Update January 2024
这个提交包含在:
父节点
cfa9489a9c
当前提交
1d5ef30cb7
|
@ -61,4 +61,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -64,4 +64,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -117,4 +117,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -56,4 +56,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -27,4 +27,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -92,4 +92,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -124,4 +124,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -111,4 +111,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -90,4 +90,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -112,4 +112,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -58,4 +58,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
文件差异内容过多而无法显示
加载差异
|
@ -66,4 +66,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -9,8 +9,8 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
|
|||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Bahrain Unknown:
|
||||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [JP](https://vuldb.com/?country.jp)
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
* [JP](https://vuldb.com/?country.jp)
|
||||
* ...
|
||||
|
||||
There are 23 more country items available. Please use our online service to access the data.
|
||||
|
@ -87,55 +87,60 @@ ID | Type | Indicator | Confidence
|
|||
-- | ---- | --------- | ----------
|
||||
1 | File | `%SYSTEMDRIVE%\node_modules\.bin\wmic.exe` | High
|
||||
2 | File | `/accounts_con/register_account` | High
|
||||
3 | File | `/admin/?page=bike` | High
|
||||
4 | File | `/admin/course.php` | High
|
||||
5 | File | `/admin/courses/manage_course.php` | High
|
||||
6 | File | `/admin/courses/view_course.php` | High
|
||||
7 | File | `/admin/departments/manage_department.php` | High
|
||||
8 | File | `/admin/index.php` | High
|
||||
9 | File | `/admin/ind_backstage.php` | High
|
||||
10 | File | `/admin/list_addr_fwresource_ip.php` | High
|
||||
11 | File | `/admin/list_onlineuser.php` | High
|
||||
12 | File | `/admin/login.php` | High
|
||||
13 | File | `/admin/manage-pages.php` | High
|
||||
14 | File | `/admin/manage-users.php` | High
|
||||
15 | File | `/admin/options-theme.php` | High
|
||||
16 | File | `/admin/plugin.php` | High
|
||||
17 | File | `/admin/students/manage_academic.php` | High
|
||||
18 | File | `/admin/subject.php` | High
|
||||
19 | File | `/admin/theme-edit.php` | High
|
||||
20 | File | `/adplanet/PlanetUser` | High
|
||||
21 | File | `/ample/app/ajax/member_data.php` | High
|
||||
22 | File | `/api/authentication/login` | High
|
||||
23 | File | `/api/download` | High
|
||||
24 | File | `/api/v1/alerts` | High
|
||||
25 | File | `/article/DelectArticleById/` | High
|
||||
26 | File | `/auth/auth.php?user=1` | High
|
||||
27 | File | `/b2b-supermarket/catalog/all-products` | High
|
||||
28 | File | `/b2b-supermarket/shopping-cart` | High
|
||||
29 | File | `/cgi-bin/cstecgi.cgi` | High
|
||||
30 | File | `/config-manager/save` | High
|
||||
31 | File | `/Content/Plugins/uploader/FileChoose.html?fileUrl=/Upload/File/Pics/&parent` | High
|
||||
32 | File | `/content/templates/` | High
|
||||
33 | File | `/course/filterRecords/` | High
|
||||
34 | File | `/dashboard/createblog` | High
|
||||
35 | File | `/debug/pprof` | Medium
|
||||
36 | File | `/ecommerce/admin/settings/setDiscount.php` | High
|
||||
37 | File | `/endpoint/add-guest.php` | High
|
||||
38 | File | `/endpoint/add-user.php` | High
|
||||
39 | File | `/etc/hosts.deny` | High
|
||||
40 | File | `/fcgi/scrut_fcgi.fcgi` | High
|
||||
41 | File | `/forum/away.php` | High
|
||||
42 | File | `/geoserver/gwc/rest.html` | High
|
||||
43 | File | `/goform/formSysCmd` | High
|
||||
44 | File | `/h/autoSaveDraft` | High
|
||||
45 | File | `/HNAP1/` | Low
|
||||
46 | File | `/im/user/` | Medium
|
||||
47 | File | `/importexport.php` | High
|
||||
48 | File | `/index.php?pluginApp/to/yzOffice/getFile` | High
|
||||
49 | ... | ... | ...
|
||||
3 | File | `/admin/` | Low
|
||||
4 | File | `/admin/?page=bike` | High
|
||||
5 | File | `/admin/book_add.php` | High
|
||||
6 | File | `/admin/book_row.php` | High
|
||||
7 | File | `/admin/bwdates-report-details.php` | High
|
||||
8 | File | `/admin/course.php` | High
|
||||
9 | File | `/admin/courses/manage_course.php` | High
|
||||
10 | File | `/admin/courses/view_course.php` | High
|
||||
11 | File | `/admin/departments/manage_department.php` | High
|
||||
12 | File | `/admin/index.php` | High
|
||||
13 | File | `/admin/ind_backstage.php` | High
|
||||
14 | File | `/admin/list_addr_fwresource_ip.php` | High
|
||||
15 | File | `/admin/list_onlineuser.php` | High
|
||||
16 | File | `/admin/login.php` | High
|
||||
17 | File | `/admin/manage-pages.php` | High
|
||||
18 | File | `/admin/manage-users.php` | High
|
||||
19 | File | `/admin/options-theme.php` | High
|
||||
20 | File | `/admin/pages/subjects.php` | High
|
||||
21 | File | `/admin/pages/yearlevel.php` | High
|
||||
22 | File | `/admin/students/manage_academic.php` | High
|
||||
23 | File | `/admin/subject.php` | High
|
||||
24 | File | `/admin/theme-edit.php` | High
|
||||
25 | File | `/admin/upload/img` | High
|
||||
26 | File | `/adplanet/PlanetUser` | High
|
||||
27 | File | `/ample/app/ajax/member_data.php` | High
|
||||
28 | File | `/api/authentication/login` | High
|
||||
29 | File | `/api/download` | High
|
||||
30 | File | `/api/v1/alerts` | High
|
||||
31 | File | `/article/DelectArticleById/` | High
|
||||
32 | File | `/auth/auth.php?user=1` | High
|
||||
33 | File | `/b2b-supermarket/catalog/all-products` | High
|
||||
34 | File | `/b2b-supermarket/shopping-cart` | High
|
||||
35 | File | `/boaform/wlan_basic_set.cgi` | High
|
||||
36 | File | `/cgi-bin/cstecgi.cgi` | High
|
||||
37 | File | `/cgi-bin/cstecgi.cgi?action=login` | High
|
||||
38 | File | `/config,admin.jsp` | High
|
||||
39 | File | `/config-manager/save` | High
|
||||
40 | File | `/Content/Plugins/uploader/FileChoose.html?fileUrl=/Upload/File/Pics/&parent` | High
|
||||
41 | File | `/dashboard/createblog` | High
|
||||
42 | File | `/debug/pprof` | Medium
|
||||
43 | File | `/ecommerce/admin/settings/setDiscount.php` | High
|
||||
44 | File | `/endpoint/add-guest.php` | High
|
||||
45 | File | `/endpoint/add-user.php` | High
|
||||
46 | File | `/etc/hosts.deny` | High
|
||||
47 | File | `/file-manager/delete.php` | High
|
||||
48 | File | `/file-manager/upload.php` | High
|
||||
49 | File | `/forum/away.php` | High
|
||||
50 | File | `/geoserver/gwc/rest.html` | High
|
||||
51 | File | `/goform/formSysCmd` | High
|
||||
52 | File | `/h/autoSaveDraft` | High
|
||||
53 | File | `/HNAP1/` | Low
|
||||
54 | ... | ... | ...
|
||||
|
||||
There are 430 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 468 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
@ -154,4 +159,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -73,9 +73,10 @@ ID | Technique | Weakness | Description | Confidence
|
|||
1 | T1006 | CWE-21, CWE-22, CWE-23 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
4 | ... | ... | ... | ...
|
||||
4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
5 | ... | ... | ... | ...
|
||||
|
||||
There are 13 more TTP items available. Please use our online service to access the data.
|
||||
There are 14 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -97,7 +98,7 @@ ID | Type | Indicator | Confidence
|
|||
12 | File | `admin/admin.shtml` | High
|
||||
13 | ... | ... | ...
|
||||
|
||||
There are 103 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 106 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
@ -138,4 +139,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -65,54 +65,55 @@ ID | Type | Indicator | Confidence
|
|||
12 | File | `/admin/index.php` | High
|
||||
13 | File | `/admin/index/index.html#/admin/mall.goods/index.html` | High
|
||||
14 | File | `/admin/list_onlineuser.php` | High
|
||||
15 | File | `/admin/options` | High
|
||||
16 | File | `/admin/report/index.php` | High
|
||||
17 | File | `/admin/services/manage_service.php` | High
|
||||
18 | File | `/admin/settings/` | High
|
||||
19 | File | `/admin/show.php` | High
|
||||
20 | File | `/admin/students/update_status.php` | High
|
||||
21 | File | `/admin/subject.php` | High
|
||||
22 | File | `/admin/user/manage_user.php` | High
|
||||
23 | File | `/admin/users/index.php` | High
|
||||
24 | File | `/ample/app/ajax/member_data.php` | High
|
||||
25 | File | `/article/DelectArticleById/` | High
|
||||
26 | File | `/asms/classes/Master.php?f=delete_service` | High
|
||||
27 | File | `/auth/auth.php?user=1` | High
|
||||
28 | File | `/b2b-supermarket/shopping-cart` | High
|
||||
29 | File | `/blog` | Low
|
||||
30 | File | `/bsms_ci/index.php/user/edit_user/` | High
|
||||
31 | File | `/cgi-bin/cstecgi.cgi` | High
|
||||
32 | File | `/classes/Master.php?f=delete_category` | High
|
||||
33 | File | `/classes/Master.php?f=delete_inquiry` | High
|
||||
34 | File | `/classes/Master.php?f=save_reminder` | High
|
||||
35 | File | `/classes/Users.php?f=delete_client` | High
|
||||
36 | File | `/clients/listclients.php` | High
|
||||
37 | File | `/clients/profile` | High
|
||||
38 | File | `/cms/category/list` | High
|
||||
39 | File | `/collection/all` | High
|
||||
40 | File | `/company/store` | High
|
||||
41 | File | `/contacts/listcontacts.php` | High
|
||||
42 | File | `/Default/Bd` | Medium
|
||||
43 | File | `/emap/devicePoint_addImgIco?hasSubsystem=true` | High
|
||||
44 | File | `/ext/phar/phar_object.c` | High
|
||||
45 | File | `/forum/away.php` | High
|
||||
46 | File | `/fos/admin/index.php?page=menu` | High
|
||||
47 | File | `/friends` | Medium
|
||||
48 | File | `/goform/AddSysLogRule` | High
|
||||
49 | File | `/goform/SafeEmailFilter` | High
|
||||
50 | File | `/goform/SetIpMacBind` | High
|
||||
51 | File | `/goform/setSnmpInfo` | High
|
||||
52 | File | `/goform/setUplinkInfo` | High
|
||||
53 | File | `/goform/SysToolReboot` | High
|
||||
54 | File | `/goform/WifiBasicSet` | High
|
||||
55 | File | `/graphql` | Medium
|
||||
56 | File | `/home/get_tasks_list` | High
|
||||
57 | File | `/hrm/employeeview.php` | High
|
||||
58 | File | `/hss/?page=categories` | High
|
||||
59 | File | `/hss/admin/brands/manage_brand.php` | High
|
||||
60 | ... | ... | ...
|
||||
15 | File | `/admin/login.php` | High
|
||||
16 | File | `/admin/options` | High
|
||||
17 | File | `/admin/report/index.php` | High
|
||||
18 | File | `/admin/services/manage_service.php` | High
|
||||
19 | File | `/admin/settings/` | High
|
||||
20 | File | `/admin/show.php` | High
|
||||
21 | File | `/admin/students/update_status.php` | High
|
||||
22 | File | `/admin/subject.php` | High
|
||||
23 | File | `/admin/user/manage_user.php` | High
|
||||
24 | File | `/admin/users/index.php` | High
|
||||
25 | File | `/ample/app/ajax/member_data.php` | High
|
||||
26 | File | `/article/DelectArticleById/` | High
|
||||
27 | File | `/asms/classes/Master.php?f=delete_service` | High
|
||||
28 | File | `/auth/auth.php?user=1` | High
|
||||
29 | File | `/b2b-supermarket/shopping-cart` | High
|
||||
30 | File | `/blog` | Low
|
||||
31 | File | `/bsms_ci/index.php/user/edit_user/` | High
|
||||
32 | File | `/cgi-bin/cstecgi.cgi` | High
|
||||
33 | File | `/cgi-bin/cstecgi.cgi?action=login&flag=ie8` | High
|
||||
34 | File | `/classes/Master.php?f=delete_category` | High
|
||||
35 | File | `/classes/Master.php?f=delete_inquiry` | High
|
||||
36 | File | `/classes/Master.php?f=save_reminder` | High
|
||||
37 | File | `/classes/Users.php?f=delete_client` | High
|
||||
38 | File | `/clients/listclients.php` | High
|
||||
39 | File | `/clients/profile` | High
|
||||
40 | File | `/cms/category/list` | High
|
||||
41 | File | `/collection/all` | High
|
||||
42 | File | `/company/store` | High
|
||||
43 | File | `/contacts/listcontacts.php` | High
|
||||
44 | File | `/Default/Bd` | Medium
|
||||
45 | File | `/emap/devicePoint_addImgIco?hasSubsystem=true` | High
|
||||
46 | File | `/ext/phar/phar_object.c` | High
|
||||
47 | File | `/file-manager/upload.php` | High
|
||||
48 | File | `/forum/away.php` | High
|
||||
49 | File | `/fos/admin/index.php?page=menu` | High
|
||||
50 | File | `/friends` | Medium
|
||||
51 | File | `/goform/AddSysLogRule` | High
|
||||
52 | File | `/goform/SafeEmailFilter` | High
|
||||
53 | File | `/goform/SetIpMacBind` | High
|
||||
54 | File | `/goform/setSnmpInfo` | High
|
||||
55 | File | `/goform/setUplinkInfo` | High
|
||||
56 | File | `/goform/SysToolReboot` | High
|
||||
57 | File | `/goform/WifiBasicSet` | High
|
||||
58 | File | `/graphql` | Medium
|
||||
59 | File | `/home/get_tasks_list` | High
|
||||
60 | File | `/hrm/employeeview.php` | High
|
||||
61 | ... | ... | ...
|
||||
|
||||
There are 527 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 536 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
@ -131,4 +132,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -61,4 +61,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -69,4 +69,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -65,4 +65,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -65,4 +65,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -160,4 +160,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
文件差异内容过多而无法显示
加载差异
|
@ -42,7 +42,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
5 | ... | ... | ... | ...
|
||||
|
||||
There are 14 more TTP items available. Please use our online service to access the data.
|
||||
There are 15 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -52,46 +52,48 @@ ID | Type | Indicator | Confidence
|
|||
-- | ---- | --------- | ----------
|
||||
1 | File | `/?Page=Node/OBJ=/System/DeviceFolder/DeviceFolder/DateTime/Action=Submit` | High
|
||||
2 | File | `/acms/admin/cargo_types/manage_cargo_type.php` | High
|
||||
3 | File | `/admin/ajax/avatar.php` | High
|
||||
4 | File | `/admin/forgot-password.php` | High
|
||||
5 | File | `/admin/index.php` | High
|
||||
6 | File | `/admin/lab.php` | High
|
||||
7 | File | `/admin/login.php` | High
|
||||
8 | File | `/admin/payment.php` | High
|
||||
9 | File | `/admin/show.php` | High
|
||||
10 | File | `/cgi-bin/kerbynet` | High
|
||||
11 | File | `/default.php?idx=17` | High
|
||||
12 | File | `/download` | Medium
|
||||
13 | File | `/env` | Low
|
||||
14 | File | `/forum/away.php` | High
|
||||
15 | File | `/index.php` | Medium
|
||||
16 | File | `/opt/bin/cli` | Medium
|
||||
17 | File | `/p` | Low
|
||||
18 | File | `/patient/doctors.php` | High
|
||||
19 | File | `/phpinventory/editcategory.php` | High
|
||||
20 | File | `/product-list.php` | High
|
||||
21 | File | `/spip.php` | Medium
|
||||
22 | File | `/uncpath/` | Medium
|
||||
23 | File | `/updown/upload.cgi` | High
|
||||
24 | File | `/user/del.php` | High
|
||||
25 | File | `/wp-admin/admin-ajax.php` | High
|
||||
26 | File | `/_next` | Low
|
||||
27 | File | `123flashchat.php` | High
|
||||
28 | File | `act.php` | Low
|
||||
29 | File | `admin.php/pay` | High
|
||||
30 | File | `admin/bad.php` | High
|
||||
31 | File | `admin/index.php` | High
|
||||
32 | File | `admin/index.php/user/del/1` | High
|
||||
33 | File | `admin/index.php?id=themes&action=edit_chunk` | High
|
||||
34 | File | `administrator/index.php` | High
|
||||
35 | File | `agenda.php` | Medium
|
||||
36 | File | `ajax/render/widget_php` | High
|
||||
37 | File | `album_portal.php` | High
|
||||
38 | File | `api.php` | Low
|
||||
39 | File | `application/home/controller/debug.php` | High
|
||||
40 | ... | ... | ...
|
||||
3 | File | `/admin/add-services.php` | High
|
||||
4 | File | `/admin/ajax/avatar.php` | High
|
||||
5 | File | `/admin/edit-services.php` | High
|
||||
6 | File | `/admin/forgot-password.php` | High
|
||||
7 | File | `/admin/index.php` | High
|
||||
8 | File | `/admin/lab.php` | High
|
||||
9 | File | `/admin/login.php` | High
|
||||
10 | File | `/admin/payment.php` | High
|
||||
11 | File | `/admin/show.php` | High
|
||||
12 | File | `/boat/login.php` | High
|
||||
13 | File | `/cgi-bin/kerbynet` | High
|
||||
14 | File | `/clinic/disease_symptoms_view.php` | High
|
||||
15 | File | `/default.php?idx=17` | High
|
||||
16 | File | `/download` | Medium
|
||||
17 | File | `/env` | Low
|
||||
18 | File | `/forum/away.php` | High
|
||||
19 | File | `/index.php` | Medium
|
||||
20 | File | `/opt/bin/cli` | Medium
|
||||
21 | File | `/p` | Low
|
||||
22 | File | `/patient/doctors.php` | High
|
||||
23 | File | `/phpinventory/editcategory.php` | High
|
||||
24 | File | `/product-list.php` | High
|
||||
25 | File | `/spip.php` | Medium
|
||||
26 | File | `/uncpath/` | Medium
|
||||
27 | File | `/updown/upload.cgi` | High
|
||||
28 | File | `/user/del.php` | High
|
||||
29 | File | `/wp-admin/admin-ajax.php` | High
|
||||
30 | File | `/_next` | Low
|
||||
31 | File | `123flashchat.php` | High
|
||||
32 | File | `act.php` | Low
|
||||
33 | File | `admin.php/pay` | High
|
||||
34 | File | `admin/bad.php` | High
|
||||
35 | File | `admin/index.php` | High
|
||||
36 | File | `admin/index.php/user/del/1` | High
|
||||
37 | File | `admin/index.php?id=themes&action=edit_chunk` | High
|
||||
38 | File | `admin/products/controller.php?action=add` | High
|
||||
39 | File | `administrator/index.php` | High
|
||||
40 | File | `agenda.php` | Medium
|
||||
41 | File | `ajax/render/widget_php` | High
|
||||
42 | ... | ... | ...
|
||||
|
||||
There are 344 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 362 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
@ -110,4 +112,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -15,11 +15,11 @@ The following _campaigns_ are known and can be associated with CosmicBeetle:
|
|||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with CosmicBeetle:
|
||||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
* [RU](https://vuldb.com/?country.ru)
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
* ...
|
||||
|
||||
There are 3 more country items available. Please use our online service to access the data.
|
||||
There are 4 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -56,9 +56,10 @@ ID | Type | Indicator | Confidence
|
|||
1 | File | `/cgi-bin/supervisor/PwdGrp.cgi` | High
|
||||
2 | File | `add-category.php` | High
|
||||
3 | File | `admin/dashboard.php` | High
|
||||
4 | ... | ... | ...
|
||||
4 | File | `detail.php` | Medium
|
||||
5 | ... | ... | ...
|
||||
|
||||
There are 25 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 27 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
@ -75,4 +76,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -63,4 +63,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [US](https://vuldb.com/?country.us)
|
||||
* ...
|
||||
|
||||
There are 3 more country items available. Please use our online service to access the data.
|
||||
There are 4 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -46,15 +46,14 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-425 | Pathname Traversal | High
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-29, CWE-425 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-294 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | T1068 | CWE-250, CWE-264, CWE-269, CWE-284 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | High
|
||||
7 | ... | ... | ... | ...
