Update May 2023
This commit is contained in:
parent
b8ed0a8117
commit
7aca43d962
|
@ -63,35 +63,36 @@ ID | Type | Indicator | Confidence
|
|||
6 | File | `/admin/employee_row.php` | High
|
||||
7 | File | `/Admin/login.php` | High
|
||||
8 | File | `/admin/products/manage_product.php` | High
|
||||
9 | File | `/api/upload` | Medium
|
||||
10 | File | `/classes/Master.php?f=delete_sub_category` | High
|
||||
11 | File | `/cms/category/list` | High
|
||||
12 | File | `/debug/pprof` | Medium
|
||||
13 | File | `/Default/Bd` | Medium
|
||||
14 | File | `/DocSystem/Repos/getReposAllUsers.do` | High
|
||||
15 | File | `/domain/add` | Medium
|
||||
16 | File | `/donor-wall` | Medium
|
||||
17 | File | `/ebics-server/ebics.aspx` | High
|
||||
18 | File | `/esbus/servlet/GetSQLData` | High
|
||||
19 | File | `/film-rating.php` | High
|
||||
20 | File | `/forum/away.php` | High
|
||||
21 | File | `/goform/formLogin` | High
|
||||
22 | File | `/HNAP1` | Low
|
||||
23 | File | `/horde/util/go.php` | High
|
||||
24 | File | `/ishttpd/localweb/java/` | High
|
||||
25 | File | `/KK_LS9ReportingPortal/GetData` | High
|
||||
26 | File | `/mcategory.php` | High
|
||||
27 | File | `/out.php` | Medium
|
||||
28 | File | `/p` | Low
|
||||
29 | File | `/pages/processlogin.php` | High
|
||||
30 | File | `/product/savenewproduct.php?flag=1` | High
|
||||
31 | File | `/services/Card/findUser` | High
|
||||
32 | File | `/template/edit` | High
|
||||
33 | File | `/uncpath/` | Medium
|
||||
34 | File | `/usr/bin/uucp` | High
|
||||
35 | ... | ... | ...
|
||||
9 | File | `/admin/user/manage_user.php` | High
|
||||
10 | File | `/api/upload` | Medium
|
||||
11 | File | `/classes/Master.php?f=delete_sub_category` | High
|
||||
12 | File | `/cms/category/list` | High
|
||||
13 | File | `/debug/pprof` | Medium
|
||||
14 | File | `/Default/Bd` | Medium
|
||||
15 | File | `/DocSystem/Repos/getReposAllUsers.do` | High
|
||||
16 | File | `/domain/add` | Medium
|
||||
17 | File | `/donor-wall` | Medium
|
||||
18 | File | `/ebics-server/ebics.aspx` | High
|
||||
19 | File | `/esbus/servlet/GetSQLData` | High
|
||||
20 | File | `/film-rating.php` | High
|
||||
21 | File | `/forum/away.php` | High
|
||||
22 | File | `/goform/formLogin` | High
|
||||
23 | File | `/HNAP1` | Low
|
||||
24 | File | `/horde/util/go.php` | High
|
||||
25 | File | `/ishttpd/localweb/java/` | High
|
||||
26 | File | `/KK_LS9ReportingPortal/GetData` | High
|
||||
27 | File | `/mcategory.php` | High
|
||||
28 | File | `/out.php` | Medium
|
||||
29 | File | `/p` | Low
|
||||
30 | File | `/pages/processlogin.php` | High
|
||||
31 | File | `/product/savenewproduct.php?flag=1` | High
|
||||
32 | File | `/services/Card/findUser` | High
|
||||
33 | File | `/template/edit` | High
|
||||
34 | File | `/uncpath/` | Medium
|
||||
35 | File | `/usr/bin/uucp` | High
|
||||
36 | ... | ... | ...
|
||||
|
||||
There are 301 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 305 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -46,7 +46,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
5 | ... | ... | ... | ...
|
||||
|
||||
There are 15 more TTP items available. Please use our online service to access the data.
|
||||
There are 16 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [GB](https://vuldb.com/?country.gb)
|
||||
* ...
|
||||
|
||||
There are 22 more country items available. Please use our online service to access the data.
|
||||
There are 24 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -35,10 +35,10 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-294 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
2 | T1055 | CWE-74 | Injection | High
|
||||
3 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
5 | T1068 | CWE-250, CWE-264, CWE-269, CWE-284 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 19 more TTP items available. Please use our online service to access the data.
|
||||
|
@ -50,12 +50,12 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `.github/workflows/combine-prs.yml` | High
|
||||
2 | File | `/Admin/add-student.php` | High
|
||||
3 | File | `/admin/api/admin/articles/` | High
|
||||
4 | File | `/admin/cashadvance_row.php` | High
|
||||
5 | File | `/Admin/login.php` | High
|
||||
6 | File | `/admin/maintenance/view_designation.php` | High
|
||||
7 | File | `/admin/showbad.php` | High
|
||||
2 | File | `/admin.php/update/getFile.html` | High
|
||||
3 | File | `/Admin/add-student.php` | High
|
||||
4 | File | `/admin/api/admin/articles/` | High
|
||||
5 | File | `/admin/cashadvance_row.php` | High
|
||||
6 | File | `/Admin/login.php` | High
|
||||
7 | File | `/admin/maintenance/view_designation.php` | High
|
||||
8 | File | `/admin/userprofile.php` | High
|
||||
9 | File | `/adms/admin/?page=vehicles/sell_vehicle` | High
|
||||
10 | File | `/adms/admin/?page=vehicles/view_transaction` | High
|
||||
|
@ -68,56 +68,61 @@ ID | Type | Indicator | Confidence
|
|||
17 | File | `/dev/block/mmcblk0rpmb` | High
|
||||
18 | File | `/DocSystem/Repos/getReposAllUsers.do` | High
|
||||
19 | File | `/face-recognition-php/facepay-master/camera.php` | High
|
||||
20 | File | `/forum/away.php` | High
|
||||
21 | File | `/fos/admin/ajax.php?action=login` | High
|
||||
22 | File | `/fos/admin/index.php?page=menu` | High
|
||||
23 | File | `/home/masterConsole` | High
|
||||
24 | File | `/home/sendBroadcast` | High
|
||||
25 | File | `/hrm/employeeadd.php` | High
|
||||
26 | File | `/hrm/employeeview.php` | High
|
||||
27 | File | `/index.php` | Medium
|
||||
28 | File | `/items/view_item.php` | High
|
||||
29 | File | `/jsoa/hntdCustomDesktopActionContent` | High
|
||||
30 | File | `/lookin/info` | Medium
|
||||
31 | File | `/manager/index.php` | High
|
||||
32 | File | `/medical/inventories.php` | High
|
||||
33 | File | `/modules/profile/index.php` | High
|
||||
34 | File | `/modules/projects/vw_files.php` | High
|
||||
35 | File | `/modules/public/calendar.php` | High
|
||||
36 | File | `/mygym/admin/index.php?view_exercises` | High
|
||||
37 | File | `/newsDia.php` | Medium
|
||||
38 | File | `/out.php` | Medium
|
||||
39 | File | `/php-opos/index.php` | High
|
||||
40 | File | `/proxy` | Low
|
||||
41 | File | `/public/launchNewWindow.jsp` | High
|
||||
42 | File | `/Redcock-Farm/farm/category.php` | High
|
||||
43 | File | `/reports/rwservlet` | High
|
||||
44 | File | `/sacco_shield/manage_user.php` | High
|
||||
45 | File | `/spip.php` | Medium
|
||||
46 | File | `/sqlitemanager/main.php?dbsel=-1%20or%2072%20=%2072` | High
|
||||
47 | File | `/staff/bookdetails.php` | High
|
||||
48 | File | `/uncpath/` | Medium
|
||||
49 | File | `/user/updatePwd` | High
|
||||
50 | File | `/user/update_booking.php` | High
|
||||
51 | File | `/Wedding-Management-PHP/admin/photos_add.php` | High
|
||||
52 | File | `/wireless/security.asp` | High
|
||||
53 | File | `/wordpress/wp-admin/options-general.php` | High
|
||||
54 | File | `01article.php` | High
|
||||
55 | File | `AbstractScheduleJob.java` | High
|
||||
56 | File | `actionphp/download.File.php` | High
|
||||
57 | File | `activenews_view.asp` | High
|
||||
58 | File | `adclick.php` | Medium
|
||||
59 | File | `addtocart.asp` | High
|
||||
60 | File | `admin.php` | Medium
|
||||
61 | File | `admin/abc.php` | High
|
||||
62 | File | `admin/admin.php?action=users&mode=info&user=2` | High
|
||||
63 | File | `admin/admin/adminsave.html` | High
|
||||
64 | File | `admin/asset/grid-proxy` | High
|
||||
65 | File | `admin/auditTrail.jsf` | High
|
||||
66 | File | `admin/conf_users_edit.php` | High
|
||||
67 | ... | ... | ...
|
||||
20 | File | `/feeds/post/publish` | High
|
||||
21 | File | `/forum/away.php` | High
|
||||
22 | File | `/fos/admin/ajax.php?action=login` | High
|
||||
23 | File | `/fos/admin/index.php?page=menu` | High
|
||||
24 | File | `/home/masterConsole` | High
|
||||
25 | File | `/home/sendBroadcast` | High
|
||||
26 | File | `/hrm/employeeadd.php` | High
|
||||
27 | File | `/hrm/employeeview.php` | High
|
||||
28 | File | `/index.php` | Medium
|
||||
29 | File | `/items/view_item.php` | High
|
||||
30 | File | `/jsoa/hntdCustomDesktopActionContent` | High
|
||||
31 | File | `/lookin/info` | Medium
|
||||
32 | File | `/manager/index.php` | High
|
||||
33 | File | `/medical/inventories.php` | High
|
||||
34 | File | `/modules/profile/index.php` | High
|
||||
35 | File | `/modules/projects/vw_files.php` | High
|
||||
36 | File | `/modules/public/calendar.php` | High
|
||||
37 | File | `/mygym/admin/index.php?view_exercises` | High
|
||||
38 | File | `/newsDia.php` | Medium
|
||||
39 | File | `/out.php` | Medium
|
||||
40 | File | `/php-opos/index.php` | High
|
||||
41 | File | `/proxy` | Low
|
||||
42 | File | `/public/launchNewWindow.jsp` | High
|
||||
43 | File | `/Redcock-Farm/farm/category.php` | High
|
||||
44 | File | `/reports/rwservlet` | High
|
||||
45 | File | `/reservation/add_message.php` | High
|
||||
46 | File | `/sacco_shield/manage_user.php` | High
|
||||
47 | File | `/spip.php` | Medium
|
||||
48 | File | `/sqlitemanager/main.php?dbsel=-1%20or%2072%20=%2072` | High
|
||||
49 | File | `/staff/bookdetails.php` | High
|
||||
50 | File | `/uncpath/` | Medium
|
||||
51 | File | `/user/updatePwd` | High
|
||||
52 | File | `/user/update_booking.php` | High
|
||||
53 | File | `/Wedding-Management-PHP/admin/photos_add.php` | High
|
||||
54 | File | `/wireless/security.asp` | High
|
||||
55 | File | `/wordpress/wp-admin/options-general.php` | High
|
||||
56 | File | `01article.php` | High
|
||||
57 | File | `a-forms.php` | Medium
|
||||
58 | File | `AbstractScheduleJob.java` | High
|
||||
59 | File | `actionphp/download.File.php` | High
|
||||
60 | File | `activenews_view.asp` | High
|
||||
61 | File | `adclick.php` | Medium
|
||||
62 | File | `addtocart.asp` | High
|
||||
63 | File | `admin.a6mambocredits.php` | High
|
||||
64 | File | `admin.cropcanvas.php` | High
|
||||
65 | File | `admin.php` | Medium
|
||||
66 | File | `admin/abc.php` | High
|
||||
67 | File | `admin/admin.php?action=users&mode=info&user=2` | High
|
||||
68 | File | `admin/admin/adminsave.html` | High
|
||||
69 | File | `admin/asset/grid-proxy` | High
|
||||
70 | File | `admin/auditTrail.jsf` | High
|
||||
71 | File | `admin/conf_users_edit.php` | High
|
||||
72 | ... | ... | ...
|
||||
|
||||
There are 586 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 637 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -15,8 +15,8 @@ The following _campaigns_ are known and can be associated with APT1:
|
|||
|
||||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with APT1:
|
||||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [GB](https://vuldb.com/?country.gb)
|
||||
* ...
|
||||
|
||||
|
|
|
@ -24,7 +24,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [RU](https://vuldb.com/?country.ru)
|
||||
* ...
|
||||
|
||||
There are 10 more country items available. Please use our online service to access the data.
|
||||
There are 11 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -95,27 +95,32 @@ ID | Type | Indicator | Confidence
|
|||
9 | File | `/images/` | Medium
|
||||
10 | File | `/inc/parser/xhtml.php` | High
|
||||
11 | File | `/index.php` | Medium
|
||||
12 | File | `/login` | Low
|
||||
13 | File | `/members/view_member.php` | High
|
||||
14 | File | `/mkshop/Men/profile.php` | High
|
||||
15 | File | `/modules/profile/index.php` | High
|
||||
16 | File | `/Noxen-master/users.php` | High
|
||||
17 | File | `/one_church/userregister.php` | High
|
||||
18 | File | `/out.php` | Medium
|
||||
19 | File | `/owa/auth/logon.aspx` | High
|
||||
20 | File | `/public/plugins/` | High
|
||||
21 | File | `/SAP_Information_System/controllers/add_admin.php` | High
|
||||
22 | File | `/SASWebReportStudio/logonAndRender.do` | High
|
||||
23 | File | `/secure/admin/InsightDefaultCustomFieldConfig.jspa` | High
|
||||
24 | File | `/secure/admin/ViewInstrumentation.jspa` | High
|
||||
25 | File | `/SSOPOST/metaAlias/%realm%/idpv2` | High
|
||||
26 | File | `/tmp/phpglibccheck` | High
|
||||
27 | File | `/uncpath/` | Medium
|
||||
28 | File | `/v2/quantum/save-data-upload-big-file` | High
|
||||
29 | File | `4.edu.php` | Medium
|
||||
30 | ... | ... | ...
|
||||
12 | File | `/librarian/bookdetails.php` | High
|
||||
13 | File | `/login` | Low
|
||||
14 | File | `/members/view_member.php` | High
|
||||
15 | File | `/messageboard/view.php` | High
|
||||
16 | File | `/mkshop/Men/profile.php` | High
|
||||
17 | File | `/modules/profile/index.php` | High
|
||||
18 | File | `/Noxen-master/users.php` | High
|
||||
19 | File | `/one_church/userregister.php` | High
|
||||
20 | File | `/out.php` | Medium
|
||||
21 | File | `/owa/auth/logon.aspx` | High
|
||||
22 | File | `/public/plugins/` | High
|
||||
23 | File | `/SAP_Information_System/controllers/add_admin.php` | High
|
||||
24 | File | `/SASWebReportStudio/logonAndRender.do` | High
|
||||
25 | File | `/secure/admin/InsightDefaultCustomFieldConfig.jspa` | High
|
||||
26 | File | `/secure/admin/ViewInstrumentation.jspa` | High
|
||||
27 | File | `/SSOPOST/metaAlias/%realm%/idpv2` | High
|
||||
28 | File | `/textpattern/index.php` | High
|
||||
29 | File | `/uncpath/` | Medium
|
||||
30 | File | `/v2/quantum/save-data-upload-big-file` | High
|
||||
31 | File | `4.edu.php` | Medium
|
||||
32 | File | `adclick.php` | Medium
|
||||
33 | File | `addentry.php` | Medium
|
||||
34 | File | `admin.cropcanvas.php` | High
|
||||
35 | ... | ... | ...
|
||||
|
||||
There are 257 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 297 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -97,7 +97,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
5 | ... | ... | ... | ...
|
||||
|
||||
There are 17 more TTP items available. Please use our online service to access the data.
|
||||
There are 18 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
|
|
@ -54,7 +54,8 @@ ID | Technique | Weakness | Description | Confidence
|
|||
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
5 | ... | ... | ... | ...
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 18 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
|
|
|
@ -44,7 +44,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
2 | T1059.007 | CWE-79 | Cross Site Scripting | High
|
||||
3 | T1068 | CWE-264 | Execution with Unnecessary Privileges | High
|
||||
3 | T1068 | CWE-264 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 4 more TTP items available. Please use our online service to access the data.
|
||||
|
|
|
@ -59,18 +59,19 @@ ID | Type | Indicator | Confidence
|
|||
3 | File | `/appConfig/userDB.json` | High
|
||||
4 | File | `/bin/boa` | Medium
|
||||
5 | File | `/cgi-bin/wapopen` | High
|
||||
6 | File | `/cwp_{SESSION_HASH}/admin/loader_ajax.php` | High
|
||||
7 | File | `/jquery_file_upload/server/php/index.php` | High
|
||||
8 | File | `/librarian/bookdetails.php` | High
|
||||
9 | File | `/magnoliaPublic/travel/members/login.html` | High
|
||||
10 | File | `/Main_AdmStatus_Content.asp` | High
|
||||
11 | File | `/requests.php` | High
|
||||
12 | File | `/server-status` | High
|
||||
13 | File | `/uncpath/` | Medium
|
||||
14 | File | `/var/log/nginx` | High
|
||||
15 | ... | ... | ...
|
||||
6 | File | `/CPE` | Low
|
||||
7 | File | `/cwp_{SESSION_HASH}/admin/loader_ajax.php` | High
|
||||
8 | File | `/jquery_file_upload/server/php/index.php` | High
|
||||
9 | File | `/librarian/bookdetails.php` | High
|
||||
10 | File | `/magnoliaPublic/travel/members/login.html` | High
|
||||
11 | File | `/Main_AdmStatus_Content.asp` | High
|
||||
12 | File | `/requests.php` | High
|
||||
13 | File | `/server-status` | High
|
||||
14 | File | `/uncpath/` | Medium
|
||||
15 | File | `/var/log/nginx` | High
|
||||
16 | ... | ... | ...
|
||||
|
||||
There are 120 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 124 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -119,10 +119,9 @@ ID | Type | Indicator | Confidence
|
|||
41 | File | `/thruk/#cgi-bin/extinfo.cgi?type=2` | High
|
||||
42 | File | `/tmp/app/.env` | High
|
||||
43 | File | `/tool/gen/createTable` | High
|
||||
44 | File | `/uncpath/` | Medium
|
||||
45 | ... | ... | ...
|
||||
44 | ... | ... | ...
|
||||
|
||||
There are 391 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 384 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [GB](https://vuldb.com/?country.gb)
|
||||
* ...
|
||||
|
||||
There are 22 more country items available. Please use our online service to access the data.
|
||||
There are 23 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -65,69 +65,73 @@ ID | Type | Indicator | Confidence
|
|||
4 | File | `/admin/cashadvance_row.php` | High
|
||||
5 | File | `/Admin/login.php` | High
|
||||
6 | File | `/admin/maintenance/view_designation.php` | High
|
||||
7 | File | `/admin/showbad.php` | High
|
||||
8 | File | `/admin/userprofile.php` | High
|
||||
9 | File | `/adms/admin/?page=vehicles/sell_vehicle` | High
|
||||
10 | File | `/adms/admin/?page=vehicles/view_transaction` | High
|
||||
11 | File | `/apilog.php` | Medium
|
||||
12 | File | `/APR/login.php` | High
|
||||
13 | File | `/bin/httpd` | Medium
|
||||
14 | File | `/cgi-bin/wapopen` | High
|
||||
15 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
16 | File | `/connectors/index.php` | High
|
||||
17 | File | `/dev/block/mmcblk0rpmb` | High
|
||||
18 | File | `/DocSystem/Repos/getReposAllUsers.do` | High
|
||||
19 | File | `/face-recognition-php/facepay-master/camera.php` | High
|
||||
20 | File | `/forum/away.php` | High
|
||||
21 | File | `/fos/admin/ajax.php?action=login` | High
|
||||
22 | File | `/fos/admin/index.php?page=menu` | High
|
||||
23 | File | `/home/masterConsole` | High
|
||||
24 | File | `/home/sendBroadcast` | High
|
||||
25 | File | `/hrm/employeeadd.php` | High
|
||||
26 | File | `/hrm/employeeview.php` | High
|
||||
27 | File | `/index.php` | Medium
|
||||
28 | File | `/items/view_item.php` | High
|
||||
29 | File | `/jsoa/hntdCustomDesktopActionContent` | High
|
||||
30 | File | `/lookin/info` | Medium
|
||||
31 | File | `/manager/index.php` | High
|
||||
32 | File | `/medical/inventories.php` | High
|
||||
33 | File | `/modules/profile/index.php` | High
|
||||
34 | File | `/modules/projects/vw_files.php` | High
|
||||
35 | File | `/modules/public/calendar.php` | High
|
||||
36 | File | `/mygym/admin/index.php?view_exercises` | High
|
||||
37 | File | `/newsDia.php` | Medium
|
||||
38 | File | `/out.php` | Medium
|
||||
39 | File | `/php-opos/index.php` | High
|
||||
40 | File | `/proxy` | Low
|
||||
41 | File | `/public/launchNewWindow.jsp` | High
|
||||
42 | File | `/Redcock-Farm/farm/category.php` | High
|
||||
43 | File | `/reports/rwservlet` | High
|
||||
44 | File | `/sacco_shield/manage_user.php` | High
|
||||
45 | File | `/spip.php` | Medium
|
||||
46 | File | `/sqlitemanager/main.php?dbsel=-1%20or%2072%20=%2072` | High
|
||||
47 | File | `/staff/bookdetails.php` | High
|
||||
48 | File | `/uncpath/` | Medium
|
||||
49 | File | `/user/updatePwd` | High
|
||||
50 | File | `/user/update_booking.php` | High
|
||||
51 | File | `/Wedding-Management-PHP/admin/photos_add.php` | High
|
||||
52 | File | `/wireless/security.asp` | High
|
||||
53 | File | `/wordpress/wp-admin/options-general.php` | High
|
||||
54 | File | `01article.php` | High
|
||||
55 | File | `AbstractScheduleJob.java` | High
|
||||
56 | File | `actionphp/download.File.php` | High
|
||||
57 | File | `activenews_view.asp` | High
|
||||
58 | File | `adclick.php` | Medium
|
||||
59 | File | `addtocart.asp` | High
|
||||
60 | File | `admin.php` | Medium
|
||||
61 | File | `admin/abc.php` | High
|
||||
62 | File | `admin/admin.php?action=users&mode=info&user=2` | High
|
||||
63 | File | `admin/admin/adminsave.html` | High
|
||||
64 | File | `admin/asset/grid-proxy` | High
|
||||
65 | File | `admin/auditTrail.jsf` | High
|
||||
66 | File | `admin/conf_users_edit.php` | High
|
||||
67 | ... | ... | ...
|
||||
7 | File | `/admin/userprofile.php` | High
|
||||
8 | File | `/adms/admin/?page=vehicles/sell_vehicle` | High
|
||||
9 | File | `/adms/admin/?page=vehicles/view_transaction` | High
|
||||
10 | File | `/apilog.php` | Medium
|
||||
11 | File | `/APR/login.php` | High
|
||||
12 | File | `/bin/httpd` | Medium
|
||||
13 | File | `/cgi-bin/wapopen` | High
|
||||
14 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
15 | File | `/connectors/index.php` | High
|
||||
16 | File | `/dev/block/mmcblk0rpmb` | High
|
||||
17 | File | `/DocSystem/Repos/getReposAllUsers.do` | High
|
||||
18 | File | `/face-recognition-php/facepay-master/camera.php` | High
|
||||
19 | File | `/forum/away.php` | High
|
||||
20 | File | `/fos/admin/ajax.php?action=login` | High
|
||||
21 | File | `/fos/admin/index.php?page=menu` | High
|
||||
22 | File | `/home/masterConsole` | High
|
||||
23 | File | `/home/sendBroadcast` | High
|
||||
24 | File | `/hrm/employeeadd.php` | High
|
||||
25 | File | `/hrm/employeeview.php` | High
|
||||
26 | File | `/index.php` | Medium
|
||||
27 | File | `/items/view_item.php` | High
|
||||
28 | File | `/jsoa/hntdCustomDesktopActionContent` | High
|
||||
29 | File | `/lookin/info` | Medium
|
||||
30 | File | `/manager/index.php` | High
|
||||
31 | File | `/medical/inventories.php` | High
|
||||
32 | File | `/modules/profile/index.php` | High
|
||||
33 | File | `/modules/projects/vw_files.php` | High
|
||||
34 | File | `/modules/public/calendar.php` | High
|
||||
35 | File | `/mygym/admin/index.php?view_exercises` | High
|
||||
36 | File | `/newsDia.php` | Medium
|
||||
37 | File | `/out.php` | Medium
|
||||
38 | File | `/php-opos/index.php` | High
|
||||
39 | File | `/proxy` | Low
|
||||
40 | File | `/public/launchNewWindow.jsp` | High
|
||||
41 | File | `/Redcock-Farm/farm/category.php` | High
|
||||
42 | File | `/reports/rwservlet` | High
|
||||
43 | File | `/sacco_shield/manage_user.php` | High
|
||||
44 | File | `/spip.php` | Medium
|
||||
45 | File | `/sqlitemanager/main.php?dbsel=-1%20or%2072%20=%2072` | High
|
||||
46 | File | `/staff/bookdetails.php` | High
|
||||
47 | File | `/uncpath/` | Medium
|
||||
48 | File | `/user/updatePwd` | High
|
||||
49 | File | `/user/update_booking.php` | High
|
||||
50 | File | `/Wedding-Management-PHP/admin/photos_add.php` | High
|
||||
51 | File | `/wireless/security.asp` | High
|
||||
52 | File | `/wordpress/wp-admin/options-general.php` | High
|
||||
53 | File | `01article.php` | High
|
||||
54 | File | `AbstractScheduleJob.java` | High
|
||||
55 | File | `actionphp/download.File.php` | High
|
||||
56 | File | `activenews_view.asp` | High
|
||||
57 | File | `adclick.php` | Medium
|
||||
58 | File | `addtocart.asp` | High
|
||||
59 | File | `admin.a6mambocredits.php` | High
|
||||
60 | File | `admin.cropcanvas.php` | High
|
||||
61 | File | `admin.php` | Medium
|
||||
62 | File | `admin/abc.php` | High
|
||||
63 | File | `admin/admin.php?action=users&mode=info&user=2` | High
|
||||
64 | File | `admin/admin/adminsave.html` | High
|
||||
65 | File | `admin/asset/grid-proxy` | High
|
||||
66 | File | `admin/auditTrail.jsf` | High
|
||||
67 | File | `admin/conf_users_edit.php` | High
|
||||
68 | File | `admin/disapprove_user.php` | High
|
||||
69 | File | `admin/edit_category.php` | High
|
||||
70 | File | `admin/expense_report.php` | High
|
||||
71 | ... | ... | ...
|
||||
|
||||
There are 584 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 620 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -42,7 +42,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
5 | ... | ... | ... | ...
|
||||
|
||||
There are 16 more TTP items available. Please use our online service to access the data.
|
||||
There are 17 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [CN](https://vuldb.com/?country.cn)
|
||||
* ...
|
||||
|
||||
There are 12 more country items available. Please use our online service to access the data.
|
||||
There are 14 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -3007,9 +3007,10 @@ ID | Technique | Weakness | Description | Confidence
|
|||
2 | T1040 | CWE-294, CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
|
||||
5 | ... | ... | ... | ...
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 18 more TTP items available. Please use our online service to access the data.
|
||||
There are 19 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -3025,45 +3026,53 @@ ID | Type | Indicator | Confidence
|
|||
6 | File | `/admin/cashadvance_row.php` | High
|
||||
7 | File | `/admin/doctors.php` | High
|
||||
8 | File | `/admin/maintenance/view_designation.php` | High
|
||||
9 | File | `/admin/userprofile.php` | High
|
||||
10 | File | `/advanced/adv_dns.xgi` | High
|
||||
9 | File | `/admin/scheprofile.cgi` | High
|
||||
10 | File | `/admin/userprofile.php` | High
|
||||
11 | File | `/alphaware/summary.php` | High
|
||||
12 | File | `/api/` | Low
|
||||
13 | File | `/api/admin/store/product/list` | High
|
||||
14 | File | `/api/blade-log/api/list` | High
|
||||
15 | File | `/application/views/themeOptions/update.php` | High
|
||||
16 | File | `/APR/login.php` | High
|
||||
17 | File | `/APR/signup.php` | High
|
||||
18 | File | `/authUserAction!edit.action` | High
|
||||
19 | File | `/boat/login.php` | High
|
||||
20 | File | `/cgi-bin/mesh.cgi?page=upgrade` | High
|
||||
21 | File | `/cgi-bin/system_mgr.cgi` | High
|
||||
15 | File | `/api/v2/cli/commands` | High
|
||||
16 | File | `/application/views/themeOptions/update.php` | High
|
||||
17 | File | `/APR/login.php` | High
|
||||
18 | File | `/APR/signup.php` | High
|
||||
19 | File | `/authUserAction!edit.action` | High
|
||||
20 | File | `/boat/login.php` | High
|
||||
21 | File | `/cgi-bin/mesh.cgi?page=upgrade` | High
|
||||
22 | File | `/cgi-bin/wapopen` | High
|
||||
23 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
24 | File | `/cmsms-2.1.6-install.php/index.php` | High
|
||||
25 | File | `/config/myfield/test.php` | High
|
||||
26 | File | `/debug/pprof` | Medium
|
||||
27 | File | `/forum/away.php` | High
|
||||
28 | File | `/Items/*/RemoteImages/Download` | High
|
||||
29 | File | `/loginsave.php` | High
|
||||
30 | File | `/mims/login.php` | High
|
||||
31 | File | `/opt/zimbra/jetty/webapps/zimbra/public` | High
|
||||
32 | File | `/proxy` | Low
|
||||
33 | File | `/public/launchNewWindow.jsp` | High
|
||||
34 | File | `/reservation/add_message.php` | High
|
||||
35 | File | `/rest/project-templates/1.0/createshared` | High
|
||||
36 | File | `/static/ueditor/php/controller.php` | High
|
||||
37 | File | `/textpattern/index.php` | High
|
||||
38 | File | `/tmp` | Low
|
||||
39 | File | `/tool/gen/createTable` | High
|
||||
40 | File | `/ueditor/net/controller.ashx?action=catchimage` | High
|
||||
41 | File | `/user/updatePwd` | High
|
||||
42 | File | `/v2/customerdb/operator.svc/a` | High
|
||||
43 | File | `/vendor/htmlawed/htmlawed/htmLawedTest.php` | High
|
||||
44 | File | `/vendor/views/add_product.php` | High
|
||||
45 | ... | ... | ...
|
||||
27 | File | `/dev/shm` | Medium
|
||||
28 | File | `/feeds/post/publish` | High
|
||||
29 | File | `/forms/doLogin` | High
|
||||
30 | File | `/forum/away.php` | High
|
||||
31 | File | `/Items/*/RemoteImages/Download` | High
|
||||
32 | File | `/loginsave.php` | High
|
||||
33 | File | `/mims/login.php` | High
|
||||
34 | File | `/opt/zimbra/jetty/webapps/zimbra/public` | High
|
||||
35 | File | `/proxy` | Low
|
||||
36 | File | `/public/launchNewWindow.jsp` | High
|
||||
37 | File | `/reservation/add_message.php` | High
|
||||
38 | File | `/rest/project-templates/1.0/createshared` | High
|
||||
39 | File | `/send_order.cgi?parameter=access_detect` | High
|
||||
40 | File | `/textpattern/index.php` | High
|
||||
41 | File | `/tmp` | Low
|
||||
42 | File | `/tool/gen/createTable` | High
|
||||
43 | File | `/ueditor/net/controller.ashx?action=catchimage` | High
|
||||
44 | File | `/user/updatePwd` | High
|
||||
45 | File | `/v2/customerdb/operator.svc/a` | High
|
||||
46 | File | `/v2/_catalog` | Medium
|
||||
47 | File | `/vendor/htmlawed/htmlawed/htmLawedTest.php` | High
|
||||
48 | File | `/vendor/views/add_product.php` | High
|
||||
49 | File | `/wireless/security.asp` | High
|
||||
50 | File | `account/signup.php` | High
|
||||
51 | File | `AcquisiAction.class.php` | High
|
||||
52 | File | `activenews_view.asp` | High
|
||||
53 | ... | ... | ...
|
||||
|
||||
There are 385 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 465 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -46,7 +46,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 19 more TTP items available. Please use our online service to access the data.
|
||||
There are 20 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
|
|
@ -10,10 +10,10 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
* [NL](https://vuldb.com/?country.nl)
|
||||
* [RU](https://vuldb.com/?country.ru)
|
||||
* ...
|
||||
|
||||
There are 10 more country items available. Please use our online service to access the data.
|
||||
There are 9 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -52,7 +52,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 22 more TTP items available. Please use our online service to access the data.
|
||||
There are 20 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -66,51 +66,56 @@ ID | Type | Indicator | Confidence
|
|||
4 | File | `/admin/?page=user/manage` | High
|
||||
5 | File | `/admin/add-new.php` | High
|
||||
6 | File | `/admin/attendance_row.php` | High
|
||||
7 | File | `/admin/cashadvance_row.php` | High
|
||||
8 | File | `/admin/deduction_row.php` | High
|
||||
9 | File | `/admin/doctors.php` | High
|
||||
10 | File | `/admin/employee_row.php` | High
|
||||
11 | File | `/admin/index3.php` | High
|
||||
12 | File | `/admin/login.php` | High
|
||||
13 | File | `/admin/maintenance/brand.php` | High
|
||||
14 | File | `/admin/maintenance/manage_category.php` | High
|
||||
15 | File | `/admin/maintenance/view_designation.php` | High
|
||||
16 | File | `/admin/mechanics/manage_mechanic.php` | High
|
||||
17 | File | `/admin/offenses/view_details.php` | High
|
||||
18 | File | `/admin/orders/update_status.php` | High
|
||||
19 | File | `/admin/product/manage.php` | High
|
||||
20 | File | `/admin/reminders/manage_reminder.php` | High
|
||||
21 | File | `/admin/report/index.php` | High
|
||||
22 | File | `/admin/sales/manage_sale.php` | High
|
||||
23 | File | `/admin/service_requests/manage_inventory.php` | High
|
||||
24 | File | `/admin/transactions/track_shipment.php` | High
|
||||
25 | File | `/admin/userprofile.php` | High
|
||||
26 | File | `/admin_area/login_transfer.php` | High
|
||||
27 | File | `/adms/admin/?page=user/manage_user` | High
|
||||
28 | File | `/adms/admin/?page=vehicles/view_transaction` | High
|
||||
29 | File | `/ajax/update_certificate` | High
|
||||
30 | File | `/alphaware/details.php` | High
|
||||
31 | File | `/alphaware/summary.php` | High
|
||||
32 | File | `/api/` | Low
|
||||
33 | File | `/api/admin/store/product/list` | High
|
||||
34 | File | `/api/gen/clients/{language}` | High
|
||||
35 | File | `/articles/{id}` | High
|
||||
36 | File | `/boat/login.php` | High
|
||||
37 | File | `/cgi-bin/mesh.cgi?page=upgrade` | High
|
||||
38 | File | `/cgi-bin/touchlist_sync.cgi` | High
|
||||
39 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
40 | File | `/classes/Login.php` | High
|
||||
41 | File | `/classes/Master.php` | High
|
||||
42 | File | `/classes/Master.php?f=delete_sub_category` | High
|
||||
43 | File | `/classes/Users.php` | High
|
||||
44 | File | `/config/myfield/test.php` | High
|
||||
45 | File | `/debug/pprof` | Medium
|
||||
46 | File | `/ecshop/admin/template.php` | High
|
||||
47 | File | `/eduauth/student/search.php` | High
|
||||
48 | File | `/fudforum/adm/hlplist.php` | High
|
||||
49 | ... | ... | ...
|
||||
7 | File | `/admin/bookings/manage_booking.php` | High
|
||||
8 | File | `/admin/bookings/view_booking.php` | High
|
||||
9 | File | `/admin/bookings/view_details.php` | High
|
||||
10 | File | `/admin/cashadvance_row.php` | High
|
||||
11 | File | `/admin/curriculum/view_curriculum.php` | High
|
||||
12 | File | `/admin/deduction_row.php` | High
|
||||
13 | File | `/admin/departments/view_department.php` | High
|
||||
14 | File | `/admin/doctors.php` | High
|
||||
15 | File | `/admin/employee_row.php` | High
|
||||
16 | File | `/admin/index.php` | High
|
||||
17 | File | `/admin/index3.php` | High
|
||||
18 | File | `/admin/inquiries/view_inquiry.php` | High
|
||||
19 | File | `/admin/login.php` | High
|
||||
20 | File | `/admin/maintenance/brand.php` | High
|
||||
21 | File | `/admin/maintenance/manage_category.php` | High
|
||||
22 | File | `/admin/maintenance/view_designation.php` | High
|
||||
23 | File | `/admin/manage_academic.php` | High
|
||||
24 | File | `/admin/mechanics/manage_mechanic.php` | High
|
||||
25 | File | `/admin/offenses/view_details.php` | High
|
||||
26 | File | `/admin/orders/update_status.php` | High
|
||||
27 | File | `/admin/product/manage.php` | High
|
||||
28 | File | `/admin/products/manage_product.php` | High
|
||||
29 | File | `/admin/products/view_product.php` | High
|
||||
30 | File | `/admin/reminders/manage_reminder.php` | High
|
||||
31 | File | `/admin/report/index.php` | High
|
||||
32 | File | `/admin/sales/manage_sale.php` | High
|
||||
33 | File | `/admin/services/manage_service.php` | High
|
||||
34 | File | `/admin/services/view_service.php` | High
|
||||
35 | File | `/admin/service_requests/manage_inventory.php` | High
|
||||
36 | File | `/admin/transactions/track_shipment.php` | High
|
||||
37 | File | `/admin/user/manage_user.php` | High
|
||||
38 | File | `/admin/userprofile.php` | High
|
||||
39 | File | `/ajax/update_certificate` | High
|
||||
40 | File | `/alphaware/details.php` | High
|
||||
41 | File | `/alphaware/summary.php` | High
|
||||
42 | File | `/api/` | Low
|
||||
43 | File | `/api/admin/store/product/list` | High
|
||||
44 | File | `/api/gen/clients/{language}` | High
|
||||
45 | File | `/api/v2/cli/commands` | High
|
||||
46 | File | `/articles/{id}` | High
|
||||
47 | File | `/boafrm/formFilter` | High
|
||||
48 | File | `/boafrm/formHomeWlanSetup` | High
|
||||
49 | File | `/boat/login.php` | High
|
||||
50 | File | `/cgi-bin/mesh.cgi?page=upgrade` | High
|
||||
51 | File | `/cgi-bin/touchlist_sync.cgi` | High
|
||||
52 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
53 | File | `/classes/Login.php` | High
|
||||
54 | ... | ... | ...
|
||||
|
||||
There are 421 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 472 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [CN](https://vuldb.com/?country.cn)
|
||||
* ...
|
||||
|
||||
There are 19 more country items available. Please use our online service to access the data.
|
||||
There are 20 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -3905,40 +3905,41 @@ ID | Type | Indicator | Confidence
|
|||
14 | File | `/api/` | Low
|
||||
15 | File | `/api/admin/store/product/list` | High
|
||||
16 | File | `/api/blade-log/api/list` | High
|
||||
17 | File | `/appliance/users?action=edit` | High
|
||||
18 | File | `/authUserAction!edit.action` | High
|
||||
19 | File | `/backup.pl` | Medium
|
||||
20 | File | `/boat/login.php` | High
|
||||
21 | File | `/browse.PROJECTKEY` | High
|
||||
22 | File | `/bsms_ci/index.php/book` | High
|
||||
23 | File | `/cgi-bin/luci/api/wireless` | High
|
||||
24 | File | `/cgi-bin/mesh.cgi?page=upgrade` | High
|
||||
25 | File | `/cgi-bin/supervisor/adcommand.cgi` | High
|
||||
26 | File | `/cgi-bin/supervisor/CloudSetup.cgi` | High
|
||||
27 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
28 | File | `/cmscp/ext/collect/fetch_url.do` | High
|
||||
29 | File | `/crmeb/app/admin/controller/store/CopyTaobao.php` | High
|
||||
30 | File | `/debug/pprof` | Medium
|
||||
31 | File | `/edoc/doctor/patient.php` | High
|
||||
32 | File | `/env` | Low
|
||||
33 | File | `/etc/hosts` | Medium
|
||||
34 | File | `/etc/shadow` | Medium
|
||||
35 | File | `/face-recognition-php/facepay-master/camera.php` | High
|
||||
36 | File | `/forms/doLogin` | High
|
||||
37 | File | `/forum/away.php` | High
|
||||
38 | File | `/home/masterConsole` | High
|
||||
39 | File | `/index.php` | Medium
|
||||
40 | File | `/Items/*/RemoteImages/Download` | High
|
||||
41 | File | `/login/index.php` | High
|
||||
42 | File | `/loginsave.php` | High
|
||||
43 | File | `/medicines/profile.php` | High
|
||||
44 | File | `/opt/zimbra/jetty/webapps/zimbra/public` | High
|
||||
45 | File | `/orrs/admin/?page=user/manage_user` | High
|
||||
46 | File | `/php-scrm/login.php` | High
|
||||
47 | File | `/proxy` | Low
|
||||
48 | ... | ... | ...
|
||||
17 | File | `/api/v2/cli/commands` | High
|
||||
18 | File | `/appliance/users?action=edit` | High
|
||||
19 | File | `/authUserAction!edit.action` | High
|
||||
20 | File | `/backup.pl` | Medium
|
||||
21 | File | `/boat/login.php` | High
|
||||
22 | File | `/browse.PROJECTKEY` | High
|
||||
23 | File | `/bsms_ci/index.php/book` | High
|
||||
24 | File | `/cgi-bin/luci/api/wireless` | High
|
||||
25 | File | `/cgi-bin/mesh.cgi?page=upgrade` | High
|
||||
26 | File | `/cgi-bin/supervisor/adcommand.cgi` | High
|
||||
27 | File | `/cgi-bin/supervisor/CloudSetup.cgi` | High
|
||||
28 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
29 | File | `/cmscp/ext/collect/fetch_url.do` | High
|
||||
30 | File | `/crmeb/app/admin/controller/store/CopyTaobao.php` | High
|
||||
31 | File | `/debug/pprof` | Medium
|
||||
32 | File | `/edoc/doctor/patient.php` | High
|
||||
33 | File | `/env` | Low
|
||||
34 | File | `/etc/hosts` | Medium
|
||||
35 | File | `/etc/shadow` | Medium
|
||||
36 | File | `/face-recognition-php/facepay-master/camera.php` | High
|
||||
37 | File | `/forms/doLogin` | High
|
||||
38 | File | `/forum/away.php` | High
|
||||
39 | File | `/home/masterConsole` | High
|
||||
40 | File | `/index.php` | Medium
|
||||
41 | File | `/Items/*/RemoteImages/Download` | High
|
||||
42 | File | `/login/index.php` | High
|
||||
43 | File | `/loginsave.php` | High
|
||||
44 | File | `/medicines/profile.php` | High
|
||||
45 | File | `/opt/zimbra/jetty/webapps/zimbra/public` | High
|
||||
46 | File | `/orrs/admin/?page=user/manage_user` | High
|
||||
47 | File | `/php-scrm/login.php` | High
|
||||
48 | File | `/proxy` | Low
|
||||
49 | ... | ... | ...
|
||||
|
||||
There are 419 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 425 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -16,10 +16,10 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
* [BR](https://vuldb.com/?country.br)
|
||||
* [RU](https://vuldb.com/?country.ru)
|
||||
* ...
|
||||
|
||||
There are 26 more country items available. Please use our online service to access the data.
|
||||
There are 24 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -45,9 +45,10 @@ ID | Technique | Weakness | Description | Confidence
|
|||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-24 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-294, CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
|
||||
4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
6 | T1068 | CWE-250, CWE-264, CWE-266, CWE-269, CWE-284 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | High
|
||||
7 | ... | ... | ... | ...
|
||||
|
||||
There are 22 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
|
@ -58,54 +59,53 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/+CSCOE+/logon.html` | High
|
||||
2 | File | `/.ssh/authorized_keys` | High
|
||||
3 | File | `/administrator/components/table_manager/` | High
|
||||
4 | File | `/ajax/networking/get_netcfg.php` | High
|
||||
5 | File | `/api/gen/clients/{language}` | High
|
||||
6 | File | `/app/options.py` | High
|
||||
7 | File | `/bin/httpd` | Medium
|
||||
8 | File | `/cgi-bin/wapopen` | High
|
||||
9 | File | `/ci_spms/admin/category` | High
|
||||
10 | File | `/ci_spms/admin/search/searching/` | High
|
||||
11 | File | `/classes/Master.php?f=delete_appointment` | High
|
||||
12 | File | `/classes/Master.php?f=delete_train` | High
|
||||
13 | File | `/cms/print.php` | High
|
||||
14 | File | `/concat?/%2557EB-INF/web.xml` | High
|
||||
15 | File | `/Content/Template/root/reverse-shell.aspx` | High
|
||||
16 | File | `/ctcprotocol/Protocol` | High
|
||||
17 | File | `/dashboard/menu-list.php` | High
|
||||
18 | File | `/data/remove` | Medium
|
||||
19 | File | `/ebics-server/ebics.aspx` | High
|
||||
20 | File | `/ffos/classes/Master.php?f=save_category` | High
|
||||
2 | File | `/administrator/components/table_manager/` | High
|
||||
3 | File | `/ajax/networking/get_netcfg.php` | High
|
||||
4 | File | `/api/gen/clients/{language}` | High
|
||||
5 | File | `/app/options.py` | High
|
||||
6 | File | `/bin/httpd` | Medium
|
||||
7 | File | `/cgi-bin/wapopen` | High
|
||||
8 | File | `/ci_spms/admin/category` | High
|
||||
9 | File | `/ci_spms/admin/search/searching/` | High
|
||||
10 | File | `/classes/Master.php?f=delete_appointment` | High
|
||||
11 | File | `/classes/Master.php?f=delete_train` | High
|
||||
12 | File | `/cms/print.php` | High
|
||||
13 | File | `/concat?/%2557EB-INF/web.xml` | High
|
||||
14 | File | `/Content/Template/root/reverse-shell.aspx` | High
|
||||
15 | File | `/ctcprotocol/Protocol` | High
|
||||
16 | File | `/dashboard/menu-list.php` | High
|
||||
17 | File | `/data/remove` | Medium
|
||||
18 | File | `/ebics-server/ebics.aspx` | High
|
||||
19 | File | `/ffos/classes/Master.php?f=save_category` | High
|
||||
20 | File | `/filemanager/upload/drop` | High
|
||||
21 | File | `/forum/away.php` | High
|
||||
22 | File | `/goforms/rlminfo` | High
|
||||
23 | File | `/HNAP1/SetClientInfo` | High
|
||||
24 | File | `/index.php/newsletter/subscriber/new/` | High
|
||||
25 | File | `/Items/*/RemoteImages/Download` | High
|
||||
26 | File | `/menu.html` | Medium
|
||||
27 | File | `/mkshop/Men/profile.php` | High
|
||||
28 | File | `/navigate/navigate_download.php` | High
|
||||
29 | File | `/ocwbs/admin/?page=user/manage_user` | High
|
||||
30 | File | `/ofrs/admin/?page=user/manage_user` | High
|
||||
31 | File | `/out.php` | Medium
|
||||
32 | File | `/owa/auth/logon.aspx` | High
|
||||
33 | File | `/password.html` | High
|
||||
34 | File | `/php_action/fetchSelectedUser.php` | High
|
||||
35 | File | `/proc/ioports` | High
|
||||
36 | File | `/property-list/property_view.php` | High
|
||||
37 | File | `/ptms/classes/Users.php` | High
|
||||
38 | File | `/resources//../` | High
|
||||
39 | File | `/rest/api/2/search` | High
|
||||
40 | File | `/s/` | Low
|
||||
41 | File | `/scripts/cpan_config` | High
|
||||
42 | File | `/secure/admin/InsightDefaultCustomFieldConfig.jspa` | High
|
||||
43 | File | `/spip.php` | Medium
|
||||
44 | File | `/squashfs-root/www/HNAP1/control/SetMasterWLanSettings.php` | High
|
||||
45 | File | `/sys/dict/queryTableData` | High
|
||||
46 | File | `/tmp` | Low
|
||||
47 | ... | ... | ...
