality security rules.

Traffic IQ Professional

Traffic File Update for February 2017

163 Application Exploits

HTTP 9 Network Linkedin Clone Script - 'active_user.php' Improper Access Restrictions S
HTTP 9 Network Linkedin Clone Script - 'deactive_user.php' Improper Access Restrictions S
HTTP 9 Network Linkedin Clone Script - 'industry-list.php' Improper Access Restrictions S
HTTP 9 Network Linkedin Clone Script - 'job-list.php' Improper Access Restrictions S
HTTP 9 Network Linkedin Clone Script - 'job-pack.php' Improper Access Restrictions S
HTTP 9 Network Linkedin Clone Script - 'unverified_user.php' Improper Access Restrictions S
HTTP 9 Network Linkedin Clone Script - 'welcome.php' Improper Access Restrictions S
HTTP Apple WebKit - 'HTMLFormElementreset()' Use-After Free S
HTTP Apple WebKit - 'HTMLKeygenElement' Type Confusion S
HTTP Apple WebKit - Type Confusion in RenderBox with Accessibility Enabled S
HTTP Article Directory Script Seo 3.2 - 'alldoc.php' Improper Access Restrictions S
HTTP Article Directory Script Seo 3.2 - 'editdoc.php' Improper Access Restrictions S
HTTP Centreon 2.5.3 - Web Useralias Command Execution (Metasploit) S
HTTP Cisco WebEx - 'nativeMessaging' Arbitrary Remote Command Execution S
HTTP CloneScriptSoft B2B Alibaba Clone Script 'category.php' SQL Injection Vulnerability S
HTTP Collabo - Arbitrary File Download S
HTTP Complain Management System 'process.php' SQL injection Vulnerability S
HTTP Courier Management System 'login.php' SQL Injection Vulnerability S
HTTP Courier Management System 'login.php' SQL Injection Vulnerability_1 S
HTTP D-Link DIR-615 'apply.cgi' Cross Site Scripting Vulnerability (From Server) S
HTTP D-Link DIR-615 'apply.cgi' Cross Site Scripting Vulnerability (To Server) S
HTTP D-Link DIR-615 'ping_response.cgi' Cross Site Scripting Vulnerability (From Server) S
HTTP D-Link DIR-615 'ping_response.cgi' Cross Site Scripting Vulnerability (To Server) S
HTTP Dentist Website Script 'add_gallery.php' SQL Injection Vulnerability S
HTTP Dentist Website Script 'client.entry.php' SQL Injection Vulnerability S
HTTP DiskSavvy Enterprise - GET Buffer Overflow (Metasploit) S
HTTP Drupal Module Coder 7.x-1.3 7.x-2.6 - RCE (SA-CONTRIB-2016-039) S
HTTP Exponent 2.3.7 PHP Code Execution S
HTTP Exponent 2.3.7 PHP Code Injection (From Server) S
HTTP Exponent 2.3.7 PHP Code Injection (To Server) S
HTTP Finance Website Script - SQL Injection S
HTTP Flippa Website Script - 'category.entryform.php' SQL Injection S
HTTP Flippa Website Script - 'page.editor.php' SQL Injection S
HTTP Friends in War My Photo Gallery 'image.php' SQL injection Vulnerability S
HTTP Geutebrueck GCore 1.3.8.42 1.4.2.37 - Remote Code Execution (Metasploit) S
HTTP Google Chrome - 'HTMLKeygenElementshadowSelect()' Type Confusion S
HTTP Google Chrome 31.0.1650.48 - HTTP 1xx base String-Tokenizer QuickGetNext Out-of-Bounds S
HTTP Huge-IT Portfolio Gallery extension for Joomla SQL Injection Vulnerability S
HTTP i-Netsolution Classifieds Rental Script SQL Injection Vulnerability S
HTTP Inout StickBoard 1.0 Script - 'changepassword' Improper Access Restrictions S
HTTP Inout StickBoard 1.0 Script - 'changeprofileimage' Improper Access Restrictions S
HTTP Inout StickBoard 1.0 Script - 'clearcache' Improper Access Restrictions S
HTTP Inout StickBoard 1.0 Script - 'manage' Improper Access Restrictions S