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 23 more TTP items available. Please use our online service to access the data.
|
||||
There are 22 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -64,41 +63,48 @@ ID | Type | Indicator | Confidence
|
|||
-- | ---- | --------- | ----------
|
||||
1 | File | `/?ajax-request=jnews` | High
|
||||
2 | File | `/accounts/password_change/` | High
|
||||
3 | File | `/activate_hook.php` | High
|
||||
3 | File | `/act/ActDao.xml` | High
|
||||
4 | File | `/admin/ajax.php?action=confirm_order` | High
|
||||
5 | File | `/admin/courses/manage_course.php` | High
|
||||
6 | File | `/admin/departments/manage_department.php` | High
|
||||
7 | File | `/admin/students/manage_academic.php` | High
|
||||
8 | File | `/api/addusers` | High
|
||||
9 | File | `/api/baskets/{name}` | High
|
||||
10 | File | `/api/v1/terminal/sessions/?limit=1` | High
|
||||
11 | File | `/assets/something/services/AppModule.class` | High
|
||||
12 | File | `/audit/log/log_management.php` | High
|
||||
7 | File | `/admin/php/crud.php` | High
|
||||
8 | File | `/admin/students/manage_academic.php` | High
|
||||
9 | File | `/api/addusers` | High
|
||||
10 | File | `/api/baskets/{name}` | High
|
||||
11 | File | `/api/log/killJob` | High
|
||||
12 | File | `/api/v1/terminal/sessions/?limit=1` | High
|
||||
13 | File | `/authenticationendpoint/login.do` | High
|
||||
14 | File | `/b2b-supermarket/shopping-cart` | High
|
||||
15 | File | `/blog/comment` | High
|
||||
16 | File | `/bsms_ci/index.php` | High
|
||||
17 | File | `/catalog/compare` | High
|
||||
18 | File | `/cgi-bin/downloadFile.cgi` | High
|
||||
19 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
20 | File | `/classes/Users.php` | High
|
||||
21 | File | `/debug/pprof` | Medium
|
||||
22 | File | `/DXR.axd` | Medium
|
||||
23 | File | `/emap/devicePoint_addImgIco?hasSubsystem=true` | High
|
||||
24 | File | `/env` | Low
|
||||
25 | File | `/forms/doLogin` | High
|
||||
26 | File | `/forum/away.php` | High
|
||||
27 | File | `/geoserver/gwc/rest.html` | High
|
||||
28 | File | `/importexport.php` | High
|
||||
29 | File | `/index.php` | Medium
|
||||
30 | File | `/index.php/client/message/message_read/xxxxxxxx[random-msg-hash]` | High
|
||||
31 | File | `/librarian/bookdetails.php` | High
|
||||
32 | File | `/login` | Low
|
||||
33 | File | `/MailAdmin_dll.htm` | High
|
||||
34 | File | `/mhds/clinic/view_details.php` | High
|
||||
35 | ... | ... | ...
|
||||
18 | File | `/cgi-bin/cstecgi.cgi?action=login` | High
|
||||
19 | File | `/cgi-bin/downloadFile.cgi` | High
|
||||
20 | File | `/cgi-bin/kerbynet` | High
|
||||
21 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
22 | File | `/clinic/disease_symptoms_view.php` | High
|
||||
23 | File | `/config/getuser` | High
|
||||
24 | File | `/debug/pprof` | Medium
|
||||
25 | File | `/download.php?file=author.png` | High
|
||||
26 | File | `/DXR.axd` | Medium
|
||||
27 | File | `/emap/devicePoint_addImgIco?hasSubsystem=true` | High
|
||||
28 | File | `/forum/away.php` | High
|
||||
29 | File | `/geoserver/gwc/rest.html` | High
|
||||
30 | File | `/importexport.php` | High
|
||||
31 | File | `/index.php` | Medium
|
||||
32 | File | `/index.php/client/message/message_read/xxxxxxxx[random-msg-hash]` | High
|
||||
33 | File | `/login` | Low
|
||||
34 | File | `/MailAdmin_dll.htm` | High
|
||||
35 | File | `/main/offices.php` | High
|
||||
36 | File | `/mehah/otclient` | High
|
||||
37 | File | `/mhds/clinic/view_details.php` | High
|
||||
38 | File | `/modals/class_form.php` | High
|
||||
39 | File | `/oauth/idp/.well-known/openid-configuration` | High
|
||||
40 | File | `/php/exportrecord.php` | High
|
||||
41 | File | `/php/ping.php` | High
|
||||
42 | ... | ... | ...
|
||||
|
||||
There are 298 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 362 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
@ -116,4 +122,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -10,10 +10,10 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
* [RU](https://vuldb.com/?country.ru)
|
||||
* [GB](https://vuldb.com/?country.gb)
|
||||
* ...
|
||||
|
||||
There are 24 more country items available. Please use our online service to access the data.
|
||||
There are 27 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -583,14 +583,15 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-25, CWE-425 | Pathname Traversal | High
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-24, CWE-425 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
6 | T1068 | CWE-264, CWE-269, CWE-284 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | High
|
||||
7 | ... | ... | ... | ...
|
||||
|
||||
There are 21 more TTP items available. Please use our online service to access the data.
|
||||
There are 23 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -598,64 +599,58 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/admin/?page=user/manage_user&id=3` | High
|
||||
2 | File | `/admin/admin_content_tag.php?action=save_content` | High
|
||||
3 | File | `/admin/courses/manage_course.php` | High
|
||||
4 | File | `/admin/edit-accepted-appointment.php` | High
|
||||
5 | File | `/admin/forgot-password.php` | High
|
||||
1 | File | `%SYSTEMDRIVE%\node_modules\.bin\wmic.exe` | High
|
||||
2 | File | `/accounts_con/register_account` | High
|
||||
3 | File | `/admin/admin_content_tag.php?action=save_content` | High
|
||||
4 | File | `/admin/bwdates-report-details.php` | High
|
||||
5 | File | `/admin/courses/manage_course.php` | High
|
||||
6 | File | `/admin/index.php` | High
|
||||
7 | File | `/admin/index/index.html#/admin/mall.goods/index.html` | High
|
||||
8 | File | `/admin/modal_add_product.php` | High
|
||||
9 | File | `/admin/save.php` | High
|
||||
10 | File | `/admin/students/manage_academic.php` | High
|
||||
11 | File | `/admin/sys_sql_query.php` | High
|
||||
12 | File | `/ajax/networking/get_wgkey.php` | High
|
||||
13 | File | `/api/baskets/{name}` | High
|
||||
14 | File | `/api/download` | High
|
||||
15 | File | `/api/sys/set_passwd` | High
|
||||
16 | File | `/api/v1/alerts` | High
|
||||
17 | File | `/api/v1/terminal/sessions/?limit=1` | High
|
||||
18 | File | `/api2/html/` | Medium
|
||||
19 | File | `/App_Resource/UEditor/server/upload.aspx` | High
|
||||
20 | File | `/bitrix/admin/ldap_server_edit.php` | High
|
||||
21 | File | `/blog` | Low
|
||||
22 | File | `/category.php` | High
|
||||
23 | File | `/categorypage.php` | High
|
||||
24 | File | `/cgi-bin/` | Medium
|
||||
25 | File | `/cgi-bin/luci/api/wireless` | High
|
||||
26 | File | `/cgi-bin/vitogate.cgi` | High
|
||||
27 | File | `/chaincity/user/ticket/create` | High
|
||||
28 | File | `/classes/Master.php?f=delete_reminder` | High
|
||||
29 | File | `/company/store` | High
|
||||
30 | File | `/config` | Low
|
||||
31 | File | `/contact.php` | Medium
|
||||
32 | File | `/Content/Template/root/reverse-shell.aspx` | High
|
||||
33 | File | `/Controller/Ajaxfileupload.ashx` | High
|
||||
34 | File | `/core/conditions/AbstractWrapper.java` | High
|
||||
35 | File | `/dev/kmem` | Medium
|
||||
36 | File | `/dipam/athlete-profile.php` | High
|
||||
37 | File | `/Duty/AjaxHandle/UploadHandler.ashx` | High
|
||||
38 | File | `/etc/passwd` | Medium
|
||||
39 | File | `/EventBookingCalendar/load.php?controller=GzFront/action=checkout/cid=1/layout=calendar/show_header=T/local=3` | High
|
||||
40 | File | `/fcgi/scrut_fcgi.fcgi` | High
|
||||
41 | File | `/forum/away.php` | High
|
||||
42 | File | `/h/` | Low
|
||||
7 | File | `/admin/manage-users.php` | High
|
||||
8 | File | `/admin/pages/subjects.php` | High
|
||||
9 | File | `/admin/pages/yearlevel.php` | High
|
||||
10 | File | `/admin/php/crud.php` | High
|
||||
11 | File | `/admin/save.php` | High
|
||||
12 | File | `/admin/students/manage_academic.php` | High
|
||||
13 | File | `/admin/upload/img` | High
|
||||
14 | File | `/admin/uploads/` | High
|
||||
15 | File | `/ajax/networking/get_wgkey.php` | High
|
||||
16 | File | `/api/download` | High
|
||||
17 | File | `/api/log/killJob` | High
|
||||
18 | File | `/api/upload.php` | High
|
||||
19 | File | `/api/v1/alerts` | High
|
||||
20 | File | `/api/v1/terminal/sessions/?limit=1` | High
|
||||
21 | File | `/api2/html/` | Medium
|
||||
22 | File | `/article/DelectArticleById/` | High
|
||||
23 | File | `/b2b-supermarket/shopping-cart` | High
|
||||
24 | File | `/base/ecma-helpers.c` | High
|
||||
25 | File | `/category.php` | High
|
||||
26 | File | `/categorypage.php` | High
|
||||
27 | File | `/cgi-bin/` | Medium
|
||||
28 | File | `/cgi-bin/vitogate.cgi` | High
|
||||
29 | File | `/classes/Master.php?f=delete_reminder` | High
|
||||
30 | File | `/config,admin.jsp` | High
|
||||
31 | File | `/dashboard?controller=UserCollection::createUser` | High
|
||||
32 | File | `/debug/pprof` | Medium
|
||||
33 | File | `/dev/kmem` | Medium
|
||||
34 | File | `/dist/index.js` | High
|
||||
35 | File | `/emap/devicePoint_addImgIco?hasSubsystem=true` | High
|
||||
36 | File | `/fcgi/scrut_fcgi.fcgi` | High
|
||||
37 | File | `/file-manager/rename.php` | High
|
||||
38 | File | `/forum/away.php` | High
|
||||
39 | File | `/geoserver/gwc/rest.html` | High
|
||||
40 | File | `/goform/formSysCmd` | High
|
||||
41 | File | `/goform/goform_get_cmd_process` | High
|
||||
42 | File | `/gracemedia-media-player/templates/files/ajax_controller.php` | High
|
||||
43 | File | `/HNAP1` | Low
|
||||
44 | File | `/home/courses` | High
|
||||
45 | File | `/home/filter_listings` | High
|
||||
46 | File | `/home/search` | Medium
|
||||
47 | File | `/index.php/payment/getcoinaddress` | High
|
||||
48 | File | `/index.php?controller=GzUser&action=edit&id=1` | High
|
||||
49 | File | `/install/index.php` | High
|
||||
50 | File | `/jeecg-boot/sys/common/upload` | High
|
||||
51 | File | `/librarian/bookdetails.php` | High
|
||||
52 | File | `/log/webmailattach.php` | High
|
||||
53 | File | `/matchmakings/question` | High
|
||||
54 | File | `/mhds/clinic/view_details.php` | High
|
||||
55 | File | `/modules/projects/vw_files.php` | High
|
||||
56 | ... | ... | ...
|
||||
44 | File | `/hosts/firewall/ip` | High
|
||||
45 | File | `/index.php/ccm/system/file/upload` | High
|
||||
46 | File | `/install/index.php` | High
|
||||
47 | File | `/librarian/bookdetails.php` | High
|
||||
48 | File | `/log/webmailattach.php` | High
|
||||
49 | File | `/login` | Low
|
||||
50 | ... | ... | ...
|
||||
|
||||
There are 485 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 432 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
@ -673,4 +668,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -71,4 +71,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [CN](https://vuldb.com/?country.cn)
|
||||
* ...
|
||||
|
||||
There are 6 more country items available. Please use our online service to access the data.
|
||||
There are 7 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -48,15 +48,16 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/emap/devicePoint_addImgIco?hasSubsystem=true` | High
|
||||
2 | File | `/rukovoditel/index.php?module=dashboard/ajax_request` | High
|
||||
3 | File | `/wordpress/wp-admin/options-general.php` | High
|
||||
4 | File | `arch/powerpc/kernel/entry_64.S` | High
|
||||
5 | File | `auth2-gss.c` | Medium
|
||||
6 | File | `avahi-core/socket.c` | High
|
||||
7 | File | `block/bfq-iosched.c` | High
|
||||
8 | ... | ... | ...
|
||||
2 | File | `/forum/away.php` | High
|
||||
3 | File | `/oauth/idp/.well-known/openid-configuration` | High
|
||||
4 | File | `/rukovoditel/index.php?module=dashboard/ajax_request` | High
|
||||
5 | File | `/search` | Low
|
||||
6 | File | `/wordpress/wp-admin/options-general.php` | High
|
||||
7 | File | `adclick.php` | Medium
|
||||
8 | File | `arch/powerpc/kernel/entry_64.S` | High
|
||||
9 | ... | ... | ...
|
||||
|
||||
There are 59 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 65 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
@ -73,4 +74,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -72,4 +72,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -48,7 +48,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-425 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
|
@ -86,36 +86,36 @@ ID | Type | Indicator | Confidence
|
|||
24 | File | `/api/v1/alerts` | High
|
||||
25 | File | `/api/v1/terminal/sessions/?limit=1` | High
|
||||
26 | File | `/app/sys1.php` | High
|
||||
27 | File | `/App_Resource/UEditor/server/upload.aspx` | High
|
||||
28 | File | `/auth/auth.php?user=1` | High
|
||||
29 | File | `/b2b-supermarket/shopping-cart` | High
|
||||
30 | File | `/blog` | Low
|
||||
31 | File | `/category.php` | High
|
||||
32 | File | `/categorypage.php` | High
|
||||
33 | File | `/cgi-bin/cstecgi.cgi` | High
|
||||
34 | File | `/cgi-bin/luci/api/wireless` | High
|
||||
35 | File | `/cgi-bin/vitogate.cgi` | High
|
||||
36 | File | `/classes/Master.php?f=delete_category` | High
|
||||
37 | File | `/collection/all` | High
|
||||
38 | File | `/company/store` | High
|
||||
39 | File | `/config-manager/save` | High
|
||||
40 | File | `/Controller/Ajaxfileupload.ashx` | High
|
||||
41 | File | `/debug/pprof` | Medium
|
||||
42 | File | `/emap/devicePoint_addImgIco?hasSubsystem=true` | High
|
||||
43 | File | `/EventBookingCalendar/load.php?controller=GzFront/action=checkout/cid=1/layout=calendar/show_header=T/local=3` | High
|
||||
44 | File | `/fcgi/scrut_fcgi.fcgi` | High
|
||||
45 | File | `/forum/away.php` | High
|
||||
46 | File | `/fusion/portal/action/Link` | High
|
||||
47 | File | `/geoserver/gwc/rest.html` | High
|
||||
48 | File | `/goform/formSysCmd` | High
|
||||
49 | File | `/HNAP1` | Low
|
||||
50 | File | `/home/courses` | High
|
||||
51 | File | `/home/get_tasks_list` | High
|
||||
52 | File | `/hosts/firewall/ip` | High
|
||||
53 | File | `/importexport.php` | High
|
||||
27 | File | `/auth/auth.php?user=1` | High
|
||||
28 | File | `/b2b-supermarket/shopping-cart` | High
|
||||
29 | File | `/blog` | Low
|
||||
30 | File | `/category.php` | High
|
||||
31 | File | `/categorypage.php` | High
|
||||
32 | File | `/cgi-bin/cstecgi.cgi` | High
|
||||
33 | File | `/cgi-bin/vitogate.cgi` | High
|
||||
34 | File | `/classes/Master.php?f=delete_category` | High
|
||||
35 | File | `/collection/all` | High
|
||||
36 | File | `/company/store` | High
|
||||
37 | File | `/config-manager/save` | High
|
||||
38 | File | `/Controller/Ajaxfileupload.ashx` | High
|
||||
39 | File | `/debug/pprof` | Medium
|
||||
40 | File | `/dist/index.js` | High
|
||||
41 | File | `/emap/devicePoint_addImgIco?hasSubsystem=true` | High
|
||||
42 | File | `/EventBookingCalendar/load.php?controller=GzFront/action=checkout/cid=1/layout=calendar/show_header=T/local=3` | High
|
||||
43 | File | `/fcgi/scrut_fcgi.fcgi` | High
|
||||
44 | File | `/forum/away.php` | High
|
||||
45 | File | `/fusion/portal/action/Link` | High
|
||||
46 | File | `/geoserver/gwc/rest.html` | High
|
||||
47 | File | `/goform/formSysCmd` | High
|
||||
48 | File | `/HNAP1` | Low
|
||||
49 | File | `/home/courses` | High
|
||||
50 | File | `/home/get_tasks_list` | High
|
||||
51 | File | `/hosts/firewall/ip` | High
|
||||
52 | File | `/importexport.php` | High
|
||||
53 | File | `/index.php` | Medium
|
||||
54 | ... | ... | ...
|
||||
|
||||
There are 469 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 467 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
@ -168,4 +168,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -9,11 +9,11 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
|
|||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Denmark Unknown:
|
||||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [JP](https://vuldb.com/?country.jp)
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
* [JP](https://vuldb.com/?country.jp)
|
||||
* ...
|
||||
|
||||
There are 29 more country items available. Please use our online service to access the data.
|
||||
There are 31 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -893,13 +893,15 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-24, CWE-36, CWE-425 | Pathname Traversal | High
|
||||
2 | T1055 | CWE-74 | Injection | High
|
||||
3 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
5 | ... | ... | ... | ...