|
||||
23 | File | `/HNAP1` | Low
|
||||
24 | File | `/HNAP1/SetClientInfo` | High
|
||||
25 | File | `/index.php/newsletter/subscriber/new/` | High
|
||||
26 | File | `/Items/*/RemoteImages/Download` | High
|
||||
27 | File | `/menu.html` | Medium
|
||||
28 | File | `/mkshop/Men/profile.php` | High
|
||||
29 | File | `/modules/profile/index.php` | High
|
||||
30 | File | `/navigate/navigate_download.php` | High
|
||||
31 | File | `/ocwbs/admin/?page=user/manage_user` | High
|
||||
32 | File | `/ofrs/admin/?page=user/manage_user` | High
|
||||
33 | File | `/out.php` | Medium
|
||||
34 | File | `/password.html` | High
|
||||
35 | File | `/php_action/fetchSelectedUser.php` | High
|
||||
36 | File | `/proc/ioports` | High
|
||||
37 | File | `/property-list/property_view.php` | High
|
||||
38 | File | `/ptms/classes/Users.php` | High
|
||||
39 | File | `/resources//../` | High
|
||||
40 | File | `/rest/api/2/search` | High
|
||||
41 | File | `/s/` | Low
|
||||
42 | File | `/scripts/cpan_config` | High
|
||||
43 | File | `/secure/admin/InsightDefaultCustomFieldConfig.jspa` | High
|
||||
44 | File | `/spip.php` | Medium
|
||||
45 | File | `/squashfs-root/www/HNAP1/control/SetMasterWLanSettings.php` | High
|
||||
46 | ... | ... | ...
|
||||
|
||||
There are 410 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 395 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -8,6 +8,7 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
|
|||
|
||||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with BadPatch:
|
||||
|
||||
* [RU](https://vuldb.com/?country.ru)
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [DE](https://vuldb.com/?country.de)
|
||||
|
||||
|
@ -26,7 +27,7 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1068 | CWE-269 | Execution with Unnecessary Privileges | High
|
||||
1 | T1068 | CWE-269 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | High
|
||||
2 | T1110.001 | CWE-798 | Improper Restriction of Excessive Authentication Attempts | High
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
@ -37,10 +38,10 @@ ID | Type | Indicator | Confidence
|
|||
-- | ---- | --------- | ----------
|
||||
1 | File | `/usr/local/sbin/webproject/set_param.cgi` | High
|
||||
2 | File | `includes/pages.inc.php` | High
|
||||
3 | File | `setup.cgi` | Medium
|
||||
3 | File | `mod_proxy_fcgi.c` | High
|
||||
4 | ... | ... | ...
|
||||
|
||||
There are 2 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 3 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -75,7 +75,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
3 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 12 more TTP items available. Please use our online service to access the data.
|
||||
There are 13 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -95,7 +95,7 @@ ID | Type | Indicator | Confidence
|
|||
10 | File | `admin/admin.shtml` | High
|
||||
11 | ... | ... | ...
|
||||
|
||||
There are 84 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 86 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -86,7 +86,7 @@ ID | Type | Indicator | Confidence
|
|||
4 | File | `/wp-content/plugins/updraftplus/admin.php` | High
|
||||
5 | ... | ... | ...
|
||||
|
||||
There are 25 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 26 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -19,7 +19,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [RU](https://vuldb.com/?country.ru)
|
||||
* ...
|
||||
|
||||
There are 31 more country items available. Please use our online service to access the data.
|
||||
There are 32 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -60,7 +60,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 19 more TTP items available. Please use our online service to access the data.
|
||||
There are 20 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -131,7 +131,7 @@ ID | Type | Indicator | Confidence
|
|||
61 | File | `bb_usage_stats.php` | High
|
||||
62 | ... | ... | ...
|
||||
|
||||
There are 539 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 541 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -9,6 +9,7 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
|
|||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Black KingDom:
|
||||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [ES](https://vuldb.com/?country.es)
|
||||
* [IR](https://vuldb.com/?country.ir)
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
@ -30,7 +31,7 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22 | Pathname Traversal | High
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-36 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
|
@ -50,33 +51,43 @@ ID | Type | Indicator | Confidence
|
|||
3 | File | `/admin/ajax.php?action=delete_window` | High
|
||||
4 | File | `/admin/ajax.php?action=save_queue` | High
|
||||
5 | File | `/admin/article_category.php` | High
|
||||
6 | File | `/admin/manage_user.php` | High
|
||||
7 | File | `/apply.cgi` | Medium
|
||||
8 | File | `/bsms_ci/index.php/book` | High
|
||||
9 | File | `/classes/Master.php?f=delete_brand` | High
|
||||
10 | File | `/classes/Master.php?f=delete_category` | High
|
||||
11 | File | `/config/api/v1/reboot` | High
|
||||
12 | File | `/etc/shadow` | Medium
|
||||
13 | File | `/forums.php?action=post` | High
|
||||
14 | File | `/goform/WifiBasicSet` | High
|
||||
15 | File | `/hss/admin/?page=client/manage_client` | High
|
||||
16 | File | `/index.php` | Medium
|
||||
17 | File | `/inxedu/demo_inxedu_open/src/main/resources/mybatis/inxedu/website/WebsiteImagesMapper.xml` | High
|
||||
18 | File | `/login/index.php` | High
|
||||
19 | File | `/opt/Citrix/ICAClient/util/ctxwebhelper` | High
|
||||
20 | File | `/output/outdbg.c` | High
|
||||
21 | File | `/output/outieee.c` | High
|
||||
22 | File | `/setNTP.cgi` | Medium
|
||||
23 | File | `/system/site.php` | High
|
||||
24 | File | `/tiki-importer.php` | High
|
||||
25 | File | `/tmp` | Low
|
||||
26 | File | `/tpts/manage_user.php` | High
|
||||
27 | File | `/trufusionPortal/upDwModuleProxy` | High
|
||||
28 | File | `/uncpath/` | Medium
|
||||
29 | File | `/usr/etc/restore0.9` | High
|
||||
30 | ... | ... | ...
|
||||
6 | File | `/admin/bookings/manage_booking.php` | High
|
||||
7 | File | `/admin/bookings/view_booking.php` | High
|
||||
8 | File | `/admin/cashadvance_row.php` | High
|
||||
9 | File | `/admin/deduction_row.php` | High
|
||||
10 | File | `/admin/employee_row.php` | High
|
||||
11 | File | `/admin/index.php` | High
|
||||
12 | File | `/admin/inquiries/view_inquiry.php` | High
|
||||
13 | File | `/admin/login.php` | High
|
||||
14 | File | `/admin/maintenance/manage_category.php` | High
|
||||
15 | File | `/admin/maintenance/view_designation.php` | High
|
||||
16 | File | `/admin/manage_user.php` | High
|
||||
17 | File | `/admin/mechanics/manage_mechanic.php` | High
|
||||
18 | File | `/admin/offenses/view_details.php` | High
|
||||
19 | File | `/admin/orders/update_status.php` | High
|
||||
20 | File | `/admin/products/manage_product.php` | High
|
||||
21 | File | `/admin/products/view_product.php` | High
|
||||
22 | File | `/admin/reminders/manage_reminder.php` | High
|
||||
23 | File | `/admin/report/index.php` | High
|
||||
24 | File | `/admin/services/manage_service.php` | High
|
||||
25 | File | `/admin/services/view_service.php` | High
|
||||
26 | File | `/admin/service_requests/manage_inventory.php` | High
|
||||
27 | File | `/admin/user/manage_user.php` | High
|
||||
28 | File | `/admin/userprofile.php` | High
|
||||
29 | File | `/apply.cgi` | Medium
|
||||
30 | File | `/bsms_ci/index.php/book` | High
|
||||
31 | File | `/cgi-bin/mesh.cgi?page=upgrade` | High
|
||||
32 | File | `/classes/Login.php` | High
|
||||
33 | File | `/classes/Master.php` | High
|
||||
34 | File | `/classes/Master.php?f=delete_brand` | High
|
||||
35 | File | `/classes/Master.php?f=delete_category` | High
|
||||
36 | File | `/classes/Master.php?f=delete_inquiry` | High
|
||||
37 | File | `/classes/Master.php?f=delete_sub_category` | High
|
||||
38 | File | `/classes/Master.php?f=save_course` | High
|
||||
39 | File | `/classes/Master.php?f=save_service` | High
|
||||
40 | ... | ... | ...
|
||||
|
||||
There are 251 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 347 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -95,7 +95,7 @@ ID | Type | Indicator | Confidence
|
|||
41 | File | `/vendor/views/add_product.php` | High
|
||||
42 | ... | ... | ...
|
||||
|
||||
There are 359 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 360 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -35,7 +35,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
2 | T1059.007 | CWE-80 | Cross Site Scripting | High
|
||||
3 | T1068 | CWE-264, CWE-269, CWE-284 | Execution with Unnecessary Privileges | High
|
||||
3 | T1068 | CWE-264, CWE-269, CWE-284 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 5 more TTP items available. Please use our online service to access the data.
|
||||
|
|
|
@ -19,7 +19,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [CN](https://vuldb.com/?country.cn)
|
||||
* ...
|
||||
|
||||
There are 10 more country items available. Please use our online service to access the data.
|
||||
There are 9 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -1830,26 +1830,33 @@ ID | Type | Indicator | Confidence
|
|||
15 | File | `/textpattern/index.php` | High
|
||||
16 | File | `/tmp` | Low
|
||||
17 | File | `/user/updatePwd` | High
|
||||
18 | File | `account-signup.php` | High
|
||||
19 | File | `account/signup.php` | High
|
||||
20 | File | `activenews_view.asp` | High
|
||||
21 | File | `adclick.php` | Medium
|
||||
22 | File | `addentry.php` | Medium
|
||||
23 | File | `addressbook/backends/ldap/e-book-backend-ldap.c` | High
|
||||
24 | File | `admin-ajax.php` | High
|
||||
25 | File | `admin.php` | Medium
|
||||
26 | File | `admin/admin_editor.php` | High
|
||||
27 | File | `admin/asset/grid-proxy` | High
|
||||
28 | File | `admin/auditTrail.jsf` | High
|
||||
29 | File | `admin/conf_users_edit.php` | High
|
||||
30 | File | `admin/edit_category.php` | High
|
||||
31 | File | `adminer.php` | Medium
|
||||
32 | File | `AjaxFileUploadHandler.axd` | High
|
||||
33 | File | `app/controllers/oauth.js` | High
|
||||
34 | File | `articulo.php` | Medium
|
||||
35 | ... | ... | ...
|
||||
18 | File | `abook_database.php` | High
|
||||
19 | File | `account-signup.php` | High
|
||||
20 | File | `account/signup.php` | High
|
||||
21 | File | `activenews_view.asp` | High
|
||||
22 | File | `adclick.php` | Medium
|
||||
23 | File | `addentry.php` | Medium
|
||||
24 | File | `addressbook/backends/ldap/e-book-backend-ldap.c` | High
|
||||
25 | File | `admin-ajax.php` | High
|
||||
26 | File | `admin.a6mambocredits.php` | High
|
||||
27 | File | `admin.cropcanvas.php` | High
|
||||
28 | File | `admin.php` | Medium
|
||||
29 | File | `admin/admin_editor.php` | High
|
||||
30 | File | `admin/asset/grid-proxy` | High
|
||||
31 | File | `admin/auditTrail.jsf` | High
|
||||
32 | File | `admin/conf_users_edit.php` | High
|
||||
33 | File | `admin/edit_category.php` | High
|
||||
34 | File | `adminer.php` | Medium
|
||||
35 | File | `admin_ip.php` | Medium
|
||||
36 | File | `AjaxFileUploadHandler.axd` | High
|
||||
37 | File | `al_initialize.php` | High
|
||||
38 | File | `app/controllers/oauth.js` | High
|
||||
39 | File | `articulo.php` | Medium
|
||||
40 | File | `artlinks.dispnew.php` | High
|
||||
41 | File | `art_detalle.php` | High
|
||||
42 | ... | ... | ...
|
||||
|
||||
There are 299 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 358 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -39,7 +39,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
2 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
3 | T1068 | CWE-264, CWE-284 | Execution with Unnecessary Privileges | High
|
||||
3 | T1068 | CWE-264, CWE-284 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 6 more TTP items available. Please use our online service to access the data.
|
||||
|
@ -55,7 +55,7 @@ ID | Type | Indicator | Confidence
|
|||
3 | File | `adm/config_form_update.php` | High
|
||||
4 | ... | ... | ...
|
||||
|
||||
There are 12 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 14 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -46,7 +46,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
5 | ... | ... | ... | ...
|
||||
|
||||
There are 14 more TTP items available. Please use our online service to access the data.
|
||||
There are 15 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -64,17 +64,17 @@ ID | Type | Indicator | Confidence
|
|||
8 | File | `/admin/renewaldue.php` | High
|
||||
9 | File | `/admin/reports.php` | High
|
||||
10 | File | `/admin/transactions/track_shipment.php` | High
|
||||
11 | File | `/admin/web_config.php` | High
|
||||
12 | File | `/ajax/ImportCertificate` | High
|
||||
13 | File | `/app/controller/Books.php` | High
|
||||
14 | File | `/Application/Admin/Controller/ConfigController.class.php` | High
|
||||
15 | File | `/cgi-bin` | Medium
|
||||
16 | File | `/classes/Master.php?f=delete_sub_category` | High
|
||||
17 | File | `/config/service/host.go` | High
|
||||
18 | File | `/data/sqldata` | High
|
||||
11 | File | `/admin/user/manage_user.php` | High
|
||||
12 | File | `/admin/web_config.php` | High
|
||||
13 | File | `/ajax/ImportCertificate` | High
|
||||
14 | File | `/app/controller/Books.php` | High
|
||||
15 | File | `/Application/Admin/Controller/ConfigController.class.php` | High
|
||||
16 | File | `/cgi-bin` | Medium
|
||||
17 | File | `/classes/Master.php?f=delete_sub_category` | High
|
||||
18 | File | `/config/service/host.go` | High
|
||||
19 | ... | ... | ...
|
||||
|
||||
There are 151 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 157 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -10,10 +10,10 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
|
||||
* [VN](https://vuldb.com/?country.vn)
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
* [FR](https://vuldb.com/?country.fr)
|
||||
* ...
|
||||
|
||||
There are 9 more country items available. Please use our online service to access the data.
|
||||
There are 3 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -147,13 +147,12 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-22, CWE-23, CWE-29, CWE-36, CWE-37 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
5 | ... | ... | ... | ...
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-425 | Pathname Traversal | High
|
||||
2 | T1055 | CWE-74 | Injection | High
|
||||
3 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 16 more TTP items available. Please use our online service to access the data.
|
||||
There are 14 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -161,43 +160,27 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/?p=products` | Medium
|
||||
2 | File | `/admin/?page=reminders/view_reminder` | High
|
||||
3 | File | `/admin/cashadvance_row.php` | High
|
||||
4 | File | `/admin/categories/manage_category.php` | High
|
||||
5 | File | `/admin/categories/view_category.php` | High
|
||||
6 | File | `/admin/curriculum/view_curriculum.php` | High
|
||||
7 | File | `/admin/departments/view_department.php` | High
|
||||
8 | File | `/admin/index.php` | High
|
||||
9 | File | `/admin/inquiries/view_inquiry.php` | High
|
||||
10 | File | `/admin/inventory/manage_stock.php` | High
|
||||
11 | File | `/admin/maintenance/manage_category.php` | High
|
||||
12 | File | `/admin/maintenance/view_designation.php` | High
|
||||
13 | File | `/admin/manage_academic.php` | High
|
||||
14 | File | `/admin/mechanics/manage_mechanic.php` | High
|
||||
15 | File | `/admin/offenses/view_details.php` | High
|
||||
16 | File | `/admin/orders/update_status.php` | High
|
||||
17 | File | `/admin/products/manage_product.php` | High
|
||||
18 | File | `/admin/products/view_product.php` | High
|
||||
19 | File | `/admin/reminders/manage_reminder.php` | High
|
||||
20 | File | `/admin/report/index.php` | High
|
||||
21 | File | `/admin/sales/manage_sale.php` | High
|
||||
22 | File | `/admin/sales/view_details.php` | High
|
||||
23 | File | `/admin/services/manage_service.php` | High
|
||||
24 | File | `/admin/service_requests/manage_inventory.php` | High
|
||||
25 | File | `/admin/students/view_details.php` | High
|
||||
26 | File | `/admin/suppliers/view_details.php` | High
|
||||
27 | File | `/admin/user/manage_user.php` | High
|
||||
28 | File | `/admin/userprofile.php` | High
|
||||
29 | File | `/api/admin/store/product/list` | High
|
||||
30 | File | `/api/geojson` | Medium
|
||||
31 | File | `/cgi-bin/DownloadFlash` | High
|
||||
32 | File | `/cgi-bin/kerbynet` | High
|
||||
33 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
34 | File | `/classes/Login.php` | High
|
||||
35 | ... | ... | ...
|
||||
1 | File | `/admin/bookings/manage_booking.php` | High
|
||||
2 | File | `/admin/bookings/view_booking.php` | High
|
||||
3 | File | `/admin/bookings/view_details.php` | High
|
||||
4 | File | `/admin/curriculum/view_curriculum.php` | High
|
||||
5 | File | `/admin/departments/view_department.php` | High
|
||||
6 | File | `/admin/index.php` | High
|
||||
7 | File | `/admin/inquiries/view_inquiry.php` | High
|
||||
8 | File | `/admin/manage_academic.php` | High
|
||||
9 | File | `/admin/services/manage_service.php` | High
|
||||
10 | File | `/admin/services/view_service.php` | High
|
||||
11 | File | `/admin/user/manage_user.php` | High
|
||||
12 | File | `/admin/user/uploadImg` | High
|
||||
13 | File | `/boafrm/formFilter` | High
|
||||
14 | File | `/classes/Master.php?f=delete_inquiry` | High
|
||||
15 | File | `/classes/Master.php?f=save_course` | High
|
||||
16 | File | `/classes/Master.php?f=save_service` | High
|
||||
17 | File | `/classes/Users.php` | High
|
||||
18 | File | `/Content/Template/root/reverse-shell.aspx` | High
|
||||
19 | ... | ... | ...
|
||||
|
||||
There are 303 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 157 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -66,7 +66,7 @@ ID | Type | Indicator | Confidence
|
|||
10 | File | `/scripts/iisadmin/bdir.htr` | High
|
||||
11 | ... | ... | ...
|
||||
|
||||
There are 82 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 83 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -86,7 +86,7 @@ ID | Type | Indicator | Confidence
|
|||
32 | File | `Admin.PHP` | Medium
|
||||
33 | ... | ... | ...
|
||||
|
||||
There are 279 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 277 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -32,14 +32,14 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23 | Pathname Traversal | High
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-29, CWE-37 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-294, CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 18 more TTP items available. Please use our online service to access the data.
|
||||
There are 19 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -48,45 +48,46 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/.env` | Low
|
||||
2 | File | `/?p=products` | Medium
|
||||
3 | File | `/admin` | Low
|
||||
4 | File | `/admin-ajax.php?action=eps_redirect_save` | High
|
||||
5 | File | `/admin/cashadvance_row.php` | High
|
||||
6 | File | `/admin/login.php` | High
|
||||
7 | File | `/admin/patient.php` | High
|
||||
8 | File | `/api/admin/store/product/list` | High
|
||||
9 | File | `/as/authorization.oauth2` | High
|
||||
10 | File | `/cgi-bin/luci/api/auth` | High
|
||||
11 | File | `/cgi-bin/supervisor/PwdGrp.cgi` | High
|
||||
12 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
13 | File | `/churchcrm/EventAttendance.php` | High
|
||||
14 | File | `/DXR.axd` | Medium
|
||||
15 | File | `/filemanager/php/connector.php` | High
|
||||
16 | File | `/forum/away.php` | High
|
||||
17 | File | `/licenses` | Medium
|
||||
18 | File | `/mhds/clinic/view_details.php` | High
|
||||
19 | File | `/modules/projects/vw_files.php` | High
|
||||
20 | File | `/plain` | Low
|
||||
21 | File | `/public/launchNewWindow.jsp` | High
|
||||
22 | File | `/public/login.htm` | High
|
||||
23 | File | `/rukovoditel/index.php?module=users/login` | High
|
||||
24 | File | `/secure/QueryComponent!Default.jspa` | High
|
||||
25 | File | `/spip.php` | Medium
|
||||
26 | File | `/static/ueditor/php/controller.php` | High
|
||||
27 | File | `/v1/tokens` | Medium
|
||||
28 | File | `/vaccinated/admin/maintenance/manage_location.php` | High
|
||||
29 | File | `/var/WEB-GUI/cgi-bin/telnet.cgi` | High
|
||||
30 | File | `/wp-admin/admin-ajax.php` | High
|
||||
31 | File | `/wp-admin/options.php` | High
|
||||
32 | File | `/wp-content/plugins/woocommerce/templates/emails/plain/` | High
|
||||
33 | File | `14all.cgi/14all-1.1.cgi/traffic.cgi/mrtg.cgi` | High
|
||||
34 | File | `adclick.php` | Medium
|
||||
35 | File | `admin-ajax.php` | High
|
||||
36 | File | `admin.php` | Medium
|
||||
37 | File | `admin/template/js/uploadify/uploadify.swf` | High
|
||||
38 | ... | ... | ...
|
||||
2 | File | `//proc/kcore` | Medium
|
||||
3 | File | `/?p=products` | Medium
|
||||
4 | File | `/admin` | Low
|
||||
5 | File | `/admin-ajax.php?action=eps_redirect_save` | High
|
||||
6 | File | `/admin/cashadvance_row.php` | High
|
||||
7 | File | `/admin/curriculum/view_curriculum.php` | High
|
||||
8 | File | `/admin/departments/view_department.php` | High
|
||||
9 | File | `/admin/login.php` | High
|
||||
10 | File | `/admin/maintenance/view_designation.php` | High
|
||||
11 | File | `/admin/patient.php` | High
|
||||
12 | File | `/admin/suppliers/view_details.php` | High
|
||||
13 | File | `/admin/user/manage_user.php` | High
|
||||
14 | File | `/admin/user/uploadImg` | High
|
||||
15 | File | `/api/admin/store/product/list` | High
|
||||
16 | File | `/as/authorization.oauth2` | High
|
||||
17 | File | `/cgi-bin/kerbynet` | High
|
||||
18 | File | `/cgi-bin/luci/api/auth` | High
|
||||
19 | File | `/cgi-bin/supervisor/PwdGrp.cgi` | High
|
||||
20 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
21 | File | `/churchcrm/EventAttendance.php` | High
|
||||
22 | File | `/Content/Template/root/reverse-shell.aspx` | High
|
||||
23 | File | `/DXR.axd` | Medium
|
||||
24 | File | `/filemanager/php/connector.php` | High
|
||||
25 | File | `/forum/away.php` | High
|
||||
26 | File | `/licenses` | Medium
|
||||
27 | File | `/login/index.php` | High
|
||||
28 | File | `/mhds/clinic/view_details.php` | High
|
||||
29 | File | `/modules/projects/vw_files.php` | High
|
||||
30 | File | `/plain` | Low
|
||||
31 | File | `/public/launchNewWindow.jsp` | High
|
||||
32 | File | `/public/login.htm` | High
|
||||
33 | File | `/qsr_server/device/reboot` | High
|
||||
34 | File | `/rukovoditel/index.php?module=users/login` | High
|
||||
35 | File | `/secure/QueryComponent!Default.jspa` | High
|
||||
36 | File | `/spip.php` | Medium
|
||||
37 | File | `/static/ueditor/php/controller.php` | High
|
||||
38 | File | `/uncpath/` | Medium
|
||||
39 | ... | ... | ...
|
||||
|
||||
There are 324 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 332 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -39,10 +39,10 @@ ID | Technique | Weakness | Description | Confidence
|
|||
2 | T1055 | CWE-74 | Injection | High
|
||||
3 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
5 | T1068 | CWE-264, CWE-269, CWE-284 | Execution with Unnecessary Privileges | High
|
||||
5 | T1068 | CWE-264, CWE-269, CWE-284 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 19 more TTP items available. Please use our online service to access the data.
|
||||
There are 20 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -54,44 +54,46 @@ ID | Type | Indicator | Confidence
|
|||
2 | File | `/action/wirelessConnect` | High
|
||||
3 | File | `/admin` | Low
|
||||
4 | File | `/admin/?page=user/manage_user` | High
|
||||
5 | File | `/Admin/dashboard.php` | High
|
||||
6 | File | `/admin/sign/out` | High
|
||||
7 | File | `/api/common/ping` | High
|
||||
8 | File | `/api/v2/open/tablesInfo` | High
|
||||
9 | File | `/asms/classes/Master.php?f=delete_img` | High
|
||||
10 | File | `/bin/httpd` | Medium
|
||||
11 | File | `/catcompany.php` | High
|
||||
12 | File | `/classes/Master.php?f=delete_appointment` | High
|
||||
13 | File | `/cms/notify` | Medium
|
||||
14 | File | `/depotHead/list` | High
|
||||
15 | File | `/device/signin` | High
|
||||
16 | File | `/etc/shadow.sample` | High
|
||||
17 | File | `/fusiondirectory/index.php` | High
|
||||
18 | File | `/goform/addressNat` | High
|
||||
19 | File | `/goform/fast_setting_wifi_set` | High
|
||||
20 | File | `/goform/WifiBasicSet` | High
|
||||
21 | File | `/HNAP1` | Low
|
||||
22 | File | `/js/player/dmplayer/dmku/index.php` | High
|
||||
23 | File | `/lists/admin/` | High
|
||||
24 | File | `/login/index.php` | High
|
||||
25 | File | `/multi-vendor-shopping-script/product-list.php` | High
|
||||
26 | File | `/myAccount` | Medium
|
||||
27 | File | `/operations/travellers.php` | High
|
||||
28 | File | `/php-sms/admin/orders/update_status.php` | High
|
||||
29 | File | `/php-sms/classes/Master.php?f=delete_service` | High
|
||||
30 | File | `/release-x64/otfccdump+0x6b6a8f` | High
|
||||
31 | File | `/release-x64/otfccdump+0x6e7e3d` | High
|
||||
32 | File | `/release-x64/otfccdump+0x6e41a8` | High
|
||||
33 | File | `/rukovoditel/index.php?module=users/login` | High
|
||||
34 | File | `/SVFE2/pages/feegroups/mcc_group.jsf` | High
|
||||
35 | File | `/sys/duplicate/check` | High
|
||||
36 | File | `/timeline2.php` | High
|
||||
37 | File | `/ucenter/repass.php` | High
|
||||
38 | File | `/usr/sbin/httpd` | High
|
||||
39 | File | `/var/log/messages` | High
|
||||
40 | ... | ... | ...
|
||||
5 | File | `/admin/curriculum/view_curriculum.php` | High
|
||||
6 | File | `/Admin/dashboard.php` | High
|
||||
7 | File | `/admin/sales/view_details.php` | High
|
||||
8 | File | `/admin/sign/out` | High
|
||||
9 | File | `/api/common/ping` | High
|
||||
10 | File | `/api/v2/open/tablesInfo` | High
|
||||
11 | File | `/asms/classes/Master.php?f=delete_img` | High
|
||||
12 | File | `/bin/httpd` | Medium
|
||||
13 | File | `/catcompany.php` | High
|
||||
14 | File | `/classes/Master.php?f=delete_appointment` | High
|
||||
15 | File | `/classes/Users.php` | High
|
||||
16 | File | `/cms/notify` | Medium
|
||||
17 | File | `/depotHead/list` | High
|
||||
18 | File | `/device/signin` | High
|
||||
19 | File | `/etc/shadow.sample` | High
|
||||
20 | File | `/fusiondirectory/index.php` | High
|
||||
21 | File | `/goform/addressNat` | High
|
||||
22 | File | `/goform/fast_setting_wifi_set` | High
|
||||
23 | File | `/goform/WifiBasicSet` | High
|
||||
24 | File | `/HNAP1` | Low
|
||||
25 | File | `/js/player/dmplayer/dmku/index.php` | High
|
||||
26 | File | `/lists/admin/` | High
|
||||
27 | File | `/login/index.php` | High
|
||||
28 | File | `/multi-vendor-shopping-script/product-list.php` | High
|
||||
29 | File | `/myAccount` | Medium
|
||||
30 | File | `/operations/travellers.php` | High
|
||||
31 | File | `/php-sms/admin/orders/update_status.php` | High
|
||||
32 | File | `/php-sms/classes/Master.php?f=delete_service` | High
|
||||
33 | File | `/public/launchNewWindow.jsp` | High
|
||||
34 | File | `/release-x64/otfccdump+0x6b6a8f` | High
|
||||
35 | File | `/release-x64/otfccdump+0x6e7e3d` | High
|
||||
36 | File | `/release-x64/otfccdump+0x6e41a8` | High
|
||||
37 | File | `/rukovoditel/index.php?module=users/login` | High
|
||||
38 | File | `/SVFE2/pages/feegroups/mcc_group.jsf` | High
|
||||
39 | File | `/sys/duplicate/check` | High
|
||||
40 | File | `/timeline2.php` | High
|
||||
41 | File | `/ucenter/repass.php` | High
|
||||
42 | ... | ... | ...
|
||||
|
||||
There are 349 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 360 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -90,7 +90,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 20 more TTP items available. Please use our online service to access the data.
|
||||
There are 19 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -101,57 +101,60 @@ ID | Type | Indicator | Confidence
|
|||
1 | File | `/?p=products` | Medium
|
||||
2 | File | `/admin` | Low
|
||||
3 | File | `/admin-ajax.php?action=eps_redirect_save` | High
|
||||
4 | File | `/admin/` | Low
|
||||
5 | File | `/admin/attendance_row.php` | High
|
||||
4 | File | `/admin/attendance_row.php` | High
|
||||
5 | File | `/admin/bookings/manage_booking.php` | High
|
||||
6 | File | `/admin/cashadvance_row.php` | High
|
||||
7 | File | `/admin/curriculum/view_curriculum.php` | High
|
||||
8 | File | `/admin/departments/view_department.php` | High
|
||||
9 | File | `/admin/employee_row.php` | High
|
||||
10 | File | `/admin/login.php` | High
|
||||
11 | File | `/admin/maintenance/view_designation.php` | High
|
||||
12 | File | `/admin/patient.php` | High
|
||||
13 | File | `/admin/sales/view_details.php` | High
|
||||
14 | File | `/admin/suppliers/view_details.php` | High
|
||||
15 | File | `/admin/transactions/track_shipment.php` | High
|
||||
16 | File | `/admin/user/manage_user.php` | High
|
||||
12 | File | `/admin/sales/view_details.php` | High
|
||||
13 | File | `/admin/suppliers/view_details.php` | High
|
||||
14 | File | `/admin/transactions/track_shipment.php` | High
|
||||
15 | File | `/admin/user/manage_user.php` | High
|
||||
16 | File | `/admin/user/uploadImg` | High
|
||||
17 | File | `/admin/userprofile.php` | High
|
||||
18 | File | `/api/admin/store/product/list` | High
|
||||
19 | File | `/api/gen/clients/{language}` | High
|
||||
20 | File | `/APR/login.php` | High
|
||||
21 | File | `/cgi-bin/kerbynet` | High
|
||||
22 | File | `/cgi-bin/supervisor/PwdGrp.cgi` | High
|
||||
23 | File | `/cgi-bin/wapopen` | High
|
||||
24 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
25 | File | `/churchcrm/EventAttendance.php` | High
|
||||
26 | File | `/classes/Login.php` | High
|
||||
27 | File | `/classes/Master.php?f=delete_sub_category` | High
|
||||
28 | File | `/classes/Users.php` | High
|
||||
29 | File | `/DXR.axd` | Medium
|
||||
30 | File | `/forum/away.php` | High
|
||||
31 | File | `/HNAP1` | Low
|
||||
32 | File | `/HNAP1/SetClientInfo` | High
|
||||
33 | File | `/licenses` | Medium
|
||||
34 | File | `/login/index.php` | High
|
||||
35 | File | `/mhds/clinic/view_details.php` | High
|
||||
36 | File | `/modules/projects/vw_files.php` | High
|
||||
37 | File | `/mogu-picture/file/uploadPicsByUrl` | High
|
||||
38 | File | `/plain` | Low
|
||||
39 | File | `/public/launchNewWindow.jsp` | High
|
||||
40 | File | `/qsr_server/device/reboot` | High
|
||||
41 | File | `/spip.php` | Medium
|
||||
42 | File | `/squashfs-root/www/HNAP1/control/SetMasterWLanSettings.php` | High
|
||||
43 | File | `/static/ueditor/php/controller.php` | High
|
||||
44 | File | `/uncpath/` | Medium
|
||||
45 | File | `/user/updatePwd` | High
|
||||
46 | File | `/v1/tokens` | Medium
|
||||
20 | File | `/cgi-bin/kerbynet` | High
|
||||
21 | File | `/cgi-bin/supervisor/PwdGrp.cgi` | High
|
||||
22 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
23 | File | `/churchcrm/EventAttendance.php` | High
|
||||
24 | File | `/classes/Login.php` | High
|
||||
25 | File | `/classes/Master.php?f=delete_sub_category` | High
|
||||
26 | File | `/classes/Users.php` | High
|
||||
27 | File | `/Content/Template/root/reverse-shell.aspx` | High
|
||||
28 | File | `/forum/away.php` | High
|
||||
29 | File | `/HNAP1` | Low
|
||||
30 | File | `/licenses` | Medium
|
||||
31 | File | `/login/index.php` | High
|
||||
32 | File | `/mhds/clinic/view_details.php` | High
|
||||
33 | File | `/modules/profile/index.php` | High
|
||||
34 | File | `/modules/projects/vw_files.php` | High
|
||||
35 | File | `/mogu-picture/file/uploadPicsByUrl` | High
|
||||
36 | File | `/plain` | Low
|
||||
37 | File | `/proxy` | Low
|
||||
38 | File | `/public/launchNewWindow.jsp` | High
|
||||
39 | File | `/qsr_server/device/reboot` | High
|
||||
40 | File | `/spip.php` | Medium
|
||||
41 | File | `/squashfs-root/www/HNAP1/control/SetMasterWLanSettings.php` | High
|
||||
42 | File | `/static/ueditor/php/controller.php` | High
|
||||
43 | File | `/uncpath/` | Medium
|
||||
44 | File | `/user/updatePwd` | High
|
||||
45 | File | `/v1/tokens` | Medium
|
||||
46 | File | `/v2/#/add/department` | High
|
||||
47 | File | `/vaccinated/admin/maintenance/manage_location.php` | High
|
||||
48 | File | `/var/WEB-GUI/cgi-bin/telnet.cgi` | High
|
||||
49 | File | `/wp-admin/admin-ajax.php` | High
|
||||
50 | File | `/wp-admin/options.php` | High
|
||||
51 | File | `/wp-content/plugins/woocommerce/templates/emails/plain/` | High
|
||||
52 | ... | ... | ...
|
||||
52 | File | `Acl.asp` | Low
|
||||
53 | File | `activenews_view.asp` | High
|
||||
54 | File | `adclick.php` | Medium
|
||||
55 | ... | ... | ...
|
||||
|
||||
There are 457 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 481 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -19,7 +19,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [GB](https://vuldb.com/?country.gb)
|
||||
* ...
|
||||
|
||||
There are 22 more country items available. Please use our online service to access the data.
|
||||
There are 23 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -66,70 +66,73 @@ ID | Type | Indicator | Confidence
|
|||
4 | File | `/admin/cashadvance_row.php` | High
|
||||
5 | File | `/Admin/login.php` | High
|
||||
6 | File | `/admin/maintenance/view_designation.php` | High
|
||||
7 | File | `/admin/showbad.php` | High
|
||||
8 | File | `/admin/userprofile.php` | High
|
||||
9 | File | `/adms/admin/?page=vehicles/sell_vehicle` | High
|
||||
10 | File | `/adms/admin/?page=vehicles/view_transaction` | High
|
||||
11 | File | `/apilog.php` | Medium
|
||||
12 | File | `/APR/login.php` | High
|
||||
13 | File | `/bin/httpd` | Medium
|
||||
14 | File | `/cgi-bin/wapopen` | High
|
||||
15 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
16 | File | `/connectors/index.php` | High
|
||||
17 | File | `/dev/block/mmcblk0rpmb` | High
|
||||
18 | File | `/DocSystem/Repos/getReposAllUsers.do` | High
|
||||
19 | File | `/face-recognition-php/facepay-master/camera.php` | High
|
||||
20 | File | `/forum/away.php` | High
|
||||
21 | File | `/fos/admin/ajax.php?action=login` | High
|
||||
22 | File | `/fos/admin/index.php?page=menu` | High
|
||||
23 | File | `/home/masterConsole` | High
|
||||
24 | File | `/home/sendBroadcast` | High
|
||||
25 | File | `/hrm/employeeadd.php` | High
|
||||
26 | File | `/hrm/employeeview.php` | High
|
||||
27 | File | `/index.php` | Medium
|
||||
28 | File | `/items/view_item.php` | High
|
||||
29 | File | `/jsoa/hntdCustomDesktopActionContent` | High
|
||||
30 | File | `/lookin/info` | Medium
|
||||
31 | File | `/manager/index.php` | High
|
||||
32 | File | `/medical/inventories.php` | High
|
||||
33 | File | `/modules/profile/index.php` | High
|
||||
34 | File | `/modules/projects/vw_files.php` | High
|
||||
35 | File | `/modules/public/calendar.php` | High
|
||||
36 | File | `/mygym/admin/index.php?view_exercises` | High
|
||||
37 | File | `/newsDia.php` | Medium
|
||||
38 | File | `/out.php` | Medium
|
||||
39 | File | `/php-opos/index.php` | High
|
||||
40 | File | `/proxy` | Low
|
||||
41 | File | `/public/launchNewWindow.jsp` | High
|
||||
42 | File | `/Redcock-Farm/farm/category.php` | High
|
||||
43 | File | `/reports/rwservlet` | High
|
||||
44 | File | `/sacco_shield/manage_user.php` | High
|
||||
45 | File | `/spip.php` | Medium
|
||||
46 | File | `/sqlitemanager/main.php?dbsel=-1%20or%2072%20=%2072` | High
|
||||
47 | File | `/staff/bookdetails.php` | High
|
||||
48 | File | `/uncpath/` | Medium
|
||||
49 | File | `/user/updatePwd` | High
|
||||
50 | File | `/user/update_booking.php` | High
|
||||
51 | File | `/Wedding-Management-PHP/admin/photos_add.php` | High
|
||||
52 | File | `/wireless/security.asp` | High
|
||||
53 | File | `/wordpress/wp-admin/options-general.php` | High
|
||||
54 | File | `01article.php` | High
|
||||
55 | File | `AbstractScheduleJob.java` | High
|
||||
56 | File | `actionphp/download.File.php` | High
|
||||
57 | File | `activenews_view.asp` | High
|
||||
58 | File | `adclick.php` | Medium
|
||||
59 | File | `addtocart.asp` | High
|
||||
60 | File | `admin.php` | Medium
|
||||
61 | File | `admin/abc.php` | High
|
||||
62 | File | `admin/admin.php?action=users&mode=info&user=2` | High
|
||||
63 | File | `admin/admin/adminsave.html` | High
|
||||
64 | File | `admin/asset/grid-proxy` | High
|
||||
65 | File | `admin/auditTrail.jsf` | High
|
||||
66 | File | `admin/conf_users_edit.php` | High
|
||||
67 | File | `admin/disapprove_user.php` | High
|
||||
68 | ... | ... | ...
|
||||
7 | File | `/admin/userprofile.php` | High
|
||||
8 | File | `/adms/admin/?page=vehicles/sell_vehicle` | High
|
||||
9 | File | `/adms/admin/?page=vehicles/view_transaction` | High
|
||||
10 | File | `/apilog.php` | Medium
|
||||
11 | File | `/APR/login.php` | High
|
||||
12 | File | `/bin/httpd` | Medium
|
||||
13 | File | `/cgi-bin/wapopen` | High
|
||||
14 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
15 | File | `/connectors/index.php` | High
|
||||
16 | File | `/dev/block/mmcblk0rpmb` | High
|
||||
17 | File | `/DocSystem/Repos/getReposAllUsers.do` | High
|
||||
18 | File | `/face-recognition-php/facepay-master/camera.php` | High
|
||||
19 | File | `/forum/away.php` | High
|
||||
20 | File | `/fos/admin/ajax.php?action=login` | High
|
||||
21 | File | `/fos/admin/index.php?page=menu` | High
|
||||
22 | File | `/home/masterConsole` | High
|
||||
23 | File | `/home/sendBroadcast` | High
|
||||
24 | File | `/hrm/employeeadd.php` | High
|
||||
25 | File | `/hrm/employeeview.php` | High
|
||||
26 | File | `/index.php` | Medium
|
||||
27 | File | `/items/view_item.php` | High
|
||||
28 | File | `/jsoa/hntdCustomDesktopActionContent` | High
|
||||
29 | File | `/lookin/info` | Medium
|
||||
30 | File | `/manager/index.php` | High
|
||||
31 | File | `/medical/inventories.php` | High
|
||||
32 | File | `/modules/profile/index.php` | High
|
||||
33 | File | `/modules/projects/vw_files.php` | High
|
||||
34 | File | `/modules/public/calendar.php` | High
|
||||
35 | File | `/mygym/admin/index.php?view_exercises` | High
|
||||
36 | File | `/newsDia.php` | Medium
|
||||
37 | File | `/out.php` | Medium
|
||||
38 | File | `/php-opos/index.php` | High
|
||||
39 | File | `/proxy` | Low
|
||||
40 | File | `/public/launchNewWindow.jsp` | High
|
||||
41 | File | `/Redcock-Farm/farm/category.php` | High
|
||||
42 | File | `/reports/rwservlet` | High
|
||||
43 | File | `/sacco_shield/manage_user.php` | High
|
||||
44 | File | `/spip.php` | Medium
|
||||
45 | File | `/sqlitemanager/main.php?dbsel=-1%20or%2072%20=%2072` | High
|
||||
46 | File | `/staff/bookdetails.php` | High
|
||||
47 | File | `/uncpath/` | Medium
|
||||
48 | File | `/user/updatePwd` | High
|
||||
49 | File | `/user/update_booking.php` | High
|
||||
50 | File | `/Wedding-Management-PHP/admin/photos_add.php` | High
|
||||
51 | File | `/wireless/security.asp` | High
|
||||
52 | File | `/wordpress/wp-admin/options-general.php` | High
|
||||
53 | File | `01article.php` | High
|
||||
54 | File | `AbstractScheduleJob.java` | High
|
||||
55 | File | `actionphp/download.File.php` | High
|
||||
56 | File | `activenews_view.asp` | High
|
||||
57 | File | `adclick.php` | Medium
|
||||
58 | File | `addtocart.asp` | High
|
||||
59 | File | `admin.a6mambocredits.php` | High
|
||||
60 | File | `admin.cropcanvas.php` | High
|
||||
61 | File | `admin.php` | Medium
|
||||
62 | File | `admin/abc.php` | High
|
||||
63 | File | `admin/admin.php?action=users&mode=info&user=2` | High
|
||||
64 | File | `admin/admin/adminsave.html` | High
|
||||
65 | File | `admin/asset/grid-proxy` | High
|
||||
66 | File | `admin/auditTrail.jsf` | High
|
||||
67 | File | `admin/conf_users_edit.php` | High
|
||||
68 | File | `admin/disapprove_user.php` | High
|
||||
69 | File | `admin/edit_category.php` | High
|
||||
70 | File | `admin/expense_report.php` | High
|
||||
71 | ... | ... | ...
|
||||
|
||||
There are 594 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 626 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -20,7 +20,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [NL](https://vuldb.com/?country.nl)
|
||||
* ...
|
||||
|
||||
There are 28 more country items available. Please use our online service to access the data.
|
||||
There are 25 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -529,7 +529,8 @@ ID | Technique | Weakness | Description | Confidence
|
|||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
6 | T1068 | CWE-250, CWE-264, CWE-269, CWE-284 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | High
|
||||
7 | ... | ... | ... | ...