HTTP Inout StickBoard 1.0 Script - 'userdetails' Improper Access Restrictions S
HTTP Inout StickBoard 1.0 Script - 'websitepin' Improper Access Restrictions S
HTTP Inout Webmail Ultimate Edition 4.0 Script - 'accountactivity' Improper Access S
HTTP Inout Webmail Ultimate Edition 4.0 Script - 'calendar' Improper Access Restrictions S
HTTP Inout Webmail Ultimate Edition 4.0 Script - 'registration_showgraph' Improper Access S
HTTP Inout Webmail Ultimate Edition 4.0 Script - 'showgraph' Improper Access Restrictions S
HTTP Inout Webmail Ultimate Edition 4.0 Script - 'sponsoredlinks' Improper Access S
HTTP Inout Webmail Ultimate Edition 4.0 Script - 'todolist' Improper Access Restrictions S
HTTP iTechScript Classifieds Script 'message.php' SQL Injection Vulnerability S
HTTP iTechScript Classifieds Script 'showSubcat.php' SQL Injection Vulnerability S
HTTP iTechScript Classifieds Script 'subpage.php' SQL Injection Vulnerability S
HTTP iTechScript Movie Portal Script 'artist-display.php' SQL Injection Vulnerability S
HTTP iTechScript Movie Portal Script 'film-rating.php' SQL Injection Vulnerability S
HTTP iTechScript Movie Portal Script 'movie.php' Cross Site Scripting Vulnerability S
HTTP iTechScript Movie Portal Script 'show_misc_video.php' SQL Injection Vulnerability S
HTTP iTechScript Movie Portal Script 'show_news.php' SQL Injection Vulnerability S
HTTP iTechScripts Auction Script 'list_photo.php' SQL Injection Vulnerability S
HTTP iTechScripts Auction Script 'mcategory.php' SQL Injection Vulnerability S
HTTP iTechScripts B2B Script 'catcompany.php' SQL Injection Vulnerability S
HTTP iTechScripts B2B Script 'catcompany.php' SQL Injection Vulnerability_1 S
HTTP iTechScripts B2B Script 'search.php' SQL Injection Vulnerability S
HTTP iTechScripts Caregiver Script 'searchJob.php' SQL Injection Vulnerability S
HTTP iTechScripts Dating Script 'send_gift.php' SQL Injection Vulnerability S
HTTP iTechScripts Freelancer Script 'category.php' SQL Injection Vulonerability S
HTTP iTechScripts Multi Vendor Script 'product-list.php' SQL Injection Vulnerability S
HTTP iTechScripts Multi Vendor Script 'product.php' SQL Injection Vulnerability S
HTTP iTechScripts Multi Vendor Script 'product_search.php' SQL Injection Vulnerability S
HTTP iTechScripts Multi Vendor Script 'product_search.php' SQL Injection Vulnerability_1 S
HTTP iTechScripts Multi Vendor Script 'quickview.php' SQL Injection Vulnerability S
HTTP iTechScripts News Portal Script 'information.php' SQL Injection Vulnerability S
HTTP iTechScripts News Portal Script 'subcategory.php' SQL Injection Vulnerability S
HTTP iTechScripts Real Estate Script 'search_property.php' SQL Injection Vulnerability S
HTTP iTechScripts Video Sharing Script 'channels.php' SQL Injection Vulnerability S
HTTP iTechScripts Video Sharing Script 'faq_show.php' SQL Injection Vulnerability S
HTTP iTechScripts Video Sharing Script 'watch-video.php' SQL Injection Vulnerability S
HTTP Joomla Content History SQLi Remote Code Execution S
HTTP KB Affiliate Referral Script 1.0 - Authentication Bypass S
HTTP KB Login Authentication Script 1.1 - Authentication Bypass S
HTTP KB Messages PHP Script 1.0 - Authentication Bypass S
HTTP Lepton CMS 2.2.0 2.2.1 - PHP Code Injection S
HTTP LogoStore 'search.php' SQL Injection Vulnerability S
HTTP Manufacturer Website Design Script 'add_product.php' SQL Injection Vulnerability S
HTTP Medical Clinic Website Script 'add_team_member.php' SQL Injection Vulnerability S
HTTP Micro Code MC Inventory Manager Script 'dashbaord.php' SQL Injection Vulnerability S
HTTP Micro Code MC Inventory Manager Script 'dashbaord.php' SQL Injection Vulnerability_1 S
HTTP Micro Code MC Inventory Manager Script Bypass Security Vulnerability (From Server) S
HTTP Micro Code MC Inventory Manager Script Bypass Security Vulnerability (To Server) S
HTTP Microsoft DirectShow Remote Code Execution S
HTTP Microsoft Edge and IE11 - 'HandleColumnBreakOnColumnSpanningElement' Type Confusion S
HTTP Microsoft IE11 - MSHTML CPaste-Command-Convert-Bitmapto-Png Heap-Based BO (MS14-056) S
HTTP Microsoft Internet Explorer MSHTML DOMImplementation Type Confusion S
HTTP Multi Outlets POS 'view_invoice' SQL Injection Vulnerability S
HTTP My Private Tutor Website Builder Script 'add_cat.php' SQL Injection Vulnerability S
HTTP My Private Tutor Website Builder Script 'add_subcat.php' SQL Injection Vulnerability S
HTTP My Private Tutor Website Builder Script 'group_class.php' SQL Injection Vulnerability S
HTTP My Private Tutor Website Builder Script 'join_class.php' SQL Injection Vulnerability S
HTTP MyBB 1.8.3 (with PHP 5.6 5.6.11) - Remote Code Execution S
HTTP Netman 204 - Backdoor Account Access S
HTTP NGO Website Script 'addblog.php' SQL Injection Vulnerability S
HTTP NGO Website Script 'addnew.activity.php' SQL Injection Vulnerability S
HTTP NGO Website Script 'addnew.event.php' SQL Injection Vulnerability S
HTTP NGO Website Script 'add_new_photo.php' SQL Injection Vulnerability S
HTTP NGO Website Script 'add_new_project.php' SQL Injection Vulnerability S
HTTP NGO Website Script 'add_new_video.php' SQL Injection Vulnerability S
HTTP ntop ntopng Web Interface 'add_user.lua' CSRF Vulnerability (From Server) S
HTTP ntop ntopng Web Interface 'add_user.lua' CSRF Vulnerability (To Server) S
HTTP Online Hotel Booking System Pro 'roomtype-details.php' SQL Injection Vulnerability S
HTTP Online Mobile Recharge Script 'user_edit.php' SQL Injection Vulnerability S
HTTP Online Printing Business Clone 'product.entryform.php' SQL Injection Vulnerability S
HTTP Online Printing Business Clone Script 'product-decs.php' SQL Injection Vulnerability S
HTTP Online Tshirt Design Script 'product.new.add.php' SQL Injection Vulnerability S
HTTP OpenBSD HTTPd 6.0 - Memory Exhaustion Denial of Service S
HTTP PHPBack 'phpback master home postidea' Cross Site Scripting Vulnerability S
HTTP PHPBack 'phpback master home postidea' Cross Site Scripting Vulnerability_1 S
HTTP PHPBack 'phpback master home search' SQL Injection Vulnerability S
HTTP QNAP NVRNAS - Buffer Overflow S
HTTP Radisys MRF - Command Injection S
HTTP Real Estate Script 'agent_search_property.php' SQL Injection Vulnerability S
HTTP Responsive Filemanager 9.11.0 - 'copy_cut' Arbitrary File Disclosure S
HTTP Responsive Filemanager 9.11.0 - 'paste_clipboard' Arbitrary File Disclosure S
HTTP Samsung iPOLiS ReadConfigValue Remote Code Execution S
HTTP Script Folder Classifieds Script 'search.php' SQL Injection Vulnerability S
HTTP Script Folder Questions and Answers Script 'category.php' SQL Injection Vulnerability S
HTTP Script Folder Questions and Answers Script 'question.php' SQL Injection Vulnerability S
HTTP Scriptgiant Auction Website Script 'news.dtl.php' SQL Injection Vulnerability S
HTTP Scriptgiant Business Directory Script 'edit_member.php' SQL Injection Vulnerability S
HTTP Scriptgiant Business Directory Script 'edit_review.php' SQL Injection Vulnerability S
HTTP Scriptgiant Buy and Sell Market Place 'page.editor.php' SQL Injection Vulnerability S
HTTP Scriptgiant Micro Blog Script 'banner_list.php' SQL Injection Vulnerability S
HTTP Scriptgiant Micro Blog Script 'blog_category.php' SQL Injection Vulnerability S
HTTP Scriptgiant Micro Blog Script 'photo.php' SQL Injection Vulnerability S
HTTP Scriptgiant Micro Blog Script 'security.php' SQL Injection Vulnerability S
HTTP Scriptgiant Micro Blog Script 'video.php' SQL Injection Vulnerability S
HTTP Scriptgiant NGO Directory Script 'add_country.php' SQL Injection Vulnerability S
HTTP Scriptgiant NGO Directory Script 'cities_add.php' SQL Injection Vulnerability S
HTTP Scriptgiant NGO Directory Script 'details.html' SQL Injection Vulnerability S
HTTP Scriptgiant NGO Directory Script 'details_religios.html' SQL Injection Vulnerability S
HTTP Scriptgiant NGO Directory Script 'good_category_add.php' SQL Injection Vulnerability S
HTTP Scriptgiant NGO Directory Script 'request_add.php' SQL Injection Vulnerability S
HTTP Scriptgiant NGO Directory Script 'states_add.php' SQL Injection Vulnerability S
HTTP Shiksha Educational Website Script 'member.regform.php' SQL Injection Vulnerability S
HTTP Shiksha Educational Website Script 'subject_add.php' SQL Injection Vulnerability S
HTTP Sony IPELA ENGINE IP Cameras Telnet Vulnerability S
HTTP Sophos Web Appliance 4.2.1.3 - Remote Code Execution S
HTTP Study Abroad Educational Website Script 'list_blogs.php' SQL Injection Vulnerability S
HTTP Study Abroad Educational Website Script 'list_listing.php' SQL Injection Vulnerability S
HTTP SweetRice 1.5.1 - Cross-Site Request Forgery PHP Code Execution (From Server) S
HTTP SweetRice 1.5.1 - Cross-Site Request Forgery PHP Code Execution (To Server) S
HTTP TrendMicro InterScan Web Security Virtual Appliance - Remote Code Execution (Shellshock) S
HTTP TrueConf Server 'applyCreate' Cross Site Scripting Vulnerability (From Server) S
HTTP TrueConf Server 'applyCreate' Cross Site Scripting Vulnerability (To Server) S
HTTP TrueConf Server 'change-lang' Open Redirect Vulnerability S
HTTP VX Search Enterprise 9.1.12 Buffer Overflow S
HTTP Ynet Interactive Client Expert 'index.php' SQL Injection Vulnerability S
HTTP Ynet Interactive Client Expert 'index.php' SQL Injection Vulnerability_1 S
HTTP Yoga and Fitness Website Script 'promo_classes.php' SQL Injection Vulnerability S
HTTP Yoga and Fitness Website Script 'style.php' SQL Injection Vulnerability S
HTTP Yoga and Fitness Website Script 'teacherindi.php' SQL Injection Vulnerability S
HTTP ZKTeco ZKBioSecurity 3.0 - 'findConnectors()' Information Disclosure S
HTTP ZKTeco ZKBioSecurity 3.0 - 'List Servlets' Information Disclosure S


idappcom - Auditing, verifying and enhancing the capabilities of corporate security defences.

We do not use cookies for tracking users, displaying customised content or storing information about users, other than that required to maintain 'session state' for the login system for registered users. Please read our cookie policy for more information. Please note that by using this site you are consenting to the use of cookies.