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-24, CWE-425 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | T1068 | CWE-264, CWE-266, CWE-268, CWE-269, CWE-284 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | High
|
||||
7 | ... | ... | ... | ...
|
||||
|
||||
There are 18 more TTP items available. Please use our online service to access the data.
|
||||
There are 22 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -907,59 +909,56 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/academy/home/courses` | High
|
||||
2 | File | `/academy/tutor/filter` | High
|
||||
3 | File | `/ad-list` | Medium
|
||||
4 | File | `/admin/?page=user/list` | High
|
||||
5 | File | `/admin/?page=user/manage_user&id=3` | High
|
||||
6 | File | `/admin/about-us.php` | High
|
||||
7 | File | `/admin/add-category.php` | High
|
||||
8 | File | `/admin/add-services.php` | High
|
||||
9 | File | `/admin/admin-profile.php` | High
|
||||
10 | File | `/admin/article/article-edit-run.php` | High
|
||||
11 | File | `/admin/del_category.php` | High
|
||||
12 | File | `/admin/del_feedback.php` | High
|
||||
13 | File | `/admin/edit-accepted-appointment.php` | High
|
||||
14 | File | `/admin/edit_category.php` | High
|
||||
15 | File | `/admin/edit_product.php` | High
|
||||
16 | File | `/admin/files` | Medium
|
||||
17 | File | `/admin/forgot-password.php` | High
|
||||
18 | File | `/admin/invoice.php` | High
|
||||
19 | File | `/admin/search-appointment.php` | High
|
||||
20 | File | `/admin/sys_sql_query.php` | High
|
||||
21 | File | `/api/baskets/{name}` | High
|
||||
22 | File | `/api/download/updateFile` | High
|
||||
23 | File | `/api/es/admin/v3/security/user/1` | High
|
||||
24 | File | `/api/installation/setThumbnailRc` | High
|
||||
25 | File | `/api/sys/login` | High
|
||||
26 | File | `/api/sys/set_passwd` | High
|
||||
27 | File | `/api/thumbnail` | High
|
||||
28 | File | `/app/sys1.php` | High
|
||||
29 | File | `/bitrix/admin/ldap_server_edit.php` | High
|
||||
30 | File | `/blog-single.php` | High
|
||||
31 | File | `/cgi-bin/koha/catalogue/search.pl` | High
|
||||
32 | File | `/cgi-bin/luci/api/wireless` | High
|
||||
33 | File | `/classes/Master.php?f=delete_category` | High
|
||||
34 | File | `/collection/all` | High
|
||||
35 | File | `/conf/` | Low
|
||||
36 | File | `/config/php.ini` | High
|
||||
37 | File | `/Content/Template/root/reverse-shell.aspx` | High
|
||||
38 | File | `/core/conditions/AbstractWrapper.java` | High
|
||||
39 | File | `/etc/passwd` | Medium
|
||||
40 | File | `/find-a-match` | High
|
||||
41 | File | `/forum/away.php` | High
|
||||
42 | File | `/friends` | Medium
|
||||
43 | File | `/friends/ajax_invite` | High
|
||||
44 | File | `/fusion/portal/action/Link` | High
|
||||
45 | File | `/goform/fast_setting_wifi_set` | High
|
||||
46 | File | `/goform/NatStaticSetting` | High
|
||||
47 | File | `/goform/PowerSaveSet` | High
|
||||
48 | File | `/goform/SetPptpServerCfg` | High
|
||||
49 | File | `/goform/SetStaticRouteCfg` | High
|
||||
50 | File | `/goform/WifiBasicSet` | High
|
||||
51 | ... | ... | ...
|
||||
1 | File | `%SYSTEMDRIVE%\node_modules\.bin\wmic.exe` | High
|
||||
2 | File | `/.env` | Low
|
||||
3 | File | `/accounts_con/register_account` | High
|
||||
4 | File | `/admin/` | Low
|
||||
5 | File | `/admin/add-category.php` | High
|
||||
6 | File | `/admin/book_add.php` | High
|
||||
7 | File | `/admin/book_row.php` | High
|
||||
8 | File | `/admin/bwdates-report-details.php` | High
|
||||
9 | File | `/admin/course.php` | High
|
||||
10 | File | `/admin/departments/manage_department.php` | High
|
||||
11 | File | `/admin/index.php` | High
|
||||
12 | File | `/admin/ind_backstage.php` | High
|
||||
13 | File | `/admin/list_onlineuser.php` | High
|
||||
14 | File | `/admin/manage-pages.php` | High
|
||||
15 | File | `/admin/manage-users.php` | High
|
||||
16 | File | `/admin/options-theme.php` | High
|
||||
17 | File | `/admin/pages/subjects.php` | High
|
||||
18 | File | `/admin/pages/yearlevel.php` | High
|
||||
19 | File | `/admin/students/manage_academic.php` | High
|
||||
20 | File | `/admin/subject.php` | High
|
||||
21 | File | `/admin/theme-edit.php` | High
|
||||
22 | File | `/admin/upload/img` | High
|
||||
23 | File | `/adplanet/PlanetUser` | High
|
||||
24 | File | `/ample/app/ajax/member_data.php` | High
|
||||
25 | File | `/api/authentication/login` | High
|
||||
26 | File | `/api/upload.php` | High
|
||||
27 | File | `/article/DelectArticleById/` | High
|
||||
28 | File | `/auth/auth.php?user=1` | High
|
||||
29 | File | `/b2b-supermarket/catalog/all-products` | High
|
||||
30 | File | `/b2b-supermarket/shopping-cart` | High
|
||||
31 | File | `/base/ecma-helpers.c` | High
|
||||
32 | File | `/boaform/wlan_basic_set.cgi` | High
|
||||
33 | File | `/cgi-bin/cstecgi.cgi` | High
|
||||
34 | File | `/cgi-bin/cstecgi.cgi?action=login` | High
|
||||
35 | File | `/config,admin.jsp` | High
|
||||
36 | File | `/config-manager/save` | High
|
||||
37 | File | `/Content/Plugins/uploader/FileChoose.html?fileUrl=/Upload/File/Pics/&parent` | High
|
||||
38 | File | `/dashboard/createblog` | High
|
||||
39 | File | `/debug/pprof` | Medium
|
||||
40 | File | `/emap/devicePoint_addImgIco?hasSubsystem=true` | High
|
||||
41 | File | `/endpoint/add-guest.php` | High
|
||||
42 | File | `/endpoint/add-user.php` | High
|
||||
43 | File | `/etc/hosts.deny` | High
|
||||
44 | File | `/file-manager/delete.php` | High
|
||||
45 | File | `/file-manager/upload.php` | High
|
||||
46 | File | `/forum/away.php` | High
|
||||
47 | File | `/geoserver/gwc/rest.html` | High
|
||||
48 | ... | ... | ...
|
||||
|
||||
There are 448 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 421 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -35,7 +35,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
3 | T1068 | CWE-269 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 6 more TTP items available. Please use our online service to access the data.
|
||||
There are 7 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -43,12 +43,12 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `FlexCell.ocx` | Medium
|
||||
2 | File | `photo-gallery.php` | High
|
||||
3 | File | `wp-admin/profile.php` | High
|
||||
1 | File | `/ajax/openvpn/activate_ovpncfg.php` | High
|
||||
2 | File | `FlexCell.ocx` | Medium
|
||||
3 | File | `photo-gallery.php` | High
|
||||
4 | ... | ... | ...
|
||||
|
||||
There are 6 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 8 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -67,4 +67,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -65,72 +65,73 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/+CSCOE+/logon.html` | High
|
||||
2 | File | `/admin/photo.php` | High
|
||||
3 | File | `/admin/upload.php` | High
|
||||
4 | File | `/admin/user/add` | High
|
||||
5 | File | `/api/baskets/{name}` | High
|
||||
6 | File | `/APP_Installation.asp` | High
|
||||
7 | File | `/blog` | Low
|
||||
8 | File | `/categorypage.php` | High
|
||||
9 | File | `/cm/delete` | Medium
|
||||
10 | File | `/common/logViewer/logViewer.jsf` | High
|
||||
11 | File | `/crmeb/app/admin/controller/store/CopyTaobao.php` | High
|
||||
12 | File | `/download` | Medium
|
||||
13 | File | `/drivers/media/media-device.c` | High
|
||||
14 | File | `/etc/master.passwd` | High
|
||||
15 | File | `/filemanager/upload.php` | High
|
||||
16 | File | `/forum/away.php` | High
|
||||
17 | File | `/getcfg.php` | Medium
|
||||
18 | File | `/home.php` | Medium
|
||||
19 | File | `/homeaction.php` | High
|
||||
20 | File | `/index.php` | Medium
|
||||
21 | File | `/modules/profile/index.php` | High
|
||||
22 | File | `/modules/tasks/summary.inc.php` | High
|
||||
23 | File | `/multi-vendor-shopping-script/product-list.php` | High
|
||||
24 | File | `/out.php` | Medium
|
||||
25 | File | `/p` | Low
|
||||
26 | File | `/preauth` | Medium
|
||||
27 | File | `/products/details.asp` | High
|
||||
28 | File | `/recordings/index.php` | High
|
||||
29 | File | `/see_more_details.php` | High
|
||||
30 | File | `/show_news.php` | High
|
||||
31 | File | `/tmp/before` | Medium
|
||||
32 | File | `/uncpath/` | Medium
|
||||
33 | File | `/updownload/t.report` | High
|
||||
34 | File | `/user.profile.php` | High
|
||||
35 | File | `/var/WEB-GUI/cgi-bin/telnet.cgi` | High
|
||||
36 | File | `/wordpress/wp-admin/options-general.php` | High
|
||||
37 | File | `/wp-admin` | Medium
|
||||
38 | File | `/wp-admin/admin-ajax.php` | High
|
||||
39 | File | `4.2.0.CP09` | Medium
|
||||
40 | File | `account.asp` | Medium
|
||||
41 | File | `adclick.php` | Medium
|
||||
42 | File | `adm/systools.asp` | High
|
||||
43 | File | `admin.php` | Medium
|
||||
44 | File | `admin/admin.shtml` | High
|
||||
45 | File | `Admin/ADM_Pagina.php` | High
|
||||
46 | File | `admin/category.inc.php` | High
|
||||
47 | File | `admin/main.asp` | High
|
||||
48 | File | `admin/param/param_func.inc.php` | High
|
||||
49 | File | `admin/y_admin.asp` | High
|
||||
50 | File | `admincp.php?app=apps&do=save` | High
|
||||
51 | File | `adminer.php` | Medium
|
||||
52 | File | `administration/admins.php` | High
|
||||
53 | File | `administrator/components/com_media/helpers/media.php` | High
|
||||
54 | File | `admin_ok.asp` | Medium
|
||||
55 | File | `album_portal.php` | High
|
||||
56 | File | `app/Core/Paginator.php` | High
|
||||
57 | File | `app/index.php/accounts/default/details?id=2&kanbanBoard=1&openToTaskId=1` | High
|
||||
58 | File | `archive.php` | Medium
|
||||
59 | File | `artlinks.dispnew.php` | High
|
||||
60 | File | `auth.php` | Medium
|
||||
61 | File | `bin/named/query.c` | High
|
||||
62 | File | `blank.php` | Medium
|
||||
63 | File | `blocklayered-ajax.php` | High
|
||||
64 | File | `blogger-importer.php` | High
|
||||
65 | ... | ... | ...
|
||||
2 | File | `/admin/manage_academic.php` | High
|
||||
3 | File | `/admin/photo.php` | High
|
||||
4 | File | `/admin/upload.php` | High
|
||||
5 | File | `/admin/user/add` | High
|
||||
6 | File | `/api/baskets/{name}` | High
|
||||
7 | File | `/APP_Installation.asp` | High
|
||||
8 | File | `/blog` | Low
|
||||
9 | File | `/categorypage.php` | High
|
||||
10 | File | `/cm/delete` | Medium
|
||||
11 | File | `/common/logViewer/logViewer.jsf` | High
|
||||
12 | File | `/crmeb/app/admin/controller/store/CopyTaobao.php` | High
|
||||
13 | File | `/download` | Medium
|
||||
14 | File | `/drivers/media/media-device.c` | High
|
||||
15 | File | `/etc/master.passwd` | High
|
||||
16 | File | `/filemanager/upload.php` | High
|
||||
17 | File | `/forum/away.php` | High
|
||||
18 | File | `/getcfg.php` | Medium
|
||||
19 | File | `/home.php` | Medium
|
||||
20 | File | `/homeaction.php` | High
|
||||
21 | File | `/index.php` | Medium
|
||||
22 | File | `/modules/profile/index.php` | High
|
||||
23 | File | `/modules/tasks/summary.inc.php` | High
|
||||
24 | File | `/multi-vendor-shopping-script/product-list.php` | High
|
||||
25 | File | `/out.php` | Medium
|
||||
26 | File | `/p` | Low
|
||||
27 | File | `/preauth` | Medium
|
||||
28 | File | `/products/details.asp` | High
|
||||
29 | File | `/recordings/index.php` | High
|
||||
30 | File | `/see_more_details.php` | High
|
||||
31 | File | `/show_news.php` | High
|
||||
32 | File | `/tmp/before` | Medium
|
||||
33 | File | `/uncpath/` | Medium
|
||||
34 | File | `/updownload/t.report` | High
|
||||
35 | File | `/user.profile.php` | High
|
||||
36 | File | `/var/WEB-GUI/cgi-bin/telnet.cgi` | High
|
||||
37 | File | `/wordpress/wp-admin/options-general.php` | High
|
||||
38 | File | `/wp-admin` | Medium
|
||||
39 | File | `/wp-admin/admin-ajax.php` | High
|
||||
40 | File | `4.2.0.CP09` | Medium
|
||||
41 | File | `account.asp` | Medium
|
||||
42 | File | `adclick.php` | Medium
|
||||
43 | File | `adm/systools.asp` | High
|
||||
44 | File | `admin.php` | Medium
|
||||
45 | File | `admin/admin.shtml` | High
|
||||
46 | File | `Admin/ADM_Pagina.php` | High
|
||||
47 | File | `admin/category.inc.php` | High
|
||||
48 | File | `admin/main.asp` | High
|
||||
49 | File | `admin/param/param_func.inc.php` | High
|
||||
50 | File | `admin/y_admin.asp` | High
|
||||
51 | File | `admincp.php?app=apps&do=save` | High
|
||||
52 | File | `adminer.php` | Medium
|
||||
53 | File | `administration/admins.php` | High
|
||||
54 | File | `administrator/components/com_media/helpers/media.php` | High
|
||||
55 | File | `admin_ok.asp` | Medium
|
||||
56 | File | `album_portal.php` | High
|
||||
57 | File | `app/Core/Paginator.php` | High
|
||||
58 | File | `app/index.php/accounts/default/details?id=2&kanbanBoard=1&openToTaskId=1` | High
|
||||
59 | File | `archive.php` | Medium
|
||||
60 | File | `artlinks.dispnew.php` | High
|
||||
61 | File | `auth.php` | Medium
|
||||
62 | File | `awstats.pl` | Medium
|
||||
63 | File | `bin/named/query.c` | High
|
||||
64 | File | `blank.php` | Medium
|
||||
65 | File | `blocklayered-ajax.php` | High
|
||||
66 | ... | ... | ...
|
||||
|
||||
There are 572 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 583 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
@ -149,4 +150,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -70,4 +70,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -91,4 +91,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -10,7 +10,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [RU](https://vuldb.com/?country.ru)
|
||||
* [GB](https://vuldb.com/?country.gb)
|
||||
* [CZ](https://vuldb.com/?country.cz)
|
||||
* ...
|
||||
|
||||
There are 10 more country items available. Please use our online service to access the data.
|
||||
|
@ -161,7 +161,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
3 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 10 more TTP items available. Please use our online service to access the data.
|
||||
There are 11 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -177,9 +177,10 @@ ID | Type | Indicator | Confidence
|
|||
6 | File | `/_uuids` | Low
|
||||
7 | File | `admin/dashboard.php` | High
|
||||
8 | File | `agent/Core/SpawningKit/Spawner.h` | High
|
||||
9 | ... | ... | ...
|
||||
9 | File | `auth-gss2.c` | Medium
|
||||
10 | ... | ... | ...
|
||||
|
||||
There are 69 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 72 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
@ -198,4 +199,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -39,7 +39,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
3 | T1059.007 | CWE-79, CWE-80, CWE-84 | Cross Site Scripting | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 8 more TTP items available. Please use our online service to access the data.
|
||||
There are 10 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -58,14 +58,13 @@ ID | Type | Indicator | Confidence
|
|||
9 | File | `/spip.php` | Medium
|
||||
10 | File | `addentry.php` | Medium
|
||||
11 | File | `admin.php` | Medium
|
||||
12 | File | `admin/admin.php` | High
|
||||
13 | File | `admin/conf_users_edit.php` | High
|
||||
14 | File | `admin/index.php` | High
|
||||
15 | File | `AppCompatCache.exe` | High
|
||||
16 | File | `ardguest.php` | Medium
|
||||
17 | ... | ... | ...
|
||||
12 | File | `admin/admin.guestbook.php` | High
|
||||
13 | File | `admin/admin.php` | High
|
||||
14 | File | `admin/conf_users_edit.php` | High
|
||||
15 | File | `admin/index.php` | High
|
||||
16 | ... | ... | ...
|
||||
|
||||
There are 137 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 127 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
@ -82,4 +81,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [JP](https://vuldb.com/?country.jp)
|
||||
* ...
|
||||
|
||||
There are 28 more country items available. Please use our online service to access the data.
|
||||
There are 32 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -57603,14 +57603,14 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-24 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-294, CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-24 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-294 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
4 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 20 more TTP items available. Please use our online service to access the data.
|
||||
There are 21 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -57618,44 +57618,52 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `%PROGRAMFILES(X86)%\TSplus\Clients\www.` | High
|
||||
2 | File | `%SYSTEMDRIVE%\node_modules\.bin\wmic.exe` | High
|
||||
3 | File | `/.env` | Low
|
||||
4 | File | `//proc/kcore` | Medium
|
||||
5 | File | `/admin/add-category.php` | High
|
||||
6 | File | `/admin/offenses/view_details.php` | High
|
||||
7 | File | `/admin/theme-edit.php` | High
|
||||
8 | File | `/ample/app/ajax/member_data.php` | High
|
||||
9 | File | `/api/admin/system/store/order/list` | High
|
||||
10 | File | `/api/authentication/login` | High
|
||||
11 | File | `/api/upload.php` | High
|
||||
12 | File | `/b2b-supermarket/shopping-cart` | High
|
||||
13 | File | `/base/ecma-helpers.c` | High
|
||||
14 | File | `/bin/rc4_crypt` | High
|
||||
15 | File | `/cgi-bin/luci/api/switch` | High
|
||||
16 | File | `/cgi-bin/luci;stok=/locale` | High
|
||||
17 | File | `/cgi-bin/qcmap_auth` | High
|
||||
18 | File | `/CMD_ACCOUNT_ADMIN` | High
|
||||
19 | File | `/common/logViewer/logViewer.jsf` | High
|
||||
20 | File | `/Content/Plugins/uploader/FileChoose.html?fileUrl=/Upload/File/Pics/&parent` | High
|
||||
21 | File | `/dishes.php` | Medium
|
||||
22 | File | `/endpoint/add-user.php` | High
|
||||
23 | File | `/etc/hosts.deny` | High
|
||||
24 | File | `/forum/away.php` | High
|
||||
25 | File | `/goform/formSysCmd` | High
|
||||
26 | File | `/goform/goform_get_cmd_process` | High
|
||||
27 | File | `/h/autoSaveDraft` | High
|
||||
28 | File | `/HNAP1/` | Low
|
||||
29 | File | `/home/admin/.ash_history` | High
|
||||
30 | File | `/leave_system/classes/SystemSettings.php?f=update_settings` | High
|
||||
31 | File | `/link/` | Low
|
||||
32 | File | `/main/inc/ajax/dropbox.ajax.php` | High
|
||||
33 | File | `/main/webservices/additional_webservices.php` | High
|
||||
34 | File | `/oauth/idp/.well-known/openid-configuration` | High
|
||||
35 | File | `/public/plugins/` | High
|
||||
36 | ... | ... | ...