|
||||
|
||||
There are 22 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
|
@ -544,49 +545,49 @@ ID | Type | Indicator | Confidence
|
|||
3 | File | `/admin.php/accessory/filesdel.html` | High
|
||||
4 | File | `/admin/?page=user/manage` | High
|
||||
5 | File | `/admin/add-new.php` | High
|
||||
6 | File | `/admin/doctors.php` | High
|
||||
7 | File | `/admin/login.php` | High
|
||||
8 | File | `/admin/products/manage_product.php` | High
|
||||
9 | File | `/admin/submit-articles` | High
|
||||
10 | File | `/alphaware/summary.php` | High
|
||||
11 | File | `/api/` | Low
|
||||
12 | File | `/api/admin/store/product/list` | High
|
||||
13 | File | `/appliance/users?action=edit` | High
|
||||
14 | File | `/apply.cgi` | Medium
|
||||
15 | File | `/attachments` | Medium
|
||||
16 | File | `/backup.pl` | Medium
|
||||
17 | File | `/boat/login.php` | High
|
||||
18 | File | `/bsms_ci/index.php/book` | High
|
||||
19 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
20 | File | `/debug/pprof` | Medium
|
||||
21 | File | `/DocSystem/Repos/getReposAllUsers.do` | High
|
||||
22 | File | `/edoc/doctor/patient.php` | High
|
||||
23 | File | `/etc/hosts` | Medium
|
||||
24 | File | `/etc/ldap.conf` | High
|
||||
25 | File | `/etc/quagga` | Medium
|
||||
26 | File | `/etc/shadow` | Medium
|
||||
27 | File | `/event/admin/?page=user/list` | High
|
||||
28 | File | `/forms/doLogin` | High
|
||||
29 | File | `/forum/away.php` | High
|
||||
30 | File | `/hardware` | Medium
|
||||
31 | File | `/index.php` | Medium
|
||||
32 | File | `/medicines/profile.php` | High
|
||||
33 | File | `/modules/caddyhttp/rewrite/rewrite.go` | High
|
||||
34 | File | `/out.php` | Medium
|
||||
35 | File | `/php-scrm/login.php` | High
|
||||
36 | File | `/proxy` | Low
|
||||
37 | File | `/reservation/add_message.php` | High
|
||||
38 | File | `/reviewer_0/admins/assessments/pretest/questions-view.php` | High
|
||||
39 | File | `/rom-0` | Low
|
||||
40 | File | `/Session` | Medium
|
||||
41 | File | `/spip.php` | Medium
|
||||
42 | File | `/tmp` | Low
|
||||
43 | File | `/user/loader.php?api=1` | High
|
||||
44 | File | `/vendor/htmlawed/htmlawed/htmLawedTest.php` | High
|
||||
45 | File | `/video-sharing-script/watch-video.php` | High
|
||||
6 | File | `/admin/curriculum/view_curriculum.php` | High
|
||||
7 | File | `/admin/departments/view_department.php` | High
|
||||
8 | File | `/admin/doctors.php` | High
|
||||
9 | File | `/admin/login.php` | High
|
||||
10 | File | `/admin/products/manage_product.php` | High
|
||||
11 | File | `/admin/user/manage_user.php` | High
|
||||
12 | File | `/alphaware/summary.php` | High
|
||||
13 | File | `/api/` | Low
|
||||
14 | File | `/api/admin/store/product/list` | High
|
||||
15 | File | `/api/v2/cli/commands` | High
|
||||
16 | File | `/appliance/users?action=edit` | High
|
||||
17 | File | `/apply.cgi` | Medium
|
||||
18 | File | `/attachments` | Medium
|
||||
19 | File | `/backup.pl` | Medium
|
||||
20 | File | `/boat/login.php` | High
|
||||
21 | File | `/bsms_ci/index.php/book` | High
|
||||
22 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
23 | File | `/debug/pprof` | Medium
|
||||
24 | File | `/DocSystem/Repos/getReposAllUsers.do` | High
|
||||
25 | File | `/edoc/doctor/patient.php` | High
|
||||
26 | File | `/etc/hosts` | Medium
|
||||
27 | File | `/etc/ldap.conf` | High
|
||||
28 | File | `/etc/quagga` | Medium
|
||||
29 | File | `/etc/shadow` | Medium
|
||||
30 | File | `/event/admin/?page=user/list` | High
|
||||
31 | File | `/forms/doLogin` | High
|
||||
32 | File | `/forum/away.php` | High
|
||||
33 | File | `/hardware` | Medium
|
||||
34 | File | `/index.php` | Medium
|
||||
35 | File | `/medicines/profile.php` | High
|
||||
36 | File | `/out.php` | Medium
|
||||
37 | File | `/php-scrm/login.php` | High
|
||||
38 | File | `/proxy` | Low
|
||||
39 | File | `/reservation/add_message.php` | High
|
||||
40 | File | `/reviewer_0/admins/assessments/pretest/questions-view.php` | High
|
||||
41 | File | `/rom-0` | Low
|
||||
42 | File | `/Session` | Medium
|
||||
43 | File | `/spip.php` | Medium
|
||||
44 | File | `/tmp` | Low
|
||||
45 | File | `/user/loader.php?api=1` | High
|
||||
46 | ... | ... | ...
|
||||
|
||||
There are 402 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 399 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -10,10 +10,10 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
|
||||
* [VN](https://vuldb.com/?country.vn)
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
* [LU](https://vuldb.com/?country.lu)
|
||||
* ...
|
||||
|
||||
There are 3 more country items available. Please use our online service to access the data.
|
||||
There are 2 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -53,7 +53,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 18 more TTP items available. Please use our online service to access the data.
|
||||
There are 19 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -62,45 +62,48 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/.env` | Low
|
||||
2 | File | `/?p=products` | Medium
|
||||
3 | File | `/admin` | Low
|
||||
4 | File | `/admin-ajax.php?action=eps_redirect_save` | High
|
||||
5 | File | `/admin/attendance_row.php` | High
|
||||
6 | File | `/admin/cashadvance_row.php` | High
|
||||
7 | File | `/admin/employee_row.php` | High
|
||||
8 | File | `/admin/login.php` | High
|
||||
9 | File | `/admin/maintenance/brand.php` | High
|
||||
10 | File | `/admin/maintenance/view_designation.php` | High
|
||||
11 | File | `/admin/mechanics/manage_mechanic.php` | High
|
||||
12 | File | `/admin/patient.php` | High
|
||||
13 | File | `/admin/suppliers/view_details.php` | High
|
||||
14 | File | `/admin/transactions/track_shipment.php` | High
|
||||
15 | File | `/api/admin/store/product/list` | High
|
||||
16 | File | `/as/authorization.oauth2` | High
|
||||
17 | File | `/cgi-bin/kerbynet` | High
|
||||
18 | File | `/cgi-bin/luci/api/auth` | High
|
||||
19 | File | `/cgi-bin/supervisor/PwdGrp.cgi` | High
|
||||
20 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
21 | File | `/churchcrm/EventAttendance.php` | High
|
||||
22 | File | `/DXR.axd` | Medium
|
||||
23 | File | `/filemanager/php/connector.php` | High
|
||||
24 | File | `/forum/away.php` | High
|
||||
25 | File | `/install/index.php` | High
|
||||
26 | File | `/licenses` | Medium
|
||||
27 | File | `/mhds/clinic/view_details.php` | High
|
||||
28 | File | `/modules/projects/vw_files.php` | High
|
||||
29 | File | `/plain` | Low
|
||||
30 | File | `/public/launchNewWindow.jsp` | High
|
||||
31 | File | `/public/login.htm` | High
|
||||
32 | File | `/qsr_server/device/reboot` | High
|
||||
33 | File | `/rukovoditel/index.php?module=users/login` | High
|
||||
34 | File | `/secure/QueryComponent!Default.jspa` | High
|
||||
35 | File | `/spip.php` | Medium
|
||||
36 | File | `/staff_login.php` | High
|
||||
37 | File | `/static/ueditor/php/controller.php` | High
|
||||
38 | ... | ... | ...
|
||||
2 | File | `//proc/kcore` | Medium
|
||||
3 | File | `/?p=products` | Medium
|
||||
4 | File | `/admin` | Low
|
||||
5 | File | `/admin-ajax.php?action=eps_redirect_save` | High
|
||||
6 | File | `/admin/attendance_row.php` | High
|
||||
7 | File | `/admin/cashadvance_row.php` | High
|
||||
8 | File | `/admin/curriculum/view_curriculum.php` | High
|
||||
9 | File | `/admin/departments/view_department.php` | High
|
||||
10 | File | `/admin/employee_row.php` | High
|
||||
11 | File | `/admin/login.php` | High
|
||||
12 | File | `/admin/maintenance/brand.php` | High
|
||||
13 | File | `/admin/maintenance/view_designation.php` | High
|
||||
14 | File | `/admin/mechanics/manage_mechanic.php` | High
|
||||
15 | File | `/admin/patient.php` | High
|
||||
16 | File | `/admin/suppliers/view_details.php` | High
|
||||
17 | File | `/admin/transactions/track_shipment.php` | High
|
||||
18 | File | `/admin/user/manage_user.php` | High
|
||||
19 | File | `/admin/user/uploadImg` | High
|
||||
20 | File | `/api/admin/store/product/list` | High
|
||||
21 | File | `/as/authorization.oauth2` | High
|
||||
22 | File | `/cgi-bin/kerbynet` | High
|
||||
23 | File | `/cgi-bin/luci/api/auth` | High
|
||||
24 | File | `/cgi-bin/supervisor/PwdGrp.cgi` | High
|
||||
25 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
26 | File | `/churchcrm/EventAttendance.php` | High
|
||||
27 | File | `/config/getuser` | High
|
||||
28 | File | `/Content/Template/root/reverse-shell.aspx` | High
|
||||
29 | File | `/DXR.axd` | Medium
|
||||
30 | File | `/filemanager/php/connector.php` | High
|
||||
31 | File | `/forum/away.php` | High
|
||||
32 | File | `/install/index.php` | High
|
||||
33 | File | `/licenses` | Medium
|
||||
34 | File | `/login/index.php` | High
|
||||
35 | File | `/mhds/clinic/view_details.php` | High
|
||||
36 | File | `/modules/projects/vw_files.php` | High
|
||||
37 | File | `/plain` | Low
|
||||
38 | File | `/public/launchNewWindow.jsp` | High
|
||||
39 | File | `/qsr_server/device/reboot` | High
|
||||
40 | File | `/rukovoditel/index.php?module=users/login` | High
|
||||
41 | ... | ... | ...
|
||||
|
||||
There are 331 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 355 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -0,0 +1,637 @@
|
|||
# Czech Republic Unknown - Cyber Threat Intelligence
|
||||
|
||||
These _indicators_ were reported, collected, and generated during the [VulDB CTI analysis](https://vuldb.com/?kb.cti) of the actor known as [Czech Republic Unknown](https://vuldb.com/?actor.czech_republic_unknown). The _activity monitoring_ correlates data from social media, forums, chat rooms, and darknet markets. It helps to determine associated actors, specific activities, expected intentions, emerging research, and ongoing attacks. Our unique _predictive model_ uses _big data_ to forecast activities and their characteristics.
|
||||
|
||||
_Live data_ and more _analysis capabilities_ are available at [https://vuldb.com/?actor.czech_republic_unknown](https://vuldb.com/?actor.czech_republic_unknown)
|
||||
|
||||
## Countries
|
||||
|
||||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Czech Republic Unknown:
|
||||
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [ES](https://vuldb.com/?country.es)
|
||||
* ...
|
||||
|
||||
There are 15 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
These _indicators of compromise_ (IOC) indicate associated network resources which are known to be part of research and attack activities of Czech Republic Unknown.
|
||||
|
||||
ID | IP address | Hostname | Campaign | Confidence
|
||||
-- | ---------- | -------- | -------- | ----------
|
||||
1 | [2.16.2.0](https://vuldb.com/?ip.2.16.2.0) | a2-16-2-0.deploy.static.akamaitechnologies.com | - | High
|
||||
2 | [2.16.24.0](https://vuldb.com/?ip.2.16.24.0) | a2-16-24-0.deploy.static.akamaitechnologies.com | - | High
|
||||
3 | [2.16.44.0](https://vuldb.com/?ip.2.16.44.0) | a2-16-44-0.deploy.static.akamaitechnologies.com | - | High
|
||||
4 | [2.16.60.0](https://vuldb.com/?ip.2.16.60.0) | a2-16-60-0.deploy.static.akamaitechnologies.com | - | High
|
||||
5 | [2.16.96.0](https://vuldb.com/?ip.2.16.96.0) | a2-16-96-0.deploy.static.akamaitechnologies.com | - | High
|
||||
6 | [2.16.132.0](https://vuldb.com/?ip.2.16.132.0) | a2-16-132-0.deploy.static.akamaitechnologies.com | - | High
|
||||
7 | [2.17.147.0](https://vuldb.com/?ip.2.17.147.0) | a2-17-147-0.deploy.static.akamaitechnologies.com | - | High
|
||||
8 | [2.21.74.0](https://vuldb.com/?ip.2.21.74.0) | a2-21-74-0.deploy.static.akamaitechnologies.com | - | High
|
||||
9 | [2.21.86.0](https://vuldb.com/?ip.2.21.86.0) | a2-21-86-0.deploy.static.akamaitechnologies.com | - | High
|
||||
10 | [2.22.232.0](https://vuldb.com/?ip.2.22.232.0) | a2-22-232-0.deploy.static.akamaitechnologies.com | - | High
|
||||
11 | [2.23.8.0](https://vuldb.com/?ip.2.23.8.0) | a2-23-8-0.deploy.static.akamaitechnologies.com | - | High
|
||||
12 | [2.56.253.0](https://vuldb.com/?ip.2.56.253.0) | - | - | High
|
||||
13 | [5.1.56.0](https://vuldb.com/?ip.5.1.56.0) | - | - | High
|
||||
14 | [5.22.152.0](https://vuldb.com/?ip.5.22.152.0) | - | - | High
|
||||
15 | [5.23.39.0](https://vuldb.com/?ip.5.23.39.0) | - | - | High
|
||||
16 | [5.34.168.0](https://vuldb.com/?ip.5.34.168.0) | - | - | High
|
||||
17 | [5.39.200.0](https://vuldb.com/?ip.5.39.200.0) | - | - | High
|
||||
18 | [5.43.224.0](https://vuldb.com/?ip.5.43.224.0) | - | - | High
|
||||
19 | [5.45.56.0](https://vuldb.com/?ip.5.45.56.0) | - | - | High
|
||||
20 | [5.45.60.0](https://vuldb.com/?ip.5.45.60.0) | - | - | High
|
||||
21 | [5.53.8.0](https://vuldb.com/?ip.5.53.8.0) | - | - | High
|
||||
22 | [5.59.8.0](https://vuldb.com/?ip.5.59.8.0) | - | - | High
|
||||
23 | [5.59.34.0](https://vuldb.com/?ip.5.59.34.0) | - | - | High
|
||||
24 | [5.59.78.0](https://vuldb.com/?ip.5.59.78.0) | - | - | High
|
||||
25 | [5.59.96.0](https://vuldb.com/?ip.5.59.96.0) | - | - | High
|
||||
26 | [5.59.234.0](https://vuldb.com/?ip.5.59.234.0) | - | - | High
|
||||
27 | [5.59.240.0](https://vuldb.com/?ip.5.59.240.0) | dhcp-0-240-59-5.metro86.ru | - | High
|
||||
28 | [5.59.243.0](https://vuldb.com/?ip.5.59.243.0) | dhcp-0-243-59-5.metro86.ru | - | High
|
||||
29 | [5.59.244.0](https://vuldb.com/?ip.5.59.244.0) | - | - | High
|
||||
30 | [5.59.248.0](https://vuldb.com/?ip.5.59.248.0) | dhcp-0-248-59-5.metro86.ru | - | High
|
||||
31 | [5.62.32.0](https://vuldb.com/?ip.5.62.32.0) | - | - | High
|
||||
32 | [5.62.36.0](https://vuldb.com/?ip.5.62.36.0) | - | - | High
|
||||
33 | [5.62.50.0](https://vuldb.com/?ip.5.62.50.0) | - | - | High
|
||||
34 | [5.62.52.0](https://vuldb.com/?ip.5.62.52.0) | - | - | High
|
||||
35 | [5.62.54.0](https://vuldb.com/?ip.5.62.54.0) | - | - | High
|
||||
36 | [5.62.60.0](https://vuldb.com/?ip.5.62.60.0) | - | - | High
|
||||
37 | [5.102.48.0](https://vuldb.com/?ip.5.102.48.0) | 0.48.102.5.client.nordic.tel | - | High
|
||||
38 | [5.104.16.0](https://vuldb.com/?ip.5.104.16.0) | 5-104-16-0.members.slavicin.unart.cz | - | High
|
||||
39 | [5.105.240.0](https://vuldb.com/?ip.5.105.240.0) | - | - | High
|
||||
40 | [5.145.104.0](https://vuldb.com/?ip.5.145.104.0) | - | - | High
|
||||
41 | [5.152.132.0](https://vuldb.com/?ip.5.152.132.0) | - | - | High
|
||||
42 | [5.180.196.0](https://vuldb.com/?ip.5.180.196.0) | - | - | High
|
||||
43 | [5.180.200.0](https://vuldb.com/?ip.5.180.200.0) | net-address200.net.rozhled.net | - | High
|
||||
44 | [5.181.92.0](https://vuldb.com/?ip.5.181.92.0) | cust.uvtnet.cz | - | High
|
||||
45 | [5.182.148.0](https://vuldb.com/?ip.5.182.148.0) | gw2-ttc.zcom.cz | - | High
|
||||
46 | [5.183.12.0](https://vuldb.com/?ip.5.183.12.0) | 5-183-12-0.static.wolfnet.cz | - | High
|
||||
47 | [5.198.128.0](https://vuldb.com/?ip.5.198.128.0) | mfonline.cz | - | High
|
||||
48 | [5.252.40.0](https://vuldb.com/?ip.5.252.40.0) | - | - | High
|
||||
49 | [5.254.60.0](https://vuldb.com/?ip.5.254.60.0) | - | - | High
|
||||
50 | [8.40.30.0](https://vuldb.com/?ip.8.40.30.0) | - | - | High
|
||||
51 | [8.238.187.0](https://vuldb.com/?ip.8.238.187.0) | - | - | High
|
||||
52 | [8.251.72.0](https://vuldb.com/?ip.8.251.72.0) | - | - | High
|
||||
53 | [8.253.240.0](https://vuldb.com/?ip.8.253.240.0) | - | - | High
|
||||
54 | [8.254.65.0](https://vuldb.com/?ip.8.254.65.0) | - | - | High
|
||||
55 | [13.32.147.0](https://vuldb.com/?ip.13.32.147.0) | server-13-32-147-0.prg50.r.cloudfront.net | - | High
|
||||
56 | [13.104.140.17](https://vuldb.com/?ip.13.104.140.17) | - | - | High
|
||||
57 | [13.104.140.18](https://vuldb.com/?ip.13.104.140.18) | - | - | High
|
||||
58 | [13.104.140.173](https://vuldb.com/?ip.13.104.140.173) | - | - | High
|
||||
59 | [13.104.182.160](https://vuldb.com/?ip.13.104.182.160) | - | - | High
|
||||
60 | [13.226.89.0](https://vuldb.com/?ip.13.226.89.0) | server-13-226-89-0.prg50.r.cloudfront.net | - | High
|
||||
61 | [13.248.118.192](https://vuldb.com/?ip.13.248.118.192) | - | - | High
|
||||
62 | [13.248.119.0](https://vuldb.com/?ip.13.248.119.0) | - | - | High
|
||||
63 | [14.137.176.0](https://vuldb.com/?ip.14.137.176.0) | ecs-14-137-176-0.compute.hwclouds-dns.com | - | High
|
||||
64 | [17.66.100.0](https://vuldb.com/?ip.17.66.100.0) | - | - | High
|
||||
65 | [17.66.104.0](https://vuldb.com/?ip.17.66.104.0) | - | - | High
|
||||
66 | [17.67.200.0](https://vuldb.com/?ip.17.67.200.0) | - | - | High
|
||||
67 | [17.79.33.128](https://vuldb.com/?ip.17.79.33.128) | - | - | High
|
||||
68 | [17.127.236.0](https://vuldb.com/?ip.17.127.236.0) | - | - | High
|
||||
69 | [23.4.252.0](https://vuldb.com/?ip.23.4.252.0) | a23-4-252-0.deploy.static.akamaitechnologies.com | - | High
|
||||
70 | [23.26.225.0](https://vuldb.com/?ip.23.26.225.0) | - | - | High
|
||||
71 | [23.44.215.0](https://vuldb.com/?ip.23.44.215.0) | a23-44-215-0.deploy.static.akamaitechnologies.com | - | High
|
||||
72 | [23.64.15.0](https://vuldb.com/?ip.23.64.15.0) | a23-64-15-0.deploy.static.akamaitechnologies.com | - | High
|
||||
73 | [23.73.140.0](https://vuldb.com/?ip.23.73.140.0) | a23-73-140-0.deploy.static.akamaitechnologies.com | - | High
|
||||
74 | [23.75.64.0](https://vuldb.com/?ip.23.75.64.0) | a23-75-64-0.deploy.static.akamaitechnologies.com | - | High
|
||||
75 | [23.195.248.0](https://vuldb.com/?ip.23.195.248.0) | a23-195-248-0.deploy.static.akamaitechnologies.com | - | High
|
||||
76 | [23.212.110.0](https://vuldb.com/?ip.23.212.110.0) | a23-212-110-0.deploy.static.akamaitechnologies.com | - | High
|
||||
77 | [23.219.91.0](https://vuldb.com/?ip.23.219.91.0) | a23-219-91-0.deploy.static.akamaitechnologies.com | - | High
|
||||
78 | [31.7.240.0](https://vuldb.com/?ip.31.7.240.0) | - | - | High
|
||||
79 | [31.10.56.0](https://vuldb.com/?ip.31.10.56.0) | 0.56.10.31.client.nordic.tel | - | High
|
||||
80 | [31.14.75.0](https://vuldb.com/?ip.31.14.75.0) | - | - | High
|
||||
81 | [31.15.8.0](https://vuldb.com/?ip.31.15.8.0) | net.v150.active24.cz | - | High
|
||||
82 | [31.28.128.0](https://vuldb.com/?ip.31.28.128.0) | - | - | High
|
||||
83 | [31.30.0.0](https://vuldb.com/?ip.31.30.0.0) | - | - | High
|
||||
84 | [31.31.72.0](https://vuldb.com/?ip.31.31.72.0) | - | - | High
|
||||
85 | [31.31.224.0](https://vuldb.com/?ip.31.31.224.0) | - | - | High
|
||||
86 | [31.41.200.0](https://vuldb.com/?ip.31.41.200.0) | - | - | High
|
||||
87 | [31.47.96.0](https://vuldb.com/?ip.31.47.96.0) | - | - | High
|
||||
88 | [31.130.168.0](https://vuldb.com/?ip.31.130.168.0) | - | - | High
|
||||
89 | [31.132.16.0](https://vuldb.com/?ip.31.132.16.0) | 31-132-16-0.ip.jes.cz | - | High
|
||||
90 | [31.133.8.0](https://vuldb.com/?ip.31.133.8.0) | - | - | High
|
||||
91 | [31.134.216.0](https://vuldb.com/?ip.31.134.216.0) | - | - | High
|
||||
92 | [31.169.128.0](https://vuldb.com/?ip.31.169.128.0) | ip-31-169-128-0.net.vodafone.cz | - | High
|
||||
93 | [31.170.176.0](https://vuldb.com/?ip.31.170.176.0) | - | - | High
|
||||
94 | [31.177.24.0](https://vuldb.com/?ip.31.177.24.0) | - | - | High
|
||||
95 | [31.184.236.0](https://vuldb.com/?ip.31.184.236.0) | - | - | High
|
||||
96 | [31.186.184.0](https://vuldb.com/?ip.31.186.184.0) | - | - | High
|
||||
97 | [31.192.64.0](https://vuldb.com/?ip.31.192.64.0) | - | - | High
|
||||
98 | [31.222.0.0](https://vuldb.com/?ip.31.222.0.0) | isp-31-222-0-0.saowifi.net | - | High
|
||||
99 | [31.222.64.0](https://vuldb.com/?ip.31.222.64.0) | - | - | High
|
||||
100 | [31.222.68.0](https://vuldb.com/?ip.31.222.68.0) | - | - | High
|
||||
101 | [32.106.155.0](https://vuldb.com/?ip.32.106.155.0) | - | - | High
|
||||
102 | [32.109.51.12](https://vuldb.com/?ip.32.109.51.12) | - | - | High
|
||||
103 | [32.112.128.50](https://vuldb.com/?ip.32.112.128.50) | - | - | High
|
||||
104 | [32.112.129.170](https://vuldb.com/?ip.32.112.129.170) | - | - | High
|
||||
105 | [32.112.131.2](https://vuldb.com/?ip.32.112.131.2) | - | - | High
|
||||
106 | [32.112.144.126](https://vuldb.com/?ip.32.112.144.126) | - | - | High
|
||||
107 | [32.112.192.186](https://vuldb.com/?ip.32.112.192.186) | - | - | High
|
||||
108 | [32.112.204.94](https://vuldb.com/?ip.32.112.204.94) | - | - | High
|
||||
109 | [32.112.230.138](https://vuldb.com/?ip.32.112.230.138) | - | - | High
|
||||
110 | [32.112.230.142](https://vuldb.com/?ip.32.112.230.142) | - | - | High
|
||||
111 | [32.112.231.62](https://vuldb.com/?ip.32.112.231.62) | - | - | High
|
||||
112 | [32.112.232.6](https://vuldb.com/?ip.32.112.232.6) | - | - | High
|
||||
113 | [32.113.126.0](https://vuldb.com/?ip.32.113.126.0) | - | - | High
|
||||
114 | [32.116.32.22](https://vuldb.com/?ip.32.116.32.22) | - | - | High
|
||||
115 | [35.248.7.112](https://vuldb.com/?ip.35.248.7.112) | - | - | High
|
||||
116 | [35.248.7.116](https://vuldb.com/?ip.35.248.7.116) | - | - | High
|
||||
117 | [35.248.7.118](https://vuldb.com/?ip.35.248.7.118) | var1.prg1-ae21-0.us.twtelecom.net | - | High
|
||||
118 | [35.248.7.120](https://vuldb.com/?ip.35.248.7.120) | - | - | High
|
||||
119 | [35.248.7.124](https://vuldb.com/?ip.35.248.7.124) | - | - | High
|
||||
120 | [35.248.7.126](https://vuldb.com/?ip.35.248.7.126) | var2.prg1-ae21-0.3549.level3.net | - | High
|
||||
121 | [37.0.113.0](https://vuldb.com/?ip.37.0.113.0) | - | - | High
|
||||
122 | [37.9.192.0](https://vuldb.com/?ip.37.9.192.0) | - | - | High
|
||||
123 | [37.44.16.0](https://vuldb.com/?ip.37.44.16.0) | - | - | High
|
||||
124 | [37.44.208.0](https://vuldb.com/?ip.37.44.208.0) | - | - | High
|
||||
125 | [37.46.80.0](https://vuldb.com/?ip.37.46.80.0) | unasigned-0-80-46-37.hosting90.net | - | High
|
||||
126 | [37.46.208.0](https://vuldb.com/?ip.37.46.208.0) | - | - | High
|
||||
127 | [37.48.0.0](https://vuldb.com/?ip.37.48.0.0) | 37-48-0-0.nat.epc.tmcz.cz | - | High
|
||||
128 | [37.77.145.0](https://vuldb.com/?ip.37.77.145.0) | - | - | High
|
||||
129 | [37.77.224.0](https://vuldb.com/?ip.37.77.224.0) | - | - | High
|
||||
130 | [37.140.220.0](https://vuldb.com/?ip.37.140.220.0) | - | - | High
|
||||
131 | [37.143.112.0](https://vuldb.com/?ip.37.143.112.0) | - | - | High
|
||||
132 | [37.156.187.0](https://vuldb.com/?ip.37.156.187.0) | - | - | High
|
||||
133 | [37.157.192.0](https://vuldb.com/?ip.37.157.192.0) | - | - | High
|
||||
134 | [37.188.128.0](https://vuldb.com/?ip.37.188.128.0) | 37-188-128-0.red.o2.cz | - | High
|
||||
135 | [37.205.8.0](https://vuldb.com/?ip.37.205.8.0) | - | - | High
|
||||
136 | [37.221.68.0](https://vuldb.com/?ip.37.221.68.0) | - | - | High
|
||||
137 | [37.221.69.0](https://vuldb.com/?ip.37.221.69.0) | - | - | High
|
||||
138 | [37.221.69.128](https://vuldb.com/?ip.37.221.69.128) | - | - | High
|
||||
139 | [37.221.69.132](https://vuldb.com/?ip.37.221.69.132) | - | - | High
|
||||
140 | [37.221.69.134](https://vuldb.com/?ip.37.221.69.134) | cz.prg.vinohradska190.gw22.inftele.net | - | High
|
||||
141 | [37.221.69.136](https://vuldb.com/?ip.37.221.69.136) | - | - | High
|
||||
142 | [37.221.69.144](https://vuldb.com/?ip.37.221.69.144) | - | - | High
|
||||
143 | [37.221.69.148](https://vuldb.com/?ip.37.221.69.148) | - | - | High
|
||||
144 | [37.221.69.150](https://vuldb.com/?ip.37.221.69.150) | cz.prg.cecolo.gw20.inftele.net | - | High
|
||||
145 | [37.221.69.152](https://vuldb.com/?ip.37.221.69.152) | - | - | High
|
||||
146 | [37.221.69.160](https://vuldb.com/?ip.37.221.69.160) | - | - | High
|
||||
147 | [37.221.69.176](https://vuldb.com/?ip.37.221.69.176) | - | - | High
|
||||
148 | [37.221.69.181](https://vuldb.com/?ip.37.221.69.181) | - | - | High
|
||||
149 | [37.221.69.183](https://vuldb.com/?ip.37.221.69.183) | - | - | High
|
||||
150 | [37.221.69.184](https://vuldb.com/?ip.37.221.69.184) | - | - | High
|
||||
151 | [37.221.69.192](https://vuldb.com/?ip.37.221.69.192) | - | - | High
|
||||
152 | [37.221.69.196](https://vuldb.com/?ip.37.221.69.196) | - | - | High
|
||||
153 | [37.221.69.200](https://vuldb.com/?ip.37.221.69.200) | - | - | High
|
||||
154 | [37.221.69.208](https://vuldb.com/?ip.37.221.69.208) | - | - | High
|
||||
155 | [37.221.69.224](https://vuldb.com/?ip.37.221.69.224) | - | - | High
|
||||
156 | [37.221.70.0](https://vuldb.com/?ip.37.221.70.0) | cz.prg.cecolo.gw.inftele.net | - | High
|
||||
157 | [37.221.70.16](https://vuldb.com/?ip.37.221.70.16) | - | - | High
|
||||
158 | [37.221.70.20](https://vuldb.com/?ip.37.221.70.20) | cz.prg.cecolo.gw20.inftele.net | - | High
|
||||
159 | [37.221.70.22](https://vuldb.com/?ip.37.221.70.22) | headquarters.inftele.com | - | High
|
||||
160 | [37.221.70.24](https://vuldb.com/?ip.37.221.70.24) | - | - | High
|
||||
161 | [37.221.70.32](https://vuldb.com/?ip.37.221.70.32) | - | - | High
|
||||
162 | [37.221.70.64](https://vuldb.com/?ip.37.221.70.64) | - | - | High
|
||||
163 | [37.221.70.128](https://vuldb.com/?ip.37.221.70.128) | - | - | High
|
||||
164 | [37.221.71.0](https://vuldb.com/?ip.37.221.71.0) | - | - | High
|
||||
165 | [37.221.88.0](https://vuldb.com/?ip.37.221.88.0) | - | - | High
|
||||
166 | [37.221.116.0](https://vuldb.com/?ip.37.221.116.0) | - | - | High
|
||||
167 | [37.221.240.0](https://vuldb.com/?ip.37.221.240.0) | network.srv.tlapnet.cz | - | High
|
||||
168 | [37.235.96.0](https://vuldb.com/?ip.37.235.96.0) | - | - | High
|
||||
169 | [38.100.22.0](https://vuldb.com/?ip.38.100.22.0) | - | - | High
|
||||
170 | [38.101.162.60](https://vuldb.com/?ip.38.101.162.60) | lo2000.ccr21.prg01.atlas.cogentco.com | - | High
|
||||
171 | [40.90.0.34](https://vuldb.com/?ip.40.90.0.34) | 40-90-0-34.relay.skype.com | - | High
|
||||
172 | [40.90.65.38](https://vuldb.com/?ip.40.90.65.38) | - | - | High
|
||||
173 | [40.90.65.88](https://vuldb.com/?ip.40.90.65.88) | - | - | High
|
||||
174 | [45.8.40.0](https://vuldb.com/?ip.45.8.40.0) | - | - | High
|
||||
175 | [45.10.191.0](https://vuldb.com/?ip.45.10.191.0) | - | - | High
|
||||
176 | [45.11.132.0](https://vuldb.com/?ip.45.11.132.0) | - | - | High
|
||||
177 | [45.14.156.0](https://vuldb.com/?ip.45.14.156.0) | - | - | High
|
||||
178 | [45.15.41.0](https://vuldb.com/?ip.45.15.41.0) | - | - | High
|
||||
179 | [45.15.56.0](https://vuldb.com/?ip.45.15.56.0) | - | - | High
|
||||
180 | [45.67.14.0](https://vuldb.com/?ip.45.67.14.0) | - | - | High
|
||||
181 | [45.67.15.64](https://vuldb.com/?ip.45.67.15.64) | - | - | High
|
||||
182 | [45.67.15.128](https://vuldb.com/?ip.45.67.15.128) | - | - | High
|
||||
183 | [45.67.15.192](https://vuldb.com/?ip.45.67.15.192) | - | - | High
|
||||
184 | [45.67.15.224](https://vuldb.com/?ip.45.67.15.224) | - | - | High
|
||||
185 | [45.67.15.240](https://vuldb.com/?ip.45.67.15.240) | - | - | High
|
||||
186 | [45.74.22.0](https://vuldb.com/?ip.45.74.22.0) | - | - | High
|
||||
187 | [45.80.248.0](https://vuldb.com/?ip.45.80.248.0) | - | - | High
|
||||
188 | [45.81.40.130](https://vuldb.com/?ip.45.81.40.130) | 45-81-40-130.coolnet.sk | - | High
|
||||
189 | [45.81.40.192](https://vuldb.com/?ip.45.81.40.192) | 45-81-40-192.coolnet.sk | - | High
|
||||
190 | [45.81.40.202](https://vuldb.com/?ip.45.81.40.202) | 45-81-40-202.coolnet.sk | - | High
|
||||
191 | [45.81.40.206](https://vuldb.com/?ip.45.81.40.206) | 45-81-40-206.coolnet.sk | - | High
|
||||
192 | [45.81.40.208](https://vuldb.com/?ip.45.81.40.208) | 45-81-40-208.coolnet.sk | - | High
|
||||
193 | [45.81.40.212](https://vuldb.com/?ip.45.81.40.212) | 45-81-40-212.coolnet.sk | - | High
|
||||
194 | [45.81.40.216](https://vuldb.com/?ip.45.81.40.216) | 45-81-40-216.coolnet.sk | - | High
|
||||
195 | [45.81.42.0](https://vuldb.com/?ip.45.81.42.0) | - | - | High
|
||||
196 | [45.81.92.0](https://vuldb.com/?ip.45.81.92.0) | - | - | High
|
||||
197 | [45.81.96.0](https://vuldb.com/?ip.45.81.96.0) | unn-45.81.96.0.zcom.cz | - | High
|
||||
198 | [45.82.156.0](https://vuldb.com/?ip.45.82.156.0) | - | - | High
|
||||
199 | [45.82.232.0](https://vuldb.com/?ip.45.82.232.0) | - | - | High
|
||||
200 | [45.83.212.0](https://vuldb.com/?ip.45.83.212.0) | - | - | High
|
||||
201 | [45.84.122.0](https://vuldb.com/?ip.45.84.122.0) | - | - | High
|
||||
202 | [45.84.164.0](https://vuldb.com/?ip.45.84.164.0) | - | - | High
|
||||
203 | [45.85.172.0](https://vuldb.com/?ip.45.85.172.0) | - | - | High
|
||||
204 | [45.85.252.0](https://vuldb.com/?ip.45.85.252.0) | - | - | High
|
||||
205 | [45.86.48.0](https://vuldb.com/?ip.45.86.48.0) | - | - | High
|
||||
206 | [45.87.12.0](https://vuldb.com/?ip.45.87.12.0) | - | - | High
|
||||
207 | [45.87.116.0](https://vuldb.com/?ip.45.87.116.0) | - | - | High
|
||||
208 | [45.87.119.0](https://vuldb.com/?ip.45.87.119.0) | - | - | High
|
||||
209 | [45.87.236.0](https://vuldb.com/?ip.45.87.236.0) | - | - | High
|
||||
210 | [45.90.100.0](https://vuldb.com/?ip.45.90.100.0) | - | - | High
|
||||
211 | [45.91.0.0](https://vuldb.com/?ip.45.91.0.0) | r0.mtu.cz | - | High
|
||||
212 | [45.91.28.0](https://vuldb.com/?ip.45.91.28.0) | - | - | High
|
||||
213 | [45.91.180.0](https://vuldb.com/?ip.45.91.180.0) | - | - | High
|
||||
214 | [45.92.236.0](https://vuldb.com/?ip.45.92.236.0) | - | - | High
|
||||
215 | [45.93.152.0](https://vuldb.com/?ip.45.93.152.0) | r1.msk.cz | - | High
|
||||
216 | [45.129.24.0](https://vuldb.com/?ip.45.129.24.0) | - | - | High
|
||||
217 | [45.129.33.0](https://vuldb.com/?ip.45.129.33.0) | - | - | High
|
||||
218 | [45.129.104.0](https://vuldb.com/?ip.45.129.104.0) | xpon-dyn-45.129.104.samatech.sk | - | High
|
||||
219 | [45.129.106.0](https://vuldb.com/?ip.45.129.106.0) | - | - | High
|
||||
220 | [45.129.156.0](https://vuldb.com/?ip.45.129.156.0) | - | - | High
|
||||
221 | [45.130.248.0](https://vuldb.com/?ip.45.130.248.0) | - | - | High
|
||||
222 | [45.133.137.0](https://vuldb.com/?ip.45.133.137.0) | - | - | High
|
||||
223 | [45.135.84.0](https://vuldb.com/?ip.45.135.84.0) | - | - | High
|
||||
224 | [45.135.180.0](https://vuldb.com/?ip.45.135.180.0) | ip-45-135-180-0.vps.vpinet.cz | - | High
|
||||
225 | [45.136.134.0](https://vuldb.com/?ip.45.136.134.0) | - | - | High
|
||||
226 | [45.136.152.0](https://vuldb.com/?ip.45.136.152.0) | unn-45-136-152-0.datapacket.com | - | High
|
||||
227 | [45.137.128.0](https://vuldb.com/?ip.45.137.128.0) | - | - | High
|
||||
228 | [45.138.105.0](https://vuldb.com/?ip.45.138.105.0) | - | - | High
|
||||
229 | [45.139.88.0](https://vuldb.com/?ip.45.139.88.0) | - | - | High
|
||||
230 | [45.140.40.0](https://vuldb.com/?ip.45.140.40.0) | - | - | High
|
||||
231 | [45.140.167.0](https://vuldb.com/?ip.45.140.167.0) | - | - | High
|
||||
232 | [45.140.240.0](https://vuldb.com/?ip.45.140.240.0) | - | - | High
|
||||
233 | [45.142.48.0](https://vuldb.com/?ip.45.142.48.0) | - | - | High
|
||||
234 | [45.145.220.0](https://vuldb.com/?ip.45.145.220.0) | - | - | High
|
||||
235 | [45.146.108.0](https://vuldb.com/?ip.45.146.108.0) | - | - | High
|
||||
236 | [45.147.164.0](https://vuldb.com/?ip.45.147.164.0) | - | - | High
|
||||
237 | [45.150.36.0](https://vuldb.com/?ip.45.150.36.0) | ip-45-150-36-0.vps.vpinet.cz | - | High
|
||||
238 | [45.153.192.0](https://vuldb.com/?ip.45.153.192.0) | tlapnet-192-0.cust.tlapnet.cz | - | High
|
||||
239 | [45.155.12.0](https://vuldb.com/?ip.45.155.12.0) | - | - | High
|
||||
240 | [45.155.225.0](https://vuldb.com/?ip.45.155.225.0) | - | - | High
|
||||
241 | [45.158.88.0](https://vuldb.com/?ip.45.158.88.0) | - | - | High
|
||||
242 | [45.159.108.0](https://vuldb.com/?ip.45.159.108.0) | - | - | High
|
||||
243 | [45.159.116.0](https://vuldb.com/?ip.45.159.116.0) | 0.116.159.45.client.nordic.tel | - | High
|
||||
244 | [46.13.0.0](https://vuldb.com/?ip.46.13.0.0) | - | - | High
|
||||
245 | [46.16.120.0](https://vuldb.com/?ip.46.16.120.0) | - | - | High
|
||||
246 | [46.23.48.0](https://vuldb.com/?ip.46.23.48.0) | - | - | High
|
||||
247 | [46.23.128.0](https://vuldb.com/?ip.46.23.128.0) | - | - | High
|
||||
248 | [46.28.104.0](https://vuldb.com/?ip.46.28.104.0) | - | - | High
|
||||
249 | [46.29.4.0](https://vuldb.com/?ip.46.29.4.0) | - | - | High
|
||||
250 | [46.29.184.0](https://vuldb.com/?ip.46.29.184.0) | - | - | High
|
||||
251 | [46.29.224.0](https://vuldb.com/?ip.46.29.224.0) | ip-0-224.static.ccinternet.cz | - | High
|
||||
252 | [46.30.64.0](https://vuldb.com/?ip.46.30.64.0) | - | - | High
|
||||
253 | [46.30.88.0](https://vuldb.com/?ip.46.30.88.0) | - | - | High
|
||||
254 | [46.30.144.0](https://vuldb.com/?ip.46.30.144.0) | - | - | High
|
||||
255 | [46.30.232.0](https://vuldb.com/?ip.46.30.232.0) | - | - | High
|
||||
256 | [46.33.96.0](https://vuldb.com/?ip.46.33.96.0) | - | - | High
|
||||
257 | [46.36.32.0](https://vuldb.com/?ip.46.36.32.0) | 0-32.gtt-net.cz | - | High
|
||||
258 | [46.39.160.0](https://vuldb.com/?ip.46.39.160.0) | - | - | High
|
||||
259 | [46.47.128.0](https://vuldb.com/?ip.46.47.128.0) | - | - | High
|
||||
260 | [46.135.0.0](https://vuldb.com/?ip.46.135.0.0) | - | - | High
|
||||
261 | [46.149.112.0](https://vuldb.com/?ip.46.149.112.0) | - | - | High
|
||||
262 | [46.167.192.0](https://vuldb.com/?ip.46.167.192.0) | ip-46-167-192-0.net.vodafone.cz | - | High
|
||||
263 | [46.173.192.0](https://vuldb.com/?ip.46.173.192.0) | - | - | High
|
||||
264 | [46.174.16.0](https://vuldb.com/?ip.46.174.16.0) | - | - | High
|
||||
265 | [46.174.32.0](https://vuldb.com/?ip.46.174.32.0) | - | - | High
|
||||
266 | [46.174.56.0](https://vuldb.com/?ip.46.174.56.0) | - | - | High
|
||||
267 | [46.174.152.0](https://vuldb.com/?ip.46.174.152.0) | 0.152.174.46.mjanik.net | - | High
|
||||
268 | [46.174.184.0](https://vuldb.com/?ip.46.174.184.0) | - | - | High
|
||||
269 | [46.175.88.0](https://vuldb.com/?ip.46.175.88.0) | - | - | High
|
||||
270 | [46.175.135.0](https://vuldb.com/?ip.46.175.135.0) | - | - | High
|
||||
271 | [46.175.176.0](https://vuldb.com/?ip.46.175.176.0) | - | - | High
|
||||
272 | [46.183.56.0](https://vuldb.com/?ip.46.183.56.0) | 0.56.183.46.client.nordic.tel | - | High
|
||||
273 | [46.183.64.0](https://vuldb.com/?ip.46.183.64.0) | - | - | High
|
||||
274 | [46.226.16.0](https://vuldb.com/?ip.46.226.16.0) | ttcas16net.ttc.cz | - | High
|
||||
275 | [46.227.8.0](https://vuldb.com/?ip.46.227.8.0) | - | - | High
|
||||
276 | [46.227.168.0](https://vuldb.com/?ip.46.227.168.0) | - | - | High
|
||||
277 | [46.228.16.0](https://vuldb.com/?ip.46.228.16.0) | - | - | High
|
||||
278 | [46.229.112.0](https://vuldb.com/?ip.46.229.112.0) | - | - | High
|
||||
279 | [46.231.72.0](https://vuldb.com/?ip.46.231.72.0) | 0.72.231.46.client.nordic.tel | - | High
|
||||
280 | [46.234.96.0](https://vuldb.com/?ip.46.234.96.0) | - | - | High
|
||||
281 | [46.234.160.0](https://vuldb.com/?ip.46.234.160.0) | - | - | High
|
||||
282 | [46.243.48.0](https://vuldb.com/?ip.46.243.48.0) | net-46-243-48-0.vshosting.cz | - | High
|
||||
283 | [46.252.224.0](https://vuldb.com/?ip.46.252.224.0) | - | - | High
|
||||
284 | [46.253.96.0](https://vuldb.com/?ip.46.253.96.0) | - | - | High
|
||||
285 | [46.254.64.0](https://vuldb.com/?ip.46.254.64.0) | - | - | High
|
||||
286 | [46.255.8.0](https://vuldb.com/?ip.46.255.8.0) | - | - | High
|
||||
287 | [46.255.224.0](https://vuldb.com/?ip.46.255.224.0) | - | - | High
|
||||
288 | [52.93.43.0](https://vuldb.com/?ip.52.93.43.0) | - | - | High
|
||||
289 | [52.124.187.0](https://vuldb.com/?ip.52.124.187.0) | server-52-124-187-0.prg50.r.cloudfront.net | - | High
|
||||
290 | [54.182.255.0](https://vuldb.com/?ip.54.182.255.0) | server-54-182-255-0.prg50.r.cloudfront.net | - | High
|
||||
291 | [54.239.60.144](https://vuldb.com/?ip.54.239.60.144) | - | - | High
|
||||
292 | [54.239.60.160](https://vuldb.com/?ip.54.239.60.160) | - | - | High
|
||||
293 | [54.239.60.176](https://vuldb.com/?ip.54.239.60.176) | - | - | High
|
||||
294 | [54.239.61.64](https://vuldb.com/?ip.54.239.61.64) | - | - | High
|
||||
295 | [54.239.61.194](https://vuldb.com/?ip.54.239.61.194) | - | - | High
|
||||
296 | [57.90.80.0](https://vuldb.com/?ip.57.90.80.0) | - | - | High
|
||||
297 | [57.188.13.0](https://vuldb.com/?ip.57.188.13.0) | - | - | High
|
||||
298 | [62.4.96.0](https://vuldb.com/?ip.62.4.96.0) | volbackbone.vol.cz | - | High
|
||||
299 | [62.4.104.0](https://vuldb.com/?ip.62.4.104.0) | - | - | High
|
||||
300 | [62.4.118.0](https://vuldb.com/?ip.62.4.118.0) | - | - | High
|
||||
301 | [62.4.120.0](https://vuldb.com/?ip.62.4.120.0) | - | - | High
|
||||
302 | [62.24.64.0](https://vuldb.com/?ip.62.24.64.0) | ip-62-24-64-0.net.vodafone.cz | - | High
|
||||
303 | [62.40.64.0](https://vuldb.com/?ip.62.40.64.0) | - | - | High
|
||||
304 | [62.40.64.32](https://vuldb.com/?ip.62.40.64.32) | - | - | High
|
||||
305 | [62.40.64.48](https://vuldb.com/?ip.62.40.64.48) | - | - | High
|
||||
306 | [62.40.64.64](https://vuldb.com/?ip.62.40.64.64) | - | - | High
|
||||
307 | [62.40.64.128](https://vuldb.com/?ip.62.40.64.128) | - | - | High
|
||||
308 | [62.40.65.0](https://vuldb.com/?ip.62.40.65.0) | - | - | High
|
||||
309 | [62.40.66.0](https://vuldb.com/?ip.62.40.66.0) | - | - | High
|
||||
310 | [62.40.66.64](https://vuldb.com/?ip.62.40.66.64) | - | - | High
|
||||
311 | [62.40.66.96](https://vuldb.com/?ip.62.40.66.96) | - | - | High
|
||||
312 | [62.40.66.106](https://vuldb.com/?ip.62.40.66.106) | - | - | High
|
||||
313 | [62.40.66.108](https://vuldb.com/?ip.62.40.66.108) | - | - | High
|
||||
314 | [62.40.66.112](https://vuldb.com/?ip.62.40.66.112) | - | - | High
|
||||
315 | [62.40.66.128](https://vuldb.com/?ip.62.40.66.128) | - | - | High
|
||||
316 | [62.40.67.0](https://vuldb.com/?ip.62.40.67.0) | - | - | High
|
||||
317 | [62.40.67.128](https://vuldb.com/?ip.62.40.67.128) | - | - | High
|
||||
318 | [62.40.67.160](https://vuldb.com/?ip.62.40.67.160) | - | - | High
|
||||
319 | [62.40.67.178](https://vuldb.com/?ip.62.40.67.178) | ucz200080-gw.customer.ALTER.NET | - | High
|
||||
320 | [62.40.67.180](https://vuldb.com/?ip.62.40.67.180) | - | - | High
|
||||
321 | [62.40.67.184](https://vuldb.com/?ip.62.40.67.184) | - | - | High
|
||||
322 | [62.40.67.192](https://vuldb.com/?ip.62.40.67.192) | - | - | High
|
||||
323 | [62.40.67.200](https://vuldb.com/?ip.62.40.67.200) | - | - | High
|
||||
324 | [62.40.67.206](https://vuldb.com/?ip.62.40.67.206) | - | - | High
|
||||
325 | [62.40.67.208](https://vuldb.com/?ip.62.40.67.208) | - | - | High
|
||||
326 | [62.40.67.224](https://vuldb.com/?ip.62.40.67.224) | - | - | High
|
||||
327 | [62.40.68.0](https://vuldb.com/?ip.62.40.68.0) | - | - | High
|
||||
328 | [62.40.68.128](https://vuldb.com/?ip.62.40.68.128) | - | - | High
|
||||
329 | [62.40.68.192](https://vuldb.com/?ip.62.40.68.192) | - | - | High
|
||||
330 | [62.40.68.226](https://vuldb.com/?ip.62.40.68.226) | - | - | High
|
||||
331 | [62.40.68.228](https://vuldb.com/?ip.62.40.68.228) | - | - | High
|
||||
332 | [62.40.68.232](https://vuldb.com/?ip.62.40.68.232) | - | - | High
|
||||
333 | [62.40.68.240](https://vuldb.com/?ip.62.40.68.240) | - | - | High
|
||||
334 | [62.40.69.0](https://vuldb.com/?ip.62.40.69.0) | - | - | High
|
||||
335 | [62.40.69.32](https://vuldb.com/?ip.62.40.69.32) | - | - | High
|
||||
336 | [62.40.69.48](https://vuldb.com/?ip.62.40.69.48) | - | - | High
|
||||
337 | [62.40.69.54](https://vuldb.com/?ip.62.40.69.54) | - | - | High
|
||||
338 | [62.40.69.56](https://vuldb.com/?ip.62.40.69.56) | - | - | High
|
||||
339 | [62.40.69.64](https://vuldb.com/?ip.62.40.69.64) | - | - | High
|
||||
340 | [62.40.69.128](https://vuldb.com/?ip.62.40.69.128) | - | - | High
|
||||
341 | [62.40.69.160](https://vuldb.com/?ip.62.40.69.160) | - | - | High
|
||||
342 | [62.40.69.168](https://vuldb.com/?ip.62.40.69.168) | ip-62-40-69-168.pb.cz | - | High
|
||||
343 | [62.40.69.174](https://vuldb.com/?ip.62.40.69.174) | gate-ppreal.pb.cz | - | High
|
||||
344 | [62.40.69.176](https://vuldb.com/?ip.62.40.69.176) | - | - | High
|
||||
345 | [62.40.69.192](https://vuldb.com/?ip.62.40.69.192) | - | - | High
|
||||
346 | [62.40.70.0](https://vuldb.com/?ip.62.40.70.0) | - | - | High
|
||||
347 | [62.40.72.0](https://vuldb.com/?ip.62.40.72.0) | - | - | High
|
||||
348 | [62.40.74.0](https://vuldb.com/?ip.62.40.74.0) | - | - | High
|
||||
349 | [62.40.75.0](https://vuldb.com/?ip.62.40.75.0) | - | - | High
|
||||
350 | [62.40.75.64](https://vuldb.com/?ip.62.40.75.64) | - | - | High
|
||||
351 | [62.40.75.96](https://vuldb.com/?ip.62.40.75.96) | - | - | High
|
||||
352 | [62.40.75.112](https://vuldb.com/?ip.62.40.75.112) | - | - | High
|
||||
353 | [62.40.75.128](https://vuldb.com/?ip.62.40.75.128) | - | - | High
|
||||
354 | [62.40.76.0](https://vuldb.com/?ip.62.40.76.0) | - | - | High
|
||||
355 | [62.40.80.0](https://vuldb.com/?ip.62.40.80.0) | - | - | High
|
||||
356 | [62.44.0.0](https://vuldb.com/?ip.62.44.0.0) | - | - | High
|
||||
357 | [62.67.24.69](https://vuldb.com/?ip.62.67.24.69) | - | - | High
|
||||
358 | [62.77.64.0](https://vuldb.com/?ip.62.77.64.0) | - | - | High
|
||||
359 | [62.80.80.0](https://vuldb.com/?ip.62.80.80.0) | - | - | High
|
||||
360 | [62.80.84.0](https://vuldb.com/?ip.62.80.84.0) | - | - | High
|
||||
361 | [62.80.88.0](https://vuldb.com/?ip.62.80.88.0) | - | - | High
|
||||
362 | [62.84.128.0](https://vuldb.com/?ip.62.84.128.0) | - | - | High
|
||||
363 | [62.96.244.160](https://vuldb.com/?ip.62.96.244.160) | h-62.96.244.160.host.de.colt.net | - | High
|
||||
364 | [62.109.128.0](https://vuldb.com/?ip.62.109.128.0) | - | - | High
|
||||
365 | [62.129.32.0](https://vuldb.com/?ip.62.129.32.0) | - | - | High
|
||||
366 | [62.134.88.192](https://vuldb.com/?ip.62.134.88.192) | 62-134-88-192.business.static.de.bt.net | - | High
|
||||
367 | [62.140.0.8](https://vuldb.com/?ip.62.140.0.8) | - | - | High
|
||||
368 | [62.140.0.96](https://vuldb.com/?ip.62.140.0.96) | - | - | High
|
||||
369 | [62.141.0.0](https://vuldb.com/?ip.62.141.0.0) | - | - | High
|
||||
370 | [62.168.0.0](https://vuldb.com/?ip.62.168.0.0) | - | - | High
|
||||
371 | [62.177.64.0](https://vuldb.com/?ip.62.177.64.0) | adslplusprgnet.vol.cz | - | High
|
||||
372 | [62.179.52.128](https://vuldb.com/?ip.62.179.52.128) | chello062179052128.chello.pl | - | High
|
||||
373 | [62.179.55.104](https://vuldb.com/?ip.62.179.55.104) | chello062179055104.chello.pl | - | High
|
||||
374 | [62.179.152.0](https://vuldb.com/?ip.62.179.152.0) | cz-mez-pop1-ra1-lo2.aorta.net | - | High
|
||||
375 | [62.182.232.0](https://vuldb.com/?ip.62.182.232.0) | - | - | High
|
||||
376 | [62.200.64.16](https://vuldb.com/?ip.62.200.64.16) | - | - | High
|
||||
377 | [62.200.64.32](https://vuldb.com/?ip.62.200.64.32) | - | - | High
|
||||
378 | [62.200.64.60](https://vuldb.com/?ip.62.200.64.60) | - | - | High
|
||||
379 | [62.200.64.64](https://vuldb.com/?ip.62.200.64.64) | - | - | High
|
||||
380 | [62.200.64.80](https://vuldb.com/?ip.62.200.64.80) | - | - | High
|
||||
381 | [62.200.64.96](https://vuldb.com/?ip.62.200.64.96) | - | - | High
|
||||
382 | [62.201.16.0](https://vuldb.com/?ip.62.201.16.0) | - | - | High
|
||||
383 | [62.204.53.0](https://vuldb.com/?ip.62.204.53.0) | - | - | High
|
||||
384 | [62.204.224.0](https://vuldb.com/?ip.62.204.224.0) | TTNET-SERVERS.core.ttnet.cz | - | High
|
||||
385 | [62.209.192.0](https://vuldb.com/?ip.62.209.192.0) | - | - | High
|
||||
386 | [62.233.57.0](https://vuldb.com/?ip.62.233.57.0) | subnet.ipv4.layer6.net | - | High
|
||||
387 | [62.240.160.0](https://vuldb.com/?ip.62.240.160.0) | ip-62-240-160-0.net.vodafone.cz | - | High
|
||||
388 | [62.245.64.0](https://vuldb.com/?ip.62.245.64.0) | ip-62-245-64-0.bb.vodafone.cz | - | High
|
||||
389 | [65.9.9.0](https://vuldb.com/?ip.65.9.9.0) | server-65-9-9-0.prg50.r.cloudfront.net | - | High
|
||||
390 | [65.9.87.0](https://vuldb.com/?ip.65.9.87.0) | server-65-9-87-0.prg50.r.cloudfront.net | - | High
|
||||
391 | [65.9.88.0](https://vuldb.com/?ip.65.9.88.0) | server-65-9-88-0.prg50.r.cloudfront.net | - | High
|
||||
392 | [65.9.96.0](https://vuldb.com/?ip.65.9.96.0) | server-65-9-96-0.prg50.r.cloudfront.net | - | High
|
||||
393 | [66.90.110.0](https://vuldb.com/?ip.66.90.110.0) | - | - | High
|
||||
394 | [66.90.118.0](https://vuldb.com/?ip.66.90.118.0) | - | - | High
|
||||
395 | [66.185.120.0](https://vuldb.com/?ip.66.185.120.0) | - | - | High
|
||||
396 | [67.27.212.0](https://vuldb.com/?ip.67.27.212.0) | - | - | High
|
||||
397 | [69.94.64.0](https://vuldb.com/?ip.69.94.64.0) | - | - | High
|
||||
398 | [69.94.69.0](https://vuldb.com/?ip.69.94.69.0) | - | - | High
|
||||
399 | [69.94.71.0](https://vuldb.com/?ip.69.94.71.0) | - | - | High
|
||||
400 | [69.94.74.0](https://vuldb.com/?ip.69.94.74.0) | - | - | High
|
||||
401 | [69.94.78.0](https://vuldb.com/?ip.69.94.78.0) | - | - | High
|
||||
402 | [72.14.200.178](https://vuldb.com/?ip.72.14.200.178) | - | - | High
|
||||
403 | [72.14.200.239](https://vuldb.com/?ip.72.14.200.239) | - | - | High
|
||||
404 | [72.14.200.240](https://vuldb.com/?ip.72.14.200.240) | - | - | High
|
||||
405 | [72.14.200.242](https://vuldb.com/?ip.72.14.200.242) | - | - | High
|
||||
406 | [72.52.72.52](https://vuldb.com/?ip.72.52.72.52) | - | - | High
|
||||
407 | [74.80.86.0](https://vuldb.com/?ip.74.80.86.0) | - | - | High
|
||||
408 | [74.125.104.96](https://vuldb.com/?ip.74.125.104.96) | prg03s07-in-f0.1e100.net | - | High
|
||||
409 | [74.125.108.160](https://vuldb.com/?ip.74.125.108.160) | prg03s09-in-f0.1e100.net | - | High
|
||||
410 | [77.48.0.0](https://vuldb.com/?ip.77.48.0.0) | 77.48.0.0.life-net.cz | - | High
|
||||
411 | [77.48.128.0](https://vuldb.com/?ip.77.48.128.0) | ip-77-48-128-0.net.vodafone.cz | - | High
|
||||
412 | [77.48.132.0](https://vuldb.com/?ip.77.48.132.0) | ip-77-48-132-0.net.vodafone.cz | - | High
|
||||
413 | [77.48.136.0](https://vuldb.com/?ip.77.48.136.0) | adresa.net.hakman.biz | - | High
|
||||
414 | [77.48.144.0](https://vuldb.com/?ip.77.48.144.0) | ip-77-48-144-0.net.vodafone.cz | - | High
|
||||
415 | [77.48.160.0](https://vuldb.com/?ip.77.48.160.0) | - | - | High
|
||||
416 | [77.48.192.0](https://vuldb.com/?ip.77.48.192.0) | - | - | High
|
||||
417 | [77.48.208.0](https://vuldb.com/?ip.77.48.208.0) | ipv4-77-48-208-0.tkom.cz | - | High
|
||||
418 | [77.48.216.0](https://vuldb.com/?ip.77.48.216.0) | ip-77-48-216-0.net.vodafone.cz | - | High
|
||||
419 | [77.48.222.0](https://vuldb.com/?ip.77.48.222.0) | ip-77-48-222-0.net.vodafone.cz | - | High
|
||||
420 | [77.48.224.0](https://vuldb.com/?ip.77.48.224.0) | - | - | High
|
||||
421 | [77.48.240.0](https://vuldb.com/?ip.77.48.240.0) | ip-77-48-240-0.net.vodafone.cz | - | High
|
||||
422 | [77.48.244.0](https://vuldb.com/?ip.77.48.244.0) | ip-77-48-244-0.net.vodafone.cz | - | High
|
||||
423 | [77.48.244.64](https://vuldb.com/?ip.77.48.244.64) | ip-77-48-244-64.net.vodafone.cz | - | High
|
||||
424 | [77.48.244.80](https://vuldb.com/?ip.77.48.244.80) | ip-77-48-244-80.net.vodafone.cz | - | High
|
||||
425 | [77.48.244.83](https://vuldb.com/?ip.77.48.244.83) | ransyst-pop4-bre-83.cust.sloane.cz | - | High
|
||||
426 | [77.48.244.84](https://vuldb.com/?ip.77.48.244.84) | ransyst-pop4-bre-84.cust.sloane.cz | - | High
|
||||
427 | [77.48.244.88](https://vuldb.com/?ip.77.48.244.88) | ip-77-48-244-88.net.vodafone.cz | - | High
|
||||
428 | [77.48.244.96](https://vuldb.com/?ip.77.48.244.96) | ip-77-48-244-96.net.vodafone.cz | - | High
|
||||
429 | [77.48.244.112](https://vuldb.com/?ip.77.48.244.112) | ip-77-48-244-112.net.vodafone.cz | - | High
|
||||
430 | [77.48.244.120](https://vuldb.com/?ip.77.48.244.120) | ip-77-48-244-120.net.vodafone.cz | - | High
|
||||
431 | [77.48.244.123](https://vuldb.com/?ip.77.48.244.123) | ransyst2-pop4-bre-123.cust.sloane.cz | - | High
|
||||
432 | [77.48.244.124](https://vuldb.com/?ip.77.48.244.124) | ransyst2-pop4-bre-124.cust.sloane.cz | - | High
|
||||
433 | [77.48.244.128](https://vuldb.com/?ip.77.48.244.128) | ip-77-48-244-128.net.vodafone.cz | - | High
|
||||
434 | [77.48.245.0](https://vuldb.com/?ip.77.48.245.0) | ip-77-48-245-0.net.vodafone.cz | - | High
|
||||
435 | [77.48.246.0](https://vuldb.com/?ip.77.48.246.0) | ip-77-48-246-0.net.vodafone.cz | - | High
|
||||
436 | [77.48.248.0](https://vuldb.com/?ip.77.48.248.0) | ip-77-48-248-0.net.vodafone.cz | - | High
|
||||
437 | [77.67.54.0](https://vuldb.com/?ip.77.67.54.0) | - | - | High
|
||||
438 | [77.67.54.168](https://vuldb.com/?ip.77.67.54.168) | - | - | High
|
||||
439 | [77.67.54.252](https://vuldb.com/?ip.77.67.54.252) | - | - | High
|
||||
440 | [77.67.56.208](https://vuldb.com/?ip.77.67.56.208) | - | - | High
|
||||
441 | [77.67.61.16](https://vuldb.com/?ip.77.67.61.16) | - | - | High
|
||||
442 | [77.67.62.40](https://vuldb.com/?ip.77.67.62.40) | - | - | High
|
||||
443 | [77.67.98.212](https://vuldb.com/?ip.77.67.98.212) | - | - | High
|
||||
444 | [77.67.104.232](https://vuldb.com/?ip.77.67.104.232) | - | - | High
|
||||
445 | [77.67.106.0](https://vuldb.com/?ip.77.67.106.0) | - | - | High
|
||||
446 | [77.67.114.128](https://vuldb.com/?ip.77.67.114.128) | - | - | High
|
||||
447 | [77.67.118.48](https://vuldb.com/?ip.77.67.118.48) | - | - | High
|
||||
448 | [77.75.72.0](https://vuldb.com/?ip.77.75.72.0) | - | - | High
|
||||
449 | [77.75.230.0](https://vuldb.com/?ip.77.75.230.0) | . | - | High
|
||||
450 | [77.77.168.136](https://vuldb.com/?ip.77.77.168.136) | - | - | High
|
||||
451 | [77.77.168.228](https://vuldb.com/?ip.77.77.168.228) | - | - | High
|
||||
452 | [77.77.188.160](https://vuldb.com/?ip.77.77.188.160) | - | - | High
|
||||
453 | [77.78.64.0](https://vuldb.com/?ip.77.78.64.0) | net-77-78-96-000.wia.cz | - | High
|
||||
454 | [77.78.68.0](https://vuldb.com/?ip.77.78.68.0) | unassigned-77-78-68-0.wia.cz | - | High
|
||||
455 | [77.78.74.0](https://vuldb.com/?ip.77.78.74.0) | - | - | High
|
||||
456 | [77.78.76.0](https://vuldb.com/?ip.77.78.76.0) | casablanca-net.casablanca.cz | - | High
|
||||
457 | [77.78.80.0](https://vuldb.com/?ip.77.78.80.0) | wia-net.wia.cz | - | High
|
||||
458 | [77.78.96.0](https://vuldb.com/?ip.77.78.96.0) | net-77-78-96-0.casablanca.cz | - | High
|
||||
459 | [77.78.112.0](https://vuldb.com/?ip.77.78.112.0) | casablanca-net.casablanca.cz | - | High
|
||||
460 | [77.78.122.0](https://vuldb.com/?ip.77.78.122.0) | net-77-78-122-000.wia.cz | - | High
|
||||
461 | [77.78.124.0](https://vuldb.com/?ip.77.78.124.0) | - | - | High
|
||||
462 | [77.87.232.0](https://vuldb.com/?ip.77.87.232.0) | - | - | High
|
||||
463 | [77.87.240.0](https://vuldb.com/?ip.77.87.240.0) | - | - | High
|
||||
464 | [77.92.192.0](https://vuldb.com/?ip.77.92.192.0) | - | - | High
|
||||
465 | [77.93.192.0](https://vuldb.com/?ip.77.93.192.0) | - | - | High
|
||||
466 | [77.95.40.0](https://vuldb.com/?ip.77.95.40.0) | net-1-0.jaw.cz | - | High
|
||||
467 | [77.95.192.0](https://vuldb.com/?ip.77.95.192.0) | 0.192.95.77.client.nordic.tel | - | High
|
||||
468 | [77.104.192.0](https://vuldb.com/?ip.77.104.192.0) | - | - | High
|
||||
469 | [77.223.216.0](https://vuldb.com/?ip.77.223.216.0) | - | - | High
|
||||
470 | [77.234.40.0](https://vuldb.com/?ip.77.234.40.0) | - | - | High
|
||||
471 | [77.236.192.0](https://vuldb.com/?ip.77.236.192.0) | - | - | High
|
||||
472 | [77.237.128.0](https://vuldb.com/?ip.77.237.128.0) | - | - | High
|
||||
473 | [77.240.96.0](https://vuldb.com/?ip.77.240.96.0) | - | - | High
|
||||
474 | [77.240.176.0](https://vuldb.com/?ip.77.240.176.0) | - | - | High
|
||||
475 | [77.242.80.0](https://vuldb.com/?ip.77.242.80.0) | - | - | High
|
||||
476 | [77.243.181.16](https://vuldb.com/?ip.77.243.181.16) | - | - | High
|
||||
477 | [77.243.181.28](https://vuldb.com/?ip.77.243.181.28) | - | - | High
|
||||
478 | [77.243.181.32](https://vuldb.com/?ip.77.243.181.32) | - | - | High
|
||||
479 | [77.247.6.0](https://vuldb.com/?ip.77.247.6.0) | fe-1-3-0-0.vdlfrn1-core-1.virtela.net | - | High
|
||||
480 | [78.24.8.0](https://vuldb.com/?ip.78.24.8.0) | net-78-24-8-0.vshosting.cz | - | High
|
||||
481 | [78.24.96.0](https://vuldb.com/?ip.78.24.96.0) | cust.uvtnet.cz | - | High
|
||||
482 | [78.24.232.0](https://vuldb.com/?ip.78.24.232.0) | - | - | High
|
||||
483 | [78.31.24.0](https://vuldb.com/?ip.78.31.24.0) | - | - | High
|
||||
484 | [78.41.8.0](https://vuldb.com/?ip.78.41.8.0) | - | - | High
|
||||
485 | [78.41.16.0](https://vuldb.com/?ip.78.41.16.0) | - | - | High
|
||||
486 | [78.44.0.0](https://vuldb.com/?ip.78.44.0.0) | ip-78-44-0-0.bb.vodafone.cz | - | High
|
||||
487 | [78.80.0.0](https://vuldb.com/?ip.78.80.0.0) | 78-80-0-0.customers.tmcz.cz | - | High
|
||||
488 | [78.102.0.0](https://vuldb.com/?ip.78.102.0.0) | ip-78-102-0-0.net.vodafone.cz | - | High
|
||||
489 | [78.108.96.0](https://vuldb.com/?ip.78.108.96.0) | - | - | High
|
||||
490 | [78.108.144.0](https://vuldb.com/?ip.78.108.144.0) | - | - | High
|
||||
491 | [78.108.176.0](https://vuldb.com/?ip.78.108.176.0) | - | - | High
|
||||
492 | [78.110.208.0](https://vuldb.com/?ip.78.110.208.0) | - | - | High
|
||||
493 | [78.111.112.0](https://vuldb.com/?ip.78.111.112.0) | - | - | High
|
||||
494 | [78.128.128.0](https://vuldb.com/?ip.78.128.128.0) | - | - | High
|
||||
495 | [78.136.128.0](https://vuldb.com/?ip.78.136.128.0) | - | - | High
|
||||
496 | [78.156.32.0](https://vuldb.com/?ip.78.156.32.0) | - | - | High
|
||||
497 | [78.156.128.0](https://vuldb.com/?ip.78.156.128.0) | - | - | High
|
||||
498 | [78.157.128.0](https://vuldb.com/?ip.78.157.128.0) | - | - | High
|
||||
499 | [79.98.72.0](https://vuldb.com/?ip.79.98.72.0) | - | - | High
|
||||
500 | [79.98.152.0](https://vuldb.com/?ip.79.98.152.0) | - | - | High
|
||||
501 | [79.110.27.0](https://vuldb.com/?ip.79.110.27.0) | - | - | High
|
||||
502 | [79.110.29.0](https://vuldb.com/?ip.79.110.29.0) | - | - | High
|
||||
503 | [79.110.32.0](https://vuldb.com/?ip.79.110.32.0) | network.otavanet.cz | - | High
|
||||
504 | [79.110.225.0](https://vuldb.com/?ip.79.110.225.0) | 79-110-225-0.colchester-fibre.co.uk | - | High
|
||||
505 | [79.127.128.0](https://vuldb.com/?ip.79.127.128.0) | - | - | High
|
||||
506 | [79.133.179.0](https://vuldb.com/?ip.79.133.179.0) | - | - | High
|
||||
507 | [79.140.90.128](https://vuldb.com/?ip.79.140.90.128) | ae19.francoforte30.fra.seabone.net | - | High
|
||||
508 | [79.140.90.130](https://vuldb.com/?ip.79.140.90.130) | ae19.franco50.fra.seabone.net | - | High
|
||||
509 | [79.140.90.132](https://vuldb.com/?ip.79.140.90.132) | - | - | High
|
||||
510 | [79.140.90.136](https://vuldb.com/?ip.79.140.90.136) | - | - | High
|
||||
511 | [79.140.90.138](https://vuldb.com/?ip.79.140.90.138) | - | - | High
|
||||
512 | [79.140.90.140](https://vuldb.com/?ip.79.140.90.140) | - | - | High
|
||||
513 | [79.140.90.144](https://vuldb.com/?ip.79.140.90.144) | - | - | High
|
||||
514 | [79.140.90.152](https://vuldb.com/?ip.79.140.90.152) | - | - | High
|
||||
515 | [79.140.90.156](https://vuldb.com/?ip.79.140.90.156) | - | - | High
|
||||
516 | [79.140.90.159](https://vuldb.com/?ip.79.140.90.159) | - | - | High
|
||||
517 | [79.140.90.161](https://vuldb.com/?ip.79.140.90.161) | - | - | High
|
||||
518 | [79.140.90.162](https://vuldb.com/?ip.79.140.90.162) | - | - | High
|
||||
519 | [79.140.90.164](https://vuldb.com/?ip.79.140.90.164) | - | - | High
|
||||
520 | [79.140.90.168](https://vuldb.com/?ip.79.140.90.168) | - | - | High
|
||||
521 | [79.140.90.176](https://vuldb.com/?ip.79.140.90.176) | - | - | High
|
||||
522 | [79.140.90.192](https://vuldb.com/?ip.79.140.90.192) | - | - | High
|
||||
523 | [79.141.240.0](https://vuldb.com/?ip.79.141.240.0) | ag-240-0.sta.ji.cz | - | High
|
||||
524 | [79.142.144.0](https://vuldb.com/?ip.79.142.144.0) | 79-142-144-0.bnet-internet.cz | - | High
|
||||
525 | [79.170.248.0](https://vuldb.com/?ip.79.170.248.0) | - | - | High
|
||||
526 | [79.171.184.0](https://vuldb.com/?ip.79.171.184.0) | - | - | High
|
||||
527 | [80.65.176.0](https://vuldb.com/?ip.80.65.176.0) | - | - | High
|
||||
528 | [80.74.32.0](https://vuldb.com/?ip.80.74.32.0) | - | - | High
|
||||
529 | [80.78.136.0](https://vuldb.com/?ip.80.78.136.0) | 0.136.78.80.client.nordic.tel | - | High
|
||||
530 | [80.78.144.0](https://vuldb.com/?ip.80.78.144.0) | - | - | High
|
||||
531 | [80.78.242.0](https://vuldb.com/?ip.80.78.242.0) | - | - | High
|
||||
532 | [80.79.0.0](https://vuldb.com/?ip.80.79.0.0) | - | - | High
|
||||
533 | ... | ... | ... | ...
|
||||
|
||||
There are 2126 more IOC items available. Please use our online service to access the data.
|
||||
|
||||
## TTP - Tactics, Techniques, Procedures
|
||||
|
||||
_Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK techniques used by _Czech Republic Unknown_. This data is unique as it uses our predictive model for actor profiling.
|
||||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-28 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-294, CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 18 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
These _indicators of attack_ (IOA) list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration by Czech Republic Unknown. This data is unique as it uses our predictive model for actor profiling.
|
||||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/about.php` | Medium
|
||||
2 | File | `/admin.php/accessory/filesdel.html` | High
|
||||
3 | File | `/admin/?page=user/manage` | High
|
||||
4 | File | `/admin/add-new.php` | High
|
||||
5 | File | `/admin/doctors.php` | High
|
||||
6 | File | `/admin/submit-articles` | High
|
||||
7 | File | `/ad_js.php` | Medium
|
||||
8 | File | `/alphaware/summary.php` | High
|
||||
9 | File | `/api/` | Low
|
||||
10 | File | `/api/admin/store/product/list` | High
|
||||
11 | File | `/app/options.py` | High
|
||||
12 | File | `/attachments` | Medium
|
||||
13 | File | `/boat/login.php` | High
|
||||
14 | File | `/bsms_ci/index.php/book` | High
|
||||
15 | File | `/cgi-bin/luci/api/wireless` | High
|
||||
16 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
17 | File | `/context/%2e/WEB-INF/web.xml` | High
|
||||
18 | File | `/dashboard/reports/logs/view` | High
|
||||
19 | File | `/debian/patches/load_ppp_generic_if_needed` | High
|
||||
20 | File | `/debug/pprof` | Medium
|
||||
21 | File | `/etc/hosts` | Medium
|
||||
22 | File | `/forum/away.php` | High
|
||||
23 | File | `/goform/setmac` | High
|
||||
24 | File | `/goform/wizard_end` | High
|
||||
25 | File | `/index.php` | Medium
|
||||
26 | File | `/manage-apartment.php` | High
|
||||
27 | File | `/medicines/profile.php` | High
|
||||
28 | File | `/modules/caddyhttp/rewrite/rewrite.go` | High
|
||||
29 | File | `/pages/apply_vacancy.php` | High
|
||||
30 | File | `/proc/<PID>/mem` | High
|
||||
31 | File | `/proxy` | Low
|
||||
32 | File | `/reservation/add_message.php` | High
|
||||
33 | File | `/spip.php` | Medium
|
||||
34 | File | `/tmp` | Low
|
||||
35 | File | `/uncpath/` | Medium
|
||||
36 | File | `/upload` | Low
|
||||
37 | File | `/vendor/htmlawed/htmlawed/htmLawedTest.php` | High
|
||||
38 | ... | ... | ...
|
||||
|
||||
There are 329 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
The following list contains _external sources_ which discuss the actor and the associated activities:
|
||||
|
||||
* https://github.com/firehol/blocklist-ipsets/blob/master/ipip_country/ipip_country_cz.netset
|
||||
|
||||
## Literature
|
||||
|
||||
The following _articles_ explain our unique predictive cyber threat intelligence:
|
||||
|
||||
* [VulDB Cyber Threat Intelligence Documentation](https://vuldb.com/?kb.cti)
|
||||
* [Cyber Threat Intelligence - Early Anticipation of Attacks](https://www.scip.ch/en/?labs.20201022)
|
||||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [GB](https://vuldb.com/?country.gb)
|
||||
* ...
|
||||
|
||||
There are 7 more country items available. Please use our online service to access the data.
|
||||
There are 8 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -45,7 +45,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
4 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
5 | ... | ... | ... | ...
|
||||
|
||||
There are 16 more TTP items available. Please use our online service to access the data.
|
||||
There are 17 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -77,7 +77,7 @@ ID | Type | Indicator | Confidence
|
|||
22 | File | `admin/content.php` | High
|
||||
23 | ... | ... | ...
|
||||
|
||||
There are 192 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 196 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -39,7 +39,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
3 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 11 more TTP items available. Please use our online service to access the data.
|
||||
There are 12 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -58,9 +58,11 @@ ID | Type | Indicator | Confidence
|
|||
9 | File | `admin/file-manager/attachments` | High
|
||||
10 | File | `application/modules/admin/views/ecommerce/products.php` | High
|
||||
11 | File | `apply.cgi` | Medium
|
||||
12 | ... | ... | ...
|
||||
12 | File | `archivejson.cgi` | High
|
||||
13 | File | `base/ErrorHandler.php` | High
|
||||
14 | ... | ... | ...
|
||||
|
||||
There are 96 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 106 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -33,7 +33,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
2 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
3 | T1068 | CWE-284 | Execution with Unnecessary Privileges | High
|
||||
3 | T1068 | CWE-284 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 4 more TTP items available. Please use our online service to access the data.
|
||||
|
|
|
@ -29,7 +29,7 @@ ID | IP address | Hostname | Campaign | Confidence
|
|||
6 | [35.205.61.67](https://vuldb.com/?ip.35.205.61.67) | 67.61.205.35.bc.googleusercontent.com | - | Medium
|
||||
7 | ... | ... | ... | ...
|
||||
|
||||
There are 22 more IOC items available. Please use our online service to access the data.
|
||||
There are 23 more IOC items available. Please use our online service to access the data.
|
||||
|
||||
## TTP - Tactics, Techniques, Procedures
|
||||
|
||||
|
@ -50,14 +50,14 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/pages/processlogin.php` | High
|
||||
2 | File | `/SCRIPTPATH/index.php` | High
|
||||
3 | File | `admin/index.php` | High
|
||||
4 | File | `auth-gss2.c` | Medium
|
||||
5 | File | `captcha.php` | Medium
|
||||
1 | File | `/admin/departments/view_department.php` | High
|
||||
2 | File | `/pages/processlogin.php` | High
|
||||
3 | File | `/SCRIPTPATH/index.php` | High
|
||||
4 | File | `admin/index.php` | High
|
||||
5 | File | `auth-gss2.c` | Medium
|
||||
6 | ... | ... | ...
|
||||
|
||||
There are 35 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 37 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
@ -70,6 +70,7 @@ The following list contains _external sources_ which discuss the actor and the a
|
|||
* https://blog.talosintelligence.com/2022/09/threat-roundup-0826-0902.html
|
||||
* https://blog.talosintelligence.com/2022/09/threat-roundup-0916-0923.html
|
||||
* https://blog.talosintelligence.com/threat-roundup-0113-0120/
|
||||
* https://blog.talosintelligence.com/threat-roundup-0414-0421-3/
|
||||
|
||||
## Literature
|
||||
|
||||
|
|
|
@ -9,6 +9,7 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
|
|||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Dealply:
|
||||
|
||||
* [IT](https://vuldb.com/?country.it)
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -33,14 +34,14 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-22, CWE-23, CWE-27, CWE-28, CWE-36, CWE-37 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-294, CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
1 | T1006 | CWE-22, CWE-23, CWE-35, CWE-425 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80, CWE-86 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 20 more TTP items available. Please use our online service to access the data.
|
||||
There are 22 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -48,50 +49,45 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/admin/?page=maintenance/brand` | High
|
||||
2 | File | `/admin/?page=product/manage_product&id=2` | High
|
||||
3 | File | `/admin/?page=reminders/view_reminder` | High
|
||||
4 | File | `/admin/?page=system_info` | High
|
||||
5 | File | `/admin/?page=user` | High
|
||||
6 | File | `/admin/admin.php` | High
|
||||
7 | File | `/admin/ajax.php?action=login` | High
|
||||
8 | File | `/admin/ballot_down.php` | High
|
||||
9 | File | `/admin/ballot_up.php` | High
|
||||
10 | File | `/admin/candidates_row.php` | High
|
||||
11 | File | `/admin/categories/view_category.php` | High
|
||||
12 | File | `/admin/configurations/userInfo` | High
|
||||
13 | File | `/admin/config_save.php` | High
|
||||
14 | File | `/admin/curriculum/view_curriculum.php` | High
|
||||
15 | File | `/admin/forgot-password.php` | High
|
||||
16 | File | `/admin/inventory/manage_stock.php` | High
|
||||
17 | File | `/admin/login.php` | High
|
||||
18 | File | `/admin/maintenance/manage_category.php` | High
|
||||
19 | File | `/admin/maintenance/view_designation.php` | High
|
||||
20 | File | `/admin/mechanics/manage_mechanic.php` | High
|
||||
21 | File | `/admin/offenses/view_details.php` | High
|
||||
22 | File | `/admin/orders/update_status.php` | High
|
||||
23 | File | `/admin/positions_add.php` | High
|
||||
24 | File | `/admin/positions_delete.php` | High
|
||||
25 | File | `/admin/positions_row.php` | High
|
||||
26 | File | `/admin/product/manage.php` | High
|
||||
27 | File | `/admin/products/manage_product.php` | High
|
||||
28 | File | `/admin/products/view_product.php` | High
|
||||
29 | File | `/admin/reminders/manage_reminder.php` | High
|
||||
30 | File | `/admin/report/index.php` | High
|
||||
31 | File | `/admin/sales/manage_sale.php` | High
|
||||
32 | File | `/admin/service_requests/manage_inventory.php` | High
|
||||
33 | File | `/admin/students/view_details.php` | High
|
||||
34 | File | `/admin/suppliers/view_details.php` | High
|
||||
35 | File | `/admin/template.php` | High
|
||||
36 | File | `/admin/transactions/track_shipment.php` | High
|
||||
37 | File | `/admin/user/manage_user.php` | High
|
||||
38 | File | `/admin/userprofile.php` | High
|
||||
39 | File | `/admin/voters_row.php` | High
|
||||
40 | File | `/app/options.py` | High
|
||||
41 | File | `/author/list?limit=10&offset=0&order=desc` | High
|
||||
42 | ... | ... | ...
|
||||
1 | File | `/admin/admin_admin.php` | High
|
||||
2 | File | `/admin/ajax.php` | High
|
||||
3 | File | `/admin/bookings/manage_booking.php` | High
|
||||
4 | File | `/admin/bookings/view_details.php` | High
|
||||
5 | File | `/admin/index.php` | High
|
||||
6 | File | `/admin/inquiries/view_inquiry.php` | High
|
||||
7 | File | `/admin/manage_academic.php` | High
|
||||
8 | File | `/admin/orders/update_status.php` | High
|
||||
9 | File | `/admin/services/manage_service.php` | High
|
||||
10 | File | `/admin/user/manage_user.php` | High
|
||||
11 | File | `/ajax/myshop` | Medium
|
||||
12 | File | `/ari/asterisk/variable` | High
|
||||
13 | File | `/base/ecma-helpers.c` | High
|
||||
14 | File | `/bin/ate` | Medium
|
||||
15 | File | `/boafrm/formFilter` | High
|
||||
16 | File | `/boafrm/formHomeWlanSetup` | High
|
||||
17 | File | `/churchcrm/v2/family/not-found` | High
|
||||
18 | File | `/classes/Master.php?f=delete_inquiry` | High
|
||||
19 | File | `/classes/Master.php?f=delete_item` | High
|
||||
20 | File | `/classes/Master.php?f=save_course` | High
|
||||
21 | File | `/classes/Master.php?f=save_service` | High
|
||||
22 | File | `/classes/Users.php` | High
|
||||
23 | File | `/client/manage/ourphp_out.php` | High
|
||||
24 | File | `/Controls/Generic/EBMK/Handlers/EStatements/DownloadEStatement.ashx` | High
|
||||
25 | File | `/dialog/select_media.php` | High
|
||||
26 | File | `/Enclave.cpp` | Medium
|
||||
27 | File | `/get-artifact` | High
|
||||
28 | File | `/goform/sysTools` | High
|
||||
29 | File | `/inc/jquery/uploadify/uploadify.php` | High
|
||||
30 | File | `/index.php/archives/1/comment` | High
|
||||
31 | File | `/jerry-core/parser/js/js-lexer.c` | High
|
||||
32 | File | `/jerry-core/parser/js/js-parser-statm.c` | High
|
||||
33 | File | `/jerry-core/parser/js/js-scanner-util.c` | High
|
||||
34 | File | `/jerry-core/vm/vm.c` | High
|
||||
35 | File | `/message/form/` | High
|
||||
36 | File | `/nasm/nasm-parse.c` | High
|
||||
37 | ... | ... | ...
|
||||
|
||||
There are 362 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 322 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -10,10 +10,10 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
|
||||
* [NL](https://vuldb.com/?country.nl)
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [IR](https://vuldb.com/?country.ir)
|
||||
* [ES](https://vuldb.com/?country.es)
|
||||
* ...
|
||||
|
||||
There are 10 more country items available. Please use our online service to access the data.
|
||||
There are 15 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -41,7 +41,8 @@ ID | Technique | Weakness | Description | Confidence
|
|||
2 | T1055 | CWE-74 | Injection | High
|
||||
3 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
|
||||
4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
5 | ... | ... | ... | ...
|
||||
5 | T1068 | CWE-250, CWE-264, CWE-269, CWE-284 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 18 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
|
@ -53,33 +54,34 @@ ID | Type | Indicator | Confidence
|
|||
-- | ---- | --------- | ----------
|
||||
1 | File | `.travis.yml` | Medium
|
||||
2 | File | `/.env` | Low
|
||||
3 | File | `/admin.php` | Medium
|
||||
4 | File | `/admin/subnets/ripe-query.php` | High
|
||||
5 | File | `/core/conditions/AbstractWrapper.java` | High
|
||||
3 | File | `/admin/subnets/ripe-query.php` | High
|
||||
4 | File | `/core/conditions/AbstractWrapper.java` | High
|
||||
5 | File | `/dcim/sites/add/` | High
|
||||
6 | File | `/debug/pprof` | Medium
|
||||
7 | File | `/ecrire` | Low
|
||||
8 | File | `/export` | Low
|
||||
9 | File | `/file?action=download&file` | High
|
||||
10 | File | `/forum/away.php` | High
|
||||
11 | File | `/hardware` | Medium
|
||||
12 | File | `/medical/inventories.php` | High
|
||||
13 | File | `/monitoring` | Medium
|
||||
14 | File | `/opt/zimbra/jetty/webapps/zimbra/public` | High
|
||||
15 | File | `/out.php` | Medium
|
||||
16 | File | `/plugin/LiveChat/getChat.json.php` | High
|
||||
17 | File | `/plugins/servlet/audit/resource` | High
|
||||
18 | File | `/plugins/servlet/project-config/PROJECT/roles` | High
|
||||
19 | File | `/product_list.php` | High
|
||||
20 | File | `/recordings/index.php` | High
|
||||
21 | File | `/replication` | Medium
|
||||
22 | File | `/rest/api/1.0/render` | High
|
||||
23 | File | `/RestAPI` | Medium
|
||||
24 | File | `/tmp/zarafa-vacation-*` | High
|
||||
25 | File | `/uncpath/` | Medium
|
||||
26 | File | `/upload` | Low
|
||||
27 | ... | ... | ...
|
||||
12 | File | `/include/makecvs.php` | High
|
||||
13 | File | `/medical/inventories.php` | High
|
||||
14 | File | `/MicroStrategyWS/happyaxis.jsp` | High
|
||||
15 | File | `/monitoring` | Medium
|
||||
16 | File | `/opt/zimbra/jetty/webapps/zimbra/public` | High
|
||||
17 | File | `/out.php` | Medium
|
||||
18 | File | `/owa/auth/logon.aspx` | High
|
||||
19 | File | `/plugin/LiveChat/getChat.json.php` | High
|
||||
20 | File | `/plugins/servlet/audit/resource` | High
|
||||
21 | File | `/plugins/servlet/project-config/PROJECT/roles` | High
|
||||
22 | File | `/recordings/index.php` | High
|
||||
23 | File | `/replication` | Medium
|
||||
24 | File | `/rest/api/1.0/render` | High
|
||||
25 | File | `/RestAPI` | Medium
|
||||
26 | File | `/tmp/zarafa-vacation-*` | High
|
||||
27 | File | `/uncpath/` | Medium
|
||||
28 | ... | ... | ...
|
||||
|
||||
There are 231 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 234 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -10,10 +10,10 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
|
||||
* [VN](https://vuldb.com/?country.vn)
|
||||
* [ES](https://vuldb.com/?country.es)
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
* ...
|
||||
|
||||
There are 10 more country items available. Please use our online service to access the data.
|
||||
There are 6 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -821,14 +821,13 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-22, CWE-23, CWE-29, CWE-36 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-294 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-425 | Pathname Traversal | High
|
||||
2 | T1055 | CWE-74 | Injection | High
|
||||
3 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
5 | ... | ... | ... | ...
|
||||
|
||||
There are 18 more TTP items available. Please use our online service to access the data.