|
||||
1 | File | `/accounts_con/register_account` | High
|
||||
2 | File | `/admin/` | Low
|
||||
3 | File | `/admin/book_add.php` | High
|
||||
4 | File | `/admin/book_row.php` | High
|
||||
5 | File | `/admin/bwdates-report-details.php` | High
|
||||
6 | File | `/admin/controller/JobLogController.java` | High
|
||||
7 | File | `/admin/course.php` | High
|
||||
8 | File | `/admin/general.cgi` | High
|
||||
9 | File | `/admin/index2.html` | High
|
||||
10 | File | `/admin/ind_backstage.php` | High
|
||||
11 | File | `/admin/manage-pages.php` | High
|
||||
12 | File | `/admin/manage-users.php` | High
|
||||
13 | File | `/admin/options-theme.php` | High
|
||||
14 | File | `/admin/pages/subjects.php` | High
|
||||
15 | File | `/admin/pages/yearlevel.php` | High
|
||||
16 | File | `/admin/subject.php` | High
|
||||
17 | File | `/admin/upload/img` | High
|
||||
18 | File | `/adplanet/PlanetUser` | High
|
||||
19 | File | `/api/admin/system/store/order/list` | High
|
||||
20 | File | `/api/log/killJob` | High
|
||||
21 | File | `/api/snapshot and /api/get_log_file` | High
|
||||
22 | File | `/api/trackedEntityInstances` | High
|
||||
23 | File | `/api/upload.php` | High
|
||||
24 | File | `/api /v3/auth` | High
|
||||
25 | File | `/article/DelectArticleById/` | High
|
||||
26 | File | `/auth/auth.php?user=1` | High
|
||||
27 | File | `/b2b-supermarket/catalog/all-products` | High
|
||||
28 | File | `/b2b-supermarket/shopping-cart` | High
|
||||
29 | File | `/boaform/wlan_basic_set.cgi` | High
|
||||
30 | File | `/cgi-bin/cstecgi.cgi` | High
|
||||
31 | File | `/cgi-bin/cstecgi.cgi?action=login` | High
|
||||
32 | File | `/cgi-bin/mainfunction.cgi` | High
|
||||
33 | File | `/cgi-bin/qcmap_auth` | High
|
||||
34 | File | `/cgi-bin/vitogate.cgi` | High
|
||||
35 | File | `/classes/Master.php?f=delete_category` | High
|
||||
36 | File | `/config,admin.jsp` | High
|
||||
37 | File | `/config/getuser` | High
|
||||
38 | File | `/Content/Plugins/uploader/FileChoose.html?fileUrl=/Upload/File/Pics/&parent` | High
|
||||
39 | File | `/debug/pprof` | Medium
|
||||
40 | File | `/endpoint/add-guest.php` | High
|
||||
41 | File | `/file-manager/delete.php` | High
|
||||
42 | File | `/file-manager/upload.php` | High
|
||||
43 | File | `/forum/away.php` | High
|
||||
44 | ... | ... | ...
|
||||
|
||||
There are 307 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 382 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
@ -57675,4 +57683,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -10,10 +10,10 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
* [GB](https://vuldb.com/?country.gb)
|
||||
* [IR](https://vuldb.com/?country.ir)
|
||||
* ...
|
||||
|
||||
There are 19 more country items available. Please use our online service to access the data.
|
||||
There are 22 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -39,11 +39,12 @@ ID | Technique | Weakness | Description | Confidence
|
|||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-425 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
4 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
6 | T1068 | CWE-264, CWE-269, CWE-284 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | High
|
||||
7 | ... | ... | ... | ...
|
||||
|
||||
There are 21 more TTP items available. Please use our online service to access the data.
|
||||
There are 22 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -52,54 +53,51 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `%SYSTEMDRIVE%\node_modules\.bin\wmic.exe` | High
|
||||
2 | File | `//WEB-INF` | Medium
|
||||
3 | File | `/about.php` | Medium
|
||||
4 | File | `/admin.php/update/getFile.html` | High
|
||||
5 | File | `/admin/save.php` | High
|
||||
6 | File | `/admin/sys_sql_query.php` | High
|
||||
7 | File | `/api/baskets/{name}` | High
|
||||
8 | File | `/api/download` | High
|
||||
9 | File | `/api/v1/alerts` | High
|
||||
10 | File | `/api/v1/terminal/sessions/?limit=1` | High
|
||||
11 | File | `/api/v2/cli/commands` | High
|
||||
2 | File | `/admin/save.php` | High
|
||||
3 | File | `/admin/singlelogin.php?submit=1` | High
|
||||
4 | File | `/admin/sys_sql_query.php` | High
|
||||
5 | File | `/api/baskets/{name}` | High
|
||||
6 | File | `/api/download` | High
|
||||
7 | File | `/api/snapshot and /api/get_log_file` | High
|
||||
8 | File | `/api/v1/alerts` | High
|
||||
9 | File | `/api/v1/terminal/sessions/?limit=1` | High
|
||||
10 | File | `/api/v2/cli/commands` | High
|
||||
11 | File | `/b2b-supermarket/shopping-cart` | High
|
||||
12 | File | `/bitrix/admin/ldap_server_edit.php` | High
|
||||
13 | File | `/category.php` | High
|
||||
14 | File | `/categorypage.php` | High
|
||||
15 | File | `/cgi-bin/luci/api/wireless` | High
|
||||
16 | File | `/cgi-bin/vitogate.cgi` | High
|
||||
17 | File | `/company/store` | High
|
||||
18 | File | `/Content/Template/root/reverse-shell.aspx` | High
|
||||
19 | File | `/Controller/Ajaxfileupload.ashx` | High
|
||||
20 | File | `/core/conditions/AbstractWrapper.java` | High
|
||||
21 | File | `/debug/pprof` | Medium
|
||||
22 | File | `/Duty/AjaxHandle/UploadHandler.ashx` | High
|
||||
23 | File | `/Duty/AjaxHandle/Write/UploadFile.ashx` | High
|
||||
24 | File | `/etc/passwd` | Medium
|
||||
25 | File | `/fcgi/scrut_fcgi.fcgi` | High
|
||||
26 | File | `/forum/away.php` | High
|
||||
27 | File | `/geoserver/gwc/rest.html` | High
|
||||
28 | File | `/h/` | Low
|
||||
29 | File | `/HNAP1` | Low
|
||||
30 | File | `/inc/jquery/uploadify/uploadify.php` | High
|
||||
31 | File | `/index.php?app=main&func=passport&action=login` | High
|
||||
32 | File | `/index.php?page=category_list` | High
|
||||
33 | File | `/jeecg-boot/sys/common/upload` | High
|
||||
34 | File | `/jobinfo/` | Medium
|
||||
35 | File | `/librarian/bookdetails.php` | High
|
||||
36 | File | `/Moosikay/order.php` | High
|
||||
37 | File | `/OA_HTML/cabo/jsps/a.jsp` | High
|
||||
38 | File | `/opac/Actions.php?a=login` | High
|
||||
39 | File | `/PreviewHandler.ashx` | High
|
||||
40 | File | `/proxy` | Low
|
||||
41 | File | `/recipe-result` | High
|
||||
42 | File | `/register.do` | Medium
|
||||
43 | File | `/reservation/add_message.php` | High
|
||||
44 | File | `/RPS2019Service/status.html` | High
|
||||
45 | File | `/Service/ImageStationDataService.asmx` | High
|
||||
46 | File | `/setting` | Medium
|
||||
47 | ... | ... | ...
|
||||
15 | File | `/cgi-bin/cstecgi.cgi?action=login` | High
|
||||
16 | File | `/cgi-bin/luci/api/wireless` | High
|
||||
17 | File | `/cgi-bin/vitogate.cgi` | High
|
||||
18 | File | `/company/store` | High
|
||||
19 | File | `/Content/Template/root/reverse-shell.aspx` | High
|
||||
20 | File | `/Controller/Ajaxfileupload.ashx` | High
|
||||
21 | File | `/core/conditions/AbstractWrapper.java` | High
|
||||
22 | File | `/debug/pprof` | Medium
|
||||
23 | File | `/Duty/AjaxHandle/UploadHandler.ashx` | High
|
||||
24 | File | `/Duty/AjaxHandle/Write/UploadFile.ashx` | High
|
||||
25 | File | `/etc/passwd` | Medium
|
||||
26 | File | `/fcgi/scrut_fcgi.fcgi` | High
|
||||
27 | File | `/forum/away.php` | High
|
||||
28 | File | `/geoserver/gwc/rest.html` | High
|
||||
29 | File | `/goform/formSysCmd` | High
|
||||
30 | File | `/h/` | Low
|
||||
31 | File | `/HNAP1` | Low
|
||||
32 | File | `/hosts/firewall/ip` | High
|
||||
33 | File | `/index.php/ccm/system/file/upload` | High
|
||||
34 | File | `/jeecg-boot/sys/common/upload` | High
|
||||
35 | File | `/oauth/idp/.well-known/openid-configuration` | High
|
||||
36 | File | `/OA_HTML/cabo/jsps/a.jsp` | High
|
||||
37 | File | `/php/ping.php` | High
|
||||
38 | File | `/proxy` | Low
|
||||
39 | File | `/recipe-result` | High
|
||||
40 | File | `/register.do` | Medium
|
||||
41 | File | `/RPS2019Service/status.html` | High
|
||||
42 | File | `/Service/ImageStationDataService.asmx` | High
|
||||
43 | File | `/setting` | Medium
|
||||
44 | ... | ... | ...
|
||||
|
||||
There are 409 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 383 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
@ -118,4 +116,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -71,4 +71,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -89,4 +89,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -8,8 +8,8 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
|
|||
|
||||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Farseer:
|
||||
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
* [JP](https://vuldb.com/?country.jp)
|
||||
* ...
|
||||
|
||||
|
@ -77,4 +77,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -72,4 +72,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -70,4 +70,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -65,4 +65,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -56,7 +56,7 @@ ID | Type | Indicator | Confidence
|
|||
3 | File | `admin/downloadbackup.php` | High
|
||||
4 | ... | ... | ...
|
||||
|
||||
There are 8 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 10 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
@ -75,4 +75,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -27,4 +27,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -145,7 +145,7 @@ ID | Type | Indicator | Confidence
|
|||
31 | File | `/opt/zimbra/jetty/webapps/zimbra/public` | High
|
||||
32 | ... | ... | ...
|
||||
|
||||
There are 270 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 271 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
@ -206,4 +206,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -54,4 +54,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -27,4 +27,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -156,4 +156,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -66,4 +66,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -31,7 +31,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
3 | T1505 | CWE-89 | SQL Injection | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 3 more TTP items available. Please use our online service to access the data.
|
||||
There are 4 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -39,9 +39,12 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `plugins/web/service/search/auto-completion/<domain>/en.xml` | High
|
||||
2 | File | `userfiles/modules/users/controller/controller.php` | High
|
||||
3 | Argument | `nx_id` | Low
|
||||
1 | File | `/uncpath/` | Medium
|
||||
2 | File | `ext/phar/phar.c` | High
|
||||
3 | File | `plugins/web/service/search/auto-completion/<domain>/en.xml` | High
|
||||
4 | ... | ... | ...
|
||||
|
||||
There are 2 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
@ -58,4 +61,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -68,4 +68,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -121,9 +121,10 @@ ID | Type | Indicator | Confidence
|
|||
64 | File | `app/index.php/accounts/default/details?id=2&kanbanBoard=1&openToTaskId=1` | High
|
||||
65 | File | `artlinks.dispnew.php` | High
|
||||
66 | File | `auth.php` | Medium
|
||||
67 | ... | ... | ...
|
||||
67 | File | `awstats.pl` | Medium
|
||||
68 | ... | ... | ...
|
||||
|
||||
There are 586 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 593 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
@ -142,4 +143,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -14,6 +14,7 @@ The following _campaigns_ are known and can be associated with HermeticWiper:
|
|||
|
||||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with HermeticWiper:
|
||||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [ES](https://vuldb.com/?country.es)
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
@ -58,4 +59,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -52,4 +52,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -57,32 +57,33 @@ ID | Type | Indicator | Confidence
|
|||
-- | ---- | --------- | ----------
|
||||
1 | File | `/admin-panel1.php` | High
|
||||
2 | File | `/admin/academic/studenview_left.php` | High
|
||||
3 | File | `/admin/bookings/view_details.php` | High
|
||||
4 | File | `/admin/controller/JobLogController.java` | High
|
||||
5 | File | `/admin/login.php` | High
|
||||
6 | File | `/ad_js.php` | Medium
|
||||
7 | File | `/alerts/alertConfigField.php` | High
|
||||
8 | File | `/api/v1/terminal/sessions/?limit=1` | High
|
||||
9 | File | `/config/myfield/test.php` | High
|
||||
10 | File | `/context/%2e/WEB-INF/web.xml` | High
|
||||
11 | File | `/core/conditions/AbstractWrapper.java` | High
|
||||
12 | File | `/data/remove` | Medium
|
||||
13 | File | `/debug/pprof` | Medium
|
||||
14 | File | `/etc/passwd` | Medium
|
||||
15 | File | `/face-recognition-php/facepay-master/camera.php` | High
|
||||
16 | File | `/forms/doLogin` | High
|
||||
17 | File | `/fuel/index.php/fuel/logs/items` | High
|
||||
18 | File | `/fuel/index.php/fuel/pages/items` | High
|
||||
19 | File | `/goform/aspForm` | High
|
||||
20 | File | `/image_zoom.php` | High
|
||||
3 | File | `/admin/ajax.php` | High
|
||||
4 | File | `/admin/ajax.php?action=confirm_order` | High
|
||||
5 | File | `/admin/bookings/view_details.php` | High
|
||||
6 | File | `/admin/controller/JobLogController.java` | High
|
||||
7 | File | `/admin/login.php` | High
|
||||
8 | File | `/alerts/alertConfigField.php` | High
|
||||
9 | File | `/api/v1/terminal/sessions/?limit=1` | High
|
||||
10 | File | `/config/myfield/test.php` | High
|
||||
11 | File | `/context/%2e/WEB-INF/web.xml` | High
|
||||
12 | File | `/core/conditions/AbstractWrapper.java` | High
|
||||
13 | File | `/data/remove` | Medium
|
||||
14 | File | `/debug/pprof` | Medium
|
||||
15 | File | `/etc/passwd` | Medium
|
||||
16 | File | `/face-recognition-php/facepay-master/camera.php` | High
|
||||
17 | File | `/forms/doLogin` | High
|
||||
18 | File | `/fuel/index.php/fuel/logs/items` | High
|
||||
19 | File | `/fuel/index.php/fuel/pages/items` | High
|
||||
20 | File | `/goform/aspForm` | High
|
||||
21 | File | `/index.php` | Medium
|
||||
22 | File | `/mkshop/Men/profile.php` | High
|
||||
23 | File | `/modules/announcement/index.php?view=edit` | High
|
||||
24 | File | `/param.file.tgz` | High
|
||||
25 | File | `/proxy/` | Low
|
||||
26 | ... | ... | ...
|
||||
25 | File | `/php/exportrecord.php` | High
|
||||
26 | File | `/proxy/` | Low
|
||||
27 | ... | ... | ...
|
||||
|
||||
There are 223 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 224 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
@ -99,4 +100,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -72,4 +72,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -10,10 +10,10 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [PL](https://vuldb.com/?country.pl)
|
||||
* [DE](https://vuldb.com/?country.de)
|
||||
* [FR](https://vuldb.com/?country.fr)
|
||||
* ...
|
||||
|
||||
There are 2 more country items available. Please use our online service to access the data.
|
||||
There are 4 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -30,7 +30,7 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-22 | Pathname Traversal | High
|
||||
1 | T1006 | CWE-22, CWE-23 | Pathname Traversal | High
|
||||
2 | T1055 | CWE-74 | Injection | High
|
||||
3 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
|
||||
4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
|
@ -45,46 +45,48 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `.htaccess` | Medium
|
||||
2 | File | `/admin/loginc.php` | High
|
||||
3 | File | `/admin/students/view_student.php` | High
|
||||
4 | File | `/Applications/Calculator.app/Contents/MacOS/Calculator` | High
|
||||
5 | File | `/cgi-bin/` | Medium
|
||||
6 | File | `/cgi-bin/luci` | High
|
||||
7 | File | `/common/info.cgi` | High
|
||||
8 | File | `/config.cgi?webmin` | High
|
||||
9 | File | `/data/inc/images.php` | High
|
||||
10 | File | `/dev/block/mmcblk0rpmb` | High
|
||||
11 | File | `/edit` | Low
|
||||
12 | File | `/etc/passwd` | Medium
|
||||
13 | File | `/etc/stunnel.key` | High
|
||||
14 | File | `/etc/sysconfig/btrfsmaintenance` | High
|
||||
15 | File | `/framework/modules/notfound/controllers/notfoundController.php` | High
|
||||
16 | File | `/gadgets/definitions/uptime.CapacityWhatIfGadget/getmetrics.php` | High
|
||||
17 | File | `/job-details` | Medium
|
||||
18 | File | `/mib.db` | Low
|
||||
19 | File | `/page/add` | Medium
|
||||
20 | File | `/squashfs-root/www/HNAP1/control/SetWizardConfig.php` | High
|
||||
21 | File | `/system-info/health` | High
|
||||
22 | File | `/tmp/s48lose.tmp` | High
|
||||
23 | File | `/tmp/xbindkeysrc-tmp` | High
|
||||
24 | File | `/uncpath/` | Medium
|
||||
25 | File | `/usr/local` | Medium
|
||||
26 | File | `/var/log/nginx` | High
|
||||
27 | File | `/var/run/jboss-eap/` | High
|
||||
28 | File | `admin-ajax.php` | High
|
||||
29 | File | `admin.jcomments.php` | High
|
||||
30 | File | `admin.php` | Medium
|
||||
31 | File | `admin/?n=language&c=language_general&a=doSearchParameter` | High
|
||||
32 | File | `admin/?n=user&c=admin_user&a=doGetUserInfo` | High
|
||||
33 | File | `admin/admin_log/index.html?user_id` | High
|
||||
34 | File | `admin/admin_menu.php` | High
|
||||
35 | File | `admin/config.php` | High
|
||||
36 | File | `admin/content.php` | High
|
||||
37 | File | `admin/edit_category.php` | High
|
||||
38 | File | `admin/users` | Medium
|
||||
39 | ... | ... | ...
|
||||
2 | File | `/admin/config/uploadicon.php` | High
|
||||
3 | File | `/admin/loginc.php` | High
|
||||
4 | File | `/admin/students/view_student.php` | High
|
||||
5 | File | `/Applications/Calculator.app/Contents/MacOS/Calculator` | High
|
||||
6 | File | `/cgi-bin/` | Medium
|
||||
7 | File | `/cgi-bin/luci` | High
|
||||
8 | File | `/common/info.cgi` | High
|
||||
9 | File | `/config.cgi?webmin` | High
|
||||
10 | File | `/data/inc/images.php` | High
|
||||
11 | File | `/dev/block/mmcblk0rpmb` | High
|
||||
12 | File | `/edit` | Low
|
||||
13 | File | `/etc/passwd` | Medium
|
||||
14 | File | `/etc/stunnel.key` | High
|
||||
15 | File | `/etc/sysconfig/btrfsmaintenance` | High
|
||||
16 | File | `/framework/modules/notfound/controllers/notfoundController.php` | High
|
||||
17 | File | `/gadgets/definitions/uptime.CapacityWhatIfGadget/getmetrics.php` | High
|
||||
18 | File | `/inquiries/view_inquiry.php` | High
|
||||
19 | File | `/job-details` | Medium
|
||||
20 | File | `/mib.db` | Low
|
||||
21 | File | `/page/add` | Medium
|
||||
22 | File | `/squashfs-root/www/HNAP1/control/SetWizardConfig.php` | High
|
||||
23 | File | `/system-info/health` | High
|
||||
24 | File | `/tmp/s48lose.tmp` | High
|
||||
25 | File | `/tmp/xbindkeysrc-tmp` | High
|
||||
26 | File | `/uncpath/` | Medium
|
||||
27 | File | `/usr/local` | Medium
|
||||
28 | File | `/var/log/nginx` | High
|
||||
29 | File | `/var/run/jboss-eap/` | High
|
||||
30 | File | `admin-ajax.php` | High
|
||||
31 | File | `admin.jcomments.php` | High
|
||||
32 | File | `admin.php` | Medium
|
||||
33 | File | `admin/?n=language&c=language_general&a=doSearchParameter` | High
|
||||
34 | File | `admin/?n=user&c=admin_user&a=doGetUserInfo` | High
|
||||
35 | File | `admin/admin_log/index.html?user_id` | High
|
||||
36 | File | `admin/admin_menu.php` | High
|
||||
37 | File | `admin/config.php` | High
|
||||
38 | File | `admin/content.php` | High
|
||||
39 | File | `admin/edit_category.php` | High
|
||||
40 | File | `admin/users` | Medium
|
||||
41 | ... | ... | ...
|
||||
|
||||
There are 335 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 350 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
@ -101,4 +103,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [CN](https://vuldb.com/?country.cn)
|
||||
* ...
|
||||
|
||||
There are 11 more country items available. Please use our online service to access the data.
|
||||
There are 12 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -39,11 +39,11 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-22, CWE-23, CWE-36, CWE-425 | Pathname Traversal | High
|
||||
1 | T1006 | CWE-22, CWE-23, CWE-29, CWE-36, CWE-425 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-294, CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 20 more TTP items available. Please use our online service to access the data.
|
||||
|
@ -59,37 +59,39 @@ ID | Type | Indicator | Confidence
|
|||
3 | File | `/admin/manage-users.php` | High
|
||||
4 | File | `/admin/modal_add_product.php` | High
|
||||
5 | File | `/admin/reg.php` | High
|
||||
6 | File | `/admin/service.php` | High
|
||||
7 | File | `/admin/sys_sql_query.php` | High
|
||||
6 | File | `/admin/sys_sql_query.php` | High
|
||||
7 | File | `/admin/users` | Medium
|
||||
8 | File | `/Ant_Suxin.php` | High
|
||||
9 | File | `/api/admin/user/list` | High
|
||||
10 | File | `/api/authentication/login` | High
|
||||
11 | File | `/api/thumbnail` | High
|
||||
12 | File | `/App_Resource/UEditor/server/upload.aspx` | High
|
||||
13 | File | `/blog/blogpublish.php` | High
|
||||
14 | File | `/boaform/admin/formPing` | High
|
||||
15 | File | `/cgi-bin/vitogate.cgi` | High
|
||||
16 | File | `/collection/all` | High
|
||||
17 | File | `/company/store` | High
|
||||
18 | File | `/config-manager/save` | High
|
||||
19 | File | `/config/getuser` | High
|
||||
20 | File | `/config/php.ini` | High
|
||||
21 | File | `/controllers/Blocks.php` | High
|
||||
22 | File | `/dcim/rack/` | Medium
|
||||
23 | File | `/debug/pprof` | Medium
|
||||
24 | File | `/dede/tpl.php` | High
|
||||
25 | File | `/download` | Medium
|
||||
26 | File | `/download/image` | High
|
||||
27 | File | `/emap/devicePoint_addImgIco?hasSubsystem=true` | High
|
||||
28 | File | `/endpoint/add-user.php` | High
|
||||
29 | File | `/etc/hosts.deny` | High
|
||||
30 | File | `/file/upload/1` | High
|
||||
31 | File | `/filemanager/php/connector.php` | High
|
||||
32 | File | `/goform/aspForm` | High
|
||||
33 | File | `/goform/telnet` | High
|
||||
34 | ... | ... | ...
|
||||
12 | File | `/api /v3/auth` | High
|
||||
13 | File | `/App_Resource/UEditor/server/upload.aspx` | High
|
||||
14 | File | `/blog/blogpublish.php` | High
|
||||
15 | File | `/cgi-bin/cstecgi.cgi?action=login` | High
|
||||
16 | File | `/cgi-bin/R19.9/easy1350.pl` | High
|
||||
17 | File | `/cgi-bin/vitogate.cgi` | High
|
||||
18 | File | `/collection/all` | High
|
||||
19 | File | `/company/store` | High
|
||||
20 | File | `/config-manager/save` | High
|
||||
21 | File | `/config/getuser` | High
|
||||
22 | File | `/config/php.ini` | High
|
||||
23 | File | `/controllers/Blocks.php` | High
|
||||
24 | File | `/debug/pprof` | Medium
|
||||
25 | File | `/dede/tpl.php` | High
|
||||
26 | File | `/download` | Medium
|
||||
27 | File | `/download/image` | High
|
||||
28 | File | `/emap/devicePoint_addImgIco?hasSubsystem=true` | High
|
||||
29 | File | `/endpoint/add-user.php` | High
|
||||
30 | File | `/etc/hosts.deny` | High
|
||||
31 | File | `/file-manager/upload.php` | High
|
||||
32 | File | `/file/upload/1` | High
|
||||
33 | File | `/filemanager/php/connector.php` | High
|
||||
34 | File | `/goform/aspForm` | High
|
||||
35 | File | `/goform/telnet` | High
|
||||
36 | ... | ... | ...
|
||||
|
||||
There are 289 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 309 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
@ -106,4 +108,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -76,4 +76,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -61,4 +61,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -69,4 +69,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -178,7 +178,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
3 | T1059.007 | CWE-79 | Cross Site Scripting | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 5 more TTP items available. Please use our online service to access the data.
|
||||
There are 6 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -191,7 +191,7 @@ ID | Type | Indicator | Confidence
|
|||
3 | File | `cloudinit/config/cc_set_passwords.py` | High
|
||||
4 | ... | ... | ...
|
||||
|
||||
There are 13 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 14 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
@ -208,4 +208,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -9,7 +9,6 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
|
|||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with LabRat:
|
||||
|
||||
* [VN](https://vuldb.com/?country.vn)
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -30,11 +29,11 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-29 | Pathname Traversal | High
|
||||
2 | T1055 | CWE-74 | Injection | High
|
||||
3 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
5 | T1068 | CWE-250, CWE-264, CWE-266, CWE-269, CWE-284 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | High
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-29, CWE-425 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-294 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 22 more TTP items available. Please use our online service to access the data.
|
||||
|
@ -45,50 +44,46 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/academy/home/courses` | High
|
||||
2 | File | `/admin/adclass.php` | High
|
||||
3 | File | `/admin/admin-profile.php` | High
|
||||
4 | File | `/admin/sales/view_details.php` | High
|
||||
5 | File | `/admin/students/view_details.php` | High
|
||||
6 | File | `/ajax-files/followBoard.php` | High
|
||||
7 | File | `/ajax.php?action=read_msg` | High
|
||||
8 | File | `/api/cron/settings/setJob/` | High
|
||||
9 | File | `/api/v1/snapshots` | High
|
||||
10 | File | `/api/v1/terminal/sessions/?limit=1` | High
|
||||
11 | File | `/audit/log/log_management.php` | High
|
||||
12 | File | `/auth/callback` | High
|
||||
13 | File | `/authenticationendpoint/login.do` | High
|
||||
14 | File | `/cgi-bin/mainfunction.cgi` | High
|
||||
15 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
16 | File | `/cgi.cgi` | Medium
|
||||
17 | File | `/classes/Users.php` | High
|
||||
18 | File | `/collection/all` | High
|
||||
19 | File | `/Content/Template/root/reverse-shell.aspx` | High
|
||||
20 | File | `/ctcprotocol/Protocol` | High
|
||||
21 | File | `/dottie.js` | Medium
|
||||
22 | File | `/DXR.axd` | Medium
|
||||
23 | File | `/emap/devicePoint_addImgIco?hasSubsystem=true` | High
|
||||
24 | File | `/env` | Low
|
||||
25 | File | `/files/` | Low
|
||||
26 | File | `/forms/doLogin` | High
|
||||
27 | File | `/forum/away.php` | High
|
||||
28 | File | `/goform/setportList` | High
|
||||
29 | File | `/h/autoSaveDraft` | High
|
||||
30 | File | `/index.php` | Medium
|
||||
31 | File | `/index.php?p=admin/actions/users/send-password-reset-email` | High
|
||||
32 | File | `/index.php?page=member` | High
|
||||
33 | File | `/jurusanmatkul/data` | High
|
||||
34 | File | `/librarian/bookdetails.php` | High
|
||||
35 | File | `/log/decodmail.php` | High
|
||||
36 | File | `/log/webmailattach.php` | High
|
||||
37 | File | `/login.php?do=login` | High
|
||||
38 | File | `/php-opos/index.php` | High
|
||||
39 | File | `/public/login.htm` | High
|
||||
40 | File | `/QueryView.php` | High
|
||||
41 | File | `/recreate.php` | High
|
||||
42 | ... | ... | ...
|
||||
1 | File | `/?ajax-request=jnews` | High
|
||||
2 | File | `/accounts/password_change/` | High
|
||||
3 | File | `/act/ActDao.xml` | High
|
||||
4 | File | `/admin/ajax.php?action=confirm_order` | High
|
||||
5 | File | `/api/addusers` | High
|
||||
6 | File | `/api/baskets/{name}` | High
|
||||
7 | File | `/api/v1/terminal/sessions/?limit=1` | High
|
||||
8 | File | `/assets/something/services/AppModule.class` | High
|
||||
9 | File | `/authenticationendpoint/login.do` | High
|
||||
10 | File | `/b2b-supermarket/shopping-cart` | High
|
||||
11 | File | `/blog/comment` | High
|
||||
12 | File | `/bsms_ci/index.php` | High
|
||||
13 | File | `/catalog/compare` | High
|
||||
14 | File | `/cgi-bin/cstecgi.cgi?action=login` | High
|
||||
15 | File | `/cgi-bin/downloadFile.cgi` | High
|
||||
16 | File | `/cgi-bin/kerbynet` | High
|
||||
17 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
18 | File | `/classes/Users.php` | High
|
||||
19 | File | `/clinic/disease_symptoms_view.php` | High
|
||||
20 | File | `/debug/pprof` | Medium
|
||||
21 | File | `/DXR.axd` | Medium
|
||||
22 | File | `/emap/devicePoint_addImgIco?hasSubsystem=true` | High
|
||||
23 | File | `/forum/away.php` | High
|
||||
24 | File | `/geoserver/gwc/rest.html` | High
|
||||
25 | File | `/importexport.php` | High
|
||||
26 | File | `/index.php/client/message/message_read/xxxxxxxx[random-msg-hash]` | High
|
||||
27 | File | `/login` | Low
|
||||
28 | File | `/mhds/clinic/view_details.php` | High
|
||||
29 | File | `/modals/class_form.php` | High
|
||||
30 | File | `/oauth/idp/.well-known/openid-configuration` | High
|
||||
31 | File | `/php-opos/index.php` | High
|
||||
32 | File | `/php/exportrecord.php` | High
|
||||
33 | File | `/php/ping.php` | High
|
||||
34 | File | `/plain` | Low
|
||||
35 | File | `/proc/#####/fd/3` | High
|
||||
36 | File | `/shell` | Low
|
||||
37 | File | `/showfile.php` | High
|
||||
38 | ... | ... | ...
|
||||
|
||||
There are 362 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 331 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
@ -105,4 +100,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -141,4 +141,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -8,12 +8,12 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
|
|||
|
||||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Latvia Unknown:
|
||||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [GB](https://vuldb.com/?country.gb)
|
||||
* ...
|
||||
|
||||
There are 18 more country items available. Please use our online service to access the data.
|
||||
There are 16 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -246,15 +246,15 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-24 | Pathname Traversal | High
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-24, CWE-425 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
4 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | T1068 | CWE-264, CWE-269, CWE-284 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | High
|
||||
7 | ... | ... | ... | ...
|
||||
|
||||
There are 22 more TTP items available. Please use our online service to access the data.
|
||||
There are 25 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -262,60 +262,52 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `//WEB-INF` | Medium
|
||||
2 | File | `/?p=products` | Medium
|
||||
3 | File | `/about.php` | Medium
|
||||
4 | File | `/admin.php/update/getFile.html` | High
|
||||
5 | File | `/admin/save.php` | High
|
||||
6 | File | `/admin/sys_sql_query.php` | High
|
||||
7 | File | `/api/baskets/{name}` | High
|
||||
8 | File | `/api/download` | High
|
||||
9 | File | `/api/stl/actions/search` | High
|
||||
10 | File | `/api/v1/alerts` | High
|
||||
11 | File | `/api/v1/terminal/sessions/?limit=1` | High
|
||||
12 | File | `/bin/ate` | Medium
|
||||
13 | File | `/bitrix/admin/ldap_server_edit.php` | High
|
||||
14 | File | `/booking/show_bookings/` | High
|
||||
15 | File | `/category.php` | High
|
||||
16 | File | `/categorypage.php` | High
|
||||
17 | File | `/cgi-bin` | Medium
|
||||
18 | File | `/cgi-bin/luci/api/wireless` | High
|
||||
19 | File | `/cgi-bin/vitogate.cgi` | High
|
||||
20 | File | `/company/store` | High
|
||||
21 | File | `/Content/Template/root/reverse-shell.aspx` | High
|
||||
22 | File | `/Controller/Ajaxfileupload.ashx` | High
|
||||
23 | File | `/core/conditions/AbstractWrapper.java` | High
|
||||
24 | File | `/dashboard/add-blog.php` | High
|
||||
25 | File | `/debug/pprof` | Medium
|
||||
26 | File | `/env` | Low
|
||||
27 | File | `/etc/passwd` | Medium
|
||||
28 | File | `/fcgi/scrut_fcgi.fcgi` | High
|
||||
29 | File | `/feeds/post/publish` | High
|
||||
30 | File | `/forum/away.php` | High
|
||||
31 | File | `/group1/uploa` | High
|
||||
32 | File | `/h/` | Low
|
||||
33 | File | `/HNAP1` | Low
|
||||
34 | File | `/inc/jquery/uploadify/uploadify.php` | High
|
||||
35 | File | `/index.php?app=main&func=passport&action=login` | High
|
||||
36 | File | `/index.php?page=category_list` | High
|
||||
37 | File | `/jeecg-boot/sys/common/upload` | High
|
||||
38 | File | `/jobinfo/` | Medium
|
||||
39 | File | `/Moosikay/order.php` | High
|
||||
40 | File | `/OA_HTML/cabo/jsps/a.jsp` | High
|
||||
41 | File | `/opac/Actions.php?a=login` | High
|
||||
42 | File | `/php-sms/admin/?page=user/manage_user` | High
|
||||
43 | File | `/PreviewHandler.ashx` | High
|
||||
44 | File | `/recipe-result` | High
|
||||
45 | File | `/register.do` | Medium
|
||||
46 | File | `/reservation/add_message.php` | High
|
||||
47 | File | `/resources//../` | High
|
||||
48 | File | `/RPS2019Service/status.html` | High
|
||||
49 | File | `/Service/ImageStationDataService.asmx` | High
|
||||
50 | File | `/sicweb-ajax/tmproot/` | High
|
||||
51 | File | `/spip.php` | Medium
|
||||
52 | ... | ... | ...
|
||||
1 | File | `%SYSTEMDRIVE%\node_modules\.bin\wmic.exe` | High
|
||||
2 | File | `/admin/controller/JobLogController.java` | High
|
||||
3 | File | `/admin/save.php` | High
|
||||
4 | File | `/api/baskets/{name}` | High
|
||||
5 | File | `/api/download` | High
|
||||
6 | File | `/api/sys/login` | High
|
||||
7 | File | `/api/sys/set_passwd` | High
|
||||
8 | File | `/api/trackedEntityInstances` | High
|
||||
9 | File | `/api/v1/alerts` | High
|
||||
10 | File | `/api/v1/terminal/sessions/?limit=1` | High
|
||||
11 | File | `/b2b-supermarket/shopping-cart` | High
|
||||
12 | File | `/bitrix/admin/ldap_server_edit.php` | High
|
||||
13 | File | `/category.php` | High
|
||||
14 | File | `/categorypage.php` | High
|
||||
15 | File | `/cgi-bin/luci/api/wireless` | High
|
||||
16 | File | `/cgi-bin/vitogate.cgi` | High
|
||||
17 | File | `/changePassword` | High
|
||||
18 | File | `/Content/Template/root/reverse-shell.aspx` | High
|
||||
19 | File | `/core/conditions/AbstractWrapper.java` | High
|
||||
20 | File | `/dashboard/add-blog.php` | High
|
||||
21 | File | `/debug/pprof` | Medium
|
||||
22 | File | `/dist/index.js` | High
|
||||
23 | File | `/ecshop/admin/template.php` | High
|
||||
24 | File | `/etc/passwd` | Medium
|
||||
25 | File | `/fcgi/scrut_fcgi.fcgi` | High
|
||||
26 | File | `/forum/away.php` | High
|
||||
27 | File | `/geoserver/gwc/rest.html` | High
|
||||
28 | File | `/goform/formSysCmd` | High
|
||||
29 | File | `/group1/uploa` | High
|
||||
30 | File | `/HNAP1` | Low
|
||||
31 | File | `/hosts/firewall/ip` | High
|
||||
32 | File | `/index.php/ccm/system/file/upload` | High
|
||||
33 | File | `/jeecg-boot/sys/common/upload` | High
|
||||
34 | File | `/oauth/idp/.well-known/openid-configuration` | High
|
||||
35 | File | `/OA_HTML/cabo/jsps/a.jsp` | High
|
||||
36 | File | `/php/ping.php` | High
|
||||
37 | File | `/proxy` | Low
|
||||
38 | File | `/recipe-result` | High
|
||||
39 | File | `/register.do` | Medium
|
||||
40 | File | `/resources//../` | High
|
||||
41 | File | `/RPS2019Service/status.html` | High
|
||||
42 | File | `/s/index.php?action=statistics` | High
|
||||
43 | File | `/setting` | Medium
|
||||
44 | ... | ... | ...
|
||||
|
||||
There are 449 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 378 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
@ -334,4 +326,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -46,7 +46,7 @@ ID | Type | Indicator | Confidence
|
|||
7 | File | `cgi-bin/qcmap_web_cgi` | High
|
||||
8 | ... | ... | ...
|
||||
|
||||
There are 58 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 59 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
@ -63,4 +63,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -55,7 +55,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
5 | ... | ... | ... | ...
|
||||
|
||||
There are 15 more TTP items available. Please use our online service to access the data.
|
||||
There are 16 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -66,46 +66,47 @@ ID | Type | Indicator | Confidence
|
|||
1 | File | `.procmailrc` | Medium
|
||||
2 | File | `/?Page=Node/OBJ=/System/DeviceFolder/DeviceFolder/DateTime/Action=Submit` | High
|
||||
3 | File | `/acms/admin/cargo_types/manage_cargo_type.php` | High
|
||||
4 | File | `/admin/ajax/avatar.php` | High
|
||||
5 | File | `/admin/forgot-password.php` | High
|
||||
6 | File | `/admin/index.php` | High
|
||||
7 | File | `/admin/lab.php` | High
|
||||
8 | File | `/admin/login.php` | High
|
||||
9 | File | `/admin/payment.php` | High
|
||||
10 | File | `/admin/show.php` | High
|
||||
11 | File | `/default.php?idx=17` | High
|
||||
12 | File | `/download` | Medium
|
||||
13 | File | `/env` | Low
|
||||
14 | File | `/forum/away.php` | High
|
||||
15 | File | `/index.php` | Medium
|
||||
16 | File | `/opt/bin/cli` | Medium
|
||||
17 | File | `/p` | Low
|
||||
18 | File | `/patient/doctors.php` | High
|
||||
19 | File | `/phpinventory/editcategory.php` | High
|
||||
20 | File | `/php_action/createUser.php` | High
|
||||
21 | File | `/product-list.php` | High
|
||||
22 | File | `/spip.php` | Medium
|
||||
23 | File | `/uapi/doc` | Medium
|
||||
24 | File | `/uncpath/` | Medium
|
||||
25 | File | `/updown/upload.cgi` | High
|
||||
26 | File | `/user/del.php` | High
|
||||
27 | File | `/wp-admin/admin-ajax.php` | High
|
||||
28 | File | `/_next` | Low
|
||||
29 | File | `123flashchat.php` | High
|
||||
30 | File | `act.php` | Low
|
||||
31 | File | `admin.php/pay` | High
|
||||
32 | File | `admin/bad.php` | High
|
||||
33 | File | `admin/index.php` | High
|
||||
34 | File | `admin/index.php/user/del/1` | High
|
||||
35 | File | `admin/index.php?id=themes&action=edit_chunk` | High
|
||||
36 | File | `administrator/index.php` | High
|
||||
37 | File | `agenda.php` | Medium
|
||||
38 | File | `ajax/render/widget_php` | High
|
||||
39 | File | `album_portal.php` | High
|
||||
40 | File | `api.php` | Low
|
||||
41 | ... | ... | ...
|
||||
4 | File | `/admin/add-services.php` | High
|
||||
5 | File | `/admin/ajax/avatar.php` | High
|
||||
6 | File | `/admin/edit-services.php` | High
|
||||
7 | File | `/admin/forgot-password.php` | High
|
||||
8 | File | `/admin/index.php` | High
|
||||
9 | File | `/admin/lab.php` | High
|
||||
10 | File | `/admin/login.php` | High
|
||||
11 | File | `/admin/payment.php` | High
|
||||
12 | File | `/admin/show.php` | High
|
||||
13 | File | `/boat/login.php` | High
|
||||
14 | File | `/clinic/disease_symptoms_view.php` | High
|
||||
15 | File | `/default.php?idx=17` | High
|
||||
16 | File | `/download` | Medium
|
||||
17 | File | `/env` | Low
|
||||
18 | File | `/forum/away.php` | High
|
||||
19 | File | `/index.php` | Medium
|
||||
20 | File | `/opt/bin/cli` | Medium
|
||||
21 | File | `/p` | Low
|
||||
22 | File | `/patient/doctors.php` | High
|
||||
23 | File | `/phpinventory/editcategory.php` | High
|
||||
24 | File | `/php_action/createUser.php` | High
|
||||
25 | File | `/product-list.php` | High
|
||||
26 | File | `/spip.php` | Medium
|
||||
27 | File | `/uapi/doc` | Medium
|
||||
28 | File | `/uncpath/` | Medium
|
||||
29 | File | `/updown/upload.cgi` | High
|
||||
30 | File | `/user/del.php` | High
|
||||
31 | File | `/wp-admin/admin-ajax.php` | High
|
||||
32 | File | `/_next` | Low
|
||||
33 | File | `123flashchat.php` | High
|
||||
34 | File | `act.php` | Low
|
||||
35 | File | `admin.php/pay` | High
|
||||
36 | File | `admin/bad.php` | High
|
||||
37 | File | `admin/index.php` | High
|
||||
38 | File | `admin/index.php/user/del/1` | High
|
||||
39 | File | `admin/index.php?id=themes&action=edit_chunk` | High
|
||||
40 | File | `admin/products/controller.php?action=add` | High
|
||||
41 | File | `administrator/index.php` | High
|
||||
42 | ... | ... | ...
|
||||
|
||||
There are 349 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 363 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
@ -124,4 +125,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -85,14 +85,14 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22 | Pathname Traversal | High
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-425 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 21 more TTP items available. Please use our online service to access the data.
|
||||
There are 22 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -100,65 +100,53 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `//WEB-INF` | Medium
|
||||
2 | File | `/about.php` | Medium
|
||||
3 | File | `/admin.php/update/getFile.html` | High
|
||||
4 | File | `/admin/cashadvance_row.php` | High
|
||||
5 | File | `/admin/maintenance/view_designation.php` | High
|
||||
6 | File | `/admin/sys_sql_query.php` | High
|
||||
7 | File | `/admin/userprofile.php` | High
|
||||
8 | File | `/adms/admin/?page=vehicles/sell_vehicle` | High
|
||||
9 | File | `/adms/admin/?page=vehicles/view_transaction` | High
|
||||
10 | File | `/api/baskets/{name}` | High
|
||||
11 | File | `/APR/login.php` | High
|
||||
12 | File | `/bin/httpd` | Medium
|
||||
13 | File | `/bitrix/admin/ldap_server_edit.php` | High
|
||||
14 | File | `/cgi-bin/luci/api/wireless` | High
|
||||
15 | File | `/cgi-bin/wapopen` | High
|
||||
16 | File | `/company/store` | High
|
||||
17 | File | `/Content/Template/root/reverse-shell.aspx` | High
|
||||
18 | File | `/Controller/Ajaxfileupload.ashx` | High
|
||||
19 | File | `/core/conditions/AbstractWrapper.java` | High
|
||||
20 | File | `/dev/block/mmcblk0rpmb` | High
|
||||
21 | File | `/etc/passwd` | Medium
|
||||
22 | File | `/feeds/post/publish` | High
|
||||
23 | File | `/forum/away.php` | High
|
||||
24 | File | `/fos/admin/ajax.php?action=login` | High
|
||||
25 | File | `/fos/admin/index.php?page=menu` | High
|
||||
26 | File | `/h/` | Low
|
||||
27 | File | `/home/masterConsole` | High
|
||||
28 | File | `/home/sendBroadcast` | High
|
||||
29 | File | `/inc/jquery/uploadify/uploadify.php` | High
|
||||
30 | File | `/index.php?app=main&func=passport&action=login` | High
|
||||
31 | File | `/index.php?page=category_list` | High
|
||||
32 | File | `/jeecg-boot/sys/common/upload` | High
|
||||
33 | File | `/jobinfo/` | Medium
|
||||
34 | File | `/Moosikay/order.php` | High
|
||||
35 | File | `/mygym/admin/index.php?view_exercises` | High
|
||||
36 | File | `/opac/Actions.php?a=login` | High
|
||||
37 | File | `/php-opos/index.php` | High
|
||||
38 | File | `/PreviewHandler.ashx` | High
|
||||
39 | File | `/public/launchNewWindow.jsp` | High
|
||||
40 | File | `/recipe-result` | High
|
||||
41 | File | `/register.do` | Medium
|
||||
42 | File | `/reservation/add_message.php` | High
|
||||
43 | File | `/Service/ImageStationDataService.asmx` | High
|
||||
1 | File | `%SYSTEMDRIVE%\node_modules\.bin\wmic.exe` | High
|
||||
2 | File | `/admin/save.php` | High
|
||||
3 | File | `/admin/sys_sql_query.php` | High
|
||||
4 | File | `/api/baskets/{name}` | High
|
||||
5 | File | `/api/download` | High
|
||||
6 | File | `/api/v1/alerts` | High
|
||||
7 | File | `/api/v1/terminal/sessions/?limit=1` | High
|
||||
8 | File | `/b2b-supermarket/shopping-cart` | High
|
||||
9 | File | `/bitrix/admin/ldap_server_edit.php` | High
|
||||
10 | File | `/category.php` | High
|
||||
11 | File | `/categorypage.php` | High
|
||||
12 | File | `/cgi-bin/luci/api/wireless` | High
|
||||
13 | File | `/cgi-bin/vitogate.cgi` | High
|
||||
14 | File | `/company/store` | High
|
||||
15 | File | `/Content/Template/root/reverse-shell.aspx` | High
|
||||
16 | File | `/Controller/Ajaxfileupload.ashx` | High
|
||||
17 | File | `/core/conditions/AbstractWrapper.java` | High
|
||||
18 | File | `/debug/pprof` | Medium
|
||||
19 | File | `/etc/passwd` | Medium
|
||||
20 | File | `/fcgi/scrut_fcgi.fcgi` | High
|
||||
21 | File | `/forum/away.php` | High
|
||||
22 | File | `/geoserver/gwc/rest.html` | High
|
||||
23 | File | `/goform/formSysCmd` | High
|
||||
24 | File | `/h/` | Low
|
||||
25 | File | `/HNAP1` | Low
|
||||
26 | File | `/hosts/firewall/ip` | High
|
||||
27 | File | `/inc/jquery/uploadify/uploadify.php` | High
|
||||
28 | File | `/index.php/ccm/system/file/upload` | High
|
||||
29 | File | `/index.php?app=main&func=passport&action=login` | High
|
||||
30 | File | `/index.php?page=category_list` | High
|
||||
31 | File | `/jeecg-boot/sys/common/upload` | High
|
||||
32 | File | `/jobinfo/` | Medium
|
||||
33 | File | `/oauth/idp/.well-known/openid-configuration` | High
|
||||
34 | File | `/OA_HTML/cabo/jsps/a.jsp` | High
|
||||
35 | File | `/php/ping.php` | High
|
||||
36 | File | `/PreviewHandler.ashx` | High
|
||||
37 | File | `/proxy` | Low
|
||||
38 | File | `/recipe-result` | High
|
||||
39 | File | `/register.do` | Medium
|
||||
40 | File | `/RPS2019Service/status.html` | High
|
||||
41 | File | `/Service/ImageStationDataService.asmx` | High
|
||||
42 | File | `/setting` | Medium
|
||||
43 | File | `/sicweb-ajax/tmproot/` | High
|
||||
44 | File | `/spip.php` | Medium
|
||||
45 | File | `/student/bookdetails.php` | High
|
||||
46 | File | `/SystemManage/User/GetGridJson?_search=false&nd=1680855479750&rows=50&page=1&sidx=F_CreatorTime+desc&sord=asc` | High
|
||||
47 | File | `/uncpath/` | Medium
|
||||
48 | File | `/uploads/exam_question/` | High
|
||||
49 | File | `/user/ticket/create` | High
|
||||
50 | File | `/user/updatePwd` | High
|
||||
51 | File | `/UserSelfServiceSettings.jsp` | High
|
||||
52 | File | `/var/lib/docker/<remapping>` | High
|
||||
53 | File | `/wireless/security.asp` | High
|
||||
54 | File | `/wp-admin/admin-ajax.php` | High
|
||||
55 | File | `/xxl-job-admin/user/add` | High
|
||||
56 | File | `01article.php` | High
|
||||
57 | ... | ... | ...
|
||||
45 | ... | ... | ...
|
||||
|
||||
There are 499 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 388 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
@ -177,4 +165,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -67,4 +67,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -120,4 +120,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -108,4 +108,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -287,14 +287,14 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22 | Pathname Traversal | High
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-425 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 21 more TTP items available. Please use our online service to access the data.
|
||||
There are 22 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -302,67 +302,53 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `//WEB-INF` | Medium
|
||||
2 | File | `/about.php` | Medium
|
||||
3 | File | `/admin.php/update/getFile.html` | High
|
||||
4 | File | `/admin/cashadvance_row.php` | High
|
||||
5 | File | `/admin/maintenance/view_designation.php` | High
|
||||
6 | File | `/admin/sys_sql_query.php` | High
|
||||
7 | File | `/admin/userprofile.php` | High
|
||||
8 | File | `/adms/admin/?page=vehicles/sell_vehicle` | High
|
||||
9 | File | `/adms/admin/?page=vehicles/view_transaction` | High
|
||||
10 | File | `/api/baskets/{name}` | High
|
||||
11 | File | `/APR/login.php` | High
|
||||
12 | File | `/bin/httpd` | Medium
|
||||
13 | File | `/bitrix/admin/ldap_server_edit.php` | High
|
||||
14 | File | `/cgi-bin/luci/api/wireless` | High
|
||||
15 | File | `/cgi-bin/wapopen` | High
|
||||
16 | File | `/company/store` | High
|
||||
17 | File | `/Content/Template/root/reverse-shell.aspx` | High
|
||||
18 | File | `/Controller/Ajaxfileupload.ashx` | High
|
||||
19 | File | `/core/conditions/AbstractWrapper.java` | High
|
||||
20 | File | `/etc/passwd` | Medium
|
||||
21 | File | `/feeds/post/publish` | High
|
||||
22 | File | `/forum/away.php` | High
|
||||
23 | File | `/fos/admin/ajax.php?action=login` | High
|
||||
24 | File | `/fos/admin/index.php?page=menu` | High
|
||||
25 | File | `/h/` | Low
|
||||
26 | File | `/home/masterConsole` | High
|
||||
27 | File | `/home/sendBroadcast` | High
|
||||
28 | File | `/inc/jquery/uploadify/uploadify.php` | High
|
||||
29 | File | `/index.php?app=main&func=passport&action=login` | High
|
||||
30 | File | `/index.php?page=category_list` | High
|
||||
31 | File | `/jeecg-boot/sys/common/upload` | High
|
||||
32 | File | `/jobinfo/` | Medium
|
||||
33 | File | `/Moosikay/order.php` | High
|
||||
34 | File | `/mygym/admin/index.php?view_exercises` | High
|
||||
35 | File | `/opac/Actions.php?a=login` | High
|
||||
36 | File | `/php-opos/index.php` | High
|
||||
37 | File | `/PreviewHandler.ashx` | High
|
||||
38 | File | `/public/launchNewWindow.jsp` | High
|
||||
39 | File | `/recipe-result` | High
|
||||
40 | File | `/register.do` | Medium
|
||||
41 | File | `/reservation/add_message.php` | High
|
||||
42 | File | `/Service/ImageStationDataService.asmx` | High
|
||||
1 | File | `%SYSTEMDRIVE%\node_modules\.bin\wmic.exe` | High
|
||||
2 | File | `/admin/save.php` | High
|
||||
3 | File | `/admin/sys_sql_query.php` | High
|
||||
4 | File | `/api/baskets/{name}` | High
|
||||
5 | File | `/api/download` | High
|
||||
6 | File | `/api/v1/alerts` | High
|
||||
7 | File | `/api/v1/terminal/sessions/?limit=1` | High
|
||||
8 | File | `/b2b-supermarket/shopping-cart` | High
|
||||
9 | File | `/bitrix/admin/ldap_server_edit.php` | High
|
||||
10 | File | `/category.php` | High
|
||||
11 | File | `/categorypage.php` | High
|
||||
12 | File | `/cgi-bin/luci/api/wireless` | High
|
||||
13 | File | `/cgi-bin/vitogate.cgi` | High
|
||||
14 | File | `/company/store` | High
|
||||
15 | File | `/Content/Template/root/reverse-shell.aspx` | High
|
||||
16 | File | `/Controller/Ajaxfileupload.ashx` | High
|
||||
17 | File | `/core/conditions/AbstractWrapper.java` | High
|
||||
18 | File | `/debug/pprof` | Medium
|
||||
19 | File | `/etc/passwd` | Medium
|
||||
20 | File | `/fcgi/scrut_fcgi.fcgi` | High
|
||||
21 | File | `/forum/away.php` | High
|
||||
22 | File | `/geoserver/gwc/rest.html` | High
|
||||
23 | File | `/goform/formSysCmd` | High
|
||||
24 | File | `/h/` | Low
|
||||
25 | File | `/HNAP1` | Low
|
||||
26 | File | `/hosts/firewall/ip` | High
|
||||
27 | File | `/index.php/ccm/system/file/upload` | High
|
||||
28 | File | `/index.php?app=main&func=passport&action=login` | High
|
||||
29 | File | `/jeecg-boot/sys/common/upload` | High
|
||||
30 | File | `/jobinfo/` | Medium
|
||||
31 | File | `/oauth/idp/.well-known/openid-configuration` | High
|
||||
32 | File | `/OA_HTML/cabo/jsps/a.jsp` | High
|
||||
33 | File | `/php/ping.php` | High
|
||||
34 | File | `/PreviewHandler.ashx` | High
|
||||
35 | File | `/proxy` | Low
|
||||
36 | File | `/recipe-result` | High
|
||||
37 | File | `/register.do` | Medium
|
||||
38 | File | `/RPS2019Service/status.html` | High
|
||||
39 | File | `/s/index.php?action=statistics` | High
|
||||
40 | File | `/Service/ImageStationDataService.asmx` | High
|
||||
41 | File | `/setting` | Medium
|
||||
42 | File | `/sicweb-ajax/tmproot/` | High
|
||||
43 | File | `/spip.php` | Medium
|
||||
44 | File | `/student/bookdetails.php` | High
|
||||
45 | File | `/SystemManage/User/GetGridJson?_search=false&nd=1680855479750&rows=50&page=1&sidx=F_CreatorTime+desc&sord=asc` | High
|
||||
46 | File | `/uncpath/` | Medium
|
||||
47 | File | `/uploads/exam_question/` | High
|
||||
48 | File | `/user/ticket/create` | High
|
||||
49 | File | `/user/updatePwd` | High
|
||||
50 | File | `/UserSelfServiceSettings.jsp` | High
|
||||
51 | File | `/var/lib/docker/<remapping>` | High
|
||||
52 | File | `/wireless/security.asp` | High
|
||||
53 | File | `/wp-admin/admin-ajax.php` | High
|
||||
54 | File | `/xxl-job-admin/user/add` | High
|
||||
55 | File | `a-forms.php` | Medium
|
||||
56 | File | `activenews_view.asp` | High
|
||||
57 | File | `adclick.php` | Medium
|
||||
58 | File | `admin.a6mambocredits.php` | High
|
||||
59 | ... | ... | ...
|
||||
45 | ... | ... | ...
|
||||
|
||||
There are 516 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 388 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
@ -381,4 +367,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [GB](https://vuldb.com/?country.gb)
|
||||
* ...
|
||||
|
||||
There are 16 more country items available. Please use our online service to access the data.
|
||||
There are 14 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -86,14 +86,15 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-24, CWE-29, CWE-425 | Pathname Traversal | High
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-24, CWE-425 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
4 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
6 | T1068 | CWE-264, CWE-269, CWE-284 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | High
|
||||
7 | ... | ... | ... | ...
|
||||
|
||||
There are 21 more TTP items available. Please use our online service to access the data.
|
||||
There are 22 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -101,61 +102,53 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `//WEB-INF` | Medium
|
||||
2 | File | `/about.php` | Medium
|
||||
3 | File | `/act/ActDao.xml` | High
|
||||
4 | File | `/admin.php/update/getFile.html` | High
|
||||
5 | File | `/admin/bookings/manage_booking.php` | High
|
||||
6 | File | `/admin/del_service.php` | High
|
||||
7 | File | `/admin/index.php` | High
|
||||
8 | File | `/admin/sys_sql_query.php` | High
|
||||
9 | File | `/api/baskets/{name}` | High
|
||||
10 | File | `/api/upload.php` | High
|
||||
11 | File | `/api/v1/terminal/sessions/?limit=1` | High
|
||||
12 | File | `/app/sys1.php` | High
|
||||
13 | File | `/application/common.php#action_log` | High
|
||||
14 | File | `/bin/ate` | Medium
|
||||
15 | File | `/bitrix/admin/ldap_server_edit.php` | High
|
||||
16 | File | `/category.php` | High
|
||||
17 | File | `/cgi-bin/kerbynet` | High
|
||||
18 | File | `/cgi-bin/luci/api/wireless` | High
|
||||
19 | File | `/cgi-bin/luci;stok=/locale` | High
|
||||
20 | File | `/classes/Master.php?f=delete_category` | High
|
||||
21 | File | `/classes/Master.php?f=delete_inquiry` | High
|
||||
22 | File | `/classes/Master.php?f=delete_item` | High
|
||||
23 | File | `/classes/Master.php?f=delete_service` | High
|
||||
24 | File | `/classes/Master.php?f=save_service` | High
|
||||
25 | File | `/classes/Users.php` | High
|
||||
26 | File | `/classes/Users.php?f=save` | High
|
||||
27 | File | `/company/store` | High
|
||||
28 | File | `/config/php.ini` | High
|
||||
29 | File | `/Content/Template/root/reverse-shell.aspx` | High
|
||||
30 | File | `/Controller/Ajaxfileupload.ashx` | High
|
||||
31 | File | `/core/conditions/AbstractWrapper.java` | High
|
||||
32 | File | `/etc/passwd` | Medium
|
||||
33 | File | `/ethash/algorithm.go` | High
|
||||
34 | File | `/export` | Low
|
||||
35 | File | `/feeds/post/publish` | High
|
||||
36 | File | `/filemanager/upload/drop` | High
|
||||
37 | File | `/forum/away.php` | High
|
||||
38 | File | `/gaia-job-admin/user/add` | High
|
||||
39 | File | `/general/ipanel/menu_code.php?MENU_TYPE=FAV` | High
|
||||
40 | File | `/goForm/aspForm` | High
|
||||
41 | File | `/group1/uploa` | High
|
||||
42 | File | `/h/` | Low
|
||||
43 | File | `/inc/jquery/uploadify/uploadify.php` | High
|
||||
44 | File | `/index.php/archives/1/comment` | High
|
||||
45 | File | `/index.php?app=main&func=passport&action=login` | High
|
||||
46 | File | `/index.php?page=category_list` | High
|
||||
47 | File | `/install/index.php` | High
|
||||
48 | File | `/ipms/imageConvert/image` | High
|
||||
49 | File | `/jeecg-boot/sys/common/upload` | High
|
||||
50 | File | `/jobinfo/` | Medium
|
||||
51 | File | `/log/decodmail.php` | High
|
||||
52 | File | `/login.php` | Medium
|
||||
53 | ... | ... | ...
|
||||
1 | File | `%SYSTEMDRIVE%\node_modules\.bin\wmic.exe` | High
|
||||
2 | File | `/admin/controller/JobLogController.java` | High
|
||||
3 | File | `/admin/index2.html` | High
|
||||
4 | File | `/admin/save.php` | High
|
||||
5 | File | `/api/authentication/login` | High
|
||||
6 | File | `/api/baskets/{name}` | High
|
||||
7 | File | `/api/download` | High
|
||||
8 | File | `/api/v1/alerts` | High
|
||||
9 | File | `/api/v1/terminal/sessions/?limit=1` | High
|
||||
10 | File | `/api /v3/auth` | High
|
||||
11 | File | `/app/sys1.php` | High
|
||||
12 | File | `/b2b-supermarket/shopping-cart` | High
|
||||
13 | File | `/bin/rc4_crypt` | High
|
||||
14 | File | `/category.php` | High
|
||||
15 | File | `/categorypage.php` | High
|
||||
16 | File | `/cgi-bin/luci/api/switch` | High
|
||||
17 | File | `/cgi-bin/luci/api/wireless` | High
|
||||
18 | File | `/cgi-bin/qcmap_auth` | High
|
||||
19 | File | `/cgi-bin/vitogate.cgi` | High
|
||||
20 | File | `/CMD_ACCOUNT_ADMIN` | High
|
||||
21 | File | `/conf/` | Low
|
||||
22 | File | `/config/getuser` | High
|
||||
23 | File | `/config/php.ini` | High
|
||||
24 | File | `/Content/Plugins/uploader/FileChoose.html?fileUrl=/Upload/File/Pics/&parent` | High
|
||||
25 | File | `/Content/Template/root/reverse-shell.aspx` | High
|
||||
26 | File | `/dayrui/My/View/main.html` | High
|
||||
27 | File | `/debug/pprof` | Medium
|
||||
28 | File | `/etc/init.d/openfire` | High
|
||||
29 | File | `/ethash/algorithm.go` | High
|
||||
30 | File | `/fcgi/scrut_fcgi.fcgi` | High
|
||||
31 | File | `/filemanager/upload/drop` | High
|
||||
32 | File | `/forum/away.php` | High
|
||||
33 | File | `/general/ipanel/menu_code.php?MENU_TYPE=FAV` | High
|
||||
34 | File | `/geoserver/gwc/rest.html` | High
|
||||
35 | File | `/goform/formSysCmd` | High
|
||||
36 | File | `/HNAP1` | Low
|
||||
37 | File | `/hosts/firewall/ip` | High
|
||||
38 | File | `/index.php/ccm/system/file/upload` | High
|
||||
39 | File | `/jeecg-boot/sys/common/upload` | High
|
||||
40 | File | `/jerry-core/ecma/base/ecma-helpers-string.c` | High
|
||||
41 | File | `/link/` | Low
|
||||
42 | File | `/log/decodmail.php` | High
|
||||
43 | File | `/oauth/idp/.well-known/openid-configuration` | High
|
||||
44 | File | `/OA_HTML/cabo/jsps/a.jsp` | High
|
||||
45 | ... | ... | ...
|
||||
|
||||
There are 463 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 394 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
@ -174,4 +167,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -9,11 +9,11 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
|
|||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Maldives Unknown:
|
||||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [ES](https://vuldb.com/?country.es)
|
||||
* [GB](https://vuldb.com/?country.gb)
|
||||
* [ES](https://vuldb.com/?country.es)
|
||||
* ...
|
||||
|
||||
There are 21 more country items available. Please use our online service to access the data.
|
||||
There are 22 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -61,48 +61,50 @@ ID | Type | Indicator | Confidence
|
|||
1 | File | `.htaccess` | Medium
|
||||
2 | File | `/?Page=Node/OBJ=/System/DeviceFolder/DeviceFolder/DateTime/Action=Submit` | High
|
||||
3 | File | `/acms/admin/cargo_types/manage_cargo_type.php` | High
|
||||
4 | File | `/admin/addemployee.php` | High
|
||||
5 | File | `/admin/ajax/avatar.php` | High
|
||||
6 | File | `/admin/index.php` | High
|
||||
7 | File | `/admin/login.php` | High
|
||||
8 | File | `/admin/show.php` | High
|
||||
9 | File | `/api/file_uploader.php` | High
|
||||
10 | File | `/apilog.php` | Medium
|
||||
11 | File | `/default.php?idx=17` | High
|
||||
12 | File | `/filemanager/upload.php` | High
|
||||
13 | File | `/forum/away.php` | High
|
||||
14 | File | `/index.php` | Medium
|
||||
15 | File | `/mifs/c/i/reg/reg.html` | High
|
||||
16 | File | `/opt/bin/cli` | Medium
|
||||
17 | File | `/out.php` | Medium
|
||||
18 | File | `/patient/doctors.php` | High
|
||||
19 | File | `/phpinventory/editcategory.php` | High
|
||||
20 | File | `/spip.php` | Medium
|
||||
21 | File | `/tmp` | Low
|
||||
22 | File | `/uncpath/` | Medium
|
||||
23 | File | `/updater.php` | Medium
|
||||
24 | File | `/var/log/nginx` | High
|
||||
25 | File | `/VPortal/mgtconsole/Subscriptions.jsp` | High
|
||||
26 | File | `/wp-admin/admin-ajax.php` | High
|
||||
27 | File | `admin` | Low
|
||||
28 | File | `admin.php` | Medium
|
||||
29 | File | `admin.php/pay` | High
|
||||
30 | File | `admin/adminsignin.html` | High
|
||||
31 | File | `admin/bad.php` | High
|
||||
32 | File | `admin/index.php?id=themes&action=edit_chunk` | High
|
||||
33 | File | `admin/keyWord_deal.php?mudi=add` | High
|
||||
34 | File | `admin/loginform.php` | High
|
||||
35 | File | `admin/movieview.php` | High
|
||||
36 | File | `admin/versions.html` | High
|
||||
37 | File | `AdminByRequest.exe` | High
|
||||
38 | File | `administrator/components/com_media/helpers/media.php` | High
|
||||
39 | File | `administrator/index.php` | High
|
||||
40 | File | `administrator/mail/download.cfm` | High
|
||||
41 | File | `AdminUpdateController.class.php` | High
|
||||
42 | File | `agenda.php` | Medium
|
||||
43 | ... | ... | ...
|
||||
4 | File | `/admin/add-services.php` | High
|
||||
5 | File | `/admin/addemployee.php` | High
|
||||
6 | File | `/admin/ajax/avatar.php` | High
|
||||
7 | File | `/admin/edit-services.php` | High
|
||||
8 | File | `/admin/index.php` | High
|
||||
9 | File | `/admin/login.php` | High
|
||||
10 | File | `/admin/show.php` | High
|
||||
11 | File | `/api/file_uploader.php` | High
|
||||
12 | File | `/apilog.php` | Medium
|
||||
13 | File | `/boat/login.php` | High
|
||||
14 | File | `/clinic/disease_symptoms_view.php` | High
|
||||
15 | File | `/default.php?idx=17` | High
|
||||
16 | File | `/filemanager/upload.php` | High
|
||||
17 | File | `/forum/away.php` | High
|
||||
18 | File | `/index.php` | Medium
|
||||
19 | File | `/mifs/c/i/reg/reg.html` | High
|
||||
20 | File | `/opt/bin/cli` | Medium
|
||||
21 | File | `/out.php` | Medium
|
||||
22 | File | `/patient/doctors.php` | High
|
||||
23 | File | `/phpinventory/editcategory.php` | High
|
||||
24 | File | `/spip.php` | Medium
|
||||
25 | File | `/tmp` | Low
|
||||
26 | File | `/uncpath/` | Medium
|
||||
27 | File | `/updater.php` | Medium
|
||||
28 | File | `/var/log/nginx` | High
|
||||
29 | File | `/VPortal/mgtconsole/Subscriptions.jsp` | High
|
||||
30 | File | `/wp-admin/admin-ajax.php` | High
|
||||
31 | File | `admin` | Low
|
||||
32 | File | `admin.php` | Medium
|
||||
33 | File | `admin.php/pay` | High
|
||||
34 | File | `admin/adminsignin.html` | High
|
||||
35 | File | `admin/bad.php` | High
|
||||
36 | File | `admin/index.php?id=themes&action=edit_chunk` | High
|
||||
37 | File | `admin/keyWord_deal.php?mudi=add` | High
|
||||
38 | File | `admin/loginform.php` | High
|
||||
39 | File | `admin/movieview.php` | High
|
||||
40 | File | `admin/products/controller.php?action=add` | High
|
||||
41 | File | `admin/versions.html` | High
|
||||
42 | File | `AdminByRequest.exe` | High
|
||||
43 | File | `administrator/components/com_media/helpers/media.php` | High
|
||||
44 | File | `administrator/index.php` | High
|
||||
45 | ... | ... | ...
|
||||
|
||||
There are 371 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 385 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
@ -121,4 +123,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -35,14 +35,14 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22 | Pathname Traversal | High
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-425 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 21 more TTP items available. Please use our online service to access the data.
|
||||
There are 22 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -50,65 +50,53 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `//WEB-INF` | Medium
|
||||
2 | File | `/about.php` | Medium
|
||||
3 | File | `/admin.php/update/getFile.html` | High
|
||||
4 | File | `/admin/cashadvance_row.php` | High
|
||||
5 | File | `/admin/maintenance/view_designation.php` | High
|
||||
6 | File | `/admin/sys_sql_query.php` | High
|
||||
7 | File | `/admin/userprofile.php` | High
|
||||
8 | File | `/adms/admin/?page=vehicles/sell_vehicle` | High
|
||||
9 | File | `/adms/admin/?page=vehicles/view_transaction` | High
|
||||
10 | File | `/api/baskets/{name}` | High
|
||||
11 | File | `/APR/login.php` | High
|
||||
12 | File | `/bin/httpd` | Medium
|
||||
13 | File | `/bitrix/admin/ldap_server_edit.php` | High
|
||||
14 | File | `/cgi-bin/luci/api/wireless` | High
|
||||
15 | File | `/cgi-bin/wapopen` | High
|
||||
16 | File | `/company/store` | High
|
||||
17 | File | `/Content/Template/root/reverse-shell.aspx` | High
|
||||
18 | File | `/Controller/Ajaxfileupload.ashx` | High
|
||||
19 | File | `/core/conditions/AbstractWrapper.java` | High
|
||||
20 | File | `/dev/block/mmcblk0rpmb` | High
|
||||
21 | File | `/etc/passwd` | Medium
|
||||
22 | File | `/feeds/post/publish` | High
|
||||
23 | File | `/forum/away.php` | High
|
||||
24 | File | `/fos/admin/ajax.php?action=login` | High
|
||||
25 | File | `/fos/admin/index.php?page=menu` | High
|
||||
26 | File | `/h/` | Low
|
||||
27 | File | `/home/masterConsole` | High
|
||||
28 | File | `/home/sendBroadcast` | High
|
||||
29 | File | `/inc/jquery/uploadify/uploadify.php` | High
|
||||
30 | File | `/index.php?app=main&func=passport&action=login` | High
|
||||
31 | File | `/index.php?page=category_list` | High
|
||||
32 | File | `/jeecg-boot/sys/common/upload` | High
|
||||
33 | File | `/jobinfo/` | Medium
|
||||
34 | File | `/Moosikay/order.php` | High
|
||||
35 | File | `/mygym/admin/index.php?view_exercises` | High
|
||||
36 | File | `/opac/Actions.php?a=login` | High
|
||||
37 | File | `/php-opos/index.php` | High
|
||||
38 | File | `/PreviewHandler.ashx` | High
|
||||
39 | File | `/public/launchNewWindow.jsp` | High
|
||||
40 | File | `/recipe-result` | High
|
||||
41 | File | `/register.do` | Medium
|
||||
42 | File | `/reservation/add_message.php` | High
|
||||
43 | File | `/Service/ImageStationDataService.asmx` | High
|
||||
1 | File | `%SYSTEMDRIVE%\node_modules\.bin\wmic.exe` | High
|
||||
2 | File | `/admin/save.php` | High
|
||||
3 | File | `/admin/sys_sql_query.php` | High
|
||||
4 | File | `/api/baskets/{name}` | High
|
||||
5 | File | `/api/download` | High
|
||||
6 | File | `/api/v1/alerts` | High
|
||||
7 | File | `/api/v1/terminal/sessions/?limit=1` | High
|
||||
8 | File | `/b2b-supermarket/shopping-cart` | High
|
||||
9 | File | `/bitrix/admin/ldap_server_edit.php` | High
|
||||
10 | File | `/category.php` | High
|
||||
11 | File | `/categorypage.php` | High
|
||||
12 | File | `/cgi-bin/luci/api/wireless` | High
|
||||
13 | File | `/cgi-bin/vitogate.cgi` | High
|
||||
14 | File | `/company/store` | High
|
||||
15 | File | `/Content/Template/root/reverse-shell.aspx` | High
|
||||
16 | File | `/Controller/Ajaxfileupload.ashx` | High
|
||||
17 | File | `/core/conditions/AbstractWrapper.java` | High
|
||||
18 | File | `/debug/pprof` | Medium
|
||||
19 | File | `/etc/passwd` | Medium
|
||||
20 | File | `/fcgi/scrut_fcgi.fcgi` | High
|
||||
21 | File | `/forum/away.php` | High
|
||||
22 | File | `/geoserver/gwc/rest.html` | High
|
||||
23 | File | `/goform/formSysCmd` | High
|
||||
24 | File | `/h/` | Low
|
||||
25 | File | `/HNAP1` | Low
|
||||
26 | File | `/hosts/firewall/ip` | High
|
||||
27 | File | `/index.php/ccm/system/file/upload` | High
|
||||
28 | File | `/index.php?app=main&func=passport&action=login` | High
|
||||
29 | File | `/index.php?page=category_list` | High
|
||||
30 | File | `/jeecg-boot/sys/common/upload` | High
|
||||
31 | File | `/jobinfo/` | Medium
|
||||
32 | File | `/oauth/idp/.well-known/openid-configuration` | High
|
||||
33 | File | `/OA_HTML/cabo/jsps/a.jsp` | High
|
||||
34 | File | `/php/ping.php` | High
|
||||
35 | File | `/PreviewHandler.ashx` | High
|
||||
36 | File | `/proxy` | Low
|
||||
37 | File | `/recipe-result` | High
|
||||
38 | File | `/register.do` | Medium
|
||||
39 | File | `/RPS2019Service/status.html` | High
|
||||
40 | File | `/s/index.php?action=statistics` | High
|
||||
41 | File | `/Service/ImageStationDataService.asmx` | High
|
||||
42 | File | `/setting` | Medium
|
||||
43 | File | `/sicweb-ajax/tmproot/` | High
|
||||
44 | File | `/spip.php` | Medium
|
||||
45 | File | `/student/bookdetails.php` | High
|
||||
46 | File | `/SystemManage/User/GetGridJson?_search=false&nd=1680855479750&rows=50&page=1&sidx=F_CreatorTime+desc&sord=asc` | High
|
||||
47 | File | `/uncpath/` | Medium
|
||||
48 | File | `/uploads/exam_question/` | High
|
||||
49 | File | `/user/ticket/create` | High
|
||||
50 | File | `/user/updatePwd` | High
|
||||
51 | File | `/UserSelfServiceSettings.jsp` | High
|
||||
52 | File | `/var/lib/docker/<remapping>` | High
|
||||
53 | File | `/wireless/security.asp` | High
|
||||
54 | File | `/wp-admin/admin-ajax.php` | High
|
||||
55 | File | `/xxl-job-admin/user/add` | High
|
||||
56 | File | `01article.php` | High
|
||||
57 | ... | ... | ...
|
||||
45 | ... | ... | ...
|
||||
|
||||
There are 499 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 389 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
@ -126,4 +114,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -105,4 +105,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [ES](https://vuldb.com/?country.es)
|
||||
* ...
|
||||
|
||||
There are 21 more country items available. Please use our online service to access the data.
|
||||
There are 20 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -754,14 +754,14 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-35, CWE-36 | Pathname Traversal | High
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-425 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
4 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 21 more TTP items available. Please use our online service to access the data.
|
||||
There are 22 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -769,61 +769,52 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `//WEB-INF` | Medium
|
||||
2 | File | `/about.php` | Medium
|
||||
3 | File | `/admin.php/update/getFile.html` | High
|
||||
4 | File | `/admin/cashadvance_row.php` | High
|
||||
5 | File | `/admin/index2.html` | High
|
||||
6 | File | `/admin/maintenance/view_designation.php` | High
|
||||
7 | File | `/admin/offenses/view_details.php` | High
|
||||
8 | File | `/admin/sales/view_details.php` | High
|
||||
9 | File | `/admin/sys_sql_query.php` | High
|
||||
10 | File | `/admin/userprofile.php` | High
|
||||
11 | File | `/api/baskets/{name}` | High
|
||||
12 | File | `/ari/asterisk/variable` | High
|
||||
13 | File | `/bitrix/admin/ldap_server_edit.php` | High
|
||||
1 | File | `%SYSTEMDRIVE%\node_modules\.bin\wmic.exe` | High
|
||||
2 | File | `/admin/index2.html` | High
|
||||
3 | File | `/admin/save.php` | High
|
||||
4 | File | `/admin/sys_sql_query.php` | High
|
||||
5 | File | `/api/baskets/{name}` | High
|
||||
6 | File | `/api/download` | High
|
||||
7 | File | `/api/v1/alerts` | High
|
||||
8 | File | `/api/v1/terminal/sessions/?limit=1` | High
|
||||
9 | File | `/ari/asterisk/variable` | High
|
||||
10 | File | `/b2b-supermarket/shopping-cart` | High
|
||||
11 | File | `/bitrix/admin/ldap_server_edit.php` | High
|
||||
12 | File | `/category.php` | High
|
||||
13 | File | `/categorypage.php` | High
|
||||
14 | File | `/cgi-bin/luci/api/wireless` | High
|
||||
15 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
15 | File | `/cgi-bin/vitogate.cgi` | High
|
||||
16 | File | `/company/store` | High
|
||||
17 | File | `/Content/Template/root/reverse-shell.aspx` | High
|
||||
18 | File | `/Controller/Ajaxfileupload.ashx` | High
|
||||
19 | File | `/core/conditions/AbstractWrapper.java` | High
|
||||
20 | File | `/E-mobile/App/System/File/downfile.php` | High
|
||||
21 | File | `/Electron/download` | High
|
||||
22 | File | `/etc/passwd` | Medium
|
||||
23 | File | `/feeds/post/publish` | High
|
||||
20 | File | `/debug/pprof` | Medium
|
||||
21 | File | `/etc/passwd` | Medium
|
||||
22 | File | `/fcgi/scrut_fcgi.fcgi` | High
|
||||
23 | File | `/Forms/oadmin_1` | High
|
||||
24 | File | `/forum/away.php` | High
|
||||
25 | File | `/h/` | Low
|
||||
26 | File | `/inc/jquery/uploadify/uploadify.php` | High
|
||||
27 | File | `/index.php` | Medium
|
||||
28 | File | `/index.php?app=main&func=passport&action=login` | High
|
||||
29 | File | `/index.php?page=category_list` | High
|
||||
30 | File | `/jeecg-boot/sys/common/upload` | High
|
||||
31 | File | `/jobinfo/` | Medium
|
||||
32 | File | `/modules/projects/vw_files.php` | High
|
||||
33 | File | `/Moosikay/order.php` | High
|
||||
34 | File | `/opac/Actions.php?a=login` | High
|
||||
35 | File | `/PreviewHandler.ashx` | High
|
||||
25 | File | `/geoserver/gwc/rest.html` | High
|
||||
26 | File | `/goform/formSysCmd` | High
|
||||
27 | File | `/HNAP1` | Low
|
||||
28 | File | `/hosts/firewall/ip` | High
|
||||
29 | File | `/index.php` | Medium
|
||||
30 | File | `/index.php/ccm/system/file/upload` | High
|
||||
31 | File | `/jeecg-boot/sys/common/upload` | High
|
||||
32 | File | `/nagiosxi/admin/banner_message-ajaxhelper.php` | High
|
||||
33 | File | `/oauth/idp/.well-known/openid-configuration` | High
|
||||
34 | File | `/OA_HTML/cabo/jsps/a.jsp` | High
|
||||
35 | File | `/php/ping.php` | High
|
||||
36 | File | `/proxy` | Low
|
||||
37 | File | `/public/login.htm` | High
|
||||
38 | File | `/recipe-result` | High
|
||||
39 | File | `/register.do` | Medium
|
||||
40 | File | `/reservation/add_message.php` | High
|
||||
41 | File | `/reviewer/system/system/admins/manage/users/user-update.php` | High
|
||||
42 | File | `/send_order.cgi?parameter=access_detect` | High
|
||||
43 | File | `/Service/ImageStationDataService.asmx` | High
|
||||
44 | File | `/spip.php` | Medium
|
||||
45 | File | `/student/bookdetails.php` | High
|
||||
46 | File | `/SystemManage/User/GetGridJson?_search=false&nd=1680855479750&rows=50&page=1&sidx=F_CreatorTime+desc&sord=asc` | High
|
||||
47 | File | `/text/pdf/PdfReader.java` | High
|
||||
48 | File | `/uploads/exam_question/` | High
|
||||
49 | File | `/user/ticket/create` | High
|
||||
50 | File | `/user/updatePwd` | High
|
||||
51 | File | `/UserSelfServiceSettings.jsp` | High
|
||||
52 | File | `/var/lib/docker/<remapping>` | High
|
||||
53 | ... | ... | ...
|
||||
37 | File | `/recipe-result` | High
|
||||
38 | File | `/register.do` | Medium
|
||||
39 | File | `/RPS2019Service/status.html` | High
|
||||
40 | File | `/s/index.php?action=statistics` | High
|
||||
41 | File | `/scripts/unlock_tasks.php` | High
|
||||
42 | File | `/Service/ImageStationDataService.asmx` | High
|
||||
43 | File | `/setting` | Medium
|
||||
44 | ... | ... | ...
|
||||
|
||||
There are 461 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 379 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
@ -842,4 +833,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -102,4 +102,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -71,4 +71,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -27,4 +27,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
文件差异内容过多而无法显示
加载差异
|
@ -42,7 +42,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22 | Pathname Traversal | High
|
||||
2 | T1055 | CWE-74 | Injection | High
|
||||
3 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
3 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 12 more TTP items available. Please use our online service to access the data.
|
||||
|
@ -57,15 +57,16 @@ ID | Type | Indicator | Confidence
|
|||
2 | File | `/balance/service/list` | High
|
||||
3 | File | `/index.php` | Medium
|
||||
4 | File | `/members/view_member.php` | High
|
||||
5 | File | `/owa/auth/logon.aspx` | High
|
||||
6 | File | `/secure/admin/InsightDefaultCustomFieldConfig.jspa` | High
|
||||
7 | File | `/SSOPOST/metaAlias/%realm%/idpv2` | High
|
||||
8 | File | `/uncpath/` | Medium
|
||||
9 | File | `ActivityManagerService.java` | High
|
||||
10 | File | `adclick.php` | Medium
|
||||
11 | ... | ... | ...
|
||||
5 | File | `/mhds/clinic/view_details.php` | High
|
||||
6 | File | `/owa/auth/logon.aspx` | High
|
||||
7 | File | `/rest/api/latest/projectvalidate/key` | High
|
||||
8 | File | `/secure/admin/InsightDefaultCustomFieldConfig.jspa` | High
|
||||
9 | File | `/SSOPOST/metaAlias/%realm%/idpv2` | High
|
||||
10 | File | `/uncpath/` | Medium
|
||||
11 | File | `ActivityManagerService.java` | High
|
||||
12 | ... | ... | ...
|
||||
|
||||
There are 79 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 89 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
@ -82,4 +83,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -41,7 +41,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 12 more TTP items available. Please use our online service to access the data.
|
||||
There are 13 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -62,7 +62,7 @@ ID | Type | Indicator | Confidence
|
|||
11 | File | `application\api\controller\User.php` | High
|
||||
12 | ... | ... | ...
|
||||
|
||||
There are 94 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 95 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
@ -80,4 +80,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -31,12 +31,12 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1059.007 | CWE-79 | Cross Site Scripting | High
|
||||
2 | T1068 | CWE-264, CWE-284 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | High
|
||||
3 | T1202 | CWE-78 | Command Injection | High
|
||||
1 | T1006 | CWE-21, CWE-22 | Pathname Traversal | High
|
||||
2 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
3 | T1059.007 | CWE-79 | Cross Site Scripting | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 5 more TTP items available. Please use our online service to access the data.
|
||||
There are 9 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -46,10 +46,10 @@ ID | Type | Indicator | Confidence
|
|||
-- | ---- | --------- | ----------
|
||||
1 | File | `data/gbconfiguration.dat` | High
|
||||
2 | File | `dede\co_do.php` | High
|
||||
3 | File | `org/apache/catalina/realm/RealmBase.java` | High
|
||||
3 | File | `download` | Medium
|
||||
4 | ... | ... | ...
|
||||
|
||||
There are 8 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 16 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
@ -67,4 +67,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -65,4 +65,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -183,4 +183,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -128,4 +128,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -9,11 +9,11 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
|
|||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with North America Unknown:
|
||||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
* [VN](https://vuldb.com/?country.vn)
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
* ...
|
||||
|
||||
There are 23 more country items available. Please use our online service to access the data.
|
||||
There are 29 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -37256,14 +37256,14 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-24 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-24 | Pathname Traversal | High
|
||||
2 | T1055 | CWE-74 | Injection | High
|
||||
3 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
5 | T1068 | CWE-264, CWE-269, CWE-284 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 18 more TTP items available. Please use our online service to access the data.
|
||||
There are 21 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -37271,41 +37271,57 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `%SYSTEMDRIVE%\node_modules\.bin\wmic.exe` | High
|
||||
2 | File | `/.env` | Low
|
||||
3 | File | `//proc/kcore` | Medium
|
||||
4 | File | `/admin/add-category.php` | High
|
||||
5 | File | `/admin/index2.html` | High
|
||||
6 | File | `/admin/theme-edit.php` | High
|
||||
7 | File | `/ample/app/ajax/member_data.php` | High
|
||||
8 | File | `/api/authentication/login` | High
|
||||
9 | File | `/api/upload.php` | High
|
||||
10 | File | `/base/ecma-helpers.c` | High
|
||||
11 | File | `/bin/login` | Medium
|
||||
12 | File | `/bin/rc4_crypt` | High
|
||||
13 | File | `/calendar/minimizer/index.php` | High
|
||||
14 | File | `/catalog/compare` | High
|
||||
15 | File | `/cgi-bin/luci/api/switch` | High
|
||||
16 | File | `/CMD_ACCOUNT_ADMIN` | High
|
||||
17 | File | `/common/logViewer/logViewer.jsf` | High
|
||||
18 | File | `/Content/Plugins/uploader/FileChoose.html?fileUrl=/Upload/File/Pics/&parent` | High
|
||||
19 | File | `/DXR.axd` | Medium
|
||||
20 | File | `/ecommerce/admin/settings/setDiscount.php` | High
|
||||
21 | File | `/endpoint/add-user.php` | High
|
||||
22 | File | `/forum/away.php` | High
|
||||
23 | File | `/goform/formSysCmd` | High
|
||||
24 | File | `/goform/goform_get_cmd_process` | High
|
||||
25 | File | `/h/autoSaveDraft` | High
|
||||
26 | File | `/link/` | Low
|
||||
27 | File | `/log/decodmail.php` | High
|
||||
28 | File | `/main/webservices/additional_webservices.php` | High
|
||||
29 | File | `/nagiosxi/admin/banner_message-ajaxhelper.php` | High
|
||||
30 | File | `/oauth/idp/.well-known/openid-configuration` | High
|
||||
31 | File | `/one_church/churchprofile.php` | High
|
||||
32 | File | `/opt/zimbra/jetty/webapps/zimbra/public` | High
|
||||
33 | ... | ... | ...
|
||||
1 | File | `/accounts_con/register_account` | High
|
||||
2 | File | `/addbill.php` | Medium
|
||||
3 | File | `/admin` | Low
|
||||
4 | File | `/admin/` | Low
|
||||
5 | File | `/admin/admin_user.php` | High
|
||||
6 | File | `/admin/book_add.php` | High
|
||||
7 | File | `/admin/book_row.php` | High
|
||||
8 | File | `/admin/borrow_add.php` | High
|
||||
9 | File | `/admin/bwdates-report-details.php` | High
|
||||
10 | File | `/admin/clientview.php` | High
|
||||
11 | File | `/admin/controller/JobLogController.java` | High
|
||||
12 | File | `/admin/course.php` | High
|
||||
13 | File | `/admin/general.cgi` | High
|
||||
14 | File | `/admin/index2.html` | High
|
||||
15 | File | `/admin/ind_backstage.php` | High
|
||||
16 | File | `/admin/manage-pages.php` | High
|
||||
17 | File | `/admin/manage-users.php` | High
|
||||
18 | File | `/admin/options-theme.php` | High
|
||||
19 | File | `/admin/pages/subjects.php` | High
|
||||
20 | File | `/admin/pages/yearlevel.php` | High
|
||||
21 | File | `/admin/php/crud.php` | High
|
||||
22 | File | `/admin/regester.php` | High
|
||||
23 | File | `/admin/return_add.php` | High
|
||||
24 | File | `/admin/singlelogin.php?submit=1` | High
|
||||
25 | File | `/admin/subject.php` | High
|
||||
26 | File | `/admin/update-clients.php` | High
|
||||
27 | File | `/admin/upload/img` | High
|
||||
28 | File | `/ample/app/action/edit_product.php` | High
|
||||
29 | File | `/api/jolokia org.jolokia.http.HttpRequestHandler#handlePostRequest` | High
|
||||
30 | File | `/api/log/killJob` | High
|
||||
31 | File | `/api/snapshot and /api/get_log_file` | High
|
||||
32 | File | `/api/trackedEntityInstances` | High
|
||||
33 | File | `/api /v3/auth` | High
|
||||
34 | File | `/article/DelectArticleById/` | High
|
||||
35 | File | `/auth/auth.php?user=1` | High
|
||||
36 | File | `/b2b-supermarket/catalog/all-products` | High
|
||||
37 | File | `/b2b-supermarket/shopping-cart` | High
|
||||
38 | File | `/boaform/wlan_basic_set.cgi` | High
|
||||
39 | File | `/cgi-bin/cstecgi.cgi` | High
|
||||
40 | File | `/cgi-bin/cstecgi.cgi?action=login` | High
|
||||
41 | File | `/cgi-bin/qcmap_auth` | High
|
||||
42 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
43 | File | `/classes/Master.php? f=save_medicine` | High
|
||||
44 | File | `/config,admin.jsp` | High
|
||||
45 | File | `/dashboard?controller=UserCollection::createUser` | High
|
||||
46 | File | `/dist/index.js` | High
|
||||
47 | File | `/DXR.axd` | Medium
|
||||
48 | File | `/ecommerce/admin/settings/setDiscount.php` | High
|
||||
49 | ... | ... | ...
|
||||
|
||||
There are 282 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 422 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
@ -37326,4 +37342,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -61,4 +61,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -127,4 +127,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -61,4 +61,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -69,4 +69,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -66,4 +66,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [US](https://vuldb.com/?country.us)
|
||||
* ...
|
||||
|
||||
There are 4 more country items available. Please use our online service to access the data.
|
||||
There are 5 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -431,14 +431,14 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-22, CWE-23, CWE-24, CWE-29 | Pathname Traversal | High
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-24, CWE-29, CWE-37 | Pathname Traversal | High
|
||||
2 | T1055 | CWE-74 | Injection | High
|
||||
3 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
5 | T1068 | CWE-264, CWE-269, CWE-284 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 18 more TTP items available. Please use our online service to access the data.
|
||||
There are 21 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -447,49 +447,49 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/accounts_con/register_account` | High
|
||||
2 | File | `/act/ActDao.xml` | High
|
||||
3 | File | `/admin/?page=maintenance/brand` | High
|
||||
4 | File | `/admin/?page=user/list` | High
|
||||
5 | File | `/admin/?page=user/manage` | High
|
||||
6 | File | `/admin/?page=user/manage_user&id=3` | High
|
||||
7 | File | `/admin/course.php` | High
|
||||
8 | File | `/admin/courses/manage_course.php` | High
|
||||
9 | File | `/admin/courses/view_course.php` | High
|
||||
10 | File | `/admin/curriculum/view_curriculum.php` | High
|
||||
11 | File | `/admin/departments/manage_department.php` | High
|
||||
12 | File | `/admin/index.php` | High
|
||||
13 | File | `/admin/ind_backstage.php` | High
|
||||
14 | File | `/admin/list_onlineuser.php` | High
|
||||
15 | File | `/admin/manage-pages.php` | High
|
||||
16 | File | `/admin/manage-users.php` | High
|
||||
17 | File | `/admin/offenses/view_details.php` | High
|
||||
18 | File | `/admin/options-theme.php` | High
|
||||
19 | File | `/admin/report/index.php` | High
|
||||
20 | File | `/admin/reportupload.aspx` | High
|
||||
21 | File | `/admin/services/view_service.php` | High
|
||||
22 | File | `/admin/settings/` | High
|
||||
23 | File | `/admin/singlelogin.php?submit=1` | High
|
||||
24 | File | `/admin/students/view_details.php` | High
|
||||
25 | File | `/admin/students/view_student.php` | High
|
||||
26 | File | `/admin/subject.php` | High
|
||||
27 | File | `/admin/theme-edit.php` | High
|
||||
28 | File | `/admin/upload/img` | High
|
||||
29 | File | `/admin/user/manage_user.php` | High
|
||||
30 | File | `/adms/admin/?page=user/manage_user` | High
|
||||
31 | File | `/adplanet/PlanetCommentList` | High
|
||||
32 | File | `/adplanet/PlanetUser` | High
|
||||
33 | File | `/ajax.php?action=save_company` | High
|
||||
34 | File | `/ample/app/ajax/member_data.php` | High
|
||||
35 | File | `/api/browserextension/UpdatePassword/` | High
|
||||
36 | File | `/api/upload.php` | High
|
||||
2 | File | `/admin/?page=maintenance/brand` | High
|
||||
3 | File | `/admin/?page=user/list` | High
|
||||
4 | File | `/admin/?page=user/manage` | High
|
||||
5 | File | `/admin/?page=user/manage_user&id=3` | High
|
||||
6 | File | `/admin/course.php` | High
|
||||
7 | File | `/admin/courses/manage_course.php` | High
|
||||
8 | File | `/admin/courses/view_course.php` | High
|
||||
9 | File | `/admin/curriculum/view_curriculum.php` | High
|
||||
10 | File | `/admin/departments/manage_department.php` | High
|
||||
11 | File | `/admin/index.php` | High
|
||||
12 | File | `/admin/ind_backstage.php` | High
|
||||
13 | File | `/admin/list_onlineuser.php` | High
|
||||
14 | File | `/admin/manage-pages.php` | High
|
||||
15 | File | `/admin/manage-users.php` | High
|
||||
16 | File | `/admin/offenses/view_details.php` | High
|
||||
17 | File | `/admin/options-theme.php` | High
|
||||
18 | File | `/admin/report/index.php` | High
|
||||
19 | File | `/admin/reportupload.aspx` | High
|
||||
20 | File | `/admin/services/view_service.php` | High
|
||||
21 | File | `/admin/settings/` | High
|
||||
22 | File | `/admin/singlelogin.php?submit=1` | High
|
||||
23 | File | `/admin/students/view_details.php` | High
|
||||
24 | File | `/admin/students/view_student.php` | High
|
||||
25 | File | `/admin/subject.php` | High
|
||||
26 | File | `/admin/theme-edit.php` | High
|
||||
27 | File | `/admin/upload/img` | High
|
||||
28 | File | `/admin/user/manage_user.php` | High
|
||||
29 | File | `/adms/admin/?page=user/manage_user` | High
|
||||
30 | File | `/adplanet/PlanetCommentList` | High
|
||||
31 | File | `/adplanet/PlanetUser` | High
|
||||
32 | File | `/ajax.php?action=save_company` | High
|
||||
33 | File | `/ample/app/ajax/member_data.php` | High
|
||||
34 | File | `/api/browserextension/UpdatePassword/` | High
|
||||
35 | File | `/api/trackedEntityInstances` | High
|
||||
36 | File | `/api/v1/terminal/sessions/?limit=1` | High
|
||||
37 | File | `/article/DelectArticleById/` | High
|
||||
38 | File | `/auth/auth.php?user=1` | High
|
||||
39 | File | `/b2b-supermarket/catalog/all-products` | High
|
||||
40 | File | `/b2b-supermarket/shopping-cart` | High
|
||||
41 | File | `/catalog/compare` | High
|
||||
42 | File | `/cgi-bin/cstecgi.cgi` | High
|
||||
43 | File | `/cgi-bin/cstecgi.cgi?action=login` | High
|
||||
44 | File | `/cgi-bin/kerbynet` | High
|
||||
41 | File | `/carbon/ndatasource/validateconnection/ajaxprocessor.jsp` | High
|
||||
42 | File | `/catalog/compare` | High
|
||||
43 | File | `/cgi-bin/cstecgi.cgi` | High
|
||||
44 | File | `/cgi-bin/cstecgi.cgi?action=login` | High
|
||||
45 | File | `/cgi-bin/mainfunction.cgi` | High
|
||||
46 | File | `/classes/Master.php` | High
|
||||
47 | File | `/classes/Master.php?f=delete_category` | High
|
||||
|
@ -507,19 +507,26 @@ ID | Type | Indicator | Confidence
|
|||
59 | File | `/classes/Users.php?f=save` | High
|
||||
60 | File | `/clinic/disease_symptoms_view.php` | High
|
||||
61 | File | `/config,admin.jsp` | High
|
||||
62 | File | `/download/image` | High
|
||||
63 | File | `/DXR.axd` | Medium
|
||||
64 | File | `/endpoint/add-guest.php` | High
|
||||
65 | File | `/endpoint/add-user.php` | High
|
||||
66 | File | `/endpoint/delete-user.php` | High
|
||||
67 | File | `/fax/fax_send.php` | High
|
||||
68 | File | `/file-manager/delete.php` | High
|
||||
69 | File | `/file-manager/upload.php` | High
|
||||
70 | File | `/forum/away.php` | High
|
||||
71 | File | `/general/ipanel/menu_code.php?MENU_TYPE=FAV` | High
|
||||
72 | ... | ... | ...
|
||||
62 | File | `/config/getuser` | High
|
||||
63 | File | `/debug/pprof` | Medium
|
||||
64 | File | `/download/image` | High
|
||||
65 | File | `/DXR.axd` | Medium
|
||||
66 | File | `/endpoint/add-guest.php` | High
|
||||
67 | File | `/endpoint/add-user.php` | High
|
||||
68 | File | `/endpoint/delete-user.php` | High
|
||||
69 | File | `/fax/fax_send.php` | High
|
||||
70 | File | `/file-manager/delete.php` | High
|
||||
71 | File | `/file-manager/upload.php` | High
|
||||
72 | File | `/forum/away.php` | High
|
||||
73 | File | `/general/ipanel/menu_code.php?MENU_TYPE=FAV` | High
|
||||
74 | File | `/goform/goform_get_cmd_process` | High
|
||||
75 | File | `/HNAP1/` | Low
|
||||
76 | File | `/inc/topBarNav.php` | High
|
||||
77 | File | `/index.php` | Medium
|
||||
78 | File | `/index.php?page=member` | High
|
||||
79 | ... | ... | ...
|
||||
|
||||
There are 632 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 691 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
@ -540,4 +547,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
文件差异内容过多而无法显示
加载差异
某些文件未显示,因为此 diff 中更改的文件太多 显示更多
正在加载...
在新工单中引用