|
||||
There are 15 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -836,45 +835,31 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `.FBCIndex` | Medium
|
||||
2 | File | `/?p=products` | Medium
|
||||
3 | File | `/admin-ajax.php?action=eps_redirect_save` | High
|
||||
4 | File | `/admin/?page=reminders/view_reminder` | High
|
||||
5 | File | `/admin/cashadvance_row.php` | High
|
||||
6 | File | `/admin/employee_row.php` | High
|
||||
7 | File | `/admin/inventory/manage_stock.php` | High
|
||||
8 | File | `/admin/login.php` | High
|
||||
9 | File | `/admin/maintenance/manage_category.php` | High
|
||||
10 | File | `/admin/maintenance/view_designation.php` | High
|
||||
11 | File | `/admin/mechanics/manage_mechanic.php` | High
|
||||
12 | File | `/admin/offenses/view_details.php` | High
|
||||
13 | File | `/admin/report/index.php` | High
|
||||
14 | File | `/admin/service_requests/manage_inventory.php` | High
|
||||
15 | File | `/admin/suppliers/view_details.php` | High
|
||||
16 | File | `/admin/transactions/track_shipment.php` | High
|
||||
17 | File | `/admin/userprofile.php` | High
|
||||
18 | File | `/api/admin/store/product/list` | High
|
||||
19 | File | `/bsms_ci/index.php/user/edit_user/` | High
|
||||
20 | File | `/cgi-bin/DownloadFlash` | High
|
||||
21 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
22 | File | `/classes/Login.php` | High
|
||||
23 | File | `/classes/Master.php` | High
|
||||
24 | File | `/classes/Master.php?f=delete_img` | High
|
||||
25 | File | `/classes/Master.php?f=delete_sub_category` | High
|
||||
26 | File | `/classes/Master.php?f=save_brand` | High
|
||||
27 | File | `/classes/Master.php?f=save_sub_category` | High
|
||||
28 | File | `/classes/Users.php` | High
|
||||
29 | File | `/classes/Users.phpp` | High
|
||||
30 | File | `/common/info.cgi` | High
|
||||
31 | File | `/config/myfield/test.php` | High
|
||||
32 | File | `/debug/pprof` | Medium
|
||||
33 | File | `/file/upload/1` | High
|
||||
34 | File | `/hrm/employeeadd.php` | High
|
||||
35 | File | `/inc/topBarNav.php` | High
|
||||
36 | File | `/js/player/dmplayer/dmku/index.php` | High
|
||||
37 | ... | ... | ...
|
||||
1 | File | `/?r=email/api/mark&op=delFromSend` | High
|
||||
2 | File | `/admin/bookings/manage_booking.php` | High
|
||||
3 | File | `/admin/bookings/view_booking.php` | High
|
||||
4 | File | `/admin/bookings/view_details.php` | High
|
||||
5 | File | `/admin/inquiries/view_inquiry.php` | High
|
||||
6 | File | `/admin/manage_academic.php` | High
|
||||
7 | File | `/admin/services/view_service.php` | High
|
||||
8 | File | `/admin/user/manage_user.php` | High
|
||||
9 | File | `/admin/user/uploadImg` | High
|
||||
10 | File | `/administrator/components/table_manager/` | High
|
||||
11 | File | `/api/v2/cli/commands` | High
|
||||
12 | File | `/boafrm/formFilter` | High
|
||||
13 | File | `/classes/Master.php?f=save_course` | High
|
||||
14 | File | `/Content/Template/root/reverse-shell.aspx` | High
|
||||
15 | File | `/Default/Bd` | Medium
|
||||
16 | File | `/message/form/` | High
|
||||
17 | File | `/send_order.cgi?parameter=access_detect` | High
|
||||
18 | File | `/server/api/v1/login` | High
|
||||
19 | File | `/static/ueditor/php/controller.php` | High
|
||||
20 | File | `/uncpath/` | Medium
|
||||
21 | File | `/v2/#/` | Low
|
||||
22 | File | `/v2/#/add/department` | High
|
||||
23 | ... | ... | ...
|
||||
|
||||
There are 321 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 191 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -114,7 +114,7 @@ ID | Type | Indicator | Confidence
|
|||
8 | File | `/EXCU_SHELL` | Medium
|
||||
9 | ... | ... | ...
|
||||
|
||||
There are 66 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 68 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -24,7 +24,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [RU](https://vuldb.com/?country.ru)
|
||||
* ...
|
||||
|
||||
There are 17 more country items available. Please use our online service to access the data.
|
||||
There are 18 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -96,7 +96,7 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-28 | Pathname Traversal | High
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-294, CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
|
@ -127,9 +127,9 @@ ID | Type | Indicator | Confidence
|
|||
14 | File | `/alphaware/summary.php` | High
|
||||
15 | File | `/api/` | Low
|
||||
16 | File | `/api/admin/store/product/list` | High
|
||||
17 | File | `/apply.cgi` | Medium
|
||||
18 | File | `/APR/login.php` | High
|
||||
19 | File | `/attachments` | Medium
|
||||
17 | File | `/api/v2/cli/commands` | High
|
||||
18 | File | `/apply.cgi` | Medium
|
||||
19 | File | `/APR/login.php` | High
|
||||
20 | File | `/bin/httpd` | Medium
|
||||
21 | File | `/boat/login.php` | High
|
||||
22 | File | `/bsms_ci/index.php/book` | High
|
||||
|
@ -137,38 +137,42 @@ ID | Type | Indicator | Confidence
|
|||
24 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
25 | File | `/debug/pprof` | Medium
|
||||
26 | File | `/dev/block/mmcblk0rpmb` | High
|
||||
27 | File | `/etc/hosts` | Medium
|
||||
28 | File | `/forum/away.php` | High
|
||||
29 | File | `/fos/admin/ajax.php?action=login` | High
|
||||
30 | File | `/fos/admin/index.php?page=menu` | High
|
||||
31 | File | `/home/masterConsole` | High
|
||||
32 | File | `/home/sendBroadcast` | High
|
||||
33 | File | `/jsoa/hntdCustomDesktopActionContent` | High
|
||||
34 | File | `/medicines/profile.php` | High
|
||||
35 | File | `/mygym/admin/index.php?view_exercises` | High
|
||||
36 | File | `/php-opos/index.php` | High
|
||||
37 | File | `/proxy` | Low
|
||||
38 | File | `/public/launchNewWindow.jsp` | High
|
||||
39 | File | `/reports/rwservlet` | High
|
||||
40 | File | `/reservation/add_message.php` | High
|
||||
41 | File | `/secure/QueryComponent!Default.jspa` | High
|
||||
42 | File | `/Session` | Medium
|
||||
43 | File | `/spip.php` | Medium
|
||||
44 | File | `/tmp` | Low
|
||||
45 | File | `/uncpath/` | Medium
|
||||
46 | File | `/user/updatePwd` | High
|
||||
47 | File | `/vendor/htmlawed/htmlawed/htmLawedTest.php` | High
|
||||
48 | File | `/video-sharing-script/watch-video.php` | High
|
||||
49 | File | `/wbms/classes/Master.php?f=delete_client` | High
|
||||
50 | File | `/wireless/security.asp` | High
|
||||
51 | File | `/xxl-job-admin/jobinfo` | High
|
||||
52 | File | `01article.php` | High
|
||||
53 | File | `AcquisiAction.class.php` | High
|
||||
54 | File | `actionphp/download.File.php` | High
|
||||
55 | File | `activenews_view.asp` | High
|
||||
56 | ... | ... | ...
|
||||
27 | File | `/forum/away.php` | High
|
||||
28 | File | `/fos/admin/ajax.php?action=login` | High
|
||||
29 | File | `/fos/admin/index.php?page=menu` | High
|
||||
30 | File | `/home/masterConsole` | High
|
||||
31 | File | `/home/sendBroadcast` | High
|
||||
32 | File | `/jsoa/hntdCustomDesktopActionContent` | High
|
||||
33 | File | `/medicines/profile.php` | High
|
||||
34 | File | `/mygym/admin/index.php?view_exercises` | High
|
||||
35 | File | `/php-opos/index.php` | High
|
||||
36 | File | `/proxy` | Low
|
||||
37 | File | `/public/launchNewWindow.jsp` | High
|
||||
38 | File | `/reports/rwservlet` | High
|
||||
39 | File | `/reservation/add_message.php` | High
|
||||
40 | File | `/secure/QueryComponent!Default.jspa` | High
|
||||
41 | File | `/Session` | Medium
|
||||
42 | File | `/spip.php` | Medium
|
||||
43 | File | `/tmp` | Low
|
||||
44 | File | `/uncpath/` | Medium
|
||||
45 | File | `/user/updatePwd` | High
|
||||
46 | File | `/vendor/htmlawed/htmlawed/htmLawedTest.php` | High
|
||||
47 | File | `/video-sharing-script/watch-video.php` | High
|
||||
48 | File | `/wbms/classes/Master.php?f=delete_client` | High
|
||||
49 | File | `/wireless/security.asp` | High
|
||||
50 | File | `/xxl-job-admin/jobinfo` | High
|
||||
51 | File | `01article.php` | High
|
||||
52 | File | `AcquisiAction.class.php` | High
|
||||
53 | File | `actionphp/download.File.php` | High
|
||||
54 | File | `activenews_view.asp` | High
|
||||
55 | File | `adclick.php` | Medium
|
||||
56 | File | `admin.a6mambocredits.php` | High
|
||||
57 | File | `admin.cropcanvas.php` | High
|
||||
58 | File | `admin/abc.php` | High
|
||||
59 | File | `admin/add_payment.php` | High
|
||||
60 | ... | ... | ...
|
||||
|
||||
There are 484 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 521 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -15,11 +15,11 @@ The following _campaigns_ are known and can be associated with FIN8:
|
|||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with FIN8:
|
||||
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
* [ES](https://vuldb.com/?country.es)
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [ES](https://vuldb.com/?country.es)
|
||||
* ...
|
||||
|
||||
There are 15 more country items available. Please use our online service to access the data.
|
||||
There are 14 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -41,10 +41,11 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-28 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
2 | T1040 | CWE-294, CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
|
||||
5 | ... | ... | ... | ...
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 18 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
|
@ -54,40 +55,46 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `//proc/kcore` | Medium
|
||||
2 | File | `/about.php` | Medium
|
||||
3 | File | `/admin/submit-articles` | High
|
||||
4 | File | `/ad_js.php` | Medium
|
||||
5 | File | `/Ap4RtpAtom.cpp` | High
|
||||
6 | File | `/app/options.py` | High
|
||||
7 | File | `/attachments` | Medium
|
||||
8 | File | `/bsms/?page=manage_account` | High
|
||||
9 | File | `/bsms_ci/index.php/book` | High
|
||||
10 | File | `/cgi-bin/login.cgi` | High
|
||||
11 | File | `/cgi-bin/luci/api/wireless` | High
|
||||
12 | File | `/ci_hms/massage_room/edit/1` | High
|
||||
13 | File | `/context/%2e/WEB-INF/web.xml` | High
|
||||
14 | File | `/dashboard/reports/logs/view` | High
|
||||
15 | File | `/debian/patches/load_ppp_generic_if_needed` | High
|
||||
16 | File | `/debug/pprof` | Medium
|
||||
17 | File | `/etc/hosts` | Medium
|
||||
18 | File | `/forum/away.php` | High
|
||||
19 | File | `/fuel/sitevariables/delete/4` | High
|
||||
20 | File | `/goform/setmac` | High
|
||||
21 | File | `/goform/wizard_end` | High
|
||||
22 | File | `/hprms/admin/doctors/manage_doctor.php` | High
|
||||
23 | File | `/index/jobfairol/show/` | High
|
||||
24 | File | `/librarian/bookdetails.php` | High
|
||||
25 | File | `/manage-apartment.php` | High
|
||||
26 | File | `/medicines/profile.php` | High
|
||||
27 | File | `/modules/caddyhttp/rewrite/rewrite.go` | High
|
||||
28 | File | `/pages/apply_vacancy.php` | High
|
||||
29 | File | `/proc/<PID>/mem` | High
|
||||
30 | File | `/proxy` | Low
|
||||
31 | File | `/simple_chat_bot/admin/?page=user/manage_user` | High
|
||||
32 | ... | ... | ...
|
||||
1 | File | `/about.php` | Medium
|
||||
2 | File | `/admin.php/accessory/filesdel.html` | High
|
||||
3 | File | `/admin/?page=user/manage` | High
|
||||
4 | File | `/admin/add-new.php` | High
|
||||
5 | File | `/admin/doctors.php` | High
|
||||
6 | File | `/admin/submit-articles` | High
|
||||
7 | File | `/ad_js.php` | Medium
|
||||
8 | File | `/alphaware/summary.php` | High
|
||||
9 | File | `/api/` | Low
|
||||
10 | File | `/api/admin/store/product/list` | High
|
||||
11 | File | `/api/v2/cli/commands` | High
|
||||
12 | File | `/app/options.py` | High
|
||||
13 | File | `/attachments` | Medium
|
||||
14 | File | `/boat/login.php` | High
|
||||
15 | File | `/bsms_ci/index.php/book` | High
|
||||
16 | File | `/cgi-bin/luci/api/wireless` | High
|
||||
17 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
18 | File | `/context/%2e/WEB-INF/web.xml` | High
|
||||
19 | File | `/dashboard/reports/logs/view` | High
|
||||
20 | File | `/debian/patches/load_ppp_generic_if_needed` | High
|
||||
21 | File | `/debug/pprof` | Medium
|
||||
22 | File | `/etc/hosts` | Medium
|
||||
23 | File | `/forum/away.php` | High
|
||||
24 | File | `/goform/setmac` | High
|
||||
25 | File | `/goform/wizard_end` | High
|
||||
26 | File | `/manage-apartment.php` | High
|
||||
27 | File | `/medicines/profile.php` | High
|
||||
28 | File | `/modules/caddyhttp/rewrite/rewrite.go` | High
|
||||
29 | File | `/pages/apply_vacancy.php` | High
|
||||
30 | File | `/proc/<PID>/mem` | High
|
||||
31 | File | `/proxy` | Low
|
||||
32 | File | `/reservation/add_message.php` | High
|
||||
33 | File | `/spip.php` | Medium
|
||||
34 | File | `/tmp` | Low
|
||||
35 | File | `/train_scheduler_app/?action=delete` | High
|
||||
36 | File | `/uncpath/` | Medium
|
||||
37 | File | `/upload` | Low
|
||||
38 | ... | ... | ...
|
||||
|
||||
There are 270 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 322 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -32,7 +32,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
2 | T1059.007 | CWE-80 | Cross Site Scripting | High
|
||||
3 | T1068 | CWE-269 | Execution with Unnecessary Privileges | High
|
||||
3 | T1068 | CWE-269 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 2 more TTP items available. Please use our online service to access the data.
|
||||
|
|
|
@ -63,7 +63,7 @@ ID | Type | Indicator | Confidence
|
|||
13 | File | `/secure/QueryComponent!Default.jspa` | High
|
||||
14 | ... | ... | ...
|
||||
|
||||
There are 110 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 115 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -9,11 +9,11 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
|
|||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with FritzFrog:
|
||||
|
||||
* [VN](https://vuldb.com/?country.vn)
|
||||
* [ES](https://vuldb.com/?country.es)
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [ES](https://vuldb.com/?country.es)
|
||||
* ...
|
||||
|
||||
There are 12 more country items available. Please use our online service to access the data.
|
||||
There are 14 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -331,13 +331,14 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-29 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-294 | Authentication Bypass by Capture-replay | High
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-29, CWE-37 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
5 | ... | ... | ... | ...
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 18 more TTP items available. Please use our online service to access the data.
|
||||
There are 20 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -345,54 +346,56 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/?p=products` | Medium
|
||||
2 | File | `/admin` | Low
|
||||
3 | File | `/admin-ajax.php?action=eps_redirect_save` | High
|
||||
4 | File | `/admin/?page=product/manage_product&id=2` | High
|
||||
5 | File | `/admin/?setting-base.htm` | High
|
||||
6 | File | `/admin/cashadvance_row.php` | High
|
||||
7 | File | `/admin/login.php` | High
|
||||
8 | File | `/admin/maintenance/view_designation.php` | High
|
||||
9 | File | `/admin/userprofile.php` | High
|
||||
10 | File | `/api/admin/store/product/list` | High
|
||||
11 | File | `/api/admin/system/store/order/list` | High
|
||||
12 | File | `/cgi-bin/supervisor/PwdGrp.cgi` | High
|
||||
13 | File | `/cgi-bin/wapopen` | High
|
||||
14 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
15 | File | `/churchcrm/EventAttendance.php` | High
|
||||
16 | File | `/common/info.cgi` | High
|
||||
17 | File | `/common/sysFile/list` | High
|
||||
18 | File | `/config/myfield/test.php` | High
|
||||
19 | File | `/debug/pprof` | Medium
|
||||
20 | File | `/etc/sudoers` | Medium
|
||||
21 | File | `/file/upload/1` | High
|
||||
22 | File | `/form/index.php?module=getjson` | High
|
||||
23 | File | `/forum/away.php` | High
|
||||
24 | File | `/goform/addressNat` | High
|
||||
25 | File | `/goform/addRouting` | High
|
||||
26 | File | `/goform/form2Wan.cgi` | High
|
||||
27 | File | `/js/player/dmplayer/dmku/index.php` | High
|
||||
28 | File | `/licenses` | Medium
|
||||
29 | File | `/mcategory.php` | High
|
||||
1 | File | `//proc/kcore` | Medium
|
||||
2 | File | `/?ajax-request=jnews` | High
|
||||
3 | File | `/?p=products` | Medium
|
||||
4 | File | `/?r=email/api/mark&op=delFromSend` | High
|
||||
5 | File | `/admin.php/update/getFile.html` | High
|
||||
6 | File | `/admin/assign/assign.php` | High
|
||||
7 | File | `/admin/cashadvance_row.php` | High
|
||||
8 | File | `/admin/curriculum/view_curriculum.php` | High
|
||||
9 | File | `/admin/departments/view_department.php` | High
|
||||
10 | File | `/admin/maintenance/view_designation.php` | High
|
||||
11 | File | `/admin/suppliers/view_details.php` | High
|
||||
12 | File | `/admin/user/manage_user.php` | High
|
||||
13 | File | `/admin/user/uploadImg` | High
|
||||
14 | File | `/admin/userprofile.php` | High
|
||||
15 | File | `/administrator/components/table_manager/` | High
|
||||
16 | File | `/api/admin/store/product/list` | High
|
||||
17 | File | `/api/gen/clients/{language}` | High
|
||||
18 | File | `/blog/blog.php` | High
|
||||
19 | File | `/cgi-bin/activate.cgi` | High
|
||||
20 | File | `/cgi-bin/kerbynet` | High
|
||||
21 | File | `/cgi-bin/wapopen` | High
|
||||
22 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
23 | File | `/config/getuser` | High
|
||||
24 | File | `/Content/Template/root/reverse-shell.aspx` | High
|
||||
25 | File | `/Default/Bd` | Medium
|
||||
26 | File | `/feeds/post/publish` | High
|
||||
27 | File | `/forum/away.php` | High
|
||||
28 | File | `/index.php/archives/1/comment` | High
|
||||
29 | File | `/login/index.php` | High
|
||||
30 | File | `/mhds/clinic/view_details.php` | High
|
||||
31 | File | `/modules/profile/index.php` | High
|
||||
32 | File | `/modules/projects/vw_files.php` | High
|
||||
33 | File | `/movie.php` | Medium
|
||||
34 | File | `/multi-vendor-shopping-script/product-list.php` | High
|
||||
35 | File | `/out.php` | Medium
|
||||
36 | File | `/owa/auth/logon.aspx` | High
|
||||
37 | File | `/plain` | Low
|
||||
38 | File | `/public/launchNewWindow.jsp` | High
|
||||
39 | File | `/requests.php` | High
|
||||
40 | File | `/rom-0` | Low
|
||||
41 | File | `/sbin/orthrus` | High
|
||||
42 | File | `/sbin/rtspd` | Medium
|
||||
43 | File | `/shell` | Low
|
||||
44 | File | `/spip.php` | Medium
|
||||
45 | File | `/static/ueditor/php/controller.php` | High
|
||||
46 | ... | ... | ...
|
||||
31 | File | `/movie.php` | Medium
|
||||
32 | File | `/qsr_server/device/reboot` | High
|
||||
33 | File | `/reservation/add_message.php` | High
|
||||
34 | File | `/spip.php` | Medium
|
||||
35 | File | `/static/ueditor/php/controller.php` | High
|
||||
36 | File | `/ueditor/net/controller.ashx?action=catchimage` | High
|
||||
37 | File | `/uncpath/` | Medium
|
||||
38 | File | `/vaccinated/admin/maintenance/manage_location.php` | High
|
||||
39 | File | `/var/log/webfsd.log` | High
|
||||
40 | File | `/vendor` | Low
|
||||
41 | File | `/wp-admin/admin-ajax.php` | High
|
||||
42 | File | `/xxl-job-admin/user/add` | High
|
||||
43 | File | `123flashchat.php` | High
|
||||
44 | File | `404.php` | Low
|
||||
45 | File | `a-forms.php` | Medium
|
||||
46 | File | `adclick.php` | Medium
|
||||
47 | File | `admin.a6mambocredits.php` | High
|
||||
48 | ... | ... | ...
|
||||
|
||||
There are 399 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 413 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
File diff suppressed because it is too large
Load Diff
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [VN](https://vuldb.com/?country.vn)
|
||||
* ...
|
||||
|
||||
There are 12 more country items available. Please use our online service to access the data.
|
||||
There are 13 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -102,7 +102,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-29 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-294 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
|
||||
4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
|
@ -115,44 +115,45 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/+CSCOE+/logon.html` | High
|
||||
2 | File | `/admin/maintenance/view_designation.php` | High
|
||||
3 | File | `/admin/upload/upload` | High
|
||||
4 | File | `/api/admin/system/store/order/list` | High
|
||||
5 | File | `/api/gen/clients/{language}` | High
|
||||
6 | File | `/api/geojson` | Medium
|
||||
7 | File | `/apply_noauth.cgi` | High
|
||||
8 | File | `/bin/sh` | Low
|
||||
9 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
10 | File | `/common/sysFile/list` | High
|
||||
11 | File | `/config/myfield/test.php` | High
|
||||
12 | File | `/context/%2e/WEB-INF/web.xml` | High
|
||||
13 | File | `/ctcprotocol/Protocol` | High
|
||||
14 | File | `/debug/pprof` | Medium
|
||||
15 | File | `/ebics-server/ebics.aspx` | High
|
||||
16 | File | `/ecshop/admin/template.php` | High
|
||||
17 | File | `/etc/openstack-dashboard/local_settings` | High
|
||||
18 | File | `/file/upload/1` | High
|
||||
19 | File | `/forum/away.php` | High
|
||||
20 | File | `/forum/PostPrivateMessage` | High
|
||||
21 | File | `/goform/addressNat` | High
|
||||
22 | File | `/HNAP1` | Low
|
||||
23 | File | `/HNAP1/SetClientInfo` | High
|
||||
24 | File | `/home/www/cgi-bin/login.cgi` | High
|
||||
25 | File | `/js/player/dmplayer/dmku/index.php` | High
|
||||
26 | File | `/menu.html` | Medium
|
||||
27 | File | `/multi-vendor-shopping-script/product-list.php` | High
|
||||
28 | File | `/net-banking/customer_transactions.php` | High
|
||||
29 | File | `/obs/book.php` | High
|
||||
30 | File | `/orrs/admin/?page=user/manage_user` | High
|
||||
31 | File | `/ossn/administrator/com_installer` | High
|
||||
32 | File | `/pms/update_user.php?user_id=1` | High
|
||||
33 | File | `/requests.php` | High
|
||||
34 | File | `/resources//../` | High
|
||||
35 | File | `/secure/QueryComponent!Default.jspa` | High
|
||||
36 | File | `/spip.php` | Medium
|
||||
37 | ... | ... | ...
|
||||
2 | File | `/?r=email/api/mark&op=delFromSend` | High
|
||||
3 | File | `/admin/maintenance/view_designation.php` | High
|
||||
4 | File | `/admin/upload/upload` | High
|
||||
5 | File | `/api/admin/system/store/order/list` | High
|
||||
6 | File | `/api/gen/clients/{language}` | High
|
||||
7 | File | `/api/geojson` | Medium
|
||||
8 | File | `/apply_noauth.cgi` | High
|
||||
9 | File | `/bin/sh` | Low
|
||||
10 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
11 | File | `/common/sysFile/list` | High
|
||||
12 | File | `/config/myfield/test.php` | High
|
||||
13 | File | `/context/%2e/WEB-INF/web.xml` | High
|
||||
14 | File | `/ctcprotocol/Protocol` | High
|
||||
15 | File | `/debug/pprof` | Medium
|
||||
16 | File | `/Default/Bd` | Medium
|
||||
17 | File | `/ebics-server/ebics.aspx` | High
|
||||
18 | File | `/ecshop/admin/template.php` | High
|
||||
19 | File | `/etc/openstack-dashboard/local_settings` | High
|
||||
20 | File | `/file/upload/1` | High
|
||||
21 | File | `/forum/away.php` | High
|
||||
22 | File | `/forum/PostPrivateMessage` | High
|
||||
23 | File | `/goform/addressNat` | High
|
||||
24 | File | `/HNAP1` | Low
|
||||
25 | File | `/HNAP1/SetClientInfo` | High
|
||||
26 | File | `/home/www/cgi-bin/login.cgi` | High
|
||||
27 | File | `/js/player/dmplayer/dmku/index.php` | High
|
||||
28 | File | `/menu.html` | Medium
|
||||
29 | File | `/modules/profile/index.php` | High
|
||||
30 | File | `/multi-vendor-shopping-script/product-list.php` | High
|
||||
31 | File | `/net-banking/customer_transactions.php` | High
|
||||
32 | File | `/obs/book.php` | High
|
||||
33 | File | `/orrs/admin/?page=user/manage_user` | High
|
||||
34 | File | `/ossn/administrator/com_installer` | High
|
||||
35 | File | `/pms/update_user.php?user_id=1` | High
|
||||
36 | File | `/requests.php` | High
|
||||
37 | File | `/resources//../` | High
|
||||
38 | ... | ... | ...
|
||||
|
||||
There are 313 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 329 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -36,7 +36,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-22 | Pathname Traversal | High
|
||||
2 | T1059.007 | CWE-79 | Cross Site Scripting | High
|
||||
3 | T1068 | CWE-264 | Execution with Unnecessary Privileges | High
|
||||
3 | T1068 | CWE-264 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 6 more TTP items available. Please use our online service to access the data.
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [GB](https://vuldb.com/?country.gb)
|
||||
* ...
|
||||
|
||||
There are 22 more country items available. Please use our online service to access the data.
|
||||
There are 23 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -41,7 +41,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 18 more TTP items available. Please use our online service to access the data.
|
||||
There are 19 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -55,67 +55,73 @@ ID | Type | Indicator | Confidence
|
|||
4 | File | `/admin/cashadvance_row.php` | High
|
||||
5 | File | `/Admin/login.php` | High
|
||||
6 | File | `/admin/maintenance/view_designation.php` | High
|
||||
7 | File | `/admin/showbad.php` | High
|
||||
8 | File | `/admin/userprofile.php` | High
|
||||
9 | File | `/adms/admin/?page=vehicles/sell_vehicle` | High
|
||||
10 | File | `/adms/admin/?page=vehicles/view_transaction` | High
|
||||
11 | File | `/apilog.php` | Medium
|
||||
12 | File | `/APR/login.php` | High
|
||||
13 | File | `/bin/httpd` | Medium
|
||||
14 | File | `/cgi-bin/wapopen` | High
|
||||
15 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
16 | File | `/connectors/index.php` | High
|
||||
17 | File | `/dev/block/mmcblk0rpmb` | High
|
||||
18 | File | `/DocSystem/Repos/getReposAllUsers.do` | High
|
||||
19 | File | `/face-recognition-php/facepay-master/camera.php` | High
|
||||
20 | File | `/forum/away.php` | High
|
||||
21 | File | `/fos/admin/ajax.php?action=login` | High
|
||||
22 | File | `/fos/admin/index.php?page=menu` | High
|
||||
23 | File | `/home/masterConsole` | High
|
||||
24 | File | `/home/sendBroadcast` | High
|
||||
25 | File | `/hrm/employeeadd.php` | High
|
||||
26 | File | `/hrm/employeeview.php` | High
|
||||
27 | File | `/index.php` | Medium
|
||||
28 | File | `/items/view_item.php` | High
|
||||
29 | File | `/jsoa/hntdCustomDesktopActionContent` | High
|
||||
30 | File | `/lookin/info` | Medium
|
||||
31 | File | `/manager/index.php` | High
|
||||
32 | File | `/medical/inventories.php` | High
|
||||
33 | File | `/modules/profile/index.php` | High
|
||||
34 | File | `/modules/projects/vw_files.php` | High
|
||||
35 | File | `/modules/public/calendar.php` | High
|
||||
36 | File | `/mygym/admin/index.php?view_exercises` | High
|
||||
37 | File | `/newsDia.php` | Medium
|
||||
38 | File | `/out.php` | Medium
|
||||
39 | File | `/php-opos/index.php` | High
|
||||
40 | File | `/proxy` | Low
|
||||
41 | File | `/public/launchNewWindow.jsp` | High
|
||||
42 | File | `/Redcock-Farm/farm/category.php` | High
|
||||
43 | File | `/reports/rwservlet` | High
|
||||
44 | File | `/sacco_shield/manage_user.php` | High
|
||||
45 | File | `/spip.php` | Medium
|
||||
46 | File | `/sqlitemanager/main.php?dbsel=-1%20or%2072%20=%2072` | High
|
||||
47 | File | `/staff/bookdetails.php` | High
|
||||
48 | File | `/uncpath/` | Medium
|
||||
49 | File | `/user/updatePwd` | High
|
||||
50 | File | `/user/update_booking.php` | High
|
||||
51 | File | `/Wedding-Management-PHP/admin/photos_add.php` | High
|
||||
52 | File | `/wireless/security.asp` | High
|
||||
53 | File | `/wordpress/wp-admin/options-general.php` | High
|
||||
54 | File | `/wp-content/plugins/woocommerce/templates/emails/plain/` | High
|
||||
55 | File | `01article.php` | High
|
||||
56 | File | `AbstractScheduleJob.java` | High
|
||||
57 | File | `actionphp/download.File.php` | High
|
||||
58 | File | `activenews_view.asp` | High
|
||||
59 | File | `adclick.php` | Medium
|
||||
60 | File | `addtocart.asp` | High
|
||||
7 | File | `/admin/userprofile.php` | High
|
||||
8 | File | `/adms/admin/?page=vehicles/sell_vehicle` | High
|
||||
9 | File | `/adms/admin/?page=vehicles/view_transaction` | High
|
||||
10 | File | `/apilog.php` | Medium
|
||||
11 | File | `/APR/login.php` | High
|
||||
12 | File | `/bin/httpd` | Medium
|
||||
13 | File | `/cgi-bin/wapopen` | High
|
||||
14 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
15 | File | `/connectors/index.php` | High
|
||||
16 | File | `/dev/block/mmcblk0rpmb` | High
|
||||
17 | File | `/DocSystem/Repos/getReposAllUsers.do` | High
|
||||
18 | File | `/face-recognition-php/facepay-master/camera.php` | High
|
||||
19 | File | `/forum/away.php` | High
|
||||
20 | File | `/fos/admin/ajax.php?action=login` | High
|
||||
21 | File | `/fos/admin/index.php?page=menu` | High
|
||||
22 | File | `/home/masterConsole` | High
|
||||
23 | File | `/home/sendBroadcast` | High
|
||||
24 | File | `/hrm/employeeadd.php` | High
|
||||
25 | File | `/hrm/employeeview.php` | High
|
||||
26 | File | `/index.php` | Medium
|
||||
27 | File | `/items/view_item.php` | High
|
||||
28 | File | `/jsoa/hntdCustomDesktopActionContent` | High
|
||||
29 | File | `/lookin/info` | Medium
|
||||
30 | File | `/manager/index.php` | High
|
||||
31 | File | `/medical/inventories.php` | High
|
||||
32 | File | `/modules/profile/index.php` | High
|
||||
33 | File | `/modules/projects/vw_files.php` | High
|
||||
34 | File | `/modules/public/calendar.php` | High
|
||||
35 | File | `/mygym/admin/index.php?view_exercises` | High
|
||||
36 | File | `/newsDia.php` | Medium
|
||||
37 | File | `/out.php` | Medium
|
||||
38 | File | `/php-opos/index.php` | High
|
||||
39 | File | `/proxy` | Low
|
||||
40 | File | `/public/launchNewWindow.jsp` | High
|
||||
41 | File | `/Redcock-Farm/farm/category.php` | High
|
||||
42 | File | `/reports/rwservlet` | High
|
||||
43 | File | `/sacco_shield/manage_user.php` | High
|
||||
44 | File | `/spip.php` | Medium
|
||||
45 | File | `/sqlitemanager/main.php?dbsel=-1%20or%2072%20=%2072` | High
|
||||
46 | File | `/staff/bookdetails.php` | High
|
||||
47 | File | `/uncpath/` | Medium
|
||||
48 | File | `/user/updatePwd` | High
|
||||
49 | File | `/user/update_booking.php` | High
|
||||
50 | File | `/Wedding-Management-PHP/admin/photos_add.php` | High
|
||||
51 | File | `/wireless/security.asp` | High
|
||||
52 | File | `/wordpress/wp-admin/options-general.php` | High
|
||||
53 | File | `01article.php` | High
|
||||
54 | File | `AbstractScheduleJob.java` | High
|
||||
55 | File | `actionphp/download.File.php` | High
|
||||
56 | File | `activenews_view.asp` | High
|
||||
57 | File | `adclick.php` | Medium
|
||||
58 | File | `addtocart.asp` | High
|
||||
59 | File | `admin.a6mambocredits.php` | High
|
||||
60 | File | `admin.cropcanvas.php` | High
|
||||
61 | File | `admin.php` | Medium
|
||||
62 | File | `admin/abc.php` | High
|
||||
63 | File | `admin/admin.php?action=users&mode=info&user=2` | High
|
||||
64 | File | `admin/admin/adminsave.html` | High
|
||||
65 | ... | ... | ...
|
||||
65 | File | `admin/asset/grid-proxy` | High
|
||||
66 | File | `admin/auditTrail.jsf` | High
|
||||
67 | File | `admin/conf_users_edit.php` | High
|
||||
68 | File | `admin/disapprove_user.php` | High
|
||||
69 | File | `admin/edit_category.php` | High
|
||||
70 | File | `admin/expense_report.php` | High
|
||||
71 | ... | ... | ...
|
||||
|
||||
There are 574 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 623 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -60,7 +60,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
3 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 13 more TTP items available. Please use our online service to access the data.
|
||||
There are 14 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
|
|
@ -47,7 +47,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 19 more TTP items available. Please use our online service to access the data.
|
||||
There are 20 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -76,43 +76,45 @@ ID | Type | Indicator | Confidence
|
|||
19 | File | `/login` | Low
|
||||
20 | File | `/login.cgi?logout=1` | High
|
||||
21 | File | `/Login.do` | Medium
|
||||
22 | File | `/mifs/c/i/reg/reg.html` | High
|
||||
23 | File | `/nova/bin/detnet` | High
|
||||
24 | File | `/pages.php` | Medium
|
||||
25 | File | `/pages/items` | Medium
|
||||
26 | File | `/proc/iomem` | Medium
|
||||
27 | File | `/profile/deleteWatch.do` | High
|
||||
28 | File | `/show_news.php` | High
|
||||
29 | File | `/status.js` | Medium
|
||||
30 | File | `/tmp` | Low
|
||||
31 | File | `/uncpath/` | Medium
|
||||
32 | File | `/userRpm/MediaServerFoldersCfgRpm.htm` | High
|
||||
33 | File | `/usr/local/ssl/openssl.cnf` | High
|
||||
34 | File | `/usr/local/WowzaStreamingEngine/bin/` | High
|
||||
35 | File | `/var/log/nginx` | High
|
||||
36 | File | `/wp-admin` | Medium
|
||||
37 | File | `/xampp/guestbook-en.pl` | High
|
||||
38 | File | `abook_database.php` | High
|
||||
39 | File | `AccountStatus.jsp` | High
|
||||
40 | File | `action/usermanager.htm` | High
|
||||
41 | File | `add.php` | Low
|
||||
42 | File | `add_comment.php` | High
|
||||
43 | File | `admin.cgi?action=config_restore` | High
|
||||
44 | File | `admin.php3` | Medium
|
||||
45 | File | `admin/add-news.php` | High
|
||||
46 | File | `admin/ajax/op_kandidat.php` | High
|
||||
47 | File | `admin/gv_mail.php` | High
|
||||
48 | File | `admin/manage-articles.php` | High
|
||||
49 | File | `admin/manage-departments.php` | High
|
||||
50 | File | `admin/systemOutOfBand.do` | High
|
||||
51 | File | `ajax.php` | Medium
|
||||
52 | File | `and/or` | Low
|
||||
53 | File | `Annot.cc` | Medium
|
||||
54 | File | `aoutx.h` | Low
|
||||
55 | File | `app/application.cpp` | High
|
||||
56 | ... | ... | ...
|
||||
22 | File | `/messageboard/view.php` | High
|
||||
23 | File | `/mifs/c/i/reg/reg.html` | High
|
||||
24 | File | `/nova/bin/detnet` | High
|
||||
25 | File | `/pages.php` | Medium
|
||||
26 | File | `/pages/items` | Medium
|
||||
27 | File | `/proc/iomem` | Medium
|
||||
28 | File | `/profile/deleteWatch.do` | High
|
||||
29 | File | `/show_news.php` | High
|
||||
30 | File | `/status.js` | Medium
|
||||
31 | File | `/tmp` | Low
|
||||
32 | File | `/uncpath/` | Medium
|
||||
33 | File | `/userRpm/MediaServerFoldersCfgRpm.htm` | High
|
||||
34 | File | `/usr/local/ssl/openssl.cnf` | High
|
||||
35 | File | `/usr/local/WowzaStreamingEngine/bin/` | High
|
||||
36 | File | `/var/log/nginx` | High
|
||||
37 | File | `/wp-admin` | Medium
|
||||
38 | File | `/xampp/guestbook-en.pl` | High
|
||||
39 | File | `abook_database.php` | High
|
||||
40 | File | `account.asp` | Medium
|
||||
41 | File | `AccountStatus.jsp` | High
|
||||
42 | File | `action/usermanager.htm` | High
|
||||
43 | File | `add.php` | Low
|
||||
44 | File | `add_comment.php` | High
|
||||
45 | File | `admin.a6mambocredits.php` | High
|
||||
46 | File | `admin.cgi?action=config_restore` | High
|
||||
47 | File | `admin.cropcanvas.php` | High
|
||||
48 | File | `Admin.PHP` | Medium
|
||||
49 | File | `admin.php3` | Medium
|
||||
50 | File | `admin/add-news.php` | High
|
||||
51 | File | `admin/ajax/op_kandidat.php` | High
|
||||
52 | File | `admin/gv_mail.php` | High
|
||||
53 | File | `admin/manage-articles.php` | High
|
||||
54 | File | `admin/manage-departments.php` | High
|
||||
55 | File | `admin/systemOutOfBand.do` | High
|
||||
56 | File | `adminAvatars.php` | High
|
||||
57 | File | `adminBackupdatabase.php` | High
|
||||
58 | ... | ... | ...
|
||||
|
||||
There are 486 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 511 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -58,7 +58,8 @@ ID | Type | Indicator | Confidence
|
|||
8 | File | `adclick.php` | Medium
|
||||
9 | File | `add_comment.php` | High
|
||||
10 | File | `cgi-bin/awstats.pl` | High
|
||||
11 | ... | ... | ...
|
||||
11 | File | `checkout.cfm` | Medium
|
||||
12 | ... | ... | ...
|
||||
|
||||
There are 88 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
|
|
|
@ -50,7 +50,8 @@ ID | Technique | Weakness | Description | Confidence
|
|||
2 | T1055 | CWE-74 | Injection | High
|
||||
3 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
5 | ... | ... | ... | ...
|
||||
5 | T1068 | CWE-264, CWE-266, CWE-269, CWE-284 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 18 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
|
@ -72,23 +73,23 @@ ID | Type | Indicator | Confidence
|
|||
10 | File | `/forum/away.php` | High
|
||||
11 | File | `/images/browserslide.jpg` | High
|
||||
12 | File | `/includes/lib/get.php` | High
|
||||
13 | File | `/login` | Low
|
||||
14 | File | `/main?cmd=invalid_browser` | High
|
||||
15 | File | `/manager?action=getlogcat` | High
|
||||
16 | File | `/mc` | Low
|
||||
17 | File | `/opt/zimbra/jetty/webapps/zimbra/public` | High
|
||||
18 | File | `/plugins/Dashboard/Controller.php` | High
|
||||
19 | File | `/public/plugins/` | High
|
||||
20 | File | `/rest/jpo/1.0/hierarchyConfiguration` | High
|
||||
21 | File | `/SASWebReportStudio/logonAndRender.do` | High
|
||||
22 | File | `/scas/admin/` | Medium
|
||||
23 | File | `/static/ueditor/php/controller.php` | High
|
||||
24 | File | `/tlogin.cgi` | Medium
|
||||
25 | File | `/tmp/scfgdndf` | High
|
||||
26 | File | `/uncpath/` | Medium
|
||||
13 | File | `/lists/index.php` | High
|
||||
14 | File | `/login` | Low
|
||||
15 | File | `/main?cmd=invalid_browser` | High
|
||||
16 | File | `/manager?action=getlogcat` | High
|
||||
17 | File | `/mc` | Low
|
||||
18 | File | `/opt/zimbra/jetty/webapps/zimbra/public` | High
|
||||
19 | File | `/plugins/Dashboard/Controller.php` | High
|
||||
20 | File | `/public/plugins/` | High
|
||||
21 | File | `/rest/jpo/1.0/hierarchyConfiguration` | High
|
||||
22 | File | `/SASWebReportStudio/logonAndRender.do` | High
|
||||
23 | File | `/scas/admin/` | Medium
|
||||
24 | File | `/static/ueditor/php/controller.php` | High
|
||||
25 | File | `/tlogin.cgi` | Medium
|
||||
26 | File | `/tmp/scfgdndf` | High
|
||||
27 | ... | ... | ...
|
||||
|
||||
There are 224 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 227 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -23,10 +23,10 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
|
||||
* [VN](https://vuldb.com/?country.vn)
|
||||
* [IN](https://vuldb.com/?country.in)
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* ...
|
||||
|
||||
There are 9 more country items available. Please use our online service to access the data.
|
||||
There are 4 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -274,10 +274,10 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-29, CWE-36 | Pathname Traversal | High
|
||||
1 | T1006 | CWE-22, CWE-425 | Pathname Traversal | High
|
||||
2 | T1055 | CWE-74 | Injection | High
|
||||
3 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
|
||||
4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
3 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
4 | T1059.007 | CWE-79 | Cross Site Scripting | High
|
||||
5 | ... | ... | ... | ...
|
||||
|
||||
There are 15 more TTP items available. Please use our online service to access the data.
|
||||
|
@ -288,42 +288,29 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `.FBCIndex` | Medium
|
||||
2 | File | `/admin/?page=reminders/view_reminder` | High
|
||||
3 | File | `/admin/categories/manage_category.php` | High
|
||||
4 | File | `/admin/categories/view_category.php` | High
|
||||
5 | File | `/admin/curriculum/view_curriculum.php` | High
|
||||
6 | File | `/admin/departments/view_department.php` | High
|
||||
7 | File | `/admin/index.php` | High
|
||||
8 | File | `/admin/inquiries/view_inquiry.php` | High
|
||||
9 | File | `/admin/inventory/manage_stock.php` | High
|
||||
10 | File | `/admin/maintenance/manage_category.php` | High
|
||||
11 | File | `/admin/maintenance/view_designation.php` | High
|
||||
12 | File | `/admin/mechanics/manage_mechanic.php` | High
|
||||
13 | File | `/admin/offenses/view_details.php` | High
|
||||
14 | File | `/admin/orders/update_status.php` | High
|
||||
15 | File | `/admin/products/manage_product.php` | High
|
||||
16 | File | `/admin/products/view_product.php` | High
|
||||
17 | File | `/admin/reminders/manage_reminder.php` | High
|
||||
18 | File | `/admin/report/index.php` | High
|
||||
19 | File | `/admin/sales/manage_sale.php` | High
|
||||
20 | File | `/admin/sales/view_details.php` | High
|
||||
21 | File | `/admin/services/manage_service.php` | High
|
||||
22 | File | `/admin/service_requests/manage_inventory.php` | High
|
||||
23 | File | `/admin/students/view_details.php` | High
|
||||
24 | File | `/admin/suppliers/view_details.php` | High
|
||||
25 | File | `/admin/user/manage_user.php` | High
|
||||
26 | File | `/admin/userprofile.php` | High
|
||||
27 | File | `/api/gen/clients/{language}` | High
|
||||
28 | File | `/api/upload` | Medium
|
||||
29 | File | `/cgi-bin/DownloadFlash` | High
|
||||
30 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
31 | File | `/classes/Login.php` | High
|
||||
32 | File | `/classes/Master.php` | High
|
||||
33 | File | `/classes/Master.php?f=delete_img` | High
|
||||
34 | ... | ... | ...
|
||||
1 | File | `/admin/bookings/manage_booking.php` | High
|
||||
2 | File | `/admin/bookings/view_booking.php` | High
|
||||
3 | File | `/admin/bookings/view_details.php` | High
|
||||
4 | File | `/admin/index.php` | High
|
||||
5 | File | `/admin/inquiries/view_inquiry.php` | High
|
||||
6 | File | `/admin/maintenance/view_designation.php` | High
|
||||
7 | File | `/admin/manage_academic.php` | High
|
||||
8 | File | `/admin/services/manage_service.php` | High
|
||||
9 | File | `/admin/services/view_service.php` | High
|
||||
10 | File | `/admin/user/manage_user.php` | High
|
||||
11 | File | `/boafrm/formFilter` | High
|
||||
12 | File | `/classes/Master.php?f=delete_inquiry` | High
|
||||
13 | File | `/classes/Master.php?f=save_course` | High
|
||||
14 | File | `/classes/Master.php?f=save_service` | High
|
||||
15 | File | `/classes/Users.php` | High
|
||||
16 | File | `/message/form/` | High
|
||||
17 | File | `/modules/profile/index.php` | High
|
||||
18 | File | `/send_order.cgi?parameter=access_detect` | High
|
||||
19 | File | `/server/api/v1/login` | High
|
||||
20 | File | `/uncpath/` | Medium
|
||||
21 | ... | ... | ...
|
||||
|
||||
There are 293 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 175 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -75,7 +75,7 @@ ID | Type | Indicator | Confidence
|
|||
24 | File | `announcements.php` | High
|
||||
25 | ... | ... | ...
|
||||
|
||||
There are 207 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 208 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -10,7 +10,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
* [RU](https://vuldb.com/?country.ru)
|
||||
* [BR](https://vuldb.com/?country.br)
|
||||
* ...
|
||||
|
||||
There are 26 more country items available. Please use our online service to access the data.
|
||||
|
@ -32,7 +32,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-24 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
|
||||
4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
|
@ -70,8 +70,8 @@ ID | Type | Indicator | Confidence
|
|||
24 | File | `/HNAP1` | Low
|
||||
25 | File | `/HNAP1/SetClientInfo` | High
|
||||
26 | File | `/Items/*/RemoteImages/Download` | High
|
||||
27 | File | `/login` | Low
|
||||
28 | File | `/menu.html` | Medium
|
||||
27 | File | `/menu.html` | Medium
|
||||
28 | File | `/modules/profile/index.php` | High
|
||||
29 | File | `/navigate/navigate_download.php` | High
|
||||
30 | File | `/ocwbs/admin/?page=user/manage_user` | High
|
||||
31 | File | `/ofrs/admin/?page=user/manage_user` | High
|
||||
|
@ -93,7 +93,7 @@ ID | Type | Indicator | Confidence
|
|||
47 | File | `/sys/dict/queryTableData` | High
|
||||
48 | ... | ... | ...
|
||||
|
||||
There are 417 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 419 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -10,10 +10,10 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [RU](https://vuldb.com/?country.ru)
|
||||
* [PL](https://vuldb.com/?country.pl)
|
||||
* [ES](https://vuldb.com/?country.es)
|
||||
* ...
|
||||
|
||||
There are 1 more country items available. Please use our online service to access the data.
|
||||
There are 11 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -23,11 +23,14 @@ ID | IP address | Hostname | Campaign | Confidence
|
|||
-- | ---------- | -------- | -------- | ----------
|
||||
1 | [5.173.164.205](https://vuldb.com/?ip.5.173.164.205) | user-5-173-164-205.play-internet.pl | - | High
|
||||
2 | [13.107.21.200](https://vuldb.com/?ip.13.107.21.200) | - | - | High
|
||||
3 | [46.38.52.225](https://vuldb.com/?ip.46.38.52.225) | free.tel.ru | - | High
|
||||
4 | [46.101.8.169](https://vuldb.com/?ip.46.101.8.169) | - | - | High
|
||||
5 | ... | ... | ... | ...
|
||||
3 | [37.187.0.40](https://vuldb.com/?ip.37.187.0.40) | ns3108067.ip-37-187-0.eu | - | High
|
||||
4 | [46.38.52.225](https://vuldb.com/?ip.46.38.52.225) | free.tel.ru | - | High
|
||||
5 | [46.101.8.169](https://vuldb.com/?ip.46.101.8.169) | - | - | High
|
||||
6 | [46.148.20.32](https://vuldb.com/?ip.46.148.20.32) | sa3.net.ua | - | High
|
||||
7 | [46.183.165.45](https://vuldb.com/?ip.46.183.165.45) | - | - | High
|
||||
8 | ... | ... | ... | ...
|
||||
|
||||
There are 15 more IOC items available. Please use our online service to access the data.
|
||||
There are 27 more IOC items available. Please use our online service to access the data.
|
||||
|
||||
## TTP - Tactics, Techniques, Procedures
|
||||
|
||||
|
@ -35,12 +38,14 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-22 | Pathname Traversal | High
|
||||
2 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
3 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
4 | ... | ... | ... | ...
|
||||
1 | T1006 | CWE-21, CWE-22 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 5 more TTP items available. Please use our online service to access the data.
|
||||
There are 21 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -48,21 +53,53 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/dev/fd` | Low
|
||||
2 | File | `/inc/HTTPClient.php` | High
|
||||
3 | File | `/index.php?controller=calendar&format=raw&cat[0]=SQLi&task=events` | High
|
||||
4 | File | `/ISAPI/Security/users/1` | High
|
||||
5 | File | `addentry.php` | Medium
|
||||
6 | File | `data/gbconfiguration.dat` | High
|
||||
7 | ... | ... | ...
|
||||
1 | File | `%PROGRAMDATA%\OpenVPN Connect\drivers\tap\amd64\win10` | High
|
||||
2 | File | `%PROGRAMDATA%\Razer\Synapse3\Service\bin` | High
|
||||
3 | File | `.authlie` | Medium
|
||||
4 | File | `.htaccess` | Medium
|
||||
5 | File | `/+CSCOE+/logon.html` | High
|
||||
6 | File | `/admin/settings/sites/new` | High
|
||||
7 | File | `/advanced/adv_dns.xgi` | High
|
||||
8 | File | `/folder/list` | Medium
|
||||
9 | File | `/forms/nslookupHandler` | High
|
||||
10 | File | `/goform/GetNewDir` | High
|
||||
11 | File | `/goform/right_now_d` | High
|
||||
12 | File | `/group/comment` | High
|
||||
13 | File | `/home/home_parent.xgi` | High
|
||||
14 | File | `/inc/HTTPClient.php` | High
|
||||
15 | File | `/index.php?controller=calendar&format=raw&cat[0]=SQLi&task=events` | High
|
||||
16 | File | `/ISAPI/Security/users/1` | High
|
||||
17 | File | `/lookin/info` | Medium
|
||||
18 | File | `/out.php` | Medium
|
||||
19 | File | `/plugins/servlet/jira-blockers/` | High
|
||||
20 | File | `/sessions/sess_<sessionid>` | High
|
||||
21 | File | `/status/status_log.sys` | High
|
||||
22 | File | `/themes/<php_file_name>` | High
|
||||
23 | File | `/tmp` | Low
|
||||
24 | File | `/uncpath/` | Medium
|
||||
25 | File | `/upload` | Low
|
||||
26 | File | `adclick.php` | Medium
|
||||
27 | File | `addentry.php` | Medium
|
||||
28 | File | `admin-ajax.php` | High
|
||||
29 | File | `admin.php` | Medium
|
||||
30 | File | `admin/fm/` | Medium
|
||||
31 | File | `admin/pages/*/edit` | High
|
||||
32 | File | `admincp/attachment.php&do=rebuild&type` | High
|
||||
33 | File | `administrator/index.php?option=com_pago&view=comments` | High
|
||||
34 | File | `ajax_mod_security.php` | High
|
||||
35 | File | `ajax_service.php` | High
|
||||
36 | File | `appconfig.php` | High
|
||||
37 | ... | ... | ...
|
||||
|
||||
There are 49 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 321 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
The following list contains _external sources_ which discuss the actor and the associated activities:
|
||||
|
||||
* https://blog.talosintelligence.com/2022/08/threat-roundup-0812-0819.html
|
||||
* https://blog.talosintelligence.com/threat-roundup-0217-0224/
|
||||
* https://blog.talosintelligence.com/threat-roundup-0310-0317/
|
||||
* https://blogs.blackberry.com/en/2017/11/threat-spotlight-locky-ransomware
|
||||
* https://github.com/fl0x2208/IOCs-in-CSV-format/blob/6297513d672bd69f1bf488018035892e599e7a9c/locky%20ransomware.csv
|
||||
* https://isc.sans.edu/forums/diary/Malspam+pushing+Locky+ransomware+tries+HoeflerText+notifications+for+Chrome+and+FireFox/22776/
|
||||
|
|
|
@ -40,7 +40,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
3 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 13 more TTP items available. Please use our online service to access the data.
|
||||
There are 14 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -52,17 +52,19 @@ ID | Type | Indicator | Confidence
|
|||
2 | File | `/api/v2/cli/commands` | High
|
||||
3 | File | `/forum/away.php` | High
|
||||
4 | File | `/out.php` | Medium
|
||||
5 | File | `/phppath/php` | Medium
|
||||
6 | File | `/spip.php` | Medium
|
||||
7 | File | `/systemrw/` | Medium
|
||||
8 | File | `adclick.php` | Medium
|
||||
9 | File | `admin.jcomments.php` | High
|
||||
10 | File | `application/modules/admin/views/ecommerce/products.php` | High
|
||||
11 | File | `base/ErrorHandler.php` | High
|
||||
12 | File | `blog.php` | Medium
|
||||
13 | ... | ... | ...
|
||||
5 | File | `/owa/auth/logon.aspx` | High
|
||||
6 | File | `/phppath/php` | Medium
|
||||
7 | File | `/spip.php` | Medium
|
||||
8 | File | `/systemrw/` | Medium
|
||||
9 | File | `/zm/index.php` | High
|
||||
10 | File | `adclick.php` | Medium
|
||||
11 | File | `admin.jcomments.php` | High
|
||||
12 | File | `application/modules/admin/views/ecommerce/products.php` | High
|
||||
13 | File | `base/ErrorHandler.php` | High
|
||||
14 | File | `blog.php` | Medium
|
||||
15 | ... | ... | ...
|
||||
|
||||
There are 104 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 120 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -47,7 +47,8 @@ ID | Technique | Weakness | Description | Confidence
|
|||
2 | T1055 | CWE-74 | Injection | High
|
||||
3 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
5 | ... | ... | ... | ...
|
||||
5 | T1068 | CWE-264, CWE-269, CWE-271, CWE-284 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 18 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
|
@ -61,37 +62,38 @@ ID | Type | Indicator | Confidence
|
|||
2 | File | `/admin/api/theme-edit/` | High
|
||||
3 | File | `/admin/communitymanagement.php` | High
|
||||
4 | File | `/admin/generalsettings.php` | High
|
||||
5 | File | `/admin/payment.php` | High
|
||||
6 | File | `/admin/transactions/update_status.php` | High
|
||||
7 | File | `/api/user/password/sent-reset-email` | High
|
||||
8 | File | `/aqpg/users/login.php` | High
|
||||
9 | File | `/bsms_ci/index.php/user/edit_user/` | High
|
||||
10 | File | `/dashboard/add-service.php` | High
|
||||
11 | File | `/dashboard/updatelogo.php` | High
|
||||
12 | File | `/Default/Bd` | Medium
|
||||
13 | File | `/download` | Medium
|
||||
14 | File | `/event/admin/?page=user/list` | High
|
||||
15 | File | `/face-recognition-php/facepay-master/camera.php` | High
|
||||
16 | File | `/filemanager/upload/drop` | High
|
||||
17 | File | `/forum/away.php` | High
|
||||
18 | File | `/forum/PostPrivateMessage` | High
|
||||
19 | File | `/getcfg.php` | Medium
|
||||
20 | File | `/goform/aspForm` | High
|
||||
21 | File | `/goform/RouteStatic` | High
|
||||
22 | File | `/home/masterConsole` | High
|
||||
23 | File | `/hrm/employeeadd.php` | High
|
||||
24 | File | `/hrm/employeeview.php` | High
|
||||
25 | File | `/htdocs/cgibin` | High
|
||||
26 | File | `/lists/index.php` | High
|
||||
27 | File | `/login.php` | Medium
|
||||
28 | File | `/netflow/jspui/editProfile.jsp` | High
|
||||
29 | File | `/spip.php` | Medium
|
||||
30 | File | `/uncpath/` | Medium
|
||||
31 | File | `/usr/www/ja/mnt_cmd.cgi` | High
|
||||
32 | File | `/videotalk` | Medium
|
||||
33 | ... | ... | ...
|
||||
5 | File | `/admin/inquiries/view_inquiry.php` | High
|
||||
6 | File | `/admin/payment.php` | High
|
||||
7 | File | `/admin/transactions/update_status.php` | High
|
||||
8 | File | `/api/user/password/sent-reset-email` | High
|
||||
9 | File | `/aqpg/users/login.php` | High
|
||||
10 | File | `/bsms_ci/index.php/user/edit_user/` | High
|
||||
11 | File | `/dashboard/add-service.php` | High
|
||||
12 | File | `/dashboard/updatelogo.php` | High
|
||||
13 | File | `/Default/Bd` | Medium
|
||||
14 | File | `/download` | Medium
|
||||
15 | File | `/event/admin/?page=user/list` | High
|
||||
16 | File | `/face-recognition-php/facepay-master/camera.php` | High
|
||||
17 | File | `/filemanager/upload/drop` | High
|
||||
18 | File | `/forum/away.php` | High
|
||||
19 | File | `/forum/PostPrivateMessage` | High
|
||||
20 | File | `/getcfg.php` | Medium
|
||||
21 | File | `/goform/aspForm` | High
|
||||
22 | File | `/goform/RouteStatic` | High
|
||||
23 | File | `/home/masterConsole` | High
|
||||
24 | File | `/hrm/employeeadd.php` | High
|
||||
25 | File | `/hrm/employeeview.php` | High
|
||||
26 | File | `/htdocs/cgibin` | High
|
||||
27 | File | `/lists/index.php` | High
|
||||
28 | File | `/login.php` | Medium
|
||||
29 | File | `/netflow/jspui/editProfile.jsp` | High
|
||||
30 | File | `/spip.php` | Medium
|
||||
31 | File | `/uncpath/` | Medium
|
||||
32 | File | `/usr/www/ja/mnt_cmd.cgi` | High
|
||||
33 | File | `/videotalk` | Medium
|
||||
34 | ... | ... | ...
|
||||
|
||||
There are 286 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 292 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -39,7 +39,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
3 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 8 more TTP items available. Please use our online service to access the data.
|
||||
There are 9 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
|
|
@ -21,7 +21,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [US](https://vuldb.com/?country.us)
|
||||
* ...
|
||||
|
||||
There are 6 more country items available. Please use our online service to access the data.
|
||||
There are 3 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -213,13 +213,13 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-22, CWE-23, CWE-29, CWE-36 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-425 | Pathname Traversal | High
|
||||
2 | T1055 | CWE-74 | Injection | High
|
||||
3 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
5 | ... | ... | ... | ...
|
||||
|
||||
There are 16 more TTP items available. Please use our online service to access the data.
|
||||
There are 14 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -227,44 +227,31 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/?p=products` | Medium
|
||||
2 | File | `/admin-ajax.php?action=eps_redirect_save` | High
|
||||
3 | File | `/admin/?page=reminders/view_reminder` | High
|
||||
4 | File | `/admin/attendance_row.php` | High
|
||||
5 | File | `/admin/cashadvance_row.php` | High
|
||||
6 | File | `/admin/categories/manage_category.php` | High
|
||||
7 | File | `/admin/categories/view_category.php` | High
|
||||
8 | File | `/admin/curriculum/view_curriculum.php` | High
|
||||
9 | File | `/admin/departments/view_department.php` | High
|
||||
10 | File | `/admin/employee_row.php` | High
|
||||
11 | File | `/admin/inventory/manage_stock.php` | High
|
||||
12 | File | `/admin/login.php` | High
|
||||
13 | File | `/admin/maintenance/manage_category.php` | High
|
||||
14 | File | `/admin/maintenance/view_designation.php` | High
|
||||
15 | File | `/admin/mechanics/manage_mechanic.php` | High
|
||||
16 | File | `/admin/offenses/view_details.php` | High
|
||||
17 | File | `/admin/orders/update_status.php` | High
|
||||
18 | File | `/admin/products/manage_product.php` | High
|
||||
19 | File | `/admin/products/view_product.php` | High
|
||||
20 | File | `/admin/reminders/manage_reminder.php` | High
|
||||
21 | File | `/admin/report/index.php` | High
|
||||
22 | File | `/admin/sales/manage_sale.php` | High
|
||||
23 | File | `/admin/sales/view_details.php` | High
|
||||
24 | File | `/admin/service_requests/manage_inventory.php` | High
|
||||
25 | File | `/admin/students/view_details.php` | High
|
||||
26 | File | `/admin/suppliers/view_details.php` | High
|
||||
27 | File | `/admin/transactions/track_shipment.php` | High
|
||||
28 | File | `/admin/user/manage_user.php` | High
|
||||
29 | File | `/admin/userprofile.php` | High
|
||||
30 | File | `/api/admin/store/product/list` | High
|
||||
31 | File | `/api/gen/clients/{language}` | High
|
||||
32 | File | `/api/geojson` | Medium
|
||||
33 | File | `/cgi-bin/DownloadFlash` | High
|
||||
34 | File | `/cgi-bin/kerbynet` | High
|
||||
35 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
36 | ... | ... | ...
|
||||
1 | File | `/?r=email/api/mark&op=delFromSend` | High
|
||||
2 | File | `/admin/bookings/manage_booking.php` | High
|
||||
3 | File | `/admin/bookings/view_booking.php` | High
|
||||
4 | File | `/admin/bookings/view_details.php` | High
|
||||
5 | File | `/admin/index.php` | High
|
||||
6 | File | `/admin/inquiries/view_inquiry.php` | High
|
||||
7 | File | `/admin/manage_academic.php` | High
|
||||
8 | File | `/admin/services/manage_service.php` | High
|
||||
9 | File | `/admin/services/view_service.php` | High
|
||||
10 | File | `/admin/user/manage_user.php` | High
|
||||
11 | File | `/admin/user/uploadImg` | High
|
||||
12 | File | `/api/v2/cli/commands` | High
|
||||
13 | File | `/boafrm/formFilter` | High
|
||||
14 | File | `/classes/Master.php?f=delete_inquiry` | High
|
||||
15 | File | `/classes/Master.php?f=save_course` | High
|
||||
16 | File | `/classes/Master.php?f=save_service` | High
|
||||
17 | File | `/classes/Users.php` | High
|
||||
18 | File | `/Content/Template/root/reverse-shell.aspx` | High
|
||||
19 | File | `/Controls/Generic/EBMK/Handlers/EStatements/DownloadEStatement.ashx` | High
|
||||
20 | File | `/Default/Bd` | Medium
|
||||
21 | File | `/message/form/` | High
|
||||
22 | File | `/modules/profile/index.php` | High
|
||||
23 | ... | ... | ...
|
||||
|
||||
There are 305 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 189 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -49,10 +49,10 @@ ID | Technique | Weakness | Description | Confidence
|
|||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | T1068 | CWE-264, CWE-269, CWE-284 | Execution with Unnecessary Privileges | High
|
||||
6 | T1068 | CWE-264, CWE-269, CWE-284 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | High
|
||||
7 | ... | ... | ... | ...
|
||||
|
||||
There are 22 more TTP items available. Please use our online service to access the data.
|
||||
There are 23 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -107,9 +107,10 @@ ID | Type | Indicator | Confidence
|
|||
45 | File | `/purchase_order/admin/?page=user` | High
|
||||
46 | File | `/purchase_order/classes/Master.php?f=delete_supplier` | High
|
||||
47 | File | `/SAP_Information_System/controllers/add_admin.php` | High
|
||||
48 | ... | ... | ...
|
||||
48 | File | `/simple_chat_bot/classes/Master.php?f=delete_response` | High
|
||||
49 | ... | ... | ...
|
||||
|
||||
There are 421 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 424 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -24,7 +24,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [ES](https://vuldb.com/?country.es)
|
||||
* ...
|
||||
|
||||
There are 27 more country items available. Please use our online service to access the data.
|
||||
There are 26 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -66,7 +66,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 18 more TTP items available. Please use our online service to access the data.
|
||||
There are 21 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -74,36 +74,36 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/+CSCOE+/logon.html` | High
|
||||
2 | File | `/?p=products` | Medium
|
||||
3 | File | `/admin.php/appcenter/local.html?type=addon` | High
|
||||
4 | File | `/admin/?page=product/manage_product&id=2` | High
|
||||
5 | File | `/admin/?page=reminders/view_reminder` | High
|
||||
6 | File | `/admin/?page=user` | High
|
||||
7 | File | `/admin/assign/assign.php` | High
|
||||
8 | File | `/admin/attendance_row.php` | High
|
||||
9 | File | `/admin/ballot_down.php` | High
|
||||
10 | File | `/admin/ballot_up.php` | High
|
||||
1 | File | `/?p=products` | Medium
|
||||
2 | File | `/admin.php/appcenter/local.html?type=addon` | High
|
||||
3 | File | `/admin/?page=product/manage_product&id=2` | High
|
||||
4 | File | `/admin/?page=reminders/view_reminder` | High
|
||||
5 | File | `/admin/?page=user` | High
|
||||
6 | File | `/admin/assign/assign.php` | High
|
||||
7 | File | `/admin/attendance_row.php` | High
|
||||
8 | File | `/admin/ballot_down.php` | High
|
||||
9 | File | `/admin/ballot_up.php` | High
|
||||
10 | File | `/admin/bookings/view_booking.php` | High
|
||||
11 | File | `/admin/candidates_row.php` | High
|
||||
12 | File | `/admin/casedetails.php` | High
|
||||
13 | File | `/admin/cashadvance_row.php` | High
|
||||
14 | File | `/admin/categories/view_category.php` | High
|
||||
15 | File | `/admin/curriculum/view_curriculum.php` | High
|
||||
16 | File | `/admin/deduction_row.php` | High
|
||||
17 | File | `/admin/delete_user.php` | High
|
||||
18 | File | `/admin/departments/view_department.php` | High
|
||||
19 | File | `/admin/employee_add.php` | High
|
||||
20 | File | `/admin/employee_edit.php` | High
|
||||
21 | File | `/admin/employee_row.php` | High
|
||||
22 | File | `/admin/fields/manage_field.php` | High
|
||||
23 | File | `/admin/forgot-password.php` | High
|
||||
24 | File | `/admin/getallarticleinfo` | High
|
||||
25 | File | `/admin/index.php` | High
|
||||
26 | File | `/admin/info_deal.php` | High
|
||||
27 | File | `/admin/inquiries/view_inquiry.php` | High
|
||||
28 | File | `/admin/login.php` | High
|
||||
29 | File | `/admin/maintenance/brand.php` | High
|
||||
30 | File | `/admin/maintenance/manage_category.php` | High
|
||||
17 | File | `/admin/departments/view_department.php` | High
|
||||
18 | File | `/admin/employee_add.php` | High
|
||||
19 | File | `/admin/employee_edit.php` | High
|
||||
20 | File | `/admin/employee_row.php` | High
|
||||
21 | File | `/admin/fields/manage_field.php` | High
|
||||
22 | File | `/admin/forgot-password.php` | High
|
||||
23 | File | `/admin/getallarticleinfo` | High
|
||||
24 | File | `/admin/index.php` | High
|
||||
25 | File | `/admin/info_deal.php` | High
|
||||
26 | File | `/admin/inquiries/view_inquiry.php` | High
|
||||
27 | File | `/admin/login.php` | High
|
||||
28 | File | `/admin/maintenance/brand.php` | High
|
||||
29 | File | `/admin/maintenance/manage_category.php` | High
|
||||
30 | File | `/admin/misc/script-proxy` | High
|
||||
31 | File | `/admin/offenses/view_details.php` | High
|
||||
32 | File | `/admin/orders/update_status.php` | High
|
||||
33 | File | `/admin/positions_add.php` | High
|
||||
|
@ -120,19 +120,17 @@ ID | Type | Indicator | Confidence
|
|||
44 | File | `/admin/transactions/track_shipment.php` | High
|
||||
45 | File | `/admin/user/manage_user.php` | High
|
||||
46 | File | `/admin/voters_row.php` | High
|
||||
47 | File | `/admin_system/api.php` | High
|
||||
48 | File | `/alphaware/details.php` | High
|
||||
49 | File | `/analysisProject/pagingQueryData` | High
|
||||
50 | File | `/api/admin/store/product/list` | High
|
||||
51 | File | `/batm/app/admin/standalone/deployments` | High
|
||||
52 | File | `/bilal final/edit_stud.php` | High
|
||||
53 | File | `/bilal final/login.php` | High
|
||||
54 | File | `/category/list?limit=10&offset=0&order=desc` | High
|
||||
55 | File | `/cgi-bin/downloadFile.cgi` | High
|
||||
56 | File | `/classes/Login.php` | High
|
||||
57 | ... | ... | ...
|
||||
47 | File | `/alphaware/details.php` | High
|
||||
48 | File | `/analysisProject/pagingQueryData` | High
|
||||
49 | File | `/api/admin/store/product/list` | High
|
||||
50 | File | `/batm/app/admin/standalone/deployments` | High
|
||||
51 | File | `/bilal final/edit_stud.php` | High
|
||||
52 | File | `/bilal final/login.php` | High
|
||||
53 | File | `/category/list?limit=10&offset=0&order=desc` | High
|
||||
54 | File | `/cgi-bin/downloadFile.cgi` | High
|
||||
55 | ... | ... | ...
|
||||
|
||||
There are 495 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 484 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -10,7 +10,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [NL](https://vuldb.com/?country.nl)
|
||||
* [RU](https://vuldb.com/?country.ru)
|
||||
* [FR](https://vuldb.com/?country.fr)
|
||||
* ...
|
||||
|
||||
There are 28 more country items available. Please use our online service to access the data.
|
||||
|
@ -42,7 +42,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 20 more TTP items available. Please use our online service to access the data.
|
||||
There are 21 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -52,54 +52,57 @@ ID | Type | Indicator | Confidence
|
|||
-- | ---- | --------- | ----------
|
||||
1 | File | `/+CSCOE+/logon.html` | High
|
||||
2 | File | `/../conf/config.properties` | High
|
||||
3 | File | `/addnews.html` | High
|
||||
4 | File | `/admin/` | Low
|
||||
5 | File | `/admin/inquiries/view_details.php` | High
|
||||
6 | File | `/anony/mjpg.cgi` | High
|
||||
7 | File | `/api/2.0/rest/aggregator/xml` | High
|
||||
8 | File | `/api/blade-log/api/list` | High
|
||||
9 | File | `/common/logViewer/logViewer.jsf` | High
|
||||
10 | File | `/Config/SaveUploadedHotspotLogoFile` | High
|
||||
11 | File | `/dashboard/snapshot/*?orgId=0` | High
|
||||
12 | File | `/ecrire` | Low
|
||||
13 | File | `/exponent_constants.php` | High
|
||||
14 | File | `/forum/away.php` | High
|
||||
15 | File | `/hub/api/user` | High
|
||||
16 | File | `/include/commrecc.inc.php` | High
|
||||
17 | File | `/include/comm_post.inc.php` | High
|
||||
18 | File | `/include/friends.inc.php` | High
|
||||
19 | File | `/include/menu_v.inc.php` | High
|
||||
20 | File | `/include/notify.inc.php` | High
|
||||
21 | File | `/mfaslmf/nolicense` | High
|
||||
22 | File | `/mhds/clinic/view_details.php` | High
|
||||
23 | File | `/MicroStrategyWS/happyaxis.jsp` | High
|
||||
24 | File | `/owa/auth/logon.aspx` | High
|
||||
25 | File | `/proc` | Low
|
||||
26 | File | `/products/details.asp` | High
|
||||
27 | File | `/public/plugins/` | High
|
||||
28 | File | `/RestAPI` | Medium
|
||||
29 | File | `/school/model/get_teacher.php` | High
|
||||
30 | File | `/tmp` | Low
|
||||
31 | File | `/uncpath/` | Medium
|
||||
32 | File | `/user/loader.php?api=1` | High
|
||||
33 | File | `/User/saveUser` | High
|
||||
34 | File | `/viewer/krpano.html` | High
|
||||
35 | File | `/ViewUserHover.jspa` | High
|
||||
36 | File | `/WEB-INF/web.xml` | High
|
||||
37 | File | `/wp-admin/admin-ajax.php` | High
|
||||
38 | File | `/wp-content/plugins/woocommerce/templates/emails/plain/` | High
|
||||
39 | File | `/wp-json/wc/v3/webhooks` | High
|
||||
40 | File | `14all.cgi/14all-1.1.cgi/traffic.cgi/mrtg.cgi` | High
|
||||
41 | File | `abc-pcie.c` | Medium
|
||||
42 | File | `accountmanagement.php` | High
|
||||
43 | File | `activateuser.aspx` | High
|
||||
44 | File | `adclick.php` | Medium
|
||||
45 | File | `addentry.php` | Medium
|
||||
46 | File | `admin.joomlaflashfun.php` | High
|
||||
47 | File | `admin.php` | Medium
|
||||
48 | ... | ... | ...
|
||||
3 | File | `//proc/kcore` | Medium
|
||||
4 | File | `/addnews.html` | High
|
||||
5 | File | `/admin/` | Low
|
||||
6 | File | `/admin/inquiries/view_details.php` | High
|
||||
7 | File | `/admin/login.php` | High
|
||||
8 | File | `/anony/mjpg.cgi` | High
|
||||
9 | File | `/api/blade-log/api/list` | High
|
||||
10 | File | `/checkLogin.cgi` | High
|
||||
11 | File | `/common/logViewer/logViewer.jsf` | High
|
||||
12 | File | `/Config/SaveUploadedHotspotLogoFile` | High
|
||||
13 | File | `/dashboard/snapshot/*?orgId=0` | High
|
||||
14 | File | `/ecrire` | Low
|
||||
15 | File | `/exponent_constants.php` | High
|
||||
16 | File | `/forum/away.php` | High
|
||||
17 | File | `/hub/api/user` | High
|
||||
18 | File | `/include/commrecc.inc.php` | High
|
||||
19 | File | `/include/comm_post.inc.php` | High
|
||||
20 | File | `/include/friends.inc.php` | High
|
||||
21 | File | `/include/menu_v.inc.php` | High
|
||||
22 | File | `/include/notify.inc.php` | High
|
||||
23 | File | `/magnoliaPublic/travel/members/login.html` | High
|
||||
24 | File | `/mfaslmf/nolicense` | High
|
||||
25 | File | `/mhds/clinic/view_details.php` | High
|
||||
26 | File | `/MicroStrategyWS/happyaxis.jsp` | High
|
||||
27 | File | `/owa/auth/logon.aspx` | High
|
||||
28 | File | `/proc` | Low
|
||||
29 | File | `/products/details.asp` | High
|
||||
30 | File | `/public/plugins/` | High
|
||||
31 | File | `/RestAPI` | Medium
|
||||
32 | File | `/school/model/get_teacher.php` | High
|
||||
33 | File | `/tmp` | Low
|
||||
34 | File | `/uncpath/` | Medium
|
||||
35 | File | `/user/loader.php?api=1` | High
|
||||
36 | File | `/User/saveUser` | High
|
||||
37 | File | `/viewer/krpano.html` | High
|
||||
38 | File | `/ViewUserHover.jspa` | High
|
||||
39 | File | `/WEB-INF/web.xml` | High
|
||||
40 | File | `/wp-admin/admin-ajax.php` | High
|
||||
41 | File | `/wp-content/plugins/woocommerce/templates/emails/plain/` | High
|
||||
42 | File | `/wp-json/wc/v3/webhooks` | High
|
||||
43 | File | `abc-pcie.c` | Medium
|
||||
44 | File | `account.asp` | Medium
|
||||
45 | File | `activateuser.aspx` | High
|
||||
46 | File | `adclick.php` | Medium
|
||||
47 | File | `addentry.php` | Medium
|
||||
48 | File | `admin-ajax.php` | High
|
||||
49 | File | `admin.joomlaflashfun.php` | High
|
||||
50 | File | `admin.php` | Medium
|
||||
51 | ... | ... | ...
|
||||
|
||||
There are 421 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 441 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -17,9 +17,6 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [FR](https://vuldb.com/?country.fr)
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
* ...
|
||||
|
||||
There are 1 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -41,13 +38,14 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-24, CWE-28 | Pathname Traversal | High
|
||||
2 | T1055 | CWE-74 | Injection | High
|
||||
3 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
4 | T1059.007 | CWE-79 | Cross Site Scripting | High
|
||||
5 | ... | ... | ... | ...
|
||||
1 | T1006 | CWE-22, CWE-24, CWE-27, CWE-28, CWE-36, CWE-425 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-294, CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 16 more TTP items available. Please use our online service to access the data.
|
||||
There are 20 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -55,58 +53,80 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `.github/workflows/combine-prs.yml` | High
|
||||
2 | File | `/api/public/signup` | High
|
||||
3 | File | `/api/v3/flows/instances/default-user-settings-flow/execute/` | High
|
||||
4 | File | `/back/index.php/user/User/?1` | High
|
||||
5 | File | `/cgi-bin/editBookmark` | High
|
||||
6 | File | `/cms/category/list` | High
|
||||
7 | File | `/csms/?page=contact_us` | High
|
||||
8 | File | `/csms/admin/?page=user/manage_user` | High
|
||||
9 | File | `/env` | Low
|
||||
10 | File | `/fos/admin/ajax.php?action=login` | High
|
||||
11 | File | `/fos/admin/index.php?page=menu` | High
|
||||
12 | File | `/goform/addUserName` | High
|
||||
13 | File | `/new` | Low
|
||||
14 | File | `/omos/admin/?page=user/list` | High
|
||||
15 | File | `/picturesPreview` | High
|
||||
16 | File | `/SkycaijiApp/admin/controller/Mystore.php` | High
|
||||
17 | File | `/v1/sql-runner` | High
|
||||
18 | File | `01article.php` | High
|
||||
19 | File | `AbstractScheduleJob.java` | High
|
||||
20 | File | `actionpack/lib/action_dispatch/middleware/templates/routes/_table.html.erb` | High
|
||||
21 | File | `actions/UploadAction.php` | High
|
||||
22 | File | `add_contestant.php` | High
|
||||
23 | File | `adm/menu_list_update.php` | High
|
||||
24 | File | `admin/manage_user.php` | High
|
||||
25 | File | `admin/page-login.php` | High
|
||||
26 | File | `admin/panels/entry/admin.entry.list.php` | High
|
||||
27 | File | `admin/panels/uploader/admin.uploader.php` | High
|
||||
28 | File | `administrator/components/com_joomgallery/views/config/tmpl/default.php` | High
|
||||
29 | File | `agent/listener/templates/tail.html` | High
|
||||
30 | File | `ajax_represent.php` | High
|
||||
31 | File | `announce.php` | Medium
|
||||
32 | File | `api.php` | Low
|
||||
33 | File | `api/src/main/java/org/openmrs/module/appointmentscheduling/AppointmentRequest.java` | High
|
||||
34 | File | `api/src/main/java/org/openmrs/module/appointmentscheduling/validator/AppointmentTypeValidator.java` | High
|
||||
35 | File | `app.py` | Low
|
||||
36 | File | `app/api/songs.py` | High
|
||||
37 | File | `app/business/impl/ReviewServiceImpl.java` | High
|
||||
38 | File | `app/config/passport.js` | High
|
||||
39 | File | `app/controller/insertarSliderAjax.php` | High
|
||||
40 | File | `app/controllers/code_caller_controller.php` | High
|
||||
41 | File | `app/controllers/curupira/passwords_controller.rb` | High
|
||||
42 | File | `app/controllers/geopoll_controller.rb` | High
|
||||
43 | File | `app/controllers/image_controller.rb` | High
|
||||
44 | File | `app/controllers/oauth.js` | High
|
||||
45 | File | `app/controllers/uploaded_files_controller.rb` | High
|
||||
46 | File | `app/parameters/sipity/parameters/search_criteria_for_works_parameter.rb` | High
|
||||
47 | File | `application/controllers/Restapi.php` | High
|
||||
48 | File | `application/controllers/timedtext.php` | High
|
||||
49 | File | `application/libraries/LanguageTask.php` | High
|
||||
50 | ... | ... | ...
|
||||
1 | File | `/?p=products` | Medium
|
||||
2 | File | `/?r=email/api/mark&op=delFromSend` | High
|
||||
3 | File | `/?r=report/api/getlist` | High
|
||||
4 | File | `/admin` | Low
|
||||
5 | File | `/admin.php/appcenter/local.html?type=addon` | High
|
||||
6 | File | `/admin/?page=maintenance/brand` | High
|
||||
7 | File | `/admin/?page=product/manage_product&id=2` | High
|
||||
8 | File | `/admin/?page=reminders/view_reminder` | High
|
||||
9 | File | `/admin/?page=system_info` | High
|
||||
10 | File | `/admin/?page=user` | High
|
||||
11 | File | `/admin/ajax.php` | High
|
||||
12 | File | `/admin/ajax.php?action=login` | High
|
||||
13 | File | `/admin/assign/assign.php` | High
|
||||
14 | File | `/admin/attendance_row.php` | High
|
||||
15 | File | `/admin/ballot_down.php` | High
|
||||
16 | File | `/admin/ballot_up.php` | High
|
||||
17 | File | `/admin/bookings/manage_booking.php` | High
|
||||
18 | File | `/admin/bookings/view_booking.php` | High
|
||||
19 | File | `/admin/candidates_row.php` | High
|
||||
20 | File | `/admin/casedetails.php` | High
|
||||
21 | File | `/admin/cashadvance_row.php` | High
|
||||
22 | File | `/admin/categories/view_category.php` | High
|
||||
23 | File | `/admin/configurations/userInfo` | High
|
||||
24 | File | `/admin/config_save.php` | High
|
||||
25 | File | `/admin/deduction_edit.php` | High
|
||||
26 | File | `/admin/departments/view_department.php` | High
|
||||
27 | File | `/admin/edit-doc.php` | High
|
||||
28 | File | `/admin/employee_add.php` | High
|
||||
29 | File | `/admin/employee_edit.php` | High
|
||||
30 | File | `/admin/employee_row.php` | High
|
||||
31 | File | `/admin/fields/manage_field.php` | High
|
||||
32 | File | `/admin/forgot-password.php` | High
|
||||
33 | File | `/admin/getallarticleinfo` | High
|
||||
34 | File | `/admin/index3.php` | High
|
||||
35 | File | `/admin/info_deal.php` | High
|
||||
36 | File | `/admin/inquiries/view_inquiry.php` | High
|
||||
37 | File | `/admin/inventory/manage_stock.php` | High
|
||||
38 | File | `/admin/login.php` | High
|
||||
39 | File | `/admin/maintenance/brand.php` | High
|
||||
40 | File | `/admin/maintenance/manage_category.php` | High
|
||||
41 | File | `/admin/maintenance/view_designation.php` | High
|
||||
42 | File | `/admin/mechanics/manage_mechanic.php` | High
|
||||
43 | File | `/admin/offenses/view_details.php` | High
|
||||
44 | File | `/admin/positions_add.php` | High
|
||||
45 | File | `/admin/positions_delete.php` | High
|
||||
46 | File | `/admin/positions_row.php` | High
|
||||
47 | File | `/admin/product/manage.php` | High
|
||||
48 | File | `/admin/products/index.php` | High
|
||||
49 | File | `/admin/products/manage_product.php` | High
|
||||
50 | File | `/admin/products/view_product.php` | High
|
||||
51 | File | `/admin/reminders/manage_reminder.php` | High
|
||||
52 | File | `/admin/report/index.php` | High
|
||||
53 | File | `/admin/robot/approval/list` | High
|
||||
54 | File | `/admin/sales/index.php` | High
|
||||
55 | File | `/admin/sales/manage_sale.php` | High
|
||||
56 | File | `/admin/sales/view_details.php` | High
|
||||
57 | File | `/admin/services/manage_service.php` | High
|
||||
58 | File | `/admin/services/view_service.php` | High
|
||||
59 | File | `/admin/service_requests/manage_inventory.php` | High
|
||||
60 | File | `/admin/students/view_details.php` | High
|
||||
61 | File | `/admin/upload` | High
|
||||
62 | File | `/admin/user/manage_user.php` | High
|
||||
63 | File | `/admin/userprofile.php` | High
|
||||
64 | File | `/admin/voters_row.php` | High
|
||||
65 | File | `/admin_system/api.php` | High
|
||||
66 | File | `/ajax/myshop` | Medium
|
||||
67 | File | `/analysisProject/pagingQueryData` | High
|
||||
68 | File | `/api/admin/store/product/list` | High
|
||||
69 | File | `/api/admin/store/product/save` | High
|
||||
70 | File | `/api/admin/system/store/order/list` | High
|
||||
71 | File | `/api/baskets/{name}` | High
|
||||
72 | ... | ... | ...
|
||||
|
||||
There are 431 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 631 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -32,7 +32,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
2 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
3 | T1068 | CWE-264, CWE-269, CWE-284 | Execution with Unnecessary Privileges | High
|
||||
3 | T1068 | CWE-264, CWE-269, CWE-284 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 7 more TTP items available. Please use our online service to access the data.
|
||||
|
|
|
@ -37,7 +37,8 @@ ID | Technique | Weakness | Description | Confidence
|
|||
1 | T1006 | CWE-22 | Pathname Traversal | High
|
||||
2 | T1055 | CWE-74 | Injection | High
|
||||
3 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
4 | ... | ... | ... | ...
|
||||
4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
5 | ... | ... | ... | ...
|
||||
|
||||
There are 14 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
|
|
|
@ -19,7 +19,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [CN](https://vuldb.com/?country.cn)
|
||||
* ...
|
||||
|
||||
There are 29 more country items available. Please use our online service to access the data.
|
||||
There are 28 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -117,33 +117,33 @@ ID | Type | Indicator | Confidence
|
|||
27 | File | `/cgi-bin/webviewer_login_page` | High
|
||||
28 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
29 | File | `/College/admin/teacher.php` | High
|
||||
30 | File | `/dashboard/updatelogo.php` | High
|
||||
31 | File | `/designer/add/layout` | High
|
||||
32 | File | `/edoc/doctor/patient.php` | High
|
||||
33 | File | `/etc/ldap.conf` | High
|
||||
34 | File | `/etc/shadow` | Medium
|
||||
35 | File | `/filemanager/upload/drop` | High
|
||||
36 | File | `/goform/addUserName` | High
|
||||
37 | File | `/goform/aspForm` | High
|
||||
38 | File | `/goform/delAd` | High
|
||||
39 | File | `/goform/wifiSSIDset` | High
|
||||
40 | File | `/gpac/src/bifs/unquantize.c` | High
|
||||
41 | File | `/h/calendar` | Medium
|
||||
42 | File | `/h/compose` | Medium
|
||||
43 | File | `/h/search?action=voicemail&action=listen` | High
|
||||
44 | File | `/inc/topBarNav.php` | High
|
||||
45 | File | `/index.asp` | Medium
|
||||
46 | File | `/index.php` | Medium
|
||||
47 | File | `/jfinal_cms/system/role/list` | High
|
||||
48 | File | `/librarian/bookdetails.php` | High
|
||||
49 | File | `/loginVaLidation.php` | High
|
||||
50 | File | `/manage-apartment.php` | High
|
||||
51 | File | `/manager/index.php` | High
|
||||
52 | File | `/mkshop/Men/profile.php` | High
|
||||
53 | File | `/Moosikay/order.php` | High
|
||||
30 | File | `/Controls/Generic/EBMK/Handlers/EStatements/DownloadEStatement.ashx` | High
|
||||
31 | File | `/dashboard/updatelogo.php` | High
|
||||
32 | File | `/designer/add/layout` | High
|
||||
33 | File | `/edoc/doctor/patient.php` | High
|
||||
34 | File | `/etc/ldap.conf` | High
|
||||
35 | File | `/etc/shadow` | Medium
|
||||
36 | File | `/filemanager/upload/drop` | High
|
||||
37 | File | `/goform/addUserName` | High
|
||||
38 | File | `/goform/aspForm` | High
|
||||
39 | File | `/goform/delAd` | High
|
||||
40 | File | `/goform/wifiSSIDset` | High
|
||||
41 | File | `/gpac/src/bifs/unquantize.c` | High
|
||||
42 | File | `/h/calendar` | Medium
|
||||
43 | File | `/h/compose` | Medium
|
||||
44 | File | `/h/search?action=voicemail&action=listen` | High
|
||||
45 | File | `/inc/topBarNav.php` | High
|
||||
46 | File | `/index.asp` | Medium
|
||||
47 | File | `/index.php` | Medium
|
||||
48 | File | `/jfinal_cms/system/role/list` | High
|
||||
49 | File | `/librarian/bookdetails.php` | High
|
||||
50 | File | `/loginVaLidation.php` | High
|
||||
51 | File | `/manage-apartment.php` | High
|
||||
52 | File | `/manager/index.php` | High
|
||||
53 | File | `/mkshop/Men/profile.php` | High
|
||||
54 | ... | ... | ...
|
||||
|
||||
There are 468 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 472 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -8,12 +8,12 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
|
|||
|
||||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with OldGremlin:
|
||||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [AT](https://vuldb.com/?country.at)
|
||||
* ...
|
||||
|
||||
There are 2 more country items available. Please use our online service to access the data.
|
||||
There are 3 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -39,7 +39,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
3 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 12 more TTP items available. Please use our online service to access the data.
|
||||
There are 14 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -48,15 +48,16 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/api/RecordingList/DownloadRecord?file=` | High
|
||||
2 | File | `/rapi/read_url` | High
|
||||
3 | File | `/wp-admin/admin-post.php?es_skip=1&option_name` | High
|
||||
4 | File | `AppCompatCache.exe` | High
|
||||
5 | File | `cgi-bin/awstats.pl` | High
|
||||
6 | File | `cgi-bin/MANGA/admin.cgi` | High
|
||||
7 | File | `coders/png.c` | Medium
|
||||
8 | ... | ... | ...
|
||||
2 | File | `/apply.cgi` | Medium
|
||||
3 | File | `/rapi/read_url` | High
|
||||
4 | File | `/uncpath/` | Medium
|
||||
5 | File | `/wp-admin/admin-post.php?es_skip=1&option_name` | High
|
||||
6 | File | `AppCompatCache.exe` | High
|
||||
7 | File | `appserv/main.php` | High
|
||||
8 | File | `cgi-bin/awstats.pl` | High
|
||||
9 | ... | ... | ...
|
||||
|
||||
There are 57 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 63 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -9,6 +9,7 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
|
|||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with OrcusRAT:
|
||||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [ES](https://vuldb.com/?country.es)
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -33,12 +34,12 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `dede\co_do.php` | High
|
||||
2 | File | `Dynamiccontenttags.php` | High
|
||||
3 | File | `index.php` | Medium
|
||||
1 | File | `/wp-admin/admin-ajax.php` | High
|
||||
2 | File | `dede\co_do.php` | High
|
||||
3 | File | `Dynamiccontenttags.php` | High
|
||||
4 | ... | ... | ...
|
||||
|
||||
There are 4 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 6 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -9,8 +9,8 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
|
|||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Parrot:
|
||||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [RU](https://vuldb.com/?country.ru)
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
* [RU](https://vuldb.com/?country.ru)
|
||||
* ...
|
||||
|
||||
There are 10 more country items available. Please use our online service to access the data.
|
||||
|
@ -41,7 +41,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 19 more TTP items available. Please use our online service to access the data.
|
||||
There are 20 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
|
|
@ -20,7 +20,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [RU](https://vuldb.com/?country.ru)
|
||||
* ...
|
||||
|
||||
There are 30 more country items available. Please use our online service to access the data.
|
||||
There are 28 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -110,9 +110,9 @@ ID | Technique | Weakness | Description | Confidence
|
|||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-24, CWE-25 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
|
||||
4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | T1068 | CWE-250, CWE-264, CWE-266, CWE-269, CWE-284 | Execution with Unnecessary Privileges | High
|
||||
6 | T1068 | CWE-250, CWE-264, CWE-266, CWE-269, CWE-284 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | High
|
||||
7 | ... | ... | ... | ...
|
||||
|
||||
There are 23 more TTP items available. Please use our online service to access the data.
|
||||
|
@ -125,15 +125,15 @@ ID | Type | Indicator | Confidence
|
|||
-- | ---- | --------- | ----------
|
||||
1 | File | `/+CSCOE+/logon.html` | High
|
||||
2 | File | `/ajax/networking/get_netcfg.php` | High
|
||||
3 | File | `/app/options.py` | High
|
||||
4 | File | `/apply_noauth.cgi` | High
|
||||
5 | File | `/bin/httpd` | Medium
|
||||
6 | File | `/cgi-bin/wapopen` | High
|
||||
7 | File | `/ci_spms/admin/category` | High
|
||||
8 | File | `/ci_spms/admin/search/searching/` | High
|
||||
9 | File | `/classes/Master.php?f=delete_appointment` | High
|
||||
10 | File | `/classes/Master.php?f=delete_train` | High
|
||||
11 | File | `/cms/print.php` | High
|
||||
3 | File | `/api/gen/clients/{language}` | High
|
||||
4 | File | `/app/options.py` | High
|
||||
5 | File | `/apply_noauth.cgi` | High
|
||||
6 | File | `/bin/httpd` | Medium
|
||||
7 | File | `/cgi-bin/wapopen` | High
|
||||
8 | File | `/ci_spms/admin/category` | High
|
||||
9 | File | `/ci_spms/admin/search/searching/` | High
|
||||
10 | File | `/classes/Master.php?f=delete_appointment` | High
|
||||
11 | File | `/classes/Master.php?f=delete_train` | High
|
||||
12 | File | `/concat?/%2557EB-INF/web.xml` | High
|
||||
13 | File | `/Content/Template/root/reverse-shell.aspx` | High
|
||||
14 | File | `/ctcprotocol/Protocol` | High
|
||||
|
@ -143,30 +143,29 @@ ID | Type | Indicator | Confidence
|
|||
18 | File | `/ffos/classes/Master.php?f=save_category` | High
|
||||
19 | File | `/forum/away.php` | High
|
||||
20 | File | `/goforms/rlminfo` | High
|
||||
21 | File | `/HNAP1/SetClientInfo` | High
|
||||
22 | File | `/Items/*/RemoteImages/Download` | High
|
||||
23 | File | `/menu.html` | Medium
|
||||
24 | File | `/navigate/navigate_download.php` | High
|
||||
25 | File | `/ocwbs/admin/?page=user/manage_user` | High
|
||||
26 | File | `/ofrs/admin/?page=user/manage_user` | High
|
||||
27 | File | `/opt/zimbra/jetty/webapps/zimbra/public` | High
|
||||
28 | File | `/out.php` | Medium
|
||||
29 | File | `/password.html` | High
|
||||
30 | File | `/php_action/fetchSelectedUser.php` | High
|
||||
31 | File | `/property-list/property_view.php` | High
|
||||
32 | File | `/ptms/classes/Users.php` | High
|
||||
33 | File | `/resources//../` | High
|
||||
34 | File | `/rest/api/2/search` | High
|
||||
35 | File | `/s/` | Low
|
||||
36 | File | `/scripts/cpan_config` | High
|
||||
37 | File | `/secure/admin/InsightDefaultCustomFieldConfig.jspa` | High
|
||||
38 | File | `/shell` | Low
|
||||
39 | File | `/spip.php` | Medium
|
||||
40 | File | `/sys/dict/queryTableData` | High
|
||||
41 | File | `/tmp` | Low
|
||||
42 | ... | ... | ...
|
||||
21 | File | `/HNAP1` | Low
|
||||
22 | File | `/HNAP1/SetClientInfo` | High
|
||||
23 | File | `/Items/*/RemoteImages/Download` | High
|
||||
24 | File | `/menu.html` | Medium
|
||||
25 | File | `/modules/profile/index.php` | High
|
||||
26 | File | `/navigate/navigate_download.php` | High
|
||||
27 | File | `/ocwbs/admin/?page=user/manage_user` | High
|
||||
28 | File | `/ofrs/admin/?page=user/manage_user` | High
|
||||
29 | File | `/opt/zimbra/jetty/webapps/zimbra/public` | High
|
||||
30 | File | `/out.php` | Medium
|
||||
31 | File | `/password.html` | High
|
||||
32 | File | `/php_action/fetchSelectedUser.php` | High
|
||||
33 | File | `/property-list/property_view.php` | High
|
||||
34 | File | `/ptms/classes/Users.php` | High
|
||||
35 | File | `/resources//../` | High
|
||||
36 | File | `/rest/api/2/search` | High
|
||||
37 | File | `/s/` | Low
|
||||
38 | File | `/scripts/cpan_config` | High
|
||||
39 | File | `/secure/admin/InsightDefaultCustomFieldConfig.jspa` | High
|
||||
40 | File | `/shell` | Low
|
||||
41 | ... | ... | ...
|
||||
|
||||
There are 364 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 356 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -64,7 +64,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 18 more TTP items available. Please use our online service to access the data.
|
||||
There are 19 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
|
|
@ -46,11 +46,12 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23 | Pathname Traversal | High
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-24 | Pathname Traversal | High
|
||||
2 | T1055 | CWE-74 | Injection | High
|
||||
3 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
|
||||
4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
5 | ... | ... | ... | ...
|
||||
5 | T1068 | CWE-264, CWE-266, CWE-269, CWE-284 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 18 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
|
@ -77,13 +78,13 @@ ID | Type | Indicator | Confidence
|
|||
15 | File | `/foundry/modules/news/newscolumns.php` | High
|
||||
16 | File | `/ghost/preview` | High
|
||||
17 | File | `/GponForm/device_Form?script/` | High
|
||||
18 | File | `/include/config.cache.php` | High
|
||||
19 | File | `/index.php/admin/tag/add.html` | High
|
||||
20 | File | `/jeecg-boot/sys/common/upload` | High
|
||||
21 | File | `/lan.asp` | Medium
|
||||
22 | File | `/LDMS/frm_splitfrm.aspx` | High
|
||||
23 | File | `/modules/profile/index.php` | High
|
||||
24 | File | `/Mum.Geo.Services/DataAccessService.svc` | High
|
||||
18 | File | `/group1/uploa` | High
|
||||
19 | File | `/include/config.cache.php` | High
|
||||
20 | File | `/index.php/admin/tag/add.html` | High
|
||||
21 | File | `/jeecg-boot/sys/common/upload` | High
|
||||
22 | File | `/lan.asp` | Medium
|
||||
23 | File | `/LDMS/frm_splitfrm.aspx` | High
|
||||
24 | File | `/modules/profile/index.php` | High
|
||||
25 | File | `/NAGErrors` | Medium
|
||||
26 | File | `/out.php` | Medium
|
||||
27 | File | `/proxy` | Low
|
||||
|
@ -104,9 +105,10 @@ ID | Type | Indicator | Confidence
|
|||
42 | File | `addlyricsform.php` | High
|
||||
43 | File | `addmerchpicform.php` | High
|
||||
44 | File | `addresses_export.php` | High
|
||||
45 | ... | ... | ...
|
||||
45 | File | `admin.php` | Medium
|
||||
46 | ... | ... | ...
|
||||
|
||||
There are 392 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 394 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -32,7 +32,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
2 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
3 | T1068 | CWE-264 | Execution with Unnecessary Privileges | High
|
||||
3 | T1068 | CWE-264 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 2 more TTP items available. Please use our online service to access the data.
|
||||
|
|
|
@ -69,43 +69,45 @@ ID | Type | Indicator | Confidence
|
|||
6 | File | `/admin/bookings/manage_booking.php` | High
|
||||
7 | File | `/admin/bookings/view_booking.php` | High
|
||||
8 | File | `/admin/cashadvance_row.php` | High
|
||||
9 | File | `/admin/deduction_row.php` | High
|
||||
10 | File | `/admin/employee_row.php` | High
|
||||
11 | File | `/admin/index.php` | High
|
||||
12 | File | `/admin/index3.php` | High
|
||||
13 | File | `/admin/inquiries/view_inquiry.php` | High
|
||||
14 | File | `/admin/login.php` | High
|
||||
15 | File | `/admin/maintenance/brand.php` | High
|
||||
16 | File | `/admin/maintenance/manage_category.php` | High
|
||||
17 | File | `/admin/maintenance/view_designation.php` | High
|
||||
18 | File | `/admin/mechanics/manage_mechanic.php` | High
|
||||
19 | File | `/admin/offenses/view_details.php` | High
|
||||
20 | File | `/admin/orders/update_status.php` | High
|
||||
21 | File | `/admin/products/manage_product.php` | High
|
||||
22 | File | `/admin/products/view_product.php` | High
|
||||
23 | File | `/admin/reminders/manage_reminder.php` | High
|
||||
24 | File | `/admin/report/index.php` | High
|
||||
25 | File | `/admin/sales/manage_sale.php` | High
|
||||
26 | File | `/admin/services/manage_service.php` | High
|
||||
27 | File | `/admin/services/view_service.php` | High
|
||||
28 | File | `/admin/service_requests/manage_inventory.php` | High
|
||||
29 | File | `/admin/user/manage_user.php` | High
|
||||
30 | File | `/admin/userprofile.php` | High
|
||||
31 | File | `/admin_area/login_transfer.php` | High
|
||||
32 | File | `/adms/admin/?page=user/manage_user` | High
|
||||
33 | File | `/adms/admin/?page=vehicles/view_transaction` | High
|
||||
34 | File | `/ajax/update_certificate` | High
|
||||
35 | File | `/alphaware/details.php` | High
|
||||
36 | File | `/apply.cgi` | Medium
|
||||
37 | File | `/bsms_ci/index.php/book` | High
|
||||
38 | File | `/cgi-bin/mesh.cgi?page=upgrade` | High
|
||||
39 | File | `/cgi-bin/touchlist_sync.cgi` | High
|
||||
40 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
41 | File | `/classes/Login.php` | High
|
||||
42 | File | `/classes/Master.php` | High
|
||||
43 | ... | ... | ...
|
||||
9 | File | `/admin/curriculum/view_curriculum.php` | High
|
||||
10 | File | `/admin/deduction_row.php` | High
|
||||
11 | File | `/admin/departments/view_department.php` | High
|
||||
12 | File | `/admin/employee_row.php` | High
|
||||
13 | File | `/admin/index.php` | High
|
||||
14 | File | `/admin/index3.php` | High
|
||||
15 | File | `/admin/inquiries/view_inquiry.php` | High
|
||||
16 | File | `/admin/login.php` | High
|
||||
17 | File | `/admin/maintenance/brand.php` | High
|
||||
18 | File | `/admin/maintenance/manage_category.php` | High
|
||||
19 | File | `/admin/maintenance/view_designation.php` | High
|
||||
20 | File | `/admin/mechanics/manage_mechanic.php` | High
|
||||
21 | File | `/admin/offenses/view_details.php` | High
|
||||
22 | File | `/admin/orders/update_status.php` | High
|
||||
23 | File | `/admin/products/manage_product.php` | High
|
||||
24 | File | `/admin/products/view_product.php` | High
|
||||
25 | File | `/admin/reminders/manage_reminder.php` | High
|
||||
26 | File | `/admin/report/index.php` | High
|
||||
27 | File | `/admin/sales/manage_sale.php` | High
|
||||
28 | File | `/admin/services/manage_service.php` | High
|
||||
29 | File | `/admin/services/view_service.php` | High
|
||||
30 | File | `/admin/service_requests/manage_inventory.php` | High
|
||||
31 | File | `/admin/user/manage_user.php` | High
|
||||
32 | File | `/admin/userprofile.php` | High
|
||||
33 | File | `/admin_area/login_transfer.php` | High
|
||||
34 | File | `/adms/admin/?page=user/manage_user` | High
|
||||
35 | File | `/adms/admin/?page=vehicles/view_transaction` | High
|
||||
36 | File | `/ajax/update_certificate` | High
|
||||
37 | File | `/alphaware/details.php` | High
|
||||
38 | File | `/apply.cgi` | Medium
|
||||
39 | File | `/bsms_ci/index.php/book` | High
|
||||
40 | File | `/cgi-bin/mesh.cgi?page=upgrade` | High
|
||||
41 | File | `/cgi-bin/touchlist_sync.cgi` | High
|
||||
42 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
43 | File | `/classes/Login.php` | High
|
||||
44 | File | `/classes/Master.php` | High
|
||||
45 | ... | ... | ...
|
||||
|
||||
There are 373 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 388 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -2633,14 +2633,13 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-22, CWE-23, CWE-29, CWE-37 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-425 | Pathname Traversal | High
|
||||
2 | T1055 | CWE-74 | Injection | High
|
||||
3 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
5 | ... | ... | ... | ...
|
||||
|
||||
There are 19 more TTP items available. Please use our online service to access the data.
|
||||
There are 16 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -2648,42 +2647,41 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/admin/bookings/manage_booking.php` | High
|
||||
2 | File | `/admin/bookings/view_booking.php` | High
|
||||
3 | File | `/admin/categories/manage_category.php` | High
|
||||
4 | File | `/admin/categories/view_category.php` | High
|
||||
5 | File | `/admin/curriculum/view_curriculum.php` | High
|
||||
6 | File | `/admin/departments/view_department.php` | High
|
||||
7 | File | `/admin/index.php` | High
|
||||
8 | File | `/admin/inquiries/view_inquiry.php` | High
|
||||
9 | File | `/admin/maintenance/view_designation.php` | High
|
||||
10 | File | `/admin/manage_academic.php` | High
|
||||
11 | File | `/admin/orders/update_status.php` | High
|
||||
12 | File | `/admin/products/manage_product.php` | High
|
||||
13 | File | `/admin/products/view_product.php` | High
|
||||
14 | File | `/admin/reminders/manage_reminder.php` | High
|
||||
15 | File | `/admin/sales/manage_sale.php` | High
|
||||
16 | File | `/admin/sales/view_details.php` | High
|
||||
17 | File | `/admin/services/manage_service.php` | High
|
||||
18 | File | `/admin/services/view_service.php` | High
|
||||
19 | File | `/admin/suppliers/view_details.php` | High
|
||||
20 | File | `/admin/user/manage_user.php` | High
|
||||
21 | File | `/api/gen/clients/{language}` | High
|
||||
22 | File | `/blog/blog.php` | High
|
||||
23 | File | `/cgi-bin/kerbynet` | High
|
||||
24 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
25 | File | `/classes/Master.php?f=delete_inquiry` | High
|
||||
26 | File | `/classes/Master.php?f=save_course` | High
|
||||
27 | File | `/classes/Master.php?f=save_service` | High
|
||||
28 | File | `/classes/Users.php` | High
|
||||
29 | File | `/forum/away.php` | High
|
||||
30 | File | `/function/login.php` | High
|
||||
31 | File | `/login/index.php` | High
|
||||
32 | File | `/opt/tplink/EAPController/lib/eap-web-3.2.6.jar` | High
|
||||
33 | File | `/qsr_server/device/reboot` | High
|
||||
34 | ... | ... | ...
|
||||
1 | File | `//proc/kcore` | Medium
|
||||
2 | File | `/?r=email/api/mark&op=delFromSend` | High
|
||||
3 | File | `/admin/bookings/manage_booking.php` | High
|
||||
4 | File | `/admin/bookings/view_booking.php` | High
|
||||
5 | File | `/admin/bookings/view_details.php` | High
|
||||
6 | File | `/admin/inquiries/view_inquiry.php` | High
|
||||
7 | File | `/admin/services/view_service.php` | High
|
||||
8 | File | `/admin/user/manage_user.php` | High
|
||||
9 | File | `/admin/user/uploadImg` | High
|
||||
10 | File | `/administrator/components/table_manager/` | High
|
||||
11 | File | `/bin/login` | Medium
|
||||
12 | File | `/boafrm/formFilter` | High
|
||||
13 | File | `/classes/Master.php?f=save_course` | High
|
||||
14 | File | `/config/getuser` | High
|
||||
15 | File | `/Content/Template/root/reverse-shell.aspx` | High
|
||||
16 | File | `/Default/Bd` | Medium
|
||||
17 | File | `/feeds/post/publish` | High
|
||||
18 | File | `/message/form/` | High
|
||||
19 | File | `/moddable/xs/sources/xsScript.c` | High
|
||||
20 | File | `/send_order.cgi?parameter=access_detect` | High
|
||||
21 | File | `/server/api/v1/login` | High
|
||||
22 | File | `/static/ueditor/php/controller.php` | High
|
||||
23 | File | `/v2/#/` | Low
|
||||
24 | File | `/v2/#/add/department` | High
|
||||
25 | File | `/vendor` | Low
|
||||
26 | File | `123flashchat.php` | High
|
||||
27 | File | `adclick.php` | Medium
|
||||
28 | File | `admin.a6mambocredits.php` | High
|
||||
29 | File | `admin.cropcanvas.php` | High
|
||||
30 | File | `admin/conf_users_edit.php` | High
|
||||
31 | File | `admin/default.asp` | High
|
||||
32 | File | `admin/index.php` | High
|
||||
33 | ... | ... | ...
|
||||
|
||||
There are 290 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 280 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -53,7 +53,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
5 | ... | ... | ... | ...
|
||||
|
||||
There are 17 more TTP items available. Please use our online service to access the data.
|
||||
There are 18 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -83,9 +83,17 @@ ID | Type | Indicator | Confidence
|
|||
20 | File | `/web/entry/en/address/adrsSetUserWizard.cgi` | High
|
||||
21 | File | `adclick.php` | Medium
|
||||
22 | File | `admin.asp` | Medium
|
||||
23 | ... | ... | ...
|
||||
23 | File | `admin/categories_industry.php` | High
|
||||
24 | File | `admin/content/postcategory` | High
|
||||
25 | File | `admin/index.php` | High
|
||||
26 | File | `admin/settings.php` | High
|
||||
27 | File | `admin/status/realtime/bandwidth_status` | High
|
||||
28 | File | `adminAttachments.php` | High
|
||||
29 | File | `adminAvatars.php` | High
|
||||
30 | File | `adminBoards.php` | High
|
||||
31 | ... | ... | ...
|
||||
|
||||
There are 193 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 260 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -89,49 +89,49 @@ ID | Type | Indicator | Confidence
|
|||
20 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
21 | File | `/cha.php` | Medium
|
||||
22 | File | `/College/admin/teacher.php` | High
|
||||
23 | File | `/dayrui/Fcms/View/system_log.html` | High
|
||||
24 | File | `/dev/mem` | Medium
|
||||
25 | File | `/drivers/block/floppy.c` | High
|
||||
26 | File | `/ecommerce/admin/category/controller.php` | High
|
||||
27 | File | `/etc/config/product.ini` | High
|
||||
28 | File | `/etc/crash` | Medium
|
||||
29 | File | `/etc/shadow` | Medium
|
||||
30 | File | `/fos/admin/ajax.php` | High
|
||||
31 | File | `/goform/aspForm` | High
|
||||
32 | File | `/goform/delAd` | High
|
||||
33 | File | `/goform/WifiBasicSet` | High
|
||||
34 | File | `/inc/topBarNav.php` | High
|
||||
35 | File | `/index.php` | Medium
|
||||
36 | File | `/login/index.php` | High
|
||||
37 | File | `/medicines/profile.php` | High
|
||||
38 | File | `/menu.html` | Medium
|
||||
39 | File | `/Moosikay/order.php` | High
|
||||
40 | File | `/multi-vendor-shopping-script/product-list.php` | High
|
||||
41 | File | `/nasm/nasm-parse.c` | High
|
||||
42 | File | `/ordering/admin/orders/loaddata.php` | High
|
||||
43 | File | `/ordering/admin/stockin/loaddata.php` | High
|
||||
44 | File | `/philosophy/admin/login.php` | High
|
||||
45 | File | `/php-opos/login.php` | High
|
||||
46 | File | `/priv_mgt.html` | High
|
||||
47 | File | `/queuing/index.php?page=display` | High
|
||||
48 | File | `/resources//../` | High
|
||||
49 | File | `/tmp/app/.env` | High
|
||||
50 | File | `/ui/cbpc/login` | High
|
||||
51 | File | `/user/updatePwd` | High
|
||||
52 | File | `/users/delete/2` | High
|
||||
53 | File | `/usr/sbin/nagios` | High
|
||||
54 | File | `/var/tmp/audacity-$USER` | High
|
||||
55 | File | `/webman/info.cgi` | High
|
||||
56 | File | `/wp-json/wc/v3/webhooks` | High
|
||||
57 | File | `3G/UMTS` | Low
|
||||
58 | File | `account_change.php` | High
|
||||
59 | File | `acloudCosAction.php.SQL` | High
|
||||
60 | File | `ActiveServices.java` | High
|
||||
61 | File | `ad.php` | Low
|
||||
62 | File | `adclick.php` | Medium
|
||||
23 | File | `/Controls/Generic/EBMK/Handlers/EStatements/DownloadEStatement.ashx` | High
|
||||
24 | File | `/dayrui/Fcms/View/system_log.html` | High
|
||||
25 | File | `/dev/mem` | Medium
|
||||
26 | File | `/drivers/block/floppy.c` | High
|
||||
27 | File | `/ecommerce/admin/category/controller.php` | High
|
||||
28 | File | `/etc/config/product.ini` | High
|
||||
29 | File | `/etc/crash` | Medium
|
||||
30 | File | `/etc/shadow` | Medium
|
||||
31 | File | `/fos/admin/ajax.php` | High
|
||||
32 | File | `/goform/aspForm` | High
|
||||
33 | File | `/goform/delAd` | High
|
||||
34 | File | `/goform/WifiBasicSet` | High
|
||||
35 | File | `/inc/topBarNav.php` | High
|
||||
36 | File | `/index.php` | Medium
|
||||
37 | File | `/login/index.php` | High
|
||||
38 | File | `/medicines/profile.php` | High
|
||||
39 | File | `/menu.html` | Medium
|
||||
40 | File | `/Moosikay/order.php` | High
|
||||
41 | File | `/multi-vendor-shopping-script/product-list.php` | High
|
||||
42 | File | `/nasm/nasm-parse.c` | High
|
||||
43 | File | `/ordering/admin/orders/loaddata.php` | High
|
||||
44 | File | `/ordering/admin/stockin/loaddata.php` | High
|
||||
45 | File | `/philosophy/admin/login.php` | High
|
||||
46 | File | `/php-opos/login.php` | High
|
||||
47 | File | `/priv_mgt.html` | High
|
||||
48 | File | `/queuing/index.php?page=display` | High
|
||||
49 | File | `/resources//../` | High
|
||||
50 | File | `/tmp/app/.env` | High
|
||||
51 | File | `/ui/cbpc/login` | High
|
||||
52 | File | `/user/updatePwd` | High
|
||||
53 | File | `/users/delete/2` | High
|
||||
54 | File | `/usr/sbin/nagios` | High
|
||||
55 | File | `/var/tmp/audacity-$USER` | High
|
||||
56 | File | `/webman/info.cgi` | High
|
||||
57 | File | `/wp-json/wc/v3/webhooks` | High
|
||||
58 | File | `3G/UMTS` | Low
|
||||
59 | File | `account_change.php` | High
|
||||
60 | File | `acloudCosAction.php.SQL` | High
|
||||
61 | File | `ActiveServices.java` | High
|
||||
62 | File | `ad.php` | Low
|
||||
63 | ... | ... | ...
|
||||
|
||||
There are 555 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 554 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -44,12 +44,12 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/include/chart_generator.php` | High
|
||||
2 | File | `/index.php` | Medium
|
||||
3 | File | `drivers/firmware/efi/capsule-loader.c` | High
|
||||
1 | File | `/fos/admin/ajax.php` | High
|
||||
2 | File | `/include/chart_generator.php` | High
|
||||
3 | File | `/index.php` | Medium
|
||||
4 | ... | ... | ...
|
||||
|
||||
There are 23 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 25 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -49,28 +49,28 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/app/Http/Controllers/Admin/NEditorController.php` | High
|
||||
2 | File | `/forum/away.php` | High
|
||||
3 | File | `/getcfg.php` | Medium
|
||||
4 | File | `/inc/lists/csvexport.php` | High
|
||||
5 | File | `/server-status` | High
|
||||
6 | File | `/sgmi/` | Low
|
||||
7 | File | `/system/user/resetPwd` | High
|
||||
8 | File | `/tos/index.php?editor/fileGet` | High
|
||||
9 | File | `/uncpath/` | Medium
|
||||
10 | File | `/user/updatePwd` | High
|
||||
11 | File | `/var/log/nginx` | High
|
||||
12 | File | `addentry.php` | Medium
|
||||
13 | File | `admin-ajax.php?action=get_wdtable order[0][dir]` | High
|
||||
14 | File | `admin/plib/api-rpc/Agent.php` | High
|
||||
15 | File | `auth-gss2.c` | Medium
|
||||
16 | File | `bcbadmSettings.jsp` | High
|
||||
17 | File | `books.php` | Medium
|
||||
18 | File | `cgi.c` | Low
|
||||
19 | File | `class/connect.php` | High
|
||||
1 | File | `/admin/maintenance/view_designation.php` | High
|
||||
2 | File | `/app/Http/Controllers/Admin/NEditorController.php` | High
|
||||
3 | File | `/forum/away.php` | High
|
||||
4 | File | `/getcfg.php` | Medium
|
||||
5 | File | `/inc/lists/csvexport.php` | High
|
||||
6 | File | `/server-status` | High
|
||||
7 | File | `/sgmi/` | Low
|
||||
8 | File | `/system/user/resetPwd` | High
|
||||
9 | File | `/tos/index.php?editor/fileGet` | High
|
||||
10 | File | `/uncpath/` | Medium
|
||||
11 | File | `/user/updatePwd` | High
|
||||
12 | File | `/var/log/nginx` | High
|
||||
13 | File | `addentry.php` | Medium
|
||||
14 | File | `admin-ajax.php?action=get_wdtable order[0][dir]` | High
|
||||
15 | File | `admin/plib/api-rpc/Agent.php` | High
|
||||
16 | File | `auth-gss2.c` | Medium
|
||||
17 | File | `bcbadmSettings.jsp` | High
|
||||
18 | File | `books.php` | Medium
|
||||
19 | File | `cgi.c` | Low
|
||||
20 | ... | ... | ...
|
||||
|
||||
There are 163 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 167 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -51,11 +51,11 @@ ID | Technique | Weakness | Description | Confidence
|
|||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-25 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 19 more TTP items available. Please use our online service to access the data.
|
||||
There are 20 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -63,51 +63,50 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/admin/maintenance/view_designation.php` | High
|
||||
2 | File | `/alphaware/details.php` | High
|
||||
3 | File | `/api/admin/system/store/order/list` | High
|
||||
4 | File | `/apply_noauth.cgi` | High
|
||||
5 | File | `/auth/fn.php` | Medium
|
||||
6 | File | `/bin/sh` | Low
|
||||
7 | File | `/cgi-bin/ExportLogs.sh` | High
|
||||
8 | File | `/common/sysFile/list` | High
|
||||
9 | File | `/context/%2e/WEB-INF/web.xml` | High
|
||||
10 | File | `/debug/pprof` | Medium
|
||||
11 | File | `/dist/index.js` | High
|
||||
12 | File | `/editor/index.php` | High
|
||||
13 | File | `/etc/openstack-dashboard/local_settings` | High
|
||||
14 | File | `/etc/passwd` | Medium
|
||||
15 | File | `/goform/addressNat` | High
|
||||
16 | File | `/include/Model/Upload.php` | High
|
||||
17 | File | `/js/player/dmplayer/dmku/index.php` | High
|
||||
18 | File | `/kruxton/sales_report.php` | High
|
||||
19 | File | `/modules/snf/index.php` | High
|
||||
20 | File | `/nasm/nasm-token.re` | High
|
||||
21 | File | `/orrs/admin/?page=user/manage_user` | High
|
||||
22 | File | `/param.file.tgz` | High
|
||||
23 | File | `/php-jms/updateBlankTxtview.php` | High
|
||||
24 | File | `/product/savenewproduct.php?flag=1` | High
|
||||
25 | File | `/rrdp` | Low
|
||||
26 | File | `/secure/QueryComponent!Default.jspa` | High
|
||||
27 | File | `/subtitles.php` | High
|
||||
28 | File | `/tourism/rate_review.php` | High
|
||||
29 | File | `/views/directive/sys/SysConfigDataDirective.java` | High
|
||||
30 | File | `a-forms.php` | Medium
|
||||
31 | File | `add_postit.php` | High
|
||||
32 | File | `admin.php` | Medium
|
||||
33 | File | `admin/shophelp.php` | High
|
||||
34 | File | `administration.jsp` | High
|
||||
35 | File | `adminquery.php` | High
|
||||
36 | File | `ansfaq.asp` | Medium
|
||||
37 | File | `ApiController.class.php` | High
|
||||
38 | File | `APKINDEX.tar.gz` | High
|
||||
39 | File | `app/parameters/sipity/parameters/search_criteria_for_works_parameter.rb` | High
|
||||
40 | File | `appconfig.ini` | High
|
||||
41 | File | `appGet.cgi` | Medium
|
||||
42 | File | `application/src/main/webapp/vue-app/components/ExoChatMessageComposer.vue` | High
|
||||
43 | ... | ... | ...
|
||||
1 | File | `/?r=email/api/mark&op=delFromSend` | High
|
||||
2 | File | `/admin/maintenance/view_designation.php` | High
|
||||
3 | File | `/alphaware/details.php` | High
|
||||
4 | File | `/api/admin/system/store/order/list` | High
|
||||
5 | File | `/apply_noauth.cgi` | High
|
||||
6 | File | `/auth/fn.php` | Medium
|
||||
7 | File | `/bin/sh` | Low
|
||||
8 | File | `/cgi-bin/ExportLogs.sh` | High
|
||||
9 | File | `/common/sysFile/list` | High
|
||||
10 | File | `/context/%2e/WEB-INF/web.xml` | High
|
||||
11 | File | `/debug/pprof` | Medium
|
||||
12 | File | `/Default/Bd` | Medium
|
||||
13 | File | `/dist/index.js` | High
|
||||
14 | File | `/editor/index.php` | High
|
||||
15 | File | `/Electron/download` | High
|
||||
16 | File | `/etc/openstack-dashboard/local_settings` | High
|
||||
17 | File | `/etc/passwd` | Medium
|
||||
18 | File | `/goform/addressNat` | High
|
||||
19 | File | `/include/Model/Upload.php` | High
|
||||
20 | File | `/js/player/dmplayer/dmku/index.php` | High
|
||||
21 | File | `/kruxton/sales_report.php` | High
|
||||
22 | File | `/message/form/` | High
|
||||
23 | File | `/modules/snf/index.php` | High
|
||||
24 | File | `/nasm/nasm-token.re` | High
|
||||
25 | File | `/orrs/admin/?page=user/manage_user` | High
|
||||
26 | File | `/param.file.tgz` | High
|
||||
27 | File | `/php-jms/updateBlankTxtview.php` | High
|
||||
28 | File | `/product/savenewproduct.php?flag=1` | High
|
||||
29 | File | `/rrdp` | Low
|
||||
30 | File | `/secure/QueryComponent!Default.jspa` | High
|
||||
31 | File | `/send_order.cgi?parameter=access_detect` | High
|
||||
32 | File | `/static/ueditor/php/controller.php` | High
|
||||
33 | File | `/subtitles.php` | High
|
||||
34 | File | `/tourism/rate_review.php` | High
|
||||
35 | File | `/views/directive/sys/SysConfigDataDirective.java` | High
|
||||
36 | File | `a-forms.php` | Medium
|
||||
37 | File | `adclick.php` | Medium
|
||||
38 | File | `add_postit.php` | High
|
||||
39 | File | `admin.php` | Medium
|
||||
40 | File | `admin/default.asp` | High
|
||||
41 | File | `admin/shophelp.php` | High
|
||||
42 | ... | ... | ...
|
||||
|
||||
There are 373 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 359 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -78,27 +78,27 @@ ID | Type | Indicator | Confidence
|
|||
19 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
20 | File | `/churchcrm/EventAttendance.php` | High
|
||||
21 | File | `/College/admin/teacher.php` | High
|
||||
22 | File | `/DXR.axd` | Medium
|
||||
23 | File | `/filemanager/php/connector.php` | High
|
||||
24 | File | `/forum/away.php` | High
|
||||
25 | File | `/goform/aspForm` | High
|
||||
26 | File | `/inc/topBarNav.php` | High
|
||||
27 | File | `/licenses` | Medium
|
||||
28 | File | `/login/index.php` | High
|
||||
29 | File | `/mhds/clinic/view_details.php` | High
|
||||
30 | File | `/modules/projects/vw_files.php` | High
|
||||
31 | File | `/Moosikay/order.php` | High
|
||||
32 | File | `/plain` | Low
|
||||
33 | File | `/public/launchNewWindow.jsp` | High
|
||||
34 | File | `/public/login.htm` | High
|
||||
35 | File | `/qsr_server/device/reboot` | High
|
||||
36 | File | `/rukovoditel/index.php?module=users/login` | High
|
||||
37 | File | `/secure/QueryComponent!Default.jspa` | High
|
||||
38 | File | `/spip.php` | Medium
|
||||
39 | File | `/static/ueditor/php/controller.php` | High
|
||||
22 | File | `/Content/Template/root/reverse-shell.aspx` | High
|
||||
23 | File | `/Controls/Generic/EBMK/Handlers/EStatements/DownloadEStatement.ashx` | High
|
||||
24 | File | `/DXR.axd` | Medium
|
||||
25 | File | `/filemanager/php/connector.php` | High
|
||||
26 | File | `/forum/away.php` | High
|
||||
27 | File | `/goform/aspForm` | High
|
||||
28 | File | `/inc/topBarNav.php` | High
|
||||
29 | File | `/licenses` | Medium
|
||||
30 | File | `/login/index.php` | High
|
||||
31 | File | `/mhds/clinic/view_details.php` | High
|
||||
32 | File | `/modules/projects/vw_files.php` | High
|
||||
33 | File | `/Moosikay/order.php` | High
|
||||
34 | File | `/plain` | Low
|
||||
35 | File | `/public/launchNewWindow.jsp` | High
|
||||
36 | File | `/public/login.htm` | High
|
||||
37 | File | `/qsr_server/device/reboot` | High
|
||||
38 | File | `/rukovoditel/index.php?module=users/login` | High
|
||||
39 | File | `/secure/QueryComponent!Default.jspa` | High
|
||||
40 | ... | ... | ...
|
||||
|
||||
There are 342 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 349 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -9,6 +9,7 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
|
|||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with STRRat:
|
||||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [PT](https://vuldb.com/?country.pt)
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -39,12 +40,12 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `phpinfo.php` | Medium
|
||||
2 | File | `shoptellafriend.asp` | High
|
||||
3 | File | `yabb.pl` | Low
|
||||
1 | File | `jmreport/qurestSql` | High
|
||||
2 | File | `phpinfo.php` | Medium
|
||||
3 | File | `shoptellafriend.asp` | High
|
||||
4 | ... | ... | ...
|
||||
|
||||
There are 3 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 5 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -20,7 +20,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [LA](https://vuldb.com/?country.la)
|
||||
* ...
|
||||
|
||||
There are 14 more country items available. Please use our online service to access the data.
|
||||
There are 15 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -36,9 +36,10 @@ ID | IP address | Hostname | Campaign | Confidence
|
|||
6 | [5.255.87.39](https://vuldb.com/?ip.5.255.87.39) | - | BlackEnergy | High
|
||||
7 | [31.210.111.154](https://vuldb.com/?ip.31.210.111.154) | . | BlackEnergy | High
|
||||
8 | [37.220.34.56](https://vuldb.com/?ip.37.220.34.56) | - | BlackEnergy | High
|
||||
9 | ... | ... | ... | ...
|
||||
9 | [45.56.93.83](https://vuldb.com/?ip.45.56.93.83) | li895-83.members.linode.com | Ukraine | High
|
||||
10 | ... | ... | ... | ...
|
||||
|
||||
There are 30 more IOC items available. Please use our online service to access the data.
|
||||
There are 34 more IOC items available. Please use our online service to access the data.
|
||||
|
||||
## TTP - Tactics, Techniques, Procedures
|
||||
|
||||
|
@ -78,39 +79,41 @@ ID | Type | Indicator | Confidence
|
|||
15 | File | `/cgi-bin/luci/api/wireless` | High
|
||||
16 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
17 | File | `/context/%2e/WEB-INF/web.xml` | High
|
||||
18 | File | `/dashboard/reports/logs/view` | High
|
||||
19 | File | `/dcim/sites/add/` | High
|
||||
20 | File | `/debian/patches/load_ppp_generic_if_needed` | High
|
||||
21 | File | `/debug/pprof` | Medium
|
||||
22 | File | `/enginemanager/server/user/delete.htm` | High
|
||||
23 | File | `/etc/hosts` | Medium
|
||||
24 | File | `/forum/away.php` | High
|
||||
25 | File | `/goform/delAd` | High
|
||||
26 | File | `/goform/setmac` | High
|
||||
27 | File | `/goform/wizard_end` | High
|
||||
28 | File | `/manage-apartment.php` | High
|
||||
29 | File | `/medicines/profile.php` | High
|
||||
30 | File | `/modules/caddyhttp/rewrite/rewrite.go` | High
|
||||
18 | File | `/dcim/sites/add/` | High
|
||||
19 | File | `/debian/patches/load_ppp_generic_if_needed` | High
|
||||
20 | File | `/debug/pprof` | Medium
|
||||
21 | File | `/enginemanager/server/user/delete.htm` | High
|
||||
22 | File | `/etc/hosts` | Medium
|
||||
23 | File | `/forum/away.php` | High
|
||||
24 | File | `/goform/delAd` | High
|
||||
25 | File | `/goform/setmac` | High
|
||||
26 | File | `/goform/wizard_end` | High
|
||||
27 | File | `/manage-apartment.php` | High
|
||||
28 | File | `/medicines/profile.php` | High
|
||||
29 | File | `/modules/caddyhttp/rewrite/rewrite.go` | High
|
||||
30 | File | `/opt/zimbra/jetty/webapps/zimbra/public` | High
|
||||
31 | File | `/out.php` | Medium
|
||||
32 | File | `/owa/auth/logon.aspx` | High
|
||||
33 | File | `/pages/apply_vacancy.php` | High
|
||||
34 | File | `/pet_shop/admin/?page=maintenance/manage_category` | High
|
||||
35 | File | `/print.php` | Medium
|
||||
36 | File | `/probe?target` | High
|
||||
37 | File | `/proc/<PID>/mem` | High
|
||||
38 | File | `/proxy` | Low
|
||||
39 | File | `/reservation/add_message.php` | High
|
||||
40 | File | `/secure/admin/InsightDefaultCustomFieldConfig.jspa` | High
|
||||
41 | File | `/spip.php` | Medium
|
||||
42 | File | `/tmp` | Low
|
||||
43 | ... | ... | ...
|
||||
37 | File | `/proxy` | Low
|
||||
38 | File | `/reservation/add_message.php` | High
|
||||
39 | File | `/secure/admin/InsightDefaultCustomFieldConfig.jspa` | High
|
||||
40 | File | `/spip.php` | Medium
|
||||
41 | File | `/tmp` | Low
|
||||
42 | File | `/uncpath/` | Medium
|
||||
43 | File | `/upload` | Low
|
||||
44 | ... | ... | ...
|
||||
|
||||
There are 373 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 383 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
The following list contains _external sources_ which discuss the actor and the associated activities:
|
||||
|
||||
* https://blog.google/threat-analysis-group/ukraine-remains-russias-biggest-cyber-focus-in-2023/
|
||||
* https://ddanchev.blogspot.com/2022/06/exclusive-exposing-grus-unit-74455.html
|
||||
* https://media.defense.gov/2020/May/28/2002306626/-1/-1/0/CSA%20Sandworm%20Actors%20Exploiting%20Vulnerability%20in%20Exim%20Transfer%20Agent%2020200528.pdf
|
||||
* https://otx.alienvault.com/pulse/62552abdd7e44d9aba08636d
|
||||
|
|
|
@ -53,12 +53,12 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `admin/write-post.php` | High
|
||||
2 | File | `FileDownload.jsp` | High
|
||||
3 | File | `gallery.php` | Medium
|
||||
1 | File | `AdClass.php` | Medium
|
||||
2 | File | `admin/write-post.php` | High
|
||||
3 | File | `FileDownload.jsp` | High
|
||||
4 | ... | ... | ...
|
||||
|
||||
There are 16 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 17 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -63,25 +63,26 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/forgetpassword.php` | High
|
||||
2 | File | `/forum/away.php` | High
|
||||
3 | File | `/modules/registration_admission/patient_register.php` | High
|
||||
4 | File | `/spip.php` | Medium
|
||||
5 | File | `/Tools/tools_admin.htm` | High
|
||||
6 | File | `/uncpath/` | Medium
|
||||
7 | File | `adm/krgourl.php` | High
|
||||
8 | File | `admin.php` | Medium
|
||||
9 | File | `admin/conf_users_edit.php` | High
|
||||
10 | File | `administers` | Medium
|
||||
11 | File | `application\User\Controller\ProfileController.class.php` | High
|
||||
12 | File | `banner-edit.php` | High
|
||||
13 | File | `btif_hd.cc` | Medium
|
||||
14 | File | `catchsegv` | Medium
|
||||
15 | File | `classes/SystemSettings.php` | High
|
||||
16 | File | `classified.php` | High
|
||||
17 | ... | ... | ...
|
||||
1 | File | `/admin/maintenance/view_designation.php` | High
|
||||
2 | File | `/forgetpassword.php` | High
|
||||
3 | File | `/forum/away.php` | High
|
||||
4 | File | `/modules/registration_admission/patient_register.php` | High
|
||||
5 | File | `/spip.php` | Medium
|
||||
6 | File | `/Tools/tools_admin.htm` | High
|
||||
7 | File | `/uncpath/` | Medium
|
||||
8 | File | `adm/krgourl.php` | High
|
||||
9 | File | `admin.php` | Medium
|
||||
10 | File | `admin/conf_users_edit.php` | High
|
||||
11 | File | `administers` | Medium
|
||||
12 | File | `application\User\Controller\ProfileController.class.php` | High
|
||||
13 | File | `banner-edit.php` | High
|
||||
14 | File | `btif_hd.cc` | Medium
|
||||
15 | File | `catchsegv` | Medium
|
||||
16 | File | `classes/SystemSettings.php` | High
|
||||
17 | File | `classified.php` | High
|
||||
18 | ... | ... | ...
|
||||
|
||||
There are 140 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 146 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [GB](https://vuldb.com/?country.gb)
|
||||
* ...
|
||||
|
||||
There are 19 more country items available. Please use our online service to access the data.
|
||||
There are 20 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -2040,9 +2040,10 @@ ID | Type | Indicator | Confidence
|
|||
42 | File | `ActiveServices.java` | High
|
||||
43 | File | `adclick.php` | Medium
|
||||
44 | File | `addentry.php` | Medium
|
||||
45 | ... | ... | ...
|
||||
45 | File | `addressbook/backends/ldap/e-book-backend-ldap.c` | High
|
||||
46 | ... | ... | ...
|
||||
|
||||
There are 393 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 394 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -44,7 +44,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
3 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 13 more TTP items available. Please use our online service to access the data.
|
||||
There are 14 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -54,18 +54,18 @@ ID | Type | Indicator | Confidence
|
|||
-- | ---- | --------- | ----------
|
||||
1 | File | `/.ssh/authorized_keys2` | High
|
||||
2 | File | `/anony/mjpg.cgi` | High
|
||||
3 | File | `/html/device-id` | High
|
||||
4 | File | `/uncpath/` | Medium
|
||||
5 | File | `a2dp_aac_decoder.cc` | High
|
||||
6 | File | `actbar3.ocx` | Medium
|
||||
7 | File | `adclick.php` | Medium
|
||||
8 | File | `admin.php` | Medium
|
||||
9 | File | `admin/users/add` | High
|
||||
10 | File | `administrator/components/com_media/helpers/media.php` | High
|
||||
11 | File | `ajax-actions.php` | High
|
||||
3 | File | `/forms/doLogin` | High
|
||||
4 | File | `/html/device-id` | High
|
||||
5 | File | `/uncpath/` | Medium
|
||||
6 | File | `a2dp_aac_decoder.cc` | High
|
||||
7 | File | `actbar3.ocx` | Medium
|
||||
8 | File | `adclick.php` | Medium
|
||||
9 | File | `admin.php` | Medium
|
||||
10 | File | `admin/users/add` | High
|
||||
11 | File | `administrator/components/com_media/helpers/media.php` | High
|
||||
12 | ... | ... | ...
|
||||
|
||||
There are 95 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 96 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -73,55 +73,57 @@ ID | Type | Indicator | Confidence
|
|||
-- | ---- | --------- | ----------
|
||||
1 | File | `/admin/api/admin/articles/` | High
|
||||
2 | File | `/admin/api/theme-edit/` | High
|
||||
3 | File | `/Admin/createClass.php` | High
|
||||
4 | File | `/admin/curriculum/view_curriculum.php` | High
|
||||
5 | File | `/admin/departments/view_department.php` | High
|
||||
6 | File | `/admin/problem_judge.php` | High
|
||||
7 | File | `/admin/suppliers/view_details.php` | High
|
||||
8 | File | `/admin/userprofile.php` | High
|
||||
9 | File | `/api/browserextension/UpdatePassword/` | High
|
||||
10 | File | `/application/views/themeOptions/update.php` | High
|
||||
11 | File | `/attachments` | Medium
|
||||
12 | File | `/balance/service/list` | High
|
||||
13 | File | `/classes/Users.php` | High
|
||||
14 | File | `/config/myfield/test.php` | High
|
||||
15 | File | `/data/app` | Medium
|
||||
16 | File | `/dev/snd/seq` | Medium
|
||||
17 | File | `/diagnostic/login.php` | High
|
||||
18 | File | `/etc/gsissh/sshd_config` | High
|
||||
19 | File | `/etc/master.passwd` | High
|
||||
20 | File | `/etc/passwd` | Medium
|
||||
21 | File | `/goform/WifiBasicSet` | High
|
||||
22 | File | `/hrm/controller/login.php` | High
|
||||
23 | File | `/login` | Low
|
||||
24 | File | `/logs/sql-error.log` | High
|
||||
25 | File | `/mogu-picture/file/uploadPicsByUrl` | High
|
||||
26 | File | `/pages/save_user.php` | High
|
||||
27 | File | `/password/reset` | High
|
||||
28 | File | `/plugin/getList` | High
|
||||
29 | File | `/register/abort` | High
|
||||
30 | File | `/rukovoditel/index.php?module=logs/view&type=php` | High
|
||||
31 | File | `/webservices/download/index.php` | High
|
||||
32 | File | `actions.hsp` | Medium
|
||||
33 | File | `adclick.php` | Medium
|
||||
34 | File | `AddAppNetworksActivity.java` | High
|
||||
35 | File | `AddAppNetworksFragment.java` | High
|
||||
36 | File | `admin.php` | Medium
|
||||
37 | File | `admin/ajax.attachment.php` | High
|
||||
38 | File | `admin/article_save.php` | High
|
||||
39 | File | `admin/make_payments.php` | High
|
||||
40 | File | `admin/panels/uploader/admin.uploader.php` | High
|
||||
41 | File | `admin/stat.main.php` | High
|
||||
42 | File | `aiff.c` | Low
|
||||
43 | File | `alaw.c` | Low
|
||||
44 | File | `Ap4StdCFileByteStream.cpp` | High
|
||||
45 | File | `api/src/main/java/org/openmrs/module/appointmentscheduling/validator/AppointmentTypeValidator.java` | High
|
||||
46 | File | `app/controllers/code_caller_controller.php` | High
|
||||
47 | File | `app/helpers/queries_helper.rb` | High
|
||||
48 | File | `app/View/Helper/CommandHelper.php` | High
|
||||
49 | ... | ... | ...
|
||||
3 | File | `/admin/categories/view_category.php` | High
|
||||
4 | File | `/Admin/createClass.php` | High
|
||||
5 | File | `/admin/curriculum/view_curriculum.php` | High
|
||||
6 | File | `/admin/departments/view_department.php` | High
|
||||
7 | File | `/admin/maintenance/view_designation.php` | High
|
||||
8 | File | `/admin/problem_judge.php` | High
|
||||
9 | File | `/admin/reminders/manage_reminder.php` | High
|
||||
10 | File | `/admin/sales/manage_sale.php` | High
|
||||
11 | File | `/admin/sales/view_details.php` | High
|
||||
12 | File | `/admin/suppliers/view_details.php` | High
|
||||
13 | File | `/admin/user/manage_user.php` | High
|
||||
14 | File | `/admin/userprofile.php` | High
|
||||
15 | File | `/admin/voters_row.php` | High
|
||||
16 | File | `/api/browserextension/UpdatePassword/` | High
|
||||
17 | File | `/application/views/themeOptions/update.php` | High
|
||||
18 | File | `/attachments` | Medium
|
||||
19 | File | `/balance/service/list` | High
|
||||
20 | File | `/classes/Users.php` | High
|
||||
21 | File | `/config/myfield/test.php` | High
|
||||
22 | File | `/data/app` | Medium
|
||||
23 | File | `/dev/snd/seq` | Medium
|
||||
24 | File | `/diagnostic/login.php` | High
|
||||
25 | File | `/etc/gsissh/sshd_config` | High
|
||||
26 | File | `/etc/master.passwd` | High
|
||||
27 | File | `/etc/passwd` | Medium
|
||||
28 | File | `/goform/WifiBasicSet` | High
|
||||
29 | File | `/hrm/controller/login.php` | High
|
||||
30 | File | `/login` | Low
|
||||
31 | File | `/logs/sql-error.log` | High
|
||||
32 | File | `/mogu-picture/file/uploadPicsByUrl` | High
|
||||
33 | File | `/pages/save_user.php` | High
|
||||
34 | File | `/password/reset` | High
|
||||
35 | File | `/plugin/getList` | High
|
||||
36 | File | `/register/abort` | High
|
||||
37 | File | `/reviewer/system/system/admins/manage/users/user-update.php` | High
|
||||
38 | File | `/rukovoditel/index.php?module=logs/view&type=php` | High
|
||||
39 | File | `/send_order.cgi?parameter=access_detect` | High
|
||||
40 | File | `/webservices/download/index.php` | High
|
||||
41 | File | `actions.hsp` | Medium
|
||||
42 | File | `adclick.php` | Medium
|
||||
43 | File | `AddAppNetworksActivity.java` | High
|
||||
44 | File | `AddAppNetworksFragment.java` | High
|
||||
45 | File | `admin.php` | Medium
|
||||
46 | File | `admin/ajax.attachment.php` | High
|
||||
47 | File | `admin/article_save.php` | High
|
||||
48 | File | `admin/make_payments.php` | High
|
||||
49 | File | `admin/panels/uploader/admin.uploader.php` | High
|
||||
50 | File | `admin/products/controller.php?action=add` | High
|
||||
51 | ... | ... | ...
|
||||
|
||||
There are 423 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 448 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -32,7 +32,7 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1059.007 | CWE-79 | Cross Site Scripting | High
|
||||
2 | T1068 | CWE-264 | Execution with Unnecessary Privileges | High
|
||||
2 | T1068 | CWE-264 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | High
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
|
|
@ -35,7 +35,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-22 | Pathname Traversal | High
|
||||
2 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
3 | T1068 | CWE-284 | Execution with Unnecessary Privileges | High
|
||||
3 | T1068 | CWE-284 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 2 more TTP items available. Please use our online service to access the data.
|
||||
|
|
|
@ -10,10 +10,10 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [ES](https://vuldb.com/?country.es)
|
||||
* [NL](https://vuldb.com/?country.nl)
|
||||
* ...
|
||||
|
||||
There are 16 more country items available. Please use our online service to access the data.
|
||||
There are 15 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -52,106 +52,110 @@ ID | IP address | Hostname | Campaign | Confidence
|
|||
29 | [23.5.238.97](https://vuldb.com/?ip.23.5.238.97) | a23-5-238-97.deploy.static.akamaitechnologies.com | - | High
|
||||
30 | [23.10.92.253](https://vuldb.com/?ip.23.10.92.253) | a23-10-92-253.deploy.static.akamaitechnologies.com | - | High
|
||||
31 | [23.10.134.216](https://vuldb.com/?ip.23.10.134.216) | a23-10-134-216.deploy.static.akamaitechnologies.com | - | High
|
||||
32 | [23.36.87.113](https://vuldb.com/?ip.23.36.87.113) | a23-36-87-113.deploy.static.akamaitechnologies.com | - | High
|
||||
33 | [23.61.211.155](https://vuldb.com/?ip.23.61.211.155) | a23-61-211-155.deploy.static.akamaitechnologies.com | - | High
|
||||
34 | [23.64.99.87](https://vuldb.com/?ip.23.64.99.87) | a23-64-99-87.deploy.static.akamaitechnologies.com | - | High
|
||||
35 | [23.64.110.75](https://vuldb.com/?ip.23.64.110.75) | a23-64-110-75.deploy.static.akamaitechnologies.com | - | High
|
||||
36 | [23.78.210.51](https://vuldb.com/?ip.23.78.210.51) | a23-78-210-51.deploy.static.akamaitechnologies.com | - | High
|
||||
37 | [23.90.4.6](https://vuldb.com/?ip.23.90.4.6) | dementia.virtual-dope.com | - | High
|
||||
38 | [23.94.5.133](https://vuldb.com/?ip.23.94.5.133) | 23-94-5-133-host.colocrossing.com | - | High
|
||||
39 | [23.160.0.108](https://vuldb.com/?ip.23.160.0.108) | - | - | High
|
||||
40 | [23.216.244.163](https://vuldb.com/?ip.23.216.244.163) | a23-216-244-163.deploy.static.akamaitechnologies.com | - | High
|
||||
41 | [23.218.146.162](https://vuldb.com/?ip.23.218.146.162) | a23-218-146-162.deploy.static.akamaitechnologies.com | - | High
|
||||
42 | [23.239.11.30](https://vuldb.com/?ip.23.239.11.30) | mail.mailinator.com | - | High
|
||||
43 | [31.13.64.174](https://vuldb.com/?ip.31.13.64.174) | instagram-p42-shv-01-amt2.fbcdn.net | - | High
|
||||
44 | [31.13.65.52](https://vuldb.com/?ip.31.13.65.52) | instagram-p3-shv-01-atl3.fbcdn.net | - | High
|
||||
45 | [31.13.65.174](https://vuldb.com/?ip.31.13.65.174) | instagram-p42-shv-01-atl3.fbcdn.net | - | High
|
||||
46 | [31.13.66.174](https://vuldb.com/?ip.31.13.66.174) | instagram-p42-shv-01-iad3.fbcdn.net | - | High
|
||||
47 | [31.13.71.174](https://vuldb.com/?ip.31.13.71.174) | instagram-p42-shv-01-lga3.fbcdn.net | - | High
|
||||
48 | [31.13.93.174](https://vuldb.com/?ip.31.13.93.174) | instagram-p42-shv-02-dfw5.fbcdn.net | - | High
|
||||
49 | [31.31.194.100](https://vuldb.com/?ip.31.31.194.100) | vip89.hosting.reg.ru | - | High
|
||||
50 | [31.41.244.81](https://vuldb.com/?ip.31.41.244.81) | - | - | High
|
||||
51 | [31.41.244.82](https://vuldb.com/?ip.31.41.244.82) | - | - | High
|
||||
52 | [31.41.244.84](https://vuldb.com/?ip.31.41.244.84) | - | - | High
|
||||
53 | [31.41.244.85](https://vuldb.com/?ip.31.41.244.85) | - | - | High
|
||||
54 | [31.41.244.126](https://vuldb.com/?ip.31.41.244.126) | - | - | High
|
||||
55 | [31.41.244.128](https://vuldb.com/?ip.31.41.244.128) | - | - | High
|
||||
56 | [31.41.244.200](https://vuldb.com/?ip.31.41.244.200) | - | - | High
|
||||
57 | [34.98.127.226](https://vuldb.com/?ip.34.98.127.226) | 226.127.98.34.bc.googleusercontent.com | - | Medium
|
||||
58 | [34.205.21.41](https://vuldb.com/?ip.34.205.21.41) | ec2-34-205-21-41.compute-1.amazonaws.com | - | Medium
|
||||
59 | [34.212.80.54](https://vuldb.com/?ip.34.212.80.54) | cxr.mx.a.cloudfilter.net | - | High
|
||||
60 | [34.223.6.127](https://vuldb.com/?ip.34.223.6.127) | ec2-34-223-6-127.us-west-2.compute.amazonaws.com | - | Medium
|
||||
61 | [35.162.106.154](https://vuldb.com/?ip.35.162.106.154) | cxr.mx.a.cloudfilter.net | - | High
|
||||
62 | [35.228.103.145](https://vuldb.com/?ip.35.228.103.145) | 145.103.228.35.bc.googleusercontent.com | - | Medium
|
||||
63 | [37.1.217.172](https://vuldb.com/?ip.37.1.217.172) | - | - | High
|
||||
64 | [37.28.155.134](https://vuldb.com/?ip.37.28.155.134) | vi37-28-155-134.vibiznes.pl | - | High
|
||||
65 | [37.34.248.24](https://vuldb.com/?ip.37.34.248.24) | - | - | High
|
||||
66 | [37.235.1.174](https://vuldb.com/?ip.37.235.1.174) | resolver1.freedns.zone.powered.by.virtexxa.com | - | High
|
||||
67 | [40.76.4.15](https://vuldb.com/?ip.40.76.4.15) | - | - | High
|
||||
68 | [40.93.207.0](https://vuldb.com/?ip.40.93.207.0) | - | - | High
|
||||
69 | [40.93.207.2](https://vuldb.com/?ip.40.93.207.2) | - | - | High
|
||||
70 | [40.93.212.0](https://vuldb.com/?ip.40.93.212.0) | - | - | High
|
||||
71 | [40.97.188.2](https://vuldb.com/?ip.40.97.188.2) | - | - | High
|
||||
72 | [40.112.72.205](https://vuldb.com/?ip.40.112.72.205) | - | - | High
|
||||
73 | [40.113.200.201](https://vuldb.com/?ip.40.113.200.201) | - | - | High
|
||||
74 | [43.231.4.6](https://vuldb.com/?ip.43.231.4.6) | - | - | High
|
||||
75 | [43.231.4.7](https://vuldb.com/?ip.43.231.4.7) | - | - | High
|
||||
76 | [45.8.124.99](https://vuldb.com/?ip.45.8.124.99) | free.gbnhost.com | - | High
|
||||
77 | [45.8.229.39](https://vuldb.com/?ip.45.8.229.39) | - | - | High
|
||||
78 | [45.9.20.178](https://vuldb.com/?ip.45.9.20.178) | - | - | High
|
||||
79 | [45.9.20.187](https://vuldb.com/?ip.45.9.20.187) | - | - | High
|
||||
80 | [45.32.28.232](https://vuldb.com/?ip.45.32.28.232) | - | - | High
|
||||
81 | [45.33.83.75](https://vuldb.com/?ip.45.33.83.75) | li1029-75.members.linode.com | - | High
|
||||
82 | [45.56.117.118](https://vuldb.com/?ip.45.56.117.118) | li935-118.members.linode.com | - | High
|
||||
83 | [45.61.139.224](https://vuldb.com/?ip.45.61.139.224) | - | - | High
|
||||
84 | [45.63.25.55](https://vuldb.com/?ip.45.63.25.55) | 45.63.25.55.vultrusercontent.com | - | High
|
||||
85 | [45.63.99.180](https://vuldb.com/?ip.45.63.99.180) | 45.63.99.180.vultrusercontent.com | - | High
|
||||
86 | [45.90.34.87](https://vuldb.com/?ip.45.90.34.87) | - | - | High
|
||||
87 | [45.90.219.105](https://vuldb.com/?ip.45.90.219.105) | vm1430047.firstbyte.club | - | High
|
||||
88 | [45.93.6.27](https://vuldb.com/?ip.45.93.6.27) | - | - | High
|
||||
89 | [45.140.167.9](https://vuldb.com/?ip.45.140.167.9) | superia.cf | - | High
|
||||
90 | [45.143.137.184](https://vuldb.com/?ip.45.143.137.184) | alex.dubikov.example.com | - | High
|
||||
91 | [45.150.65.4](https://vuldb.com/?ip.45.150.65.4) | vm1085147.stark-industries.solutions | - | High
|
||||
92 | [45.155.204.13](https://vuldb.com/?ip.45.155.204.13) | - | - | High
|
||||
93 | [45.159.189.105](https://vuldb.com/?ip.45.159.189.105) | . | - | High
|
||||
94 | [46.4.52.109](https://vuldb.com/?ip.46.4.52.109) | witntech.dev | - | High
|
||||
95 | [46.28.66.2](https://vuldb.com/?ip.46.28.66.2) | unallocated.layer6.net | - | High
|
||||
96 | [46.173.218.209](https://vuldb.com/?ip.46.173.218.209) | - | - | High
|
||||
97 | [47.43.18.9](https://vuldb.com/?ip.47.43.18.9) | mx0.bresnan.net.msg.chrl.nc.charter.net | - | High
|
||||
98 | [47.43.26.7](https://vuldb.com/?ip.47.43.26.7) | pkvw-mx.msg.pkvw.co.charter.net | - | High
|
||||
99 | [51.81.57.58](https://vuldb.com/?ip.51.81.57.58) | oxsus1lb01p.external.vadesecure.com | - | High
|
||||
100 | [51.81.61.70](https://vuldb.com/?ip.51.81.61.70) | mx01.earthlink-vadesecure.net | - | High
|
||||
101 | [51.158.144.223](https://vuldb.com/?ip.51.158.144.223) | 51-158-144-223.rev.poneytelecom.eu | - | High
|
||||
102 | [51.178.207.67](https://vuldb.com/?ip.51.178.207.67) | host-35d452a2.hostiman.com | - | High
|
||||
103 | [52.11.241.224](https://vuldb.com/?ip.52.11.241.224) | ec2-52-11-241-224.us-west-2.compute.amazonaws.com | - | Medium
|
||||
104 | [52.73.137.222](https://vuldb.com/?ip.52.73.137.222) | cxr.mx.a.cloudfilter.net | - | High
|
||||
105 | [52.101.24.0](https://vuldb.com/?ip.52.101.24.0) | - | - | High
|
||||
106 | [52.101.40.29](https://vuldb.com/?ip.52.101.40.29) | - | - | High
|
||||
107 | [52.180.174.216](https://vuldb.com/?ip.52.180.174.216) | - | - | High
|
||||
108 | [52.223.241.7](https://vuldb.com/?ip.52.223.241.7) | - | - | High
|
||||
109 | [54.38.220.85](https://vuldb.com/?ip.54.38.220.85) | ns1.emailverification.info | - | High
|
||||
110 | [54.184.154.83](https://vuldb.com/?ip.54.184.154.83) | ec2-54-184-154-83.us-west-2.compute.amazonaws.com | - | Medium
|
||||
111 | [58.235.189.192](https://vuldb.com/?ip.58.235.189.192) | - | - | High
|
||||
112 | [62.42.230.22](https://vuldb.com/?ip.62.42.230.22) | 62.42.230.22.static.user.ono.com | - | High
|
||||
113 | [62.141.42.208](https://vuldb.com/?ip.62.141.42.208) | srv21237.dus4.fastwebserver.de | - | High
|
||||
114 | [62.204.41.45](https://vuldb.com/?ip.62.204.41.45) | - | - | High
|
||||
115 | [62.204.41.46](https://vuldb.com/?ip.62.204.41.46) | - | - | High
|
||||
116 | [62.204.41.48](https://vuldb.com/?ip.62.204.41.48) | - | - | High
|
||||
117 | [62.204.41.50](https://vuldb.com/?ip.62.204.41.50) | - | - | High
|
||||
118 | [62.204.41.210](https://vuldb.com/?ip.62.204.41.210) | - | - | High
|
||||
119 | [62.204.41.212](https://vuldb.com/?ip.62.204.41.212) | - | - | High
|
||||
120 | [62.211.72.32](https://vuldb.com/?ip.62.211.72.32) | mx.tin.it | - | High
|
||||
121 | [63.240.178.216](https://vuldb.com/?ip.63.240.178.216) | - | - | High
|
||||
122 | [64.8.71.111](https://vuldb.com/?ip.64.8.71.111) | mx.wowway.com | - | High
|
||||
123 | [64.88.254.180](https://vuldb.com/?ip.64.88.254.180) | - | - | High
|
||||
124 | [64.98.36.4](https://vuldb.com/?ip.64.98.36.4) | mx.b.hostedemail.com | - | High
|
||||
125 | [64.136.44.37](https://vuldb.com/?ip.64.136.44.37) | mx.dca.untd.com | - | High
|
||||
126 | [64.136.52.37](https://vuldb.com/?ip.64.136.52.37) | mx.vgs.untd.com | - | High
|
||||
127 | [64.233.184.26](https://vuldb.com/?ip.64.233.184.26) | wa-in-f26.1e100.net | - | High
|
||||
128 | [64.233.186.26](https://vuldb.com/?ip.64.233.186.26) | cb-in-f26.1e100.net | - | High
|
||||
129 | ... | ... | ... | ...
|
||||
32 | [23.15.9.58](https://vuldb.com/?ip.23.15.9.58) | a23-15-9-58.deploy.static.akamaitechnologies.com | - | High
|
||||
33 | [23.36.87.113](https://vuldb.com/?ip.23.36.87.113) | a23-36-87-113.deploy.static.akamaitechnologies.com | - | High
|
||||
34 | [23.61.211.155](https://vuldb.com/?ip.23.61.211.155) | a23-61-211-155.deploy.static.akamaitechnologies.com | - | High
|
||||
35 | [23.64.99.87](https://vuldb.com/?ip.23.64.99.87) | a23-64-99-87.deploy.static.akamaitechnologies.com | - | High
|
||||
36 | [23.64.110.75](https://vuldb.com/?ip.23.64.110.75) | a23-64-110-75.deploy.static.akamaitechnologies.com | - | High
|
||||
37 | [23.78.210.51](https://vuldb.com/?ip.23.78.210.51) | a23-78-210-51.deploy.static.akamaitechnologies.com | - | High
|
||||
38 | [23.90.4.6](https://vuldb.com/?ip.23.90.4.6) | dementia.virtual-dope.com | - | High
|
||||
39 | [23.94.5.133](https://vuldb.com/?ip.23.94.5.133) | 23-94-5-133-host.colocrossing.com | - | High
|
||||
40 | [23.160.0.108](https://vuldb.com/?ip.23.160.0.108) | - | - | High
|
||||
41 | [23.216.244.163](https://vuldb.com/?ip.23.216.244.163) | a23-216-244-163.deploy.static.akamaitechnologies.com | - | High
|
||||
42 | [23.218.146.162](https://vuldb.com/?ip.23.218.146.162) | a23-218-146-162.deploy.static.akamaitechnologies.com | - | High
|
||||
43 | [23.239.11.30](https://vuldb.com/?ip.23.239.11.30) | mail.mailinator.com | - | High
|
||||
44 | [31.13.64.174](https://vuldb.com/?ip.31.13.64.174) | instagram-p42-shv-01-amt2.fbcdn.net | - | High
|
||||
45 | [31.13.65.52](https://vuldb.com/?ip.31.13.65.52) | instagram-p3-shv-01-atl3.fbcdn.net | - | High
|
||||
46 | [31.13.65.174](https://vuldb.com/?ip.31.13.65.174) | instagram-p42-shv-01-atl3.fbcdn.net | - | High
|
||||
47 | [31.13.66.174](https://vuldb.com/?ip.31.13.66.174) | instagram-p42-shv-01-iad3.fbcdn.net | - | High
|
||||
48 | [31.13.71.174](https://vuldb.com/?ip.31.13.71.174) | instagram-p42-shv-01-lga3.fbcdn.net | - | High
|
||||
49 | [31.13.93.174](https://vuldb.com/?ip.31.13.93.174) | instagram-p42-shv-02-dfw5.fbcdn.net | - | High
|
||||
50 | [31.31.194.100](https://vuldb.com/?ip.31.31.194.100) | vip89.hosting.reg.ru | - | High
|
||||
51 | [31.41.244.81](https://vuldb.com/?ip.31.41.244.81) | - | - | High
|
||||
52 | [31.41.244.82](https://vuldb.com/?ip.31.41.244.82) | - | - | High
|
||||
53 | [31.41.244.84](https://vuldb.com/?ip.31.41.244.84) | - | - | High
|
||||
54 | [31.41.244.85](https://vuldb.com/?ip.31.41.244.85) | - | - | High
|
||||
55 | [31.41.244.126](https://vuldb.com/?ip.31.41.244.126) | - | - | High
|
||||
56 | [31.41.244.128](https://vuldb.com/?ip.31.41.244.128) | - | - | High
|
||||
57 | [31.41.244.200](https://vuldb.com/?ip.31.41.244.200) | - | - | High
|
||||
58 | [34.98.127.226](https://vuldb.com/?ip.34.98.127.226) | 226.127.98.34.bc.googleusercontent.com | - | Medium
|
||||
59 | [34.205.21.41](https://vuldb.com/?ip.34.205.21.41) | ec2-34-205-21-41.compute-1.amazonaws.com | - | Medium
|
||||
60 | [34.212.80.54](https://vuldb.com/?ip.34.212.80.54) | cxr.mx.a.cloudfilter.net | - | High
|
||||
61 | [34.223.6.127](https://vuldb.com/?ip.34.223.6.127) | ec2-34-223-6-127.us-west-2.compute.amazonaws.com | - | Medium
|
||||
62 | [35.162.106.154](https://vuldb.com/?ip.35.162.106.154) | cxr.mx.a.cloudfilter.net | - | High
|
||||
63 | [35.228.103.145](https://vuldb.com/?ip.35.228.103.145) | 145.103.228.35.bc.googleusercontent.com | - | Medium
|
||||
64 | [37.1.217.172](https://vuldb.com/?ip.37.1.217.172) | - | - | High
|
||||
65 | [37.28.155.134](https://vuldb.com/?ip.37.28.155.134) | vi37-28-155-134.vibiznes.pl | - | High
|
||||
66 | [37.34.248.24](https://vuldb.com/?ip.37.34.248.24) | - | - | High
|
||||
67 | [37.235.1.174](https://vuldb.com/?ip.37.235.1.174) | resolver1.freedns.zone.powered.by.virtexxa.com | - | High
|
||||
68 | [40.76.4.15](https://vuldb.com/?ip.40.76.4.15) | - | - | High
|
||||
69 | [40.93.207.0](https://vuldb.com/?ip.40.93.207.0) | - | - | High
|
||||
70 | [40.93.207.2](https://vuldb.com/?ip.40.93.207.2) | - | - | High
|
||||
71 | [40.93.207.7](https://vuldb.com/?ip.40.93.207.7) | - | - | High
|
||||
72 | [40.93.212.0](https://vuldb.com/?ip.40.93.212.0) | - | - | High
|
||||
73 | [40.97.188.2](https://vuldb.com/?ip.40.97.188.2) | - | - | High
|
||||
74 | [40.112.72.205](https://vuldb.com/?ip.40.112.72.205) | - | - | High
|
||||
75 | [40.113.200.201](https://vuldb.com/?ip.40.113.200.201) | - | - | High
|
||||
76 | [43.231.4.6](https://vuldb.com/?ip.43.231.4.6) | - | - | High
|
||||
77 | [43.231.4.7](https://vuldb.com/?ip.43.231.4.7) | - | - | High
|
||||
78 | [45.8.124.99](https://vuldb.com/?ip.45.8.124.99) | free.gbnhost.com | - | High
|
||||
79 | [45.8.229.39](https://vuldb.com/?ip.45.8.229.39) | - | - | High
|
||||
80 | [45.9.20.178](https://vuldb.com/?ip.45.9.20.178) | - | - | High
|
||||
81 | [45.9.20.187](https://vuldb.com/?ip.45.9.20.187) | - | - | High
|
||||
82 | [45.32.28.232](https://vuldb.com/?ip.45.32.28.232) | - | - | High
|
||||
83 | [45.33.83.75](https://vuldb.com/?ip.45.33.83.75) | li1029-75.members.linode.com | - | High
|
||||
84 | [45.56.117.118](https://vuldb.com/?ip.45.56.117.118) | li935-118.members.linode.com | - | High
|
||||
85 | [45.61.139.224](https://vuldb.com/?ip.45.61.139.224) | - | - | High
|
||||
86 | [45.63.25.55](https://vuldb.com/?ip.45.63.25.55) | 45.63.25.55.vultrusercontent.com | - | High
|
||||
87 | [45.63.99.180](https://vuldb.com/?ip.45.63.99.180) | 45.63.99.180.vultrusercontent.com | - | High
|
||||
88 | [45.90.34.87](https://vuldb.com/?ip.45.90.34.87) | - | - | High
|
||||
89 | [45.90.219.105](https://vuldb.com/?ip.45.90.219.105) | vm1430047.firstbyte.club | - | High
|
||||
90 | [45.93.6.27](https://vuldb.com/?ip.45.93.6.27) | - | - | High
|
||||
91 | [45.140.167.9](https://vuldb.com/?ip.45.140.167.9) | superia.cf | - | High
|
||||
92 | [45.143.137.184](https://vuldb.com/?ip.45.143.137.184) | alex.dubikov.example.com | - | High
|
||||
93 | [45.150.65.4](https://vuldb.com/?ip.45.150.65.4) | vm1085147.stark-industries.solutions | - | High
|
||||
94 | [45.155.204.13](https://vuldb.com/?ip.45.155.204.13) | - | - | High
|
||||
95 | [45.159.189.105](https://vuldb.com/?ip.45.159.189.105) | . | - | High
|
||||
96 | [46.4.52.109](https://vuldb.com/?ip.46.4.52.109) | witntech.dev | - | High
|
||||
97 | [46.28.66.2](https://vuldb.com/?ip.46.28.66.2) | unallocated.layer6.net | - | High
|
||||
98 | [46.173.218.209](https://vuldb.com/?ip.46.173.218.209) | - | - | High
|
||||
99 | [47.43.18.9](https://vuldb.com/?ip.47.43.18.9) | mx0.bresnan.net.msg.chrl.nc.charter.net | - | High
|
||||
100 | [47.43.26.7](https://vuldb.com/?ip.47.43.26.7) | pkvw-mx.msg.pkvw.co.charter.net | - | High
|
||||
101 | [51.81.57.58](https://vuldb.com/?ip.51.81.57.58) | oxsus1lb01p.external.vadesecure.com | - | High
|
||||
102 | [51.81.61.70](https://vuldb.com/?ip.51.81.61.70) | mx01.earthlink-vadesecure.net | - | High
|
||||
103 | [51.158.144.223](https://vuldb.com/?ip.51.158.144.223) | 51-158-144-223.rev.poneytelecom.eu | - | High
|
||||
104 | [51.178.207.67](https://vuldb.com/?ip.51.178.207.67) | host-35d452a2.hostiman.com | - | High
|
||||
105 | [52.11.241.224](https://vuldb.com/?ip.52.11.241.224) | ec2-52-11-241-224.us-west-2.compute.amazonaws.com | - | Medium
|
||||
106 | [52.73.137.222](https://vuldb.com/?ip.52.73.137.222) | cxr.mx.a.cloudfilter.net | - | High
|
||||
107 | [52.101.24.0](https://vuldb.com/?ip.52.101.24.0) | - | - | High
|
||||
108 | [52.101.40.29](https://vuldb.com/?ip.52.101.40.29) | - | - | High
|
||||
109 | [52.180.174.216](https://vuldb.com/?ip.52.180.174.216) | - | - | High
|
||||
110 | [52.223.241.7](https://vuldb.com/?ip.52.223.241.7) | - | - | High
|
||||
111 | [54.38.220.85](https://vuldb.com/?ip.54.38.220.85) | ns1.emailverification.info | - | High
|
||||
112 | [54.184.154.83](https://vuldb.com/?ip.54.184.154.83) | ec2-54-184-154-83.us-west-2.compute.amazonaws.com | - | Medium
|
||||
113 | [58.235.189.192](https://vuldb.com/?ip.58.235.189.192) | - | - | High
|
||||
114 | [62.42.230.22](https://vuldb.com/?ip.62.42.230.22) | 62.42.230.22.static.user.ono.com | - | High
|
||||
115 | [62.141.42.208](https://vuldb.com/?ip.62.141.42.208) | srv21237.dus4.fastwebserver.de | - | High
|
||||
116 | [62.204.41.45](https://vuldb.com/?ip.62.204.41.45) | - | - | High
|
||||
117 | [62.204.41.46](https://vuldb.com/?ip.62.204.41.46) | - | - | High
|
||||
118 | [62.204.41.48](https://vuldb.com/?ip.62.204.41.48) | - | - | High
|
||||
119 | [62.204.41.50](https://vuldb.com/?ip.62.204.41.50) | - | - | High
|
||||
120 | [62.204.41.210](https://vuldb.com/?ip.62.204.41.210) | - | - | High
|
||||
121 | [62.204.41.212](https://vuldb.com/?ip.62.204.41.212) | - | - | High
|
||||
122 | [62.211.72.32](https://vuldb.com/?ip.62.211.72.32) | mx.tin.it | - | High
|
||||
123 | [63.240.178.216](https://vuldb.com/?ip.63.240.178.216) | - | - | High
|
||||
124 | [64.8.71.111](https://vuldb.com/?ip.64.8.71.111) | mx.wowway.com | - | High
|
||||
125 | [64.88.254.180](https://vuldb.com/?ip.64.88.254.180) | - | - | High
|
||||
126 | [64.98.36.4](https://vuldb.com/?ip.64.98.36.4) | mx.b.hostedemail.com | - | High
|
||||
127 | [64.136.44.37](https://vuldb.com/?ip.64.136.44.37) | mx.dca.untd.com | - | High
|
||||
128 | [64.136.52.37](https://vuldb.com/?ip.64.136.52.37) | mx.vgs.untd.com | - | High
|
||||
129 | [64.233.184.26](https://vuldb.com/?ip.64.233.184.26) | wa-in-f26.1e100.net | - | High
|
||||
130 | [64.233.186.26](https://vuldb.com/?ip.64.233.186.26) | cb-in-f26.1e100.net | - | High
|
||||
131 | [64.233.186.27](https://vuldb.com/?ip.64.233.186.27) | cb-in-f27.1e100.net | - | High
|
||||
132 | [65.9.117.69](https://vuldb.com/?ip.65.9.117.69) | server-65-9-117-69.qro50.r.cloudfront.net | - | High
|
||||
133 | ... | ... | ... | ...
|
||||
|
||||
There are 512 more IOC items available. Please use our online service to access the data.
|
||||
There are 527 more IOC items available. Please use our online service to access the data.
|
||||
|
||||
## TTP - Tactics, Techniques, Procedures
|
||||
|
||||
|
@ -163,9 +167,10 @@ ID | Technique | Weakness | Description | Confidence
|
|||
2 | T1040 | CWE-294, CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
|
||||
5 | ... | ... | ... | ...
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 18 more TTP items available. Please use our online service to access the data.
|
||||
There are 20 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -173,47 +178,53 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/about.php` | Medium
|
||||
2 | File | `/admin.php/accessory/filesdel.html` | High
|
||||
3 | File | `/admin/?page=user/manage` | High
|
||||
4 | File | `/admin/add-new.php` | High
|
||||
5 | File | `/admin/doctors.php` | High
|
||||
6 | File | `/admin/submit-articles` | High
|
||||
7 | File | `/ad_js.php` | Medium
|
||||
8 | File | `/alphaware/summary.php` | High
|
||||
9 | File | `/api/` | Low
|
||||
10 | File | `/api/admin/store/product/list` | High
|
||||
11 | File | `/api/RecordingList/DownloadRecord?file=` | High
|
||||
12 | File | `/app/options.py` | High
|
||||
13 | File | `/apply.cgi` | Medium
|
||||
14 | File | `/attachments` | Medium
|
||||
15 | File | `/boat/login.php` | High
|
||||
16 | File | `/bsms_ci/index.php/book` | High
|
||||
17 | File | `/cgi-bin/luci/api/wireless` | High
|
||||
18 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
19 | File | `/context/%2e/WEB-INF/web.xml` | High
|
||||
20 | File | `/dashboard/reports/logs/view` | High
|
||||
21 | File | `/debian/patches/load_ppp_generic_if_needed` | High
|
||||
22 | File | `/debug/pprof` | Medium
|
||||
23 | File | `/etc/hosts` | Medium
|
||||
24 | File | `/etc/passwd` | Medium
|
||||
25 | File | `/forum/away.php` | High
|
||||
26 | File | `/goform/setmac` | High
|
||||
27 | File | `/goform/SysToolChangePwd` | High
|
||||
28 | File | `/goform/wizard_end` | High
|
||||
29 | File | `/manage-apartment.php` | High
|
||||
30 | File | `/medicines/profile.php` | High
|
||||
31 | File | `/modules/caddyhttp/rewrite/rewrite.go` | High
|
||||
32 | File | `/pages/apply_vacancy.php` | High
|
||||
33 | File | `/pages/processlogin.php` | High
|
||||
34 | File | `/proc/<PID>/mem` | High
|
||||
35 | File | `/proxy` | Low
|
||||
36 | File | `/reservation/add_message.php` | High
|
||||
37 | File | `/spip.php` | Medium
|
||||
38 | File | `/tmp` | Low
|
||||
39 | ... | ... | ...
|
||||
1 | File | `//proc/kcore` | Medium
|
||||
2 | File | `/about.php` | Medium
|
||||
3 | File | `/admin.php/accessory/filesdel.html` | High
|
||||
4 | File | `/admin.php/Admin/adminadd.html` | High
|
||||
5 | File | `/admin/?page=user/manage` | High
|
||||
6 | File | `/admin/add-new.php` | High
|
||||
7 | File | `/Admin/add-student.php` | High
|
||||
8 | File | `/admin/departments/view_department.php` | High
|
||||
9 | File | `/admin/doctors.php` | High
|
||||
10 | File | `/admin/settings/save.php` | High
|
||||
11 | File | `/admin/submit-articles` | High
|
||||
12 | File | `/admin/userprofile.php` | High
|
||||
13 | File | `/alphaware/summary.php` | High
|
||||
14 | File | `/api/` | Low
|
||||
15 | File | `/api/admin/store/product/list` | High
|
||||
16 | File | `/api/RecordingList/DownloadRecord?file=` | High
|
||||
17 | File | `/api/v2/cli/commands` | High
|
||||
18 | File | `/apply.cgi` | Medium
|
||||
19 | File | `/attachments` | Medium
|
||||
20 | File | `/boat/login.php` | High
|
||||
21 | File | `/bsms_ci/index.php/book` | High
|
||||
22 | File | `/cgi-bin/luci/api/wireless` | High
|
||||
23 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
24 | File | `/College/admin/teacher.php` | High
|
||||
25 | File | `/context/%2e/WEB-INF/web.xml` | High
|
||||
26 | File | `/Controls/Generic/EBMK/Handlers/EStatements/DownloadEStatement.ashx` | High
|
||||
27 | File | `/cwc/login` | Medium
|
||||
28 | File | `/debug/pprof` | Medium
|
||||
29 | File | `/etc/hosts` | Medium
|
||||
30 | File | `/etc/passwd` | Medium
|
||||
31 | File | `/forum/away.php` | High
|
||||
32 | File | `/goform/addUserName` | High
|
||||
33 | File | `/goform/aspForm` | High
|
||||
34 | File | `/goform/delAd` | High
|
||||
35 | File | `/goform/setmac` | High
|
||||
36 | File | `/goform/SysToolChangePwd` | High
|
||||
37 | File | `/goform/wifiSSIDset` | High
|
||||
38 | File | `/goform/wizard_end` | High
|
||||
39 | File | `/gpac/src/bifs/unquantize.c` | High
|
||||
40 | File | `/inc/topBarNav.php` | High
|
||||
41 | File | `/index.asp` | Medium
|
||||
42 | File | `/medicines/profile.php` | High
|
||||
43 | File | `/modules/caddyhttp/rewrite/rewrite.go` | High
|
||||
44 | File | `/Moosikay/order.php` | High
|
||||
45 | ... | ... | ...
|
||||
|
||||
There are 331 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 394 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
@ -303,6 +314,9 @@ The following list contains _external sources_ which discuss the actor and the a
|
|||
* https://blog.talosintelligence.com/threat-roundup-0310-0317/
|
||||
* https://blog.talosintelligence.com/threat-roundup-0317-0324/
|
||||
* https://blog.talosintelligence.com/threat-roundup-0324-0331-2/
|
||||
* https://blog.talosintelligence.com/threat-roundup-0414-0421-3/
|
||||
* https://blog.talosintelligence.com/threat-roundup-0421-0428-2/
|
||||
* https://blog.talosintelligence.com/threat-roundup-0428-0505/
|
||||
* https://blog.talosintelligence.com/threat-roundup-1021-1028-2/
|
||||
* https://blog.talosintelligence.com/threat-roundup-1202-1209/
|
||||
* https://blog.talosintelligence.com/threat-roundup-feb-24-march-3-2023/
|
||||
|
|
|
@ -20,7 +20,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [US](https://vuldb.com/?country.us)
|
||||
* ...
|
||||
|
||||
There are 11 more country items available. Please use our online service to access the data.
|
||||
There are 10 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -310,14 +310,14 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-28, CWE-36 | Pathname Traversal | High
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-36, CWE-425 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-294, CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 19 more TTP items available. Please use our online service to access the data.
|
||||
There are 20 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -330,47 +330,53 @@ ID | Type | Indicator | Confidence
|
|||
3 | File | `/admin/?page=user/manage` | High
|
||||
4 | File | `/admin/add-new.php` | High
|
||||
5 | File | `/admin/assign/assign.php` | High
|
||||
6 | File | `/admin/conferences/list/` | High
|
||||
7 | File | `/admin/doctors.php` | High
|
||||
8 | File | `/admin/login.php` | High
|
||||
9 | File | `/admin/maintenance/manage_category.php` | High
|
||||
10 | File | `/admin/maintenance/view_designation.php` | High
|
||||
11 | File | `/admin/mechanics/manage_mechanic.php` | High
|
||||
12 | File | `/admin/offenses/view_details.php` | High
|
||||
13 | File | `/admin/report/index.php` | High
|
||||
14 | File | `/admin/reports/index.php` | High
|
||||
15 | File | `/admin/service_requests/manage_inventory.php` | High
|
||||
16 | File | `/admin/suppliers/view_details.php` | High
|
||||
17 | File | `/admin/userprofile.php` | High
|
||||
18 | File | `/alphaware/summary.php` | High
|
||||
19 | File | `/api/` | Low
|
||||
20 | File | `/api/admin/store/product/list` | High
|
||||
21 | File | `/api/admin/system/store/order/list` | High
|
||||
22 | File | `/apply.cgi` | Medium
|
||||
23 | File | `/attachments` | Medium
|
||||
24 | File | `/billing/home.php` | High
|
||||
25 | File | `/boat/login.php` | High
|
||||
26 | File | `/bsms_ci/index.php/book` | High
|
||||
27 | File | `/cbpos/` | Low
|
||||
28 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
29 | File | `/classes/Login.php` | High
|
||||
30 | File | `/classes/Master.php` | High
|
||||
31 | File | `/classes/Users.php` | High
|
||||
32 | File | `/classes/Users.phpp` | High
|
||||
33 | File | `/debug/pprof` | Medium
|
||||
34 | File | `/DXR.axd` | Medium
|
||||
35 | File | `/etc/hosts` | Medium
|
||||
36 | File | `/etc/quagga` | Medium
|
||||
37 | File | `/forum/away.php` | High
|
||||
38 | File | `/goform/fast_setting_wifi_set` | High
|
||||
39 | File | `/goform/setMacFilterCfg` | High
|
||||
40 | File | `/hardware` | Medium
|
||||
41 | File | `/horde/util/go.php` | High
|
||||
42 | File | `/inc/topBarNav.php` | High
|
||||
43 | File | `/kruxton/sales_report.php` | High
|
||||
44 | ... | ... | ...
|
||||
6 | File | `/admin/bookings/manage_booking.php` | High
|
||||
7 | File | `/admin/bookings/view_booking.php` | High
|
||||
8 | File | `/admin/bookings/view_details.php` | High
|
||||
9 | File | `/admin/doctors.php` | High
|
||||
10 | File | `/admin/inquiries/view_inquiry.php` | High
|
||||
11 | File | `/admin/login.php` | High
|
||||
12 | File | `/admin/maintenance/manage_category.php` | High
|
||||
13 | File | `/admin/maintenance/view_designation.php` | High
|
||||
14 | File | `/admin/mechanics/manage_mechanic.php` | High
|
||||
15 | File | `/admin/offenses/view_details.php` | High
|
||||
16 | File | `/admin/orders/update_status.php` | High
|
||||
17 | File | `/admin/products/manage_product.php` | High
|
||||
18 | File | `/admin/products/view_product.php` | High
|
||||
19 | File | `/admin/reminders/manage_reminder.php` | High
|
||||
20 | File | `/admin/report/index.php` | High
|
||||
21 | File | `/admin/reports/index.php` | High
|
||||
22 | File | `/admin/sales/manage_sale.php` | High
|
||||
23 | File | `/admin/services/view_service.php` | High
|
||||
24 | File | `/admin/service_requests/manage_inventory.php` | High
|
||||
25 | File | `/admin/suppliers/view_details.php` | High
|
||||
26 | File | `/admin/user/manage_user.php` | High
|
||||
27 | File | `/admin/userprofile.php` | High
|
||||
28 | File | `/alphaware/summary.php` | High
|
||||
29 | File | `/api/` | Low
|
||||
30 | File | `/api/admin/store/product/list` | High
|
||||
31 | File | `/api/admin/system/store/order/list` | High
|
||||
32 | File | `/api/v2/cli/commands` | High
|
||||
33 | File | `/apply.cgi` | Medium
|
||||
34 | File | `/billing/home.php` | High
|
||||
35 | File | `/boat/login.php` | High
|
||||
36 | File | `/bsms_ci/index.php/book` | High
|
||||
37 | File | `/cbpos/` | Low
|
||||
38 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
39 | File | `/classes/Login.php` | High
|
||||
40 | File | `/classes/Master.php` | High
|
||||
41 | File | `/classes/Master.php?f=save_course` | High
|
||||
42 | File | `/classes/Users.php` | High
|
||||
43 | File | `/classes/Users.phpp` | High
|
||||
44 | File | `/debug/pprof` | Medium
|
||||
45 | File | `/DXR.axd` | Medium
|
||||
46 | File | `/forms/doLogin` | High
|
||||
47 | File | `/forum/away.php` | High
|
||||
48 | File | `/horde/util/go.php` | High
|
||||
49 | File | `/inc/topBarNav.php` | High
|
||||
50 | ... | ... | ...
|
||||
|
||||
There are 383 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 430 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -20,7 +20,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [US](https://vuldb.com/?country.us)
|
||||
* ...
|
||||
|
||||
There are 11 more country items available. Please use our online service to access the data.
|
||||
There are 12 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -60,7 +60,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
5 | ... | ... | ... | ...
|
||||
|
||||
There are 14 more TTP items available. Please use our online service to access the data.
|
||||
There are 16 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -83,12 +83,12 @@ ID | Type | Indicator | Confidence
|
|||
13 | File | `/getcfg.php` | Medium
|
||||
14 | File | `/includes/rrdtool.inc.php` | High
|
||||
15 | File | `/onvif/device_service` | High
|
||||
16 | File | `/SSOPOST/metaAlias/%realm%/idpv2` | High
|
||||
17 | File | `/uncpath/` | Medium
|
||||
18 | File | `ActiveMediaServer.exe` | High
|
||||
16 | File | `/php-sms/admin/?page=user/manage_user` | High
|
||||
17 | File | `/SSOPOST/metaAlias/%realm%/idpv2` | High
|
||||
18 | File | `/uncpath/` | Medium
|
||||
19 | ... | ... | ...
|
||||
|
||||
There are 151 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 154 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue