Update April 2023
This commit is contained in:
parent
97f76b17a8
commit
86c2daab23
|
@ -111,9 +111,10 @@ ID | Type | Indicator | Confidence
|
|||
60 | File | `admin/admin.php?action=users&mode=info&user=2` | High
|
||||
61 | File | `admin/admin/adminsave.html` | High
|
||||
62 | File | `admin/conf_users_edit.php` | High
|
||||
63 | ... | ... | ...
|
||||
63 | File | `admin/disapprove_user.php` | High
|
||||
64 | ... | ... | ...
|
||||
|
||||
There are 555 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 557 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -76,33 +76,33 @@ ID | Type | Indicator | Confidence
|
|||
13 | File | `/opt/zimbra/jetty/webapps/zimbra/public` | High
|
||||
14 | File | `/oscommerce/admin/currencies.php` | High
|
||||
15 | File | `/proc/pid/syscall` | High
|
||||
16 | File | `/rapi/read_url` | High
|
||||
17 | File | `/rom-0` | Low
|
||||
18 | File | `/session/list/allActiveSession` | High
|
||||
19 | File | `/SysInfo.htm` | Medium
|
||||
20 | File | `/syslog_rules` | High
|
||||
21 | File | `/uncpath/` | Medium
|
||||
22 | File | `/upload` | Low
|
||||
23 | File | `/users/{id}` | Medium
|
||||
24 | File | `/var/tmp/sess_*` | High
|
||||
25 | File | `/var/WEB-GUI/cgi-bin/telnet.cgi` | High
|
||||
26 | File | `/video` | Low
|
||||
27 | File | `actionphp/download.File.php` | High
|
||||
28 | File | `ActivityManagerService.java` | High
|
||||
29 | File | `adaptmap_reg.c` | High
|
||||
30 | File | `add_comment.php` | High
|
||||
31 | File | `admin.cgi` | Medium
|
||||
32 | File | `admin.php` | Medium
|
||||
33 | File | `admin.php?action=files` | High
|
||||
34 | File | `admin/admin.php` | High
|
||||
35 | File | `admin/content.php` | High
|
||||
36 | File | `admin/index.php?id=users/action=edit/user_id=1` | High
|
||||
37 | File | `admin/modules/master_file/rda_cmc.php?keywords` | High
|
||||
38 | File | `admin_gallery.php3` | High
|
||||
39 | File | `affich.php` | Medium
|
||||
16 | File | `/public/launchNewWindow.jsp` | High
|
||||
17 | File | `/rapi/read_url` | High
|
||||
18 | File | `/rom-0` | Low
|
||||
19 | File | `/session/list/allActiveSession` | High
|
||||
20 | File | `/SysInfo.htm` | Medium
|
||||
21 | File | `/syslog_rules` | High
|
||||
22 | File | `/uncpath/` | Medium
|
||||
23 | File | `/upload` | Low
|
||||
24 | File | `/users/{id}` | Medium
|
||||
25 | File | `/var/tmp/sess_*` | High
|
||||
26 | File | `/var/WEB-GUI/cgi-bin/telnet.cgi` | High
|
||||
27 | File | `/video` | Low
|
||||
28 | File | `actionphp/download.File.php` | High
|
||||
29 | File | `ActivityManagerService.java` | High
|
||||
30 | File | `adaptmap_reg.c` | High
|
||||
31 | File | `add_comment.php` | High
|
||||
32 | File | `admin.cgi` | Medium
|
||||
33 | File | `admin.php` | Medium
|
||||
34 | File | `admin.php?action=files` | High
|
||||
35 | File | `admin/admin.php` | High
|
||||
36 | File | `admin/content.php` | High
|
||||
37 | File | `admin/index.php?id=users/action=edit/user_id=1` | High
|
||||
38 | File | `admin/modules/master_file/rda_cmc.php?keywords` | High
|
||||
39 | File | `admin_gallery.php3` | High
|
||||
40 | ... | ... | ...
|
||||
|
||||
There are 348 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 349 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -67,9 +67,10 @@ ID | Type | Indicator | Confidence
|
|||
11 | File | `/requests.php` | High
|
||||
12 | File | `/server-status` | High
|
||||
13 | File | `/uncpath/` | Medium
|
||||
14 | ... | ... | ...
|
||||
14 | File | `/var/log/nginx` | High
|
||||
15 | ... | ... | ...
|
||||
|
||||
There are 115 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 116 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -65,7 +65,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
2 | T1055 | CWE-74 | Injection | High
|
||||
3 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
|
||||
4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
5 | T1068 | CWE-264, CWE-267, CWE-269, CWE-270, CWE-271, CWE-284 | Execution with Unnecessary Privileges | High
|
||||
5 | T1068 | CWE-250, CWE-264, CWE-267, CWE-269, CWE-270, CWE-271, CWE-284 | Execution with Unnecessary Privileges | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 21 more TTP items available. Please use our online service to access the data.
|
||||
|
@ -123,7 +123,7 @@ ID | Type | Indicator | Confidence
|
|||
45 | File | `/WEB-INF/web.xml` | High
|
||||
46 | ... | ... | ...
|
||||
|
||||
There are 395 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 396 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -62,7 +62,7 @@ ID | Type | Indicator | Confidence
|
|||
12 | File | `adclick.php` | Medium
|
||||
13 | ... | ... | ...
|
||||
|
||||
There are 98 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 99 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -59,9 +59,9 @@ ID | Type | Indicator | Confidence
|
|||
-- | ---- | --------- | ----------
|
||||
1 | File | `/+CSCOE+/logon.html` | High
|
||||
2 | File | `/.ssh/authorized_keys` | High
|
||||
3 | File | `/admin/default.asp` | High
|
||||
4 | File | `/administrator/components/table_manager/` | High
|
||||
5 | File | `/ajax/networking/get_netcfg.php` | High
|
||||
3 | File | `/administrator/components/table_manager/` | High
|
||||
4 | File | `/ajax/networking/get_netcfg.php` | High
|
||||
5 | File | `/api/gen/clients/{language}` | High
|
||||
6 | File | `/app/options.py` | High
|
||||
7 | File | `/bin/httpd` | Medium
|
||||
8 | File | `/cgi-bin/wapopen` | High
|
||||
|
@ -99,14 +99,13 @@ ID | Type | Indicator | Confidence
|
|||
40 | File | `/s/` | Low
|
||||
41 | File | `/scripts/cpan_config` | High
|
||||
42 | File | `/secure/admin/InsightDefaultCustomFieldConfig.jspa` | High
|
||||
43 | File | `/services/system/setup.json` | High
|
||||
44 | File | `/spip.php` | Medium
|
||||
43 | File | `/spip.php` | Medium
|
||||
44 | File | `/squashfs-root/www/HNAP1/control/SetMasterWLanSettings.php` | High
|
||||
45 | File | `/sys/dict/queryTableData` | High
|
||||
46 | File | `/tmp` | Low
|
||||
47 | File | `/uncpath/` | Medium
|
||||
48 | ... | ... | ...
|
||||
47 | ... | ... | ...
|
||||
|
||||
There are 419 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 410 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -9,8 +9,8 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
|
|||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Bahamas Unknown:
|
||||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [RU](https://vuldb.com/?country.ru)
|
||||
* [ES](https://vuldb.com/?country.es)
|
||||
* [AR](https://vuldb.com/?country.ar)
|
||||
* ...
|
||||
|
||||
There are 17 more country items available. Please use our online service to access the data.
|
||||
|
@ -92,9 +92,10 @@ ID | Type | Indicator | Confidence
|
|||
28 | File | `/php-fusion/infusions/shoutbox_panel/shoutbox_archive.php` | High
|
||||
29 | File | `/preauth` | Medium
|
||||
30 | File | `/presale/join` | High
|
||||
31 | ... | ... | ...
|
||||
31 | File | `/public/launchNewWindow.jsp` | High
|
||||
32 | ... | ... | ...
|
||||
|
||||
There are 260 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 275 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -69,64 +69,68 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/+CSCOE+/logon.html` | High
|
||||
2 | File | `/addnews.html` | High
|
||||
3 | File | `/admin/admin.php` | High
|
||||
2 | File | `/admin/admin.php` | High
|
||||
3 | File | `/admin/user/manage_user.php` | High
|
||||
4 | File | `/api/trackedEntityInstances` | High
|
||||
5 | File | `/bin/login.php` | High
|
||||
6 | File | `/cgi-bin/hi3510/param.cgi` | High
|
||||
7 | File | `/cgi-bin/system_mgr.cgi` | High
|
||||
8 | File | `/cgi/sshcheck.cgi` | High
|
||||
9 | File | `/common/logViewer/logViewer.jsf` | High
|
||||
10 | File | `/ConsoleHelp/` | High
|
||||
11 | File | `/etc/sudoers` | Medium
|
||||
12 | File | `/export` | Low
|
||||
13 | File | `/horde/imp/search.php` | High
|
||||
14 | File | `/index.php` | Medium
|
||||
15 | File | `/jsoa/hntdCustomDesktopActionContent` | High
|
||||
16 | File | `/LEPTON_stable_2.2.2/upload/admins/media/index.php` | High
|
||||
17 | File | `/login` | Low
|
||||
6 | File | `/cgi-bin/system_mgr.cgi` | High
|
||||
7 | File | `/cgi/sshcheck.cgi` | High
|
||||
8 | File | `/common/logViewer/logViewer.jsf` | High
|
||||
9 | File | `/ConsoleHelp/` | High
|
||||
10 | File | `/etc/sudoers` | Medium
|
||||
11 | File | `/export` | Low
|
||||
12 | File | `/horde/imp/search.php` | High
|
||||
13 | File | `/index.php` | Medium
|
||||
14 | File | `/jsoa/hntdCustomDesktopActionContent` | High
|
||||
15 | File | `/LEPTON_stable_2.2.2/upload/admins/media/index.php` | High
|
||||
16 | File | `/login` | Low
|
||||
17 | File | `/messageboard/view.php` | High
|
||||
18 | File | `/modules/projects/vw_files.php` | High
|
||||
19 | File | `/news.dtl.php` | High
|
||||
20 | File | `/opensis/modules/grades/InputFinalGrades.php` | High
|
||||
21 | File | `/opensis/modules/users/Staff.php` | High
|
||||
22 | File | `/plesk-site-preview/` | High
|
||||
23 | File | `/proc/self/environ` | High
|
||||
24 | File | `/rest/api/2/user/picker` | High
|
||||
25 | File | `/s/` | Low
|
||||
26 | File | `/secure/admin/InsightDefaultCustomFieldConfig.jspa` | High
|
||||
27 | File | `/secure/QueryComponent!Default.jspa` | High
|
||||
28 | File | `/sendrcpackage?keyid=-2544&keysymbol=-4081` | High
|
||||
29 | File | `/services` | Medium
|
||||
30 | File | `/system?action=ServiceAdmin` | High
|
||||
31 | File | `/var/WEB-GUI/cgi-bin/downloadfile.cgi` | High
|
||||
32 | File | `/vicidial/user_stats.php` | High
|
||||
33 | File | `/websocket/exec` | High
|
||||
34 | File | `14all.cgi/14all-1.1.cgi/traffic.cgi/mrtg.cgi` | High
|
||||
35 | File | `access.conf` | Medium
|
||||
36 | File | `adclick.php` | Medium
|
||||
37 | File | `addentry.php` | Medium
|
||||
38 | File | `admin.php?m=backup&c=backup&a=doback` | High
|
||||
39 | File | `admin/admin_users.php` | High
|
||||
40 | File | `admin/login.php` | High
|
||||
41 | File | `admin/upload.php` | High
|
||||
42 | File | `administers` | Medium
|
||||
43 | File | `Administrator_list.php` | High
|
||||
44 | File | `advancedsetup_websiteblocking.html` | High
|
||||
19 | File | `/opensis/modules/grades/InputFinalGrades.php` | High
|
||||
20 | File | `/opensis/modules/users/Staff.php` | High
|
||||
21 | File | `/plesk-site-preview/` | High
|
||||
22 | File | `/proc/self/environ` | High
|
||||
23 | File | `/rest/api/2/user/picker` | High
|
||||
24 | File | `/s/` | Low
|
||||
25 | File | `/secure/admin/InsightDefaultCustomFieldConfig.jspa` | High
|
||||
26 | File | `/secure/QueryComponent!Default.jspa` | High
|
||||
27 | File | `/sendrcpackage?keyid=-2544&keysymbol=-4081` | High
|
||||
28 | File | `/services` | Medium
|
||||
29 | File | `/system?action=ServiceAdmin` | High
|
||||
30 | File | `/var/WEB-GUI/cgi-bin/downloadfile.cgi` | High
|
||||
31 | File | `/vicidial/user_stats.php` | High
|
||||
32 | File | `/websocket/exec` | High
|
||||
33 | File | `access.conf` | Medium
|
||||
34 | File | `adclick.php` | Medium
|
||||
35 | File | `admin.php` | Medium
|
||||
36 | File | `admin.php?m=backup&c=backup&a=doback` | High
|
||||
37 | File | `admin.remository.php` | High
|
||||
38 | File | `admin/admin_users.php` | High
|
||||
39 | File | `admin/login.php` | High
|
||||
40 | File | `admin/upload.php` | High
|
||||
41 | File | `administers` | Medium
|
||||
42 | File | `Administrator_list.php` | High
|
||||
43 | File | `advancedsetup_websiteblocking.html` | High
|
||||
44 | File | `affich.php` | Medium
|
||||
45 | File | `ajax_mail_autoreply.php` | High
|
||||
46 | File | `ajax_save_name.php` | High
|
||||
47 | File | `allocator.cc` | Medium
|
||||
48 | File | `announcements.php` | High
|
||||
49 | File | `ap1.com` | Low
|
||||
50 | File | `apache2/modsecurity.c` | High
|
||||
51 | File | `api_jsonrpc.php` | High
|
||||
52 | File | `app/admin/controller/Ajax.php` | High
|
||||
53 | File | `App/Modules/Admin/Tpl/default/Public/dwz/uploadify/scripts/uploadify.swf` | High
|
||||
54 | File | `AppCompatCache.exe` | High
|
||||
55 | File | `application.php` | High
|
||||
56 | File | `apply.cgi` | Medium
|
||||
57 | ... | ... | ...
|
||||
47 | File | `album_portal.php` | High
|
||||
48 | File | `allocator.cc` | Medium
|
||||
49 | File | `announcements.php` | High
|
||||
50 | File | `ap1.com` | Low
|
||||
51 | File | `apache2/modsecurity.c` | High
|
||||
52 | File | `api_jsonrpc.php` | High
|
||||
53 | File | `app/admin/controller/Ajax.php` | High
|
||||
54 | File | `App/Modules/Admin/Tpl/default/Public/dwz/uploadify/scripts/uploadify.swf` | High
|
||||
55 | File | `AppCompatCache.exe` | High
|
||||
56 | File | `application.php` | High
|
||||
57 | File | `apply.cgi` | Medium
|
||||
58 | File | `asp:.jpg` | Medium
|
||||
59 | File | `authfiles/login.asp` | High
|
||||
60 | File | `bb_usage_stats.php` | High
|
||||
61 | ... | ... | ...
|
||||
|
||||
There are 497 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 534 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -92,7 +92,7 @@ ID | Type | Indicator | Confidence
|
|||
40 | File | `/index.php?module=help_pages/pages&entities_id=24` | High
|
||||
41 | ... | ... | ...
|
||||
|
||||
There are 354 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 355 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -49,11 +49,12 @@ ID | Type | Indicator | Confidence
|
|||
-- | ---- | --------- | ----------
|
||||
1 | File | `/mgmt/tm/util/bash` | High
|
||||
2 | File | `14all.cgi/14all-1.1.cgi/traffic.cgi/mrtg.cgi` | High
|
||||
3 | File | `auth.php` | Medium
|
||||
4 | File | `books.php` | Medium
|
||||
5 | ... | ... | ...
|
||||
3 | File | `acme_certificate_edit.php` | High
|
||||
4 | File | `auth.php` | Medium
|
||||
5 | File | `books.php` | Medium
|
||||
6 | ... | ... | ...
|
||||
|
||||
There are 26 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 40 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -70,20 +70,21 @@ ID | Type | Indicator | Confidence
|
|||
20 | File | `AccountStatus.jsp` | High
|
||||
21 | File | `adclick.php` | Medium
|
||||
22 | File | `add.php` | Low
|
||||
23 | File | `admin.color.php` | High
|
||||
24 | File | `admin.joomlaradiov5.php` | High
|
||||
25 | File | `admin/systemOutOfBand.do` | High
|
||||
26 | File | `allopass-error.php` | High
|
||||
27 | File | `app/application.cpp` | High
|
||||
28 | File | `ashnews.php/ashheadlines.php` | High
|
||||
29 | File | `auth-gss2.c` | Medium
|
||||
30 | File | `authent.php4` | Medium
|
||||
31 | File | `base_maintenance.php` | High
|
||||
32 | File | `BBStore.php` | Medium
|
||||
33 | File | `boardrule.php` | High
|
||||
34 | ... | ... | ...
|
||||
23 | File | `admin.a6mambocredits.php` | High
|
||||
24 | File | `admin.color.php` | High
|
||||
25 | File | `admin.cropcanvas.php` | High
|
||||
26 | File | `admin.joomlaradiov5.php` | High
|
||||
27 | File | `Admin.PHP` | Medium
|
||||
28 | File | `admin/systemOutOfBand.do` | High
|
||||
29 | File | `allopass-error.php` | High
|
||||
30 | File | `app/application.cpp` | High
|
||||
31 | File | `ashnews.php/ashheadlines.php` | High
|
||||
32 | File | `auth-gss2.c` | Medium
|
||||
33 | File | `authent.php4` | Medium
|
||||
34 | File | `base_maintenance.php` | High
|
||||
35 | ... | ... | ...
|
||||
|
||||
There are 291 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 300 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -16,10 +16,10 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [BR](https://vuldb.com/?country.br)
|
||||
* [GB](https://vuldb.com/?country.gb)
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
* ...
|
||||
|
||||
There are 10 more country items available. Please use our online service to access the data.
|
||||
There are 9 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -1412,36 +1412,37 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/admin/` | Low
|
||||
2 | File | `/adms/admin/?page=vehicles/sell_vehicle` | High
|
||||
3 | File | `/adms/admin/?page=vehicles/view_transaction` | High
|
||||
4 | File | `/APR/login.php` | High
|
||||
5 | File | `/APR/signup.php` | High
|
||||
6 | File | `/cgi-bin/wapopen` | High
|
||||
7 | File | `/forum/away.php` | High
|
||||
8 | File | `/mims/login.php` | High
|
||||
9 | File | `/mygym/admin/index.php?view_exercises` | High
|
||||
10 | File | `/php-opos/index.php` | High
|
||||
11 | File | `/php-scrm/login.php` | High
|
||||
12 | File | `/public/launchNewWindow.jsp` | High
|
||||
13 | File | `/textpattern/index.php` | High
|
||||
14 | File | `/tmp` | Low
|
||||
15 | File | `account-signup.php` | High
|
||||
16 | File | `account/signup.php` | High
|
||||
17 | File | `activenews_view.asp` | High
|
||||
18 | File | `addentry.php` | Medium
|
||||
19 | File | `admin-ajax.php` | High
|
||||
20 | File | `admin.php` | Medium
|
||||
21 | File | `admin/admin.php?action=users&mode=info&user=2` | High
|
||||
22 | File | `admin/admin_editor.php` | High
|
||||
23 | File | `admin/conf_users_edit.php` | High
|
||||
24 | File | `adminer.php` | Medium
|
||||
25 | File | `articulo.php` | Medium
|
||||
26 | File | `art_detalle.php` | High
|
||||
2 | File | `/APR/login.php` | High
|
||||
3 | File | `/APR/signup.php` | High
|
||||
4 | File | `/cgi-bin/wapopen` | High
|
||||
5 | File | `/forum/away.php` | High
|
||||
6 | File | `/mims/login.php` | High
|
||||
7 | File | `/mygym/admin/index.php?view_exercises` | High
|
||||
8 | File | `/php-opos/index.php` | High
|
||||
9 | File | `/php-scrm/login.php` | High
|
||||
10 | File | `/public/launchNewWindow.jsp` | High
|
||||
11 | File | `/textpattern/index.php` | High
|
||||
12 | File | `/tmp` | Low
|
||||
13 | File | `account-signup.php` | High
|
||||
14 | File | `account/signup.php` | High
|
||||
15 | File | `activenews_view.asp` | High
|
||||
16 | File | `addentry.php` | Medium
|
||||
17 | File | `addressbook/backends/ldap/e-book-backend-ldap.c` | High
|
||||
18 | File | `admin-ajax.php` | High
|
||||
19 | File | `admin.php` | Medium
|
||||
20 | File | `admin/admin.php?action=users&mode=info&user=2` | High
|
||||
21 | File | `admin/admin_editor.php` | High
|
||||
22 | File | `admin/conf_users_edit.php` | High
|
||||
23 | File | `adminer.php` | Medium
|
||||
24 | File | `articulo.php` | Medium
|
||||
25 | File | `art_detalle.php` | High
|
||||
26 | File | `awstats.pl` | Medium
|
||||
27 | File | `banner_add_edit.asp` | High
|
||||
28 | File | `blocks/block-Old_Articles.php` | High
|
||||
29 | ... | ... | ...
|
||||
29 | File | `bp_ncom.php` | Medium
|
||||
30 | ... | ... | ...
|
||||
|
||||
There are 244 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 250 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -10,10 +10,10 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
|
||||
* [VN](https://vuldb.com/?country.vn)
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
* [NL](https://vuldb.com/?country.nl)
|
||||
* ...
|
||||
|
||||
There are 9 more country items available. Please use our online service to access the data.
|
||||
There are 8 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -162,45 +162,48 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/.env` | Low
|
||||
2 | File | `//` | Low
|
||||
3 | File | `/?ajax-request=jnews` | High
|
||||
4 | File | `/admin` | Low
|
||||
5 | File | `/admin/patient.php` | High
|
||||
6 | File | `/api/jmeter/download/files` | High
|
||||
7 | File | `/api/upload` | Medium
|
||||
8 | File | `/api/v1/attack/falco` | High
|
||||
9 | File | `/APR/login.php` | High
|
||||
10 | File | `/as/authorization.oauth2` | High
|
||||
11 | File | `/backup.pl` | Medium
|
||||
12 | File | `/cgi-bin/luci/api/auth` | High
|
||||
13 | File | `/cgi-bin/supervisor/PwdGrp.cgi` | High
|
||||
14 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
15 | File | `/churchcrm/EventAttendance.php` | High
|
||||
16 | File | `/DXR.axd` | Medium
|
||||
17 | File | `/edoc/doctor/patient.php` | High
|
||||
18 | File | `/filemanager/php/connector.php` | High
|
||||
19 | File | `/files/import` | High
|
||||
20 | File | `/forum/away.php` | High
|
||||
21 | File | `/j_security_check` | High
|
||||
22 | File | `/librarian/bookdetails.php` | High
|
||||
23 | File | `/mhds/clinic/view_details.php` | High
|
||||
24 | File | `/modules/projects/vw_files.php` | High
|
||||
25 | File | `/Moosikay/order.php` | High
|
||||
26 | File | `/out.php` | Medium
|
||||
27 | File | `/php-scrm/login.php` | High
|
||||
28 | File | `/reservation/add_message.php` | High
|
||||
29 | File | `/reviewer_0/admins/assessments/pretest/questions-view.php` | High
|
||||
30 | File | `/rukovoditel/index.php?module=users/login` | High
|
||||
31 | File | `/static/ueditor/php/controller.php` | High
|
||||
32 | File | `/tmp/boa-temp` | High
|
||||
33 | File | `/var/WEB-GUI/cgi-bin/telnet.cgi` | High
|
||||
34 | File | `/wp-admin/admin-ajax.php` | High
|
||||
35 | File | `/wp-admin/options.php` | High
|
||||
36 | File | `/wp-content/plugins/woocommerce/templates/emails/plain/` | High
|
||||
37 | ... | ... | ...
|
||||
1 | File | `.FBCIndex` | Medium
|
||||
2 | File | `/.env` | Low
|
||||
3 | File | `//` | Low
|
||||
4 | File | `/?ajax-request=jnews` | High
|
||||
5 | File | `/admin` | Low
|
||||
6 | File | `/admin/login.php` | High
|
||||
7 | File | `/admin/patient.php` | High
|
||||
8 | File | `/api/jmeter/download/files` | High
|
||||
9 | File | `/api/upload` | Medium
|
||||
10 | File | `/api/v1/attack/falco` | High
|
||||
11 | File | `/APR/login.php` | High
|
||||
12 | File | `/as/authorization.oauth2` | High
|
||||
13 | File | `/backup.pl` | Medium
|
||||
14 | File | `/cgi-bin/luci/api/auth` | High
|
||||
15 | File | `/cgi-bin/supervisor/PwdGrp.cgi` | High
|
||||
16 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
17 | File | `/churchcrm/EventAttendance.php` | High
|
||||
18 | File | `/DXR.axd` | Medium
|
||||
19 | File | `/edoc/doctor/patient.php` | High
|
||||
20 | File | `/filemanager/php/connector.php` | High
|
||||
21 | File | `/files/import` | High
|
||||
22 | File | `/forum/away.php` | High
|
||||
23 | File | `/j_security_check` | High
|
||||
24 | File | `/librarian/bookdetails.php` | High
|
||||
25 | File | `/mhds/clinic/view_details.php` | High
|
||||
26 | File | `/modules/projects/vw_files.php` | High
|
||||
27 | File | `/Moosikay/order.php` | High
|
||||
28 | File | `/out.php` | Medium
|
||||
29 | File | `/php-scrm/login.php` | High
|
||||
30 | File | `/plain` | Low
|
||||
31 | File | `/public/launchNewWindow.jsp` | High
|
||||
32 | File | `/reservation/add_message.php` | High
|
||||
33 | File | `/reviewer_0/admins/assessments/pretest/questions-view.php` | High
|
||||
34 | File | `/rukovoditel/index.php?module=users/login` | High
|
||||
35 | File | `/static/ueditor/php/controller.php` | High
|
||||
36 | File | `/tmp/boa-temp` | High
|
||||
37 | File | `/var/WEB-GUI/cgi-bin/telnet.cgi` | High
|
||||
38 | File | `/wp-admin/admin-ajax.php` | High
|
||||
39 | File | `/wp-admin/options.php` | High
|
||||
40 | ... | ... | ...
|
||||
|
||||
There are 320 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 342 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -76,25 +76,25 @@ ID | Type | Indicator | Confidence
|
|||
15 | File | `/controller/pay.class.php` | High
|
||||
16 | File | `/ctpms/admin/?page=applications/view_application` | High
|
||||
17 | File | `/dev/block/mmcblk0rpmb` | High
|
||||
18 | File | `/dev/kmem` | Medium
|
||||
19 | File | `/dev/snd/seq` | Medium
|
||||
20 | File | `/device/device=140/tab=wifi/view` | High
|
||||
21 | File | `/dl/dl_print.php` | High
|
||||
22 | File | `/etc/passwd` | Medium
|
||||
23 | File | `/getcfg.php` | Medium
|
||||
24 | File | `/goform/SetClientState` | High
|
||||
25 | File | `/goform/SysToolChangePwd` | High
|
||||
26 | File | `/irj/servlet/prt/portal/prtroot/com.sap.portal.usermanagement.admin.UserMapping` | High
|
||||
27 | File | `/jerry-core/ecma/base/ecma-gc.c` | High
|
||||
28 | File | `/jerry-core/ecma/base/ecma-helpers-conversion.c` | High
|
||||
29 | File | `/librarian/bookdetails.php` | High
|
||||
30 | File | `/librarian/lab.php` | High
|
||||
31 | File | `/login` | Low
|
||||
32 | File | `/mngset/authset` | High
|
||||
33 | File | `/nova/bin/sniffer` | High
|
||||
18 | File | `/dev/snd/seq` | Medium
|
||||
19 | File | `/device/device=140/tab=wifi/view` | High
|
||||
20 | File | `/dl/dl_print.php` | High
|
||||
21 | File | `/etc/passwd` | Medium
|
||||
22 | File | `/getcfg.php` | Medium
|
||||
23 | File | `/goform/SetClientState` | High
|
||||
24 | File | `/goform/SysToolChangePwd` | High
|
||||
25 | File | `/irj/servlet/prt/portal/prtroot/com.sap.portal.usermanagement.admin.UserMapping` | High
|
||||
26 | File | `/jerry-core/ecma/base/ecma-gc.c` | High
|
||||
27 | File | `/jerry-core/ecma/base/ecma-helpers-conversion.c` | High
|
||||
28 | File | `/librarian/bookdetails.php` | High
|
||||
29 | File | `/librarian/lab.php` | High
|
||||
30 | File | `/login` | Low
|
||||
31 | File | `/mngset/authset` | High
|
||||
32 | File | `/nova/bin/sniffer` | High
|
||||
33 | File | `/ofcms/company-c-47` | High
|
||||
34 | ... | ... | ...
|
||||
|
||||
There are 289 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 288 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -9,8 +9,8 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
|
|||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Chaos:
|
||||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [LU](https://vuldb.com/?country.lu)
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
* [LU](https://vuldb.com/?country.lu)
|
||||
* ...
|
||||
|
||||
There are 6 more country items available. Please use our online service to access the data.
|
||||
|
@ -41,11 +41,11 @@ ID | Technique | Weakness | Description | Confidence
|
|||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-24 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
4 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 21 more TTP items available. Please use our online service to access the data.
|
||||
There are 20 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -63,30 +63,34 @@ ID | Type | Indicator | Confidence
|
|||
8 | File | `/cgi-bin/luci/api/wireless` | High
|
||||
9 | File | `/cgi-bin/mesh.cgi?page=upgrade` | High
|
||||
10 | File | `/cgi-bin/uploadWeiXinPic` | High
|
||||
11 | File | `/claire_blake` | High
|
||||
12 | File | `/core/admin/categories.php` | High
|
||||
13 | File | `/dashboard/contact` | High
|
||||
14 | File | `/debug/pprof` | Medium
|
||||
15 | File | `/dms/admin/reports/daily_collection_report.php` | High
|
||||
16 | File | `/etc/config/cameo` | High
|
||||
17 | File | `/export` | Low
|
||||
18 | File | `/files.md5` | Medium
|
||||
19 | File | `/food/admin/all_users.php` | High
|
||||
20 | File | `/forum/away.php` | High
|
||||
21 | File | `/hrm/employeeview.php` | High
|
||||
22 | File | `/htdocs/cgibin` | High
|
||||
23 | File | `/images/` | Medium
|
||||
11 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
12 | File | `/claire_blake` | High
|
||||
13 | File | `/core/admin/categories.php` | High
|
||||
14 | File | `/dashboard/contact` | High
|
||||
15 | File | `/debug/pprof` | Medium
|
||||
16 | File | `/dms/admin/reports/daily_collection_report.php` | High
|
||||
17 | File | `/etc/config/cameo` | High
|
||||
18 | File | `/export` | Low
|
||||
19 | File | `/files.md5` | Medium
|
||||
20 | File | `/food/admin/all_users.php` | High
|
||||
21 | File | `/forum/away.php` | High
|
||||
22 | File | `/hrm/employeeview.php` | High
|
||||
23 | File | `/htdocs/cgibin` | High
|
||||
24 | File | `/isms/classes/Users.php` | High
|
||||
25 | File | `/login` | Low
|
||||
26 | File | `/mc` | Low
|
||||
27 | File | `/mkshop/Men/profile.php` | High
|
||||
28 | File | `/modules/profile/index.php` | High
|
||||
29 | File | `/ofrs/admin/?page=teams/view_team` | High
|
||||
30 | File | `/one_church/userregister.php` | High
|
||||
31 | File | `/out.php` | Medium
|
||||
32 | ... | ... | ...
|
||||
25 | File | `/librarian/bookdetails.php` | High
|
||||
26 | File | `/login` | Low
|
||||
27 | File | `/mc` | Low
|
||||
28 | File | `/mkshop/Men/profile.php` | High
|
||||
29 | File | `/modules/profile/index.php` | High
|
||||
30 | File | `/ofrs/admin/?page=teams/view_team` | High
|
||||
31 | File | `/one_church/userregister.php` | High
|
||||
32 | File | `/out.php` | Medium
|
||||
33 | File | `/public/plugins/` | High
|
||||
34 | File | `/SAP_Information_System/controllers/add_admin.php` | High
|
||||
35 | File | `/SASWebReportStudio/logonAndRender.do` | High
|
||||
36 | ... | ... | ...
|
||||
|
||||
There are 274 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 310 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -103,41 +103,42 @@ ID | Type | Indicator | Confidence
|
|||
5 | File | `/APR/signup.php` | High
|
||||
6 | File | `/cgi-bin/supervisor/PwdGrp.cgi` | High
|
||||
7 | File | `/cgi-bin/wapopen` | High
|
||||
8 | File | `/churchcrm/EventAttendance.php` | High
|
||||
9 | File | `/DXR.axd` | Medium
|
||||
10 | File | `/filemanager/php/connector.php` | High
|
||||
11 | File | `/forum/away.php` | High
|
||||
12 | File | `/HNAP1/SetClientInfo` | High
|
||||
13 | File | `/mhds/clinic/view_details.php` | High
|
||||
14 | File | `/mims/login.php` | High
|
||||
15 | File | `/modules/projects/vw_files.php` | High
|
||||
16 | File | `/php-scrm/login.php` | High
|
||||
17 | File | `/public/launchNewWindow.jsp` | High
|
||||
18 | File | `/rukovoditel/index.php?module=users/login` | High
|
||||
19 | File | `/squashfs-root/www/HNAP1/control/SetMasterWLanSettings.php` | High
|
||||
20 | File | `/static/ueditor/php/controller.php` | High
|
||||
21 | File | `/textpattern/index.php` | High
|
||||
22 | File | `/tmp` | Low
|
||||
23 | File | `/var/WEB-GUI/cgi-bin/telnet.cgi` | High
|
||||
24 | File | `/wp-admin/admin-ajax.php` | High
|
||||
25 | File | `/wp-admin/options.php` | High
|
||||
26 | File | `/wp-content/plugins/woocommerce/templates/emails/plain/` | High
|
||||
27 | File | `account/signup.php` | High
|
||||
28 | File | `Acl.asp` | Low
|
||||
29 | File | `activenews_view.asp` | High
|
||||
30 | File | `adclick.php` | Medium
|
||||
31 | File | `addentry.php` | Medium
|
||||
32 | File | `addressbook/backends/ldap/e-book-backend-ldap.c` | High
|
||||
33 | File | `admin.php` | Medium
|
||||
34 | File | `admin/admin_editor.php` | High
|
||||
35 | File | `admin/TemplateController.java` | High
|
||||
36 | File | `admincp.php` | Medium
|
||||
37 | File | `adminer.php` | Medium
|
||||
38 | File | `affich.php` | Medium
|
||||
39 | File | `ajax/telemetry.php` | High
|
||||
40 | ... | ... | ...
|
||||
8 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
9 | File | `/churchcrm/EventAttendance.php` | High
|
||||
10 | File | `/DXR.axd` | Medium
|
||||
11 | File | `/filemanager/php/connector.php` | High
|
||||
12 | File | `/forum/away.php` | High
|
||||
13 | File | `/HNAP1/SetClientInfo` | High
|
||||
14 | File | `/mhds/clinic/view_details.php` | High
|
||||
15 | File | `/mims/login.php` | High
|
||||
16 | File | `/modules/projects/vw_files.php` | High
|
||||
17 | File | `/php-scrm/login.php` | High
|
||||
18 | File | `/plain` | Low
|
||||
19 | File | `/public/launchNewWindow.jsp` | High
|
||||
20 | File | `/rukovoditel/index.php?module=users/login` | High
|
||||
21 | File | `/squashfs-root/www/HNAP1/control/SetMasterWLanSettings.php` | High
|
||||
22 | File | `/static/ueditor/php/controller.php` | High
|
||||
23 | File | `/textpattern/index.php` | High
|
||||
24 | File | `/tmp` | Low
|
||||
25 | File | `/var/WEB-GUI/cgi-bin/telnet.cgi` | High
|
||||
26 | File | `/wp-admin/admin-ajax.php` | High
|
||||
27 | File | `/wp-admin/options.php` | High
|
||||
28 | File | `/wp-content/plugins/woocommerce/templates/emails/plain/` | High
|
||||
29 | File | `account/signup.php` | High
|
||||
30 | File | `Acl.asp` | Low
|
||||
31 | File | `activenews_view.asp` | High
|
||||
32 | File | `adclick.php` | Medium
|
||||
33 | File | `addentry.php` | Medium
|
||||
34 | File | `addressbook/backends/ldap/e-book-backend-ldap.c` | High
|
||||
35 | File | `admin.php` | Medium
|
||||
36 | File | `admin/admin_editor.php` | High
|
||||
37 | File | `admin/TemplateController.java` | High
|
||||
38 | File | `admincp.php` | Medium
|
||||
39 | File | `adminer.php` | Medium
|
||||
40 | File | `affich.php` | Medium
|
||||
41 | ... | ... | ...
|
||||
|
||||
There are 340 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 351 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -20,7 +20,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [NL](https://vuldb.com/?country.nl)
|
||||
* ...
|
||||
|
||||
There are 28 more country items available. Please use our online service to access the data.
|
||||
There are 27 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -531,7 +531,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 21 more TTP items available. Please use our online service to access the data.
|
||||
There are 22 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -548,43 +548,44 @@ ID | Type | Indicator | Confidence
|
|||
7 | File | `/admin/submit-articles` | High
|
||||
8 | File | `/alphaware/summary.php` | High
|
||||
9 | File | `/api/` | Low
|
||||
10 | File | `/appliance/users?action=edit` | High
|
||||
11 | File | `/apply.cgi` | Medium
|
||||
12 | File | `/attachments` | Medium
|
||||
13 | File | `/backup.pl` | Medium
|
||||
14 | File | `/boat/login.php` | High
|
||||
15 | File | `/bsms_ci/index.php/book` | High
|
||||
16 | File | `/debug/pprof` | Medium
|
||||
17 | File | `/DocSystem/Repos/getReposAllUsers.do` | High
|
||||
18 | File | `/edoc/doctor/patient.php` | High
|
||||
19 | File | `/etc/hosts` | Medium
|
||||
20 | File | `/etc/ldap.conf` | High
|
||||
21 | File | `/etc/quagga` | Medium
|
||||
22 | File | `/etc/shadow` | Medium
|
||||
23 | File | `/event/admin/?page=user/list` | High
|
||||
24 | File | `/forum/away.php` | High
|
||||
25 | File | `/hardware` | Medium
|
||||
26 | File | `/index.php` | Medium
|
||||
27 | File | `/medicines/profile.php` | High
|
||||
28 | File | `/modules/caddyhttp/rewrite/rewrite.go` | High
|
||||
29 | File | `/out.php` | Medium
|
||||
30 | File | `/php-scrm/login.php` | High
|
||||
31 | File | `/proxy` | Low
|
||||
32 | File | `/reservation/add_message.php` | High
|
||||
33 | File | `/reviewer_0/admins/assessments/pretest/questions-view.php` | High
|
||||
34 | File | `/Session` | Medium
|
||||
35 | File | `/spip.php` | Medium
|
||||
36 | File | `/tmp` | Low
|
||||
37 | File | `/uncpath/` | Medium
|
||||
38 | File | `/user/loader.php?api=1` | High
|
||||
39 | File | `/vendor/htmlawed/htmlawed/htmLawedTest.php` | High
|
||||
40 | File | `/video-sharing-script/watch-video.php` | High
|
||||
41 | File | `/wireless/security.asp` | High
|
||||
42 | File | `/wp-admin/admin-ajax.php` | High
|
||||
43 | File | `/wp-content/plugins/woocommerce/templates/emails/plain/` | High
|
||||
44 | ... | ... | ...
|
||||
10 | File | `/api/admin/store/product/list` | High
|
||||
11 | File | `/appliance/users?action=edit` | High
|
||||
12 | File | `/apply.cgi` | Medium
|
||||
13 | File | `/attachments` | Medium
|
||||
14 | File | `/backup.pl` | Medium
|
||||
15 | File | `/boat/login.php` | High
|
||||
16 | File | `/bsms_ci/index.php/book` | High
|
||||
17 | File | `/debug/pprof` | Medium
|
||||
18 | File | `/DocSystem/Repos/getReposAllUsers.do` | High
|
||||
19 | File | `/edoc/doctor/patient.php` | High
|
||||
20 | File | `/etc/hosts` | Medium
|
||||
21 | File | `/etc/ldap.conf` | High
|
||||
22 | File | `/etc/quagga` | Medium
|
||||
23 | File | `/etc/shadow` | Medium
|
||||
24 | File | `/event/admin/?page=user/list` | High
|
||||
25 | File | `/forum/away.php` | High
|
||||
26 | File | `/hardware` | Medium
|
||||
27 | File | `/index.php` | Medium
|
||||
28 | File | `/medicines/profile.php` | High
|
||||
29 | File | `/modules/caddyhttp/rewrite/rewrite.go` | High
|
||||
30 | File | `/out.php` | Medium
|
||||
31 | File | `/php-scrm/login.php` | High
|
||||
32 | File | `/proxy` | Low
|
||||
33 | File | `/reservation/add_message.php` | High
|
||||
34 | File | `/reviewer_0/admins/assessments/pretest/questions-view.php` | High
|
||||
35 | File | `/Session` | Medium
|
||||
36 | File | `/spip.php` | Medium
|
||||
37 | File | `/tmp` | Low
|
||||
38 | File | `/uncpath/` | Medium
|
||||
39 | File | `/user/loader.php?api=1` | High
|
||||
40 | File | `/vendor/htmlawed/htmlawed/htmLawedTest.php` | High
|
||||
41 | File | `/video-sharing-script/watch-video.php` | High
|
||||
42 | File | `/wireless/security.asp` | High
|
||||
43 | File | `/wp-admin/admin-ajax.php` | High
|
||||
44 | File | `/wp-content/plugins/woocommerce/templates/emails/plain/` | High
|
||||
45 | ... | ... | ...
|
||||
|
||||
There are 381 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 387 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -10,6 +10,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
|
||||
* [IT](https://vuldb.com/?country.it)
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -34,13 +35,14 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-22, CWE-23, CWE-24, CWE-25, CWE-27, CWE-29 | Pathname Traversal | High
|
||||
1 | T1006 | CWE-22, CWE-24, CWE-25, CWE-29, CWE-425 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-294, CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
5 | ... | ... | ... | ...
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 17 more TTP items available. Please use our online service to access the data.
|
||||
There are 19 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -48,59 +50,56 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/admin.php/appcenter/local.html?type=addon` | High
|
||||
2 | File | `/admin.php?controller=admin_commonuser` | High
|
||||
3 | File | `/admin/ajax.php` | High
|
||||
4 | File | `/admin/assign/assign.php` | High
|
||||
5 | File | `/admin/content/index` | High
|
||||
6 | File | `/admin/convert/export_z3950_new.php` | High
|
||||
7 | File | `/admin/delete_user.php` | High
|
||||
8 | File | `/admin/getallarticleinfo` | High
|
||||
9 | File | `/admin/login.php` | High
|
||||
10 | File | `/admin/manage_user.php` | High
|
||||
11 | File | `/admin/navbar.php` | High
|
||||
12 | File | `/admin/reports/index.php` | High
|
||||
13 | File | `/admin/robot/approval/list` | High
|
||||
14 | File | `/admin/upload` | High
|
||||
15 | File | `/admin/view_order.php` | High
|
||||
16 | File | `/admin1/file/download` | High
|
||||
17 | File | `/admin_system/api.php` | High
|
||||
18 | File | `/agc/vicidial.php` | High
|
||||
19 | File | `/alphaware/details.php` | High
|
||||
20 | File | `/analysisProject/pagingQueryData` | High
|
||||
21 | File | `/api/admin/store/product/list` | High
|
||||
22 | File | `/api/admin/store/product/save` | High
|
||||
23 | File | `/api/admin/user/list` | High
|
||||
24 | File | `/api/jmeter/download/files` | High
|
||||
25 | File | `/api/upload` | Medium
|
||||
26 | File | `/batm/app/admin/standalone/deployments` | High
|
||||
27 | File | `/billing/home.php` | High
|
||||
28 | File | `/bookstore/bookPerPub.php` | High
|
||||
29 | File | `/bsenordering/index.php` | High
|
||||
30 | File | `/churchcrm/EventAttendance.php` | High
|
||||
31 | File | `/common/sysFile/list` | High
|
||||
32 | File | `/databases/database/edit` | High
|
||||
33 | File | `/databases/database/list` | High
|
||||
34 | File | `/databases/table/columns` | High
|
||||
35 | File | `/databases/table/list` | High
|
||||
36 | File | `/ecommerce/admin/category/controller.php` | High
|
||||
37 | File | `/ecommerce/admin/settings/setDiscount.php` | High
|
||||
38 | File | `/ecommerce/admin/user/controller.php?action=edit` | High
|
||||
39 | File | `/eduauth/student/search.php` | High
|
||||
40 | File | `/etc/init.d/openfire` | High
|
||||
41 | File | `/feeds/post/publish` | High
|
||||
42 | File | `/files/list-file` | High
|
||||
43 | File | `/file_manager/login.php` | High
|
||||
44 | File | `/geoserver/rest/about/status` | High
|
||||
45 | File | `/https_redirect.php` | High
|
||||
46 | File | `/kruxton/manage_user.php` | High
|
||||
47 | File | `/kruxton/navbar.php` | High
|
||||
48 | File | `/kruxton/receipt.php` | High
|
||||
49 | File | `/kruxton/sales_report.php` | High
|
||||
50 | File | `/NotrinosERP/sales/customer_delivery.php` | High
|
||||
51 | ... | ... | ...
|
||||
1 | File | `/?r=email/api/mark&op=delFromSend` | High
|
||||
2 | File | `/?r=report/api/getlist` | High
|
||||
3 | File | `/accessory/picdel.html` | High
|
||||
4 | File | `/admin` | Low
|
||||
5 | File | `/admin.php/appcenter/local.html?type=addon` | High
|
||||
6 | File | `/admin/?page=product/manage_product&id=2` | High
|
||||
7 | File | `/admin/assign/assign.php` | High
|
||||
8 | File | `/admin/casedetails.php` | High
|
||||
9 | File | `/admin/fields/manage_field.php` | High
|
||||
10 | File | `/admin/getallarticleinfo` | High
|
||||
11 | File | `/admin/info_deal.php` | High
|
||||
12 | File | `/admin/products/index.php` | High
|
||||
13 | File | `/admin/reports/index.php` | High
|
||||
14 | File | `/admin/robot/approval/list` | High
|
||||
15 | File | `/admin/transactions/track_shipment.php` | High
|
||||
16 | File | `/admin_system/api.php` | High
|
||||
17 | File | `/alphaware/details.php` | High
|
||||
18 | File | `/analysisProject/pagingQueryData` | High
|
||||
19 | File | `/api/admin/store/product/list` | High
|
||||
20 | File | `/api/admin/store/product/save` | High
|
||||
21 | File | `/api/gen/clients/{language}` | High
|
||||
22 | File | `/api/upload` | Medium
|
||||
23 | File | `/articles/{id}` | High
|
||||
24 | File | `/batm/app/admin/standalone/deployments` | High
|
||||
25 | File | `/bilal final/edit_stud.php` | High
|
||||
26 | File | `/bilal final/login.php` | High
|
||||
27 | File | `/bsenordering/index.php` | High
|
||||
28 | File | `/churchcrm/EventAttendance.php` | High
|
||||
29 | File | `/classes/Master.php?f=save_position` | High
|
||||
30 | File | `/common/sysFile/list` | High
|
||||
31 | File | `/config/general/` | High
|
||||
32 | File | `/database/sqldel.html` | High
|
||||
33 | File | `/dev/infiniband/rdma_cm` | High
|
||||
34 | File | `/ecommerce/admin/category/controller.php` | High
|
||||
35 | File | `/ecommerce/admin/settings/setDiscount.php` | High
|
||||
36 | File | `/ecommerce/admin/user/controller.php?action=edit` | High
|
||||
37 | File | `/feeds/post/publish` | High
|
||||
38 | File | `/files/list-file` | High
|
||||
39 | File | `/geoserver/rest/about/status` | High
|
||||
40 | File | `/goform/set_LimitClient_cfg` | High
|
||||
41 | File | `/group1/uploa` | High
|
||||
42 | File | `/NotrinosERP/sales/customer_delivery.php` | High
|
||||
43 | File | `/officer/assigncase.php` | High
|
||||
44 | File | `/plugins/focalboard/api/v2/users` | High
|
||||
45 | File | `/PROD_ar/twbkwbis.P_FirstMenu` | High
|
||||
46 | File | `/project/tasks/list` | High
|
||||
47 | File | `/setting/setWanIeCfg` | High
|
||||
48 | ... | ... | ...
|
||||
|
||||
There are 447 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 416 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -92,25 +92,26 @@ ID | Type | Indicator | Confidence
|
|||
44 | File | `/staff/bookdetails.php` | High
|
||||
45 | File | `/uncpath/` | Medium
|
||||
46 | File | `/user/update_booking.php` | High
|
||||
47 | File | `/WEB-INF/web.xml` | High
|
||||
48 | File | `/Wedding-Management-PHP/admin/photos_add.php` | High
|
||||
49 | File | `/wireless/security.asp` | High
|
||||
50 | File | `/wordpress/wp-admin/options-general.php` | High
|
||||
51 | File | `/wp-content/plugins/woocommerce/templates/emails/plain/` | High
|
||||
52 | File | `01article.php` | High
|
||||
53 | File | `AbstractScheduleJob.java` | High
|
||||
54 | File | `actionphp/download.File.php` | High
|
||||
55 | File | `activenews_view.asp` | High
|
||||
56 | File | `adclick.php` | Medium
|
||||
57 | File | `addtocart.asp` | High
|
||||
58 | File | `admin.php` | Medium
|
||||
59 | File | `admin/abc.php` | High
|
||||
60 | File | `admin/admin.php?action=users&mode=info&user=2` | High
|
||||
61 | File | `admin/admin/adminsave.html` | High
|
||||
62 | File | `admin/conf_users_edit.php` | High
|
||||
63 | ... | ... | ...
|
||||
47 | File | `/Wedding-Management-PHP/admin/photos_add.php` | High
|
||||
48 | File | `/wireless/security.asp` | High
|
||||
49 | File | `/wordpress/wp-admin/options-general.php` | High
|
||||
50 | File | `/wp-content/plugins/woocommerce/templates/emails/plain/` | High
|
||||
51 | File | `01article.php` | High
|
||||
52 | File | `AbstractScheduleJob.java` | High
|
||||
53 | File | `actionphp/download.File.php` | High
|
||||
54 | File | `activenews_view.asp` | High
|
||||
55 | File | `adclick.php` | Medium
|
||||
56 | File | `addtocart.asp` | High
|
||||
57 | File | `admin.php` | Medium
|
||||
58 | File | `admin/abc.php` | High
|
||||
59 | File | `admin/admin.php?action=users&mode=info&user=2` | High
|
||||
60 | File | `admin/admin/adminsave.html` | High
|
||||
61 | File | `admin/conf_users_edit.php` | High
|
||||
62 | File | `admin/disapprove_user.php` | High
|
||||
63 | File | `admin/expense_report.php` | High
|
||||
64 | ... | ... | ...
|
||||
|
||||
There are 552 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 557 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -24,7 +24,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [RU](https://vuldb.com/?country.ru)
|
||||
* ...
|
||||
|
||||
There are 22 more country items available. Please use our online service to access the data.
|
||||
There are 21 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -121,51 +121,52 @@ ID | Type | Indicator | Confidence
|
|||
8 | File | `/adms/admin/?page=vehicles/sell_vehicle` | High
|
||||
9 | File | `/adms/admin/?page=vehicles/view_transaction` | High
|
||||
10 | File | `/alphaware/summary.php` | High
|
||||
11 | File | `/apply.cgi` | Medium
|
||||
12 | File | `/APR/login.php` | High
|
||||
13 | File | `/attachments` | Medium
|
||||
14 | File | `/bin/httpd` | Medium
|
||||
15 | File | `/boat/login.php` | High
|
||||
16 | File | `/bsms_ci/index.php/book` | High
|
||||
17 | File | `/cgi-bin/wapopen` | High
|
||||
18 | File | `/context/%2e/WEB-INF/web.xml` | High
|
||||
19 | File | `/debug/pprof` | Medium
|
||||
20 | File | `/dev/block/mmcblk0rpmb` | High
|
||||
21 | File | `/DocSystem/Repos/getReposAllUsers.do` | High
|
||||
22 | File | `/etc/hosts` | Medium
|
||||
23 | File | `/face-recognition-php/facepay-master/camera.php` | High
|
||||
24 | File | `/forum/away.php` | High
|
||||
25 | File | `/fos/admin/ajax.php?action=login` | High
|
||||
26 | File | `/fos/admin/index.php?page=menu` | High
|
||||
27 | File | `/home/masterConsole` | High
|
||||
28 | File | `/home/sendBroadcast` | High
|
||||
29 | File | `/hrm/employeeadd.php` | High
|
||||
30 | File | `/hrm/employeeview.php` | High
|
||||
31 | File | `/jsoa/hntdCustomDesktopActionContent` | High
|
||||
32 | File | `/lookin/info` | Medium
|
||||
33 | File | `/medicines/profile.php` | High
|
||||
34 | File | `/modules/caddyhttp/rewrite/rewrite.go` | High
|
||||
35 | File | `/mygym/admin/index.php?view_exercises` | High
|
||||
36 | File | `/php-opos/index.php` | High
|
||||
37 | File | `/proxy` | Low
|
||||
38 | File | `/public/launchNewWindow.jsp` | High
|
||||
39 | File | `/Redcock-Farm/farm/category.php` | High
|
||||
40 | File | `/reports/rwservlet` | High
|
||||
41 | File | `/reservation/add_message.php` | High
|
||||
42 | File | `/secure/QueryComponent!Default.jspa` | High
|
||||
43 | File | `/Session` | Medium
|
||||
44 | File | `/spip.php` | Medium
|
||||
45 | File | `/tmp` | Low
|
||||
46 | File | `/uncpath/` | Medium
|
||||
47 | File | `/vendor/htmlawed/htmlawed/htmLawedTest.php` | High
|
||||
48 | File | `/video-sharing-script/watch-video.php` | High
|
||||
49 | File | `/wireless/security.asp` | High
|
||||
50 | File | `/xxl-job-admin/jobinfo` | High
|
||||
51 | File | `01article.php` | High
|
||||
52 | File | `AbstractScheduleJob.java` | High
|
||||
53 | ... | ... | ...
|
||||
11 | File | `/api/` | Low
|
||||
12 | File | `/api/admin/store/product/list` | High
|
||||
13 | File | `/apply.cgi` | Medium
|
||||
14 | File | `/APR/login.php` | High
|
||||
15 | File | `/attachments` | Medium
|
||||
16 | File | `/bin/httpd` | Medium
|
||||
17 | File | `/boat/login.php` | High
|
||||
18 | File | `/bsms_ci/index.php/book` | High
|
||||
19 | File | `/cgi-bin/wapopen` | High
|
||||
20 | File | `/debug/pprof` | Medium
|
||||
21 | File | `/dev/block/mmcblk0rpmb` | High
|
||||
22 | File | `/DocSystem/Repos/getReposAllUsers.do` | High
|
||||
23 | File | `/etc/hosts` | Medium
|
||||
24 | File | `/face-recognition-php/facepay-master/camera.php` | High
|
||||
25 | File | `/forum/away.php` | High
|
||||
26 | File | `/fos/admin/ajax.php?action=login` | High
|
||||
27 | File | `/fos/admin/index.php?page=menu` | High
|
||||
28 | File | `/home/masterConsole` | High
|
||||
29 | File | `/home/sendBroadcast` | High
|
||||
30 | File | `/hrm/employeeadd.php` | High
|
||||
31 | File | `/hrm/employeeview.php` | High
|
||||
32 | File | `/jsoa/hntdCustomDesktopActionContent` | High
|
||||
33 | File | `/lookin/info` | Medium
|
||||
34 | File | `/medicines/profile.php` | High
|
||||
35 | File | `/modules/caddyhttp/rewrite/rewrite.go` | High
|
||||
36 | File | `/mygym/admin/index.php?view_exercises` | High
|
||||
37 | File | `/php-opos/index.php` | High
|
||||
38 | File | `/proxy` | Low
|
||||
39 | File | `/public/launchNewWindow.jsp` | High
|
||||
40 | File | `/Redcock-Farm/farm/category.php` | High
|
||||
41 | File | `/reports/rwservlet` | High
|
||||
42 | File | `/reservation/add_message.php` | High
|
||||
43 | File | `/secure/QueryComponent!Default.jspa` | High
|
||||
44 | File | `/Session` | Medium
|
||||
45 | File | `/spip.php` | Medium
|
||||
46 | File | `/tmp` | Low
|
||||
47 | File | `/uncpath/` | Medium
|
||||
48 | File | `/vendor/htmlawed/htmlawed/htmLawedTest.php` | High
|
||||
49 | File | `/video-sharing-script/watch-video.php` | High
|
||||
50 | File | `/wireless/security.asp` | High
|
||||
51 | File | `/xxl-job-admin/jobinfo` | High
|
||||
52 | File | `01article.php` | High
|
||||
53 | File | `AbstractScheduleJob.java` | High
|
||||
54 | ... | ... | ...
|
||||
|
||||
There are 461 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 467 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -87,7 +87,7 @@ ID | IP address | Hostname | Campaign | Confidence
|
|||
58 | [44.230.85.241](https://vuldb.com/?ip.44.230.85.241) | ec2-44-230-85-241.us-west-2.compute.amazonaws.com | - | Medium
|
||||
59 | ... | ... | ... | ...
|
||||
|
||||
There are 232 more IOC items available. Please use our online service to access the data.
|
||||
There are 233 more IOC items available. Please use our online service to access the data.
|
||||
|
||||
## TTP - Tactics, Techniques, Procedures
|
||||
|
||||
|
@ -148,6 +148,7 @@ The following list contains _external sources_ which discuss the actor and the a
|
|||
* https://blog.talosintelligence.com/2022/10/threat-roundup-1007-1014.html
|
||||
* https://blog.talosintelligence.com/threat-roundup-0127-0203/
|
||||
* https://blog.talosintelligence.com/threat-roundup-0217-0224/
|
||||
* https://blog.talosintelligence.com/threat-roundup-0324-0331-2/
|
||||
* https://blog.talosintelligence.com/threat-roundup-1111-1118/
|
||||
* https://blog.talosintelligence.com/threat-roundup-1202-1209/
|
||||
* https://cert.gov.ua/article/37688
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [VN](https://vuldb.com/?country.vn)
|
||||
* ...
|
||||
|
||||
There are 11 more country items available. Please use our online service to access the data.
|
||||
There are 12 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -102,7 +102,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
1 | T1006 | CWE-21, CWE-22 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-294 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
4 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
|
@ -117,45 +117,43 @@ ID | Type | Indicator | Confidence
|
|||
1 | File | `/+CSCOE+/logon.html` | High
|
||||
2 | File | `/admin/upload/upload` | High
|
||||
3 | File | `/api/admin/system/store/order/list` | High
|
||||
4 | File | `/apply_noauth.cgi` | High
|
||||
5 | File | `/bin/sh` | Low
|
||||
6 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
7 | File | `/common/sysFile/list` | High
|
||||
8 | File | `/context/%2e/WEB-INF/web.xml` | High
|
||||
9 | File | `/ctcprotocol/Protocol` | High
|
||||
10 | File | `/debug/pprof` | Medium
|
||||
11 | File | `/ebics-server/ebics.aspx` | High
|
||||
12 | File | `/ecshop/admin/template.php` | High
|
||||
13 | File | `/etc/openstack-dashboard/local_settings` | High
|
||||
14 | File | `/forum/away.php` | High
|
||||
15 | File | `/forum/PostPrivateMessage` | High
|
||||
16 | File | `/goform/addressNat` | High
|
||||
17 | File | `/HNAP1/SetClientInfo` | High
|
||||
18 | File | `/home/www/cgi-bin/login.cgi` | High
|
||||
19 | File | `/menu.html` | Medium
|
||||
20 | File | `/net-banking/customer_transactions.php` | High
|
||||
21 | File | `/obs/book.php` | High
|
||||
22 | File | `/orrs/admin/?page=user/manage_user` | High
|
||||
23 | File | `/ossn/administrator/com_installer` | High
|
||||
24 | File | `/pms/update_user.php?user_id=1` | High
|
||||
25 | File | `/resources//../` | High
|
||||
26 | File | `/secure/QueryComponent!Default.jspa` | High
|
||||
27 | File | `/squashfs-root/www/HNAP1/control/SetMasterWLanSettings.php` | High
|
||||
28 | File | `/subtitles.php` | High
|
||||
29 | File | `/sys/dict/queryTableData` | High
|
||||
30 | File | `/user/upload/upload` | High
|
||||
31 | File | `/vendor` | Low
|
||||
32 | File | `/views/directive/sys/SysConfigDataDirective.java` | High
|
||||
33 | File | `accountrecoveryendpoint/recoverpassword.do` | High
|
||||
34 | File | `Acl.asp` | Low
|
||||
35 | File | `adclick.php` | Medium
|
||||
36 | File | `add_contestant.php` | High
|
||||
37 | File | `add_postit.php` | High
|
||||
38 | File | `admin.php` | Medium
|
||||
39 | File | `admin/index.php` | High
|
||||
40 | ... | ... | ...
|
||||
4 | File | `/api/gen/clients/{language}` | High
|
||||
5 | File | `/apply_noauth.cgi` | High
|
||||
6 | File | `/bin/sh` | Low
|
||||
7 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
8 | File | `/common/sysFile/list` | High
|
||||
9 | File | `/config/myfield/test.php` | High
|
||||
10 | File | `/context/%2e/WEB-INF/web.xml` | High
|
||||
11 | File | `/ctcprotocol/Protocol` | High
|
||||
12 | File | `/debug/pprof` | Medium
|
||||
13 | File | `/ebics-server/ebics.aspx` | High
|
||||
14 | File | `/ecshop/admin/template.php` | High
|
||||
15 | File | `/etc/openstack-dashboard/local_settings` | High
|
||||
16 | File | `/file/upload/1` | High
|
||||
17 | File | `/forum/away.php` | High
|
||||
18 | File | `/forum/PostPrivateMessage` | High
|
||||
19 | File | `/goform/addressNat` | High
|
||||
20 | File | `/HNAP1/SetClientInfo` | High
|
||||
21 | File | `/home/www/cgi-bin/login.cgi` | High
|
||||
22 | File | `/js/player/dmplayer/dmku/index.php` | High
|
||||
23 | File | `/menu.html` | Medium
|
||||
24 | File | `/multi-vendor-shopping-script/product-list.php` | High
|
||||
25 | File | `/net-banking/customer_transactions.php` | High
|
||||
26 | File | `/obs/book.php` | High
|
||||
27 | File | `/orrs/admin/?page=user/manage_user` | High
|
||||
28 | File | `/ossn/administrator/com_installer` | High
|
||||
29 | File | `/pms/update_user.php?user_id=1` | High
|
||||
30 | File | `/requests.php` | High
|
||||
31 | File | `/resources//../` | High
|
||||
32 | File | `/secure/QueryComponent!Default.jspa` | High
|
||||
33 | File | `/spip.php` | Medium
|
||||
34 | File | `/squashfs-root/www/HNAP1/control/SetMasterWLanSettings.php` | High
|
||||
35 | File | `/subtitles.php` | High
|
||||
36 | File | `/sys/dict/queryTableData` | High
|
||||
37 | File | `/user/upload/upload` | High
|
||||
38 | ... | ... | ...
|
||||
|
||||
There are 345 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 329 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -56,7 +56,7 @@ ID | Type | Indicator | Confidence
|
|||
10 | File | `/var/log/nginx` | High
|
||||
11 | ... | ... | ...
|
||||
|
||||
There are 84 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 85 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -287,14 +287,14 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-22, CWE-23, CWE-425 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-294, CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-425 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 18 more TTP items available. Please use our online service to access the data.
|
||||
There are 19 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -302,41 +302,45 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/.env` | Low
|
||||
1 | File | `.FBCIndex` | Medium
|
||||
2 | File | `//` | Low
|
||||
3 | File | `/admin/patient.php` | High
|
||||
4 | File | `/api/admin/system/store/order/list` | High
|
||||
5 | File | `/api/blade-log/api/list` | High
|
||||
6 | File | `/api/jmeter/download/files` | High
|
||||
7 | File | `/api/v2/cli/commands` | High
|
||||
8 | File | `/APR/login.php` | High
|
||||
9 | File | `/as/authorization.oauth2` | High
|
||||
10 | File | `/bsms_ci/index.php` | High
|
||||
11 | File | `/bsms_ci/index.php/user/edit_user/` | High
|
||||
12 | File | `/cgi-bin/luci/api/auth` | High
|
||||
13 | File | `/cgi-bin/system_mgr.cgi` | High
|
||||
14 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
15 | File | `/DXR.axd` | Medium
|
||||
16 | File | `/ecshop/admin/template.php` | High
|
||||
3 | File | `/admin` | Low
|
||||
4 | File | `/admin/login.php` | High
|
||||
5 | File | `/admin/patient.php` | High
|
||||
6 | File | `/api/admin/system/store/order/list` | High
|
||||
7 | File | `/api/jmeter/download/files` | High
|
||||
8 | File | `/api/upload` | Medium
|
||||
9 | File | `/APR/login.php` | High
|
||||
10 | File | `/cgi-bin/luci/api/auth` | High
|
||||
11 | File | `/cgi-bin/supervisor/PwdGrp.cgi` | High
|
||||
12 | File | `/cgi-bin/system_mgr.cgi` | High
|
||||
13 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
14 | File | `/churchcrm/EventAttendance.php` | High
|
||||
15 | File | `/config/myfield/test.php` | High
|
||||
16 | File | `/DXR.axd` | Medium
|
||||
17 | File | `/filemanager/php/connector.php` | High
|
||||
18 | File | `/files/import` | High
|
||||
19 | File | `/forum/away.php` | High
|
||||
20 | File | `/forum/PostPrivateMessage` | High
|
||||
20 | File | `/getcfg.php` | Medium
|
||||
21 | File | `/home/www/cgi-bin/login.cgi` | High
|
||||
22 | File | `/hrm/employeeview.php` | High
|
||||
23 | File | `/librarian/bookdetails.php` | High
|
||||
24 | File | `/modules/projects/vw_files.php` | High
|
||||
25 | File | `/Moosikay/order.php` | High
|
||||
26 | File | `/net-banking/customer_transactions.php` | High
|
||||
27 | File | `/out.php` | Medium
|
||||
28 | File | `/reservation/add_message.php` | High
|
||||
29 | File | `/rukovoditel/index.php?module=users/login` | High
|
||||
30 | File | `/tmp/boa-temp` | High
|
||||
31 | File | `/usr/sbin/suexec` | High
|
||||
32 | File | `/wp-admin/admin-ajax.php` | High
|
||||
33 | ... | ... | ...
|
||||
22 | File | `/hrm/controller/employee.php` | High
|
||||
23 | File | `/hrm/employeeadd.php` | High
|
||||
24 | File | `/hrm/employeeview.php` | High
|
||||
25 | File | `/j_security_check` | High
|
||||
26 | File | `/librarian/bookdetails.php` | High
|
||||
27 | File | `/mhds/clinic/view_details.php` | High
|
||||
28 | File | `/modules/projects/vw_files.php` | High
|
||||
29 | File | `/multi-vendor-shopping-script/product-list.php` | High
|
||||
30 | File | `/plain` | Low
|
||||
31 | File | `/public/launchNewWindow.jsp` | High
|
||||
32 | File | `/requests.php` | High
|
||||
33 | File | `/reservation/add_message.php` | High
|
||||
34 | File | `/rukovoditel/index.php?module=users/login` | High
|
||||
35 | File | `/spip.php` | Medium
|
||||
36 | File | `/static/ueditor/php/controller.php` | High
|
||||
37 | ... | ... | ...
|
||||
|
||||
There are 285 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 319 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -76,19 +76,19 @@ ID | Type | Indicator | Confidence
|
|||
14 | File | `/main?cmd=invalid_browser` | High
|
||||
15 | File | `/manager?action=getlogcat` | High
|
||||
16 | File | `/mc` | Low
|
||||
17 | File | `/plugins/Dashboard/Controller.php` | High
|
||||
18 | File | `/public/plugins/` | High
|
||||
19 | File | `/rest/jpo/1.0/hierarchyConfiguration` | High
|
||||
20 | File | `/SASWebReportStudio/logonAndRender.do` | High
|
||||
21 | File | `/scas/admin/` | Medium
|
||||
22 | File | `/static/ueditor/php/controller.php` | High
|
||||
23 | File | `/tlogin.cgi` | Medium
|
||||
24 | File | `/tmp/scfgdndf` | High
|
||||
25 | File | `/uncpath/` | Medium
|
||||
26 | File | `/upload` | Low
|
||||
17 | File | `/opt/zimbra/jetty/webapps/zimbra/public` | High
|
||||
18 | File | `/plugins/Dashboard/Controller.php` | High
|
||||
19 | File | `/public/plugins/` | High
|
||||
20 | File | `/rest/jpo/1.0/hierarchyConfiguration` | High
|
||||
21 | File | `/SASWebReportStudio/logonAndRender.do` | High
|
||||
22 | File | `/scas/admin/` | Medium
|
||||
23 | File | `/static/ueditor/php/controller.php` | High
|
||||
24 | File | `/tlogin.cgi` | Medium
|
||||
25 | File | `/tmp/scfgdndf` | High
|
||||
26 | File | `/uncpath/` | Medium
|
||||
27 | ... | ... | ...
|
||||
|
||||
There are 223 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 224 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [VN](https://vuldb.com/?country.vn)
|
||||
* ...
|
||||
|
||||
There are 14 more country items available. Please use our online service to access the data.
|
||||
There are 15 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -91,13 +91,13 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-28 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-294 | Authentication Bypass by Capture-replay | High
|
||||
2 | T1040 | CWE-294, CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 19 more TTP items available. Please use our online service to access the data.
|
||||
There are 20 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -115,51 +115,53 @@ ID | Type | Indicator | Confidence
|
|||
8 | File | `/admin/upload/upload` | High
|
||||
9 | File | `/adms/admin/?page=vehicles/view_transaction` | High
|
||||
10 | File | `/alphaware/summary.php` | High
|
||||
11 | File | `/boat/login.php` | High
|
||||
12 | File | `/bsms_ci/index.php/book` | High
|
||||
13 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
14 | File | `/config/getuser` | High
|
||||
15 | File | `/debug/pprof` | Medium
|
||||
16 | File | `/ecshop/admin/template.php` | High
|
||||
17 | File | `/forum/away.php` | High
|
||||
18 | File | `/forum/PostPrivateMessage` | High
|
||||
19 | File | `/home/www/cgi-bin/login.cgi` | High
|
||||
20 | File | `/medicines/profile.php` | High
|
||||
21 | File | `/net-banking/customer_transactions.php` | High
|
||||
22 | File | `/obs/book.php` | High
|
||||
23 | File | `/ossn/administrator/com_installer` | High
|
||||
24 | File | `/param.file.tgz` | High
|
||||
25 | File | `/pms/update_user.php?user_id=1` | High
|
||||
26 | File | `/public_html/users.php` | High
|
||||
27 | File | `/reservation/add_message.php` | High
|
||||
28 | File | `/spip.php` | Medium
|
||||
29 | File | `/sre/params.php` | High
|
||||
30 | File | `/tmp` | Low
|
||||
31 | File | `/user/s.php` | Medium
|
||||
32 | File | `/user/upload/upload` | High
|
||||
33 | File | `/Users` | Low
|
||||
34 | File | `/var/spool/hylafax` | High
|
||||
35 | File | `/vendor` | Low
|
||||
36 | File | `/vendor/htmlawed/htmlawed/htmLawedTest.php` | High
|
||||
37 | File | `/video-sharing-script/watch-video.php` | High
|
||||
38 | File | `/wireless/guestnetwork.asp` | High
|
||||
39 | File | `accountrecoveryendpoint/recoverpassword.do` | High
|
||||
40 | File | `AcquisiAction.class.php` | High
|
||||
41 | File | `adclick.php` | Medium
|
||||
42 | File | `add-locker-form.php` | High
|
||||
43 | File | `add_contestant.php` | High
|
||||
44 | File | `admin.php` | Medium
|
||||
45 | File | `admin/add_payment.php` | High
|
||||
46 | File | `admin/booking_report.php` | High
|
||||
47 | File | `admin/conf_users_edit.php` | High
|
||||
48 | File | `admin/disapprove_user.php` | High
|
||||
49 | File | `admin/expense_report.php` | High
|
||||
50 | File | `admin/fecalysis_form.php` | High
|
||||
51 | File | `admin/forget_password.php` | High
|
||||
52 | File | `admin/index.php` | High
|
||||
53 | ... | ... | ...
|
||||
11 | File | `/api/` | Low
|
||||
12 | File | `/api/admin/store/product/list` | High
|
||||
13 | File | `/boat/login.php` | High
|
||||
14 | File | `/bsms_ci/index.php/book` | High
|
||||
15 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
16 | File | `/config/getuser` | High
|
||||
17 | File | `/config/myfield/test.php` | High
|
||||
18 | File | `/debug/pprof` | Medium
|
||||
19 | File | `/ecshop/admin/template.php` | High
|
||||
20 | File | `/forum/away.php` | High
|
||||
21 | File | `/forum/PostPrivateMessage` | High
|
||||
22 | File | `/home/www/cgi-bin/login.cgi` | High
|
||||
23 | File | `/loginsave.php` | High
|
||||
24 | File | `/medicines/profile.php` | High
|
||||
25 | File | `/multi-vendor-shopping-script/product-list.php` | High
|
||||
26 | File | `/net-banking/customer_transactions.php` | High
|
||||
27 | File | `/obs/book.php` | High
|
||||
28 | File | `/ossn/administrator/com_installer` | High
|
||||
29 | File | `/param.file.tgz` | High
|
||||
30 | File | `/pms/update_user.php?user_id=1` | High
|
||||
31 | File | `/public_html/users.php` | High
|
||||
32 | File | `/reservation/add_message.php` | High
|
||||
33 | File | `/spip.php` | Medium
|
||||
34 | File | `/sre/params.php` | High
|
||||
35 | File | `/tmp` | Low
|
||||
36 | File | `/user/s.php` | Medium
|
||||
37 | File | `/user/upload/upload` | High
|
||||
38 | File | `/Users` | Low
|
||||
39 | File | `/var/spool/hylafax` | High
|
||||
40 | File | `/vendor` | Low
|
||||
41 | File | `/vendor/htmlawed/htmlawed/htmLawedTest.php` | High
|
||||
42 | File | `/video-sharing-script/watch-video.php` | High
|
||||
43 | File | `/wireless/guestnetwork.asp` | High
|
||||
44 | File | `/wireless/security.asp` | High
|
||||
45 | File | `accountrecoveryendpoint/recoverpassword.do` | High
|
||||
46 | File | `AcquisiAction.class.php` | High
|
||||
47 | File | `adclick.php` | Medium
|
||||
48 | File | `add-locker-form.php` | High
|
||||
49 | File | `add_contestant.php` | High
|
||||
50 | File | `admin.php` | Medium
|
||||
51 | File | `admin/add_payment.php` | High
|
||||
52 | File | `admin/booking_report.php` | High
|
||||
53 | File | `admin/conf_users_edit.php` | High
|
||||
54 | File | `admin/disapprove_user.php` | High
|
||||
55 | ... | ... | ...
|
||||
|
||||
There are 461 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 475 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -41,7 +41,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
4 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
5 | ... | ... | ... | ...
|
||||
|
||||
There are 14 more TTP items available. Please use our online service to access the data.
|
||||
There are 15 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
|
|
@ -92,8 +92,7 @@ ID | Type | Indicator | Confidence
|
|||
46 | File | `/tmp` | Low
|
||||
47 | File | `/uncpath/` | Medium
|
||||
48 | File | `/vloggers_merch/?p=view_product` | High
|
||||
49 | File | `/webconsole/APIController` | High
|
||||
50 | ... | ... | ...
|
||||
49 | ... | ... | ...
|
||||
|
||||
There are 430 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
|
|
|
@ -50,18 +50,18 @@ ID | Type | Indicator | Confidence
|
|||
-- | ---- | --------- | ----------
|
||||
1 | File | `.htaccess` | Medium
|
||||
2 | File | `.kdbgrc` | Low
|
||||
3 | File | `/admin/index.php` | High
|
||||
4 | File | `/api /v3/auth` | High
|
||||
5 | File | `/app/Http/Controllers/Admin/NEditorController.php` | High
|
||||
6 | File | `/auth` | Low
|
||||
7 | File | `/balance/service/list` | High
|
||||
8 | File | `/config/getuser` | High
|
||||
9 | File | `/secure/admin/InsightDefaultCustomFieldConfig.jspa` | High
|
||||
10 | File | `/SiteServer/Ajax/ajaxOtherService.aspx` | High
|
||||
11 | File | `/uncpath/` | Medium
|
||||
3 | File | `/admin/assign/assign.php` | High
|
||||
4 | File | `/admin/index.php` | High
|
||||
5 | File | `/api /v3/auth` | High
|
||||
6 | File | `/app/Http/Controllers/Admin/NEditorController.php` | High
|
||||
7 | File | `/auth` | Low
|
||||
8 | File | `/balance/service/list` | High
|
||||
9 | File | `/config/getuser` | High
|
||||
10 | File | `/secure/admin/InsightDefaultCustomFieldConfig.jspa` | High
|
||||
11 | File | `/SiteServer/Ajax/ajaxOtherService.aspx` | High
|
||||
12 | ... | ... | ...
|
||||
|
||||
There are 95 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 97 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [RU](https://vuldb.com/?country.ru)
|
||||
* ...
|
||||
|
||||
There are 14 more country items available. Please use our online service to access the data.
|
||||
There are 15 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -88,9 +88,10 @@ ID | Type | Indicator | Confidence
|
|||
29 | File | `/uncpath/` | Medium
|
||||
30 | File | `/usr/www/ja/mnt_cmd.cgi` | High
|
||||
31 | File | `/videotalk` | Medium
|
||||
32 | ... | ... | ...
|
||||
32 | File | `/view-property.php` | High
|
||||
33 | ... | ... | ...
|
||||
|
||||
There are 273 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 277 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -9,8 +9,8 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
|
|||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Maze:
|
||||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [PL](https://vuldb.com/?country.pl)
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
* [PL](https://vuldb.com/?country.pl)
|
||||
* ...
|
||||
|
||||
There are 8 more country items available. Please use our online service to access the data.
|
||||
|
|
|
@ -21,7 +21,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [US](https://vuldb.com/?country.us)
|
||||
* ...
|
||||
|
||||
There are 7 more country items available. Please use our online service to access the data.
|
||||
There are 6 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -216,10 +216,10 @@ ID | Technique | Weakness | Description | Confidence
|
|||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-425 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-294, CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
4 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
|
||||
5 | ... | ... | ... | ...
|
||||
|
||||
There are 16 more TTP items available. Please use our online service to access the data.
|
||||
There are 18 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -227,45 +227,50 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/.env` | Low
|
||||
2 | File | `//` | Low
|
||||
3 | File | `/admin.php/accessory/filesdel.html` | High
|
||||
4 | File | `/admin/?page=user/manage` | High
|
||||
5 | File | `/admin/add-new.php` | High
|
||||
6 | File | `/admin/doctors.php` | High
|
||||
7 | File | `/admin/patient.php` | High
|
||||
8 | File | `/alphaware/summary.php` | High
|
||||
9 | File | `/api/jmeter/download/files` | High
|
||||
10 | File | `/api/upload` | Medium
|
||||
11 | File | `/apply.cgi` | Medium
|
||||
12 | File | `/APR/login.php` | High
|
||||
13 | File | `/as/authorization.oauth2` | High
|
||||
14 | File | `/boat/login.php` | High
|
||||
15 | File | `/cgi-bin/luci/api/auth` | High
|
||||
16 | File | `/cgi-bin/supervisor/PwdGrp.cgi` | High
|
||||
17 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
18 | File | `/context/%2e/WEB-INF/web.xml` | High
|
||||
19 | File | `/debug/pprof` | Medium
|
||||
20 | File | `/DXR.axd` | Medium
|
||||
21 | File | `/ebics-server/ebics.aspx` | High
|
||||
22 | File | `/etc/openstack-dashboard/local_settings` | High
|
||||
23 | File | `/filemanager/php/connector.php` | High
|
||||
24 | File | `/files/import` | High
|
||||
25 | File | `/forum/away.php` | High
|
||||
26 | File | `/goform/addressNat` | High
|
||||
27 | File | `/goform/PowerSaveSet` | High
|
||||
28 | File | `/HNAP1/SetClientInfo` | High
|
||||
29 | File | `/librarian/bookdetails.php` | High
|
||||
30 | File | `/modules/projects/vw_files.php` | High
|
||||
31 | File | `/Moosikay/order.php` | High
|
||||
32 | File | `/out.php` | Medium
|
||||
33 | File | `/reservation/add_message.php` | High
|
||||
34 | File | `/rukovoditel/index.php?module=users/login` | High
|
||||
35 | File | `/secure/QueryComponent!Default.jspa` | High
|
||||
36 | File | `/tmp/boa-temp` | High
|
||||
37 | ... | ... | ...
|
||||
1 | File | `.FBCIndex` | Medium
|
||||
2 | File | `/.env` | Low
|
||||
3 | File | `//` | Low
|
||||
4 | File | `/admin` | Low
|
||||
5 | File | `/admin.php/accessory/filesdel.html` | High
|
||||
6 | File | `/admin/?page=user/manage` | High
|
||||
7 | File | `/admin/add-new.php` | High
|
||||
8 | File | `/admin/doctors.php` | High
|
||||
9 | File | `/admin/login.php` | High
|
||||
10 | File | `/admin/patient.php` | High
|
||||
11 | File | `/alphaware/summary.php` | High
|
||||
12 | File | `/api/` | Low
|
||||
13 | File | `/api/admin/store/product/list` | High
|
||||
14 | File | `/api/admin/system/store/order/list` | High
|
||||
15 | File | `/api/gen/clients/{language}` | High
|
||||
16 | File | `/api/jmeter/download/files` | High
|
||||
17 | File | `/api/upload` | Medium
|
||||
18 | File | `/apply.cgi` | Medium
|
||||
19 | File | `/APR/login.php` | High
|
||||
20 | File | `/as/authorization.oauth2` | High
|
||||
21 | File | `/boat/login.php` | High
|
||||
22 | File | `/cgi-bin/luci/api/auth` | High
|
||||
23 | File | `/cgi-bin/supervisor/PwdGrp.cgi` | High
|
||||
24 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
25 | File | `/churchcrm/EventAttendance.php` | High
|
||||
26 | File | `/common/sysFile/list` | High
|
||||
27 | File | `/debug/pprof` | Medium
|
||||
28 | File | `/DXR.axd` | Medium
|
||||
29 | File | `/etc/openstack-dashboard/local_settings` | High
|
||||
30 | File | `/filemanager/php/connector.php` | High
|
||||
31 | File | `/files/import` | High
|
||||
32 | File | `/forum/away.php` | High
|
||||
33 | File | `/goform/addressNat` | High
|
||||
34 | File | `/goform/PowerSaveSet` | High
|
||||
35 | File | `/HNAP1/SetClientInfo` | High
|
||||
36 | File | `/js/player/dmplayer/dmku/index.php` | High
|
||||
37 | File | `/j_security_check` | High
|
||||
38 | File | `/librarian/bookdetails.php` | High
|
||||
39 | File | `/mhds/clinic/view_details.php` | High
|
||||
40 | File | `/modules/projects/vw_files.php` | High
|
||||
41 | File | `/plain` | Low
|
||||
42 | ... | ... | ...
|
||||
|
||||
There are 321 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 364 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -115,34 +115,34 @@ ID | Type | Indicator | Confidence
|
|||
26 | File | `/backup.pl` | Medium
|
||||
27 | File | `/cgi-bin/webviewer_login_page` | High
|
||||
28 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
29 | File | `/cgi-mod/lookup.cgi` | High
|
||||
30 | File | `/dashboard/updatelogo.php` | High
|
||||
31 | File | `/designer/add/layout` | High
|
||||
32 | File | `/edoc/doctor/patient.php` | High
|
||||
33 | File | `/etc/ldap.conf` | High
|
||||
34 | File | `/etc/shadow` | Medium
|
||||
35 | File | `/filemanager/upload/drop` | High
|
||||
36 | File | `/goform/addUserName` | High
|
||||
37 | File | `/goform/delAd` | High
|
||||
38 | File | `/goform/wifiSSIDset` | High
|
||||
39 | File | `/gpac/src/bifs/unquantize.c` | High
|
||||
40 | File | `/h/calendar` | Medium
|
||||
41 | File | `/h/compose` | Medium
|
||||
42 | File | `/h/search?action=voicemail&action=listen` | High
|
||||
43 | File | `/index.asp` | Medium
|
||||
44 | File | `/index.php` | Medium
|
||||
45 | File | `/jfinal_cms/system/role/list` | High
|
||||
46 | File | `/librarian/bookdetails.php` | High
|
||||
47 | File | `/loginVaLidation.php` | High
|
||||
48 | File | `/manage-apartment.php` | High
|
||||
49 | File | `/manager/index.php` | High
|
||||
50 | File | `/mkshop/Men/profile.php` | High
|
||||
51 | File | `/Moosikay/order.php` | High
|
||||
52 | File | `/Noxen-master/users.php` | High
|
||||
53 | File | `/opac/Actions.php?a=login` | High
|
||||
29 | File | `/dashboard/updatelogo.php` | High
|
||||
30 | File | `/designer/add/layout` | High
|
||||
31 | File | `/edoc/doctor/patient.php` | High
|
||||
32 | File | `/etc/ldap.conf` | High
|
||||
33 | File | `/etc/shadow` | Medium
|
||||
34 | File | `/filemanager/upload/drop` | High
|
||||
35 | File | `/goform/addUserName` | High
|
||||
36 | File | `/goform/delAd` | High
|
||||
37 | File | `/goform/wifiSSIDset` | High
|
||||
38 | File | `/gpac/src/bifs/unquantize.c` | High
|
||||
39 | File | `/h/calendar` | Medium
|
||||
40 | File | `/h/compose` | Medium
|
||||
41 | File | `/h/search?action=voicemail&action=listen` | High
|
||||
42 | File | `/index.asp` | Medium
|
||||
43 | File | `/index.php` | Medium
|
||||
44 | File | `/jfinal_cms/system/role/list` | High
|
||||
45 | File | `/librarian/bookdetails.php` | High
|
||||
46 | File | `/loginVaLidation.php` | High
|
||||
47 | File | `/manage-apartment.php` | High
|
||||
48 | File | `/manager/index.php` | High
|
||||
49 | File | `/mkshop/Men/profile.php` | High
|
||||
50 | File | `/Moosikay/order.php` | High
|
||||
51 | File | `/Noxen-master/users.php` | High
|
||||
52 | File | `/opac/Actions.php?a=login` | High
|
||||
53 | File | `/pages/animals.php` | High
|
||||
54 | ... | ... | ...
|
||||
|
||||
There are 470 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 467 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [IR](https://vuldb.com/?country.ir)
|
||||
* ...
|
||||
|
||||
There are 2 more country items available. Please use our online service to access the data.
|
||||
There are 3 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -71,7 +71,7 @@ ID | Type | Indicator | Confidence
|
|||
20 | File | `/rest/api/2/search` | High
|
||||
21 | ... | ... | ...
|
||||
|
||||
There are 173 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 176 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -52,7 +52,7 @@ ID | Type | Indicator | Confidence
|
|||
3 | File | `data/gbconfiguration.dat` | High
|
||||
4 | ... | ... | ...
|
||||
|
||||
There are 6 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 7 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -16,10 +16,10 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [SC](https://vuldb.com/?country.sc)
|
||||
* [GB](https://vuldb.com/?country.gb)
|
||||
* [RU](https://vuldb.com/?country.ru)
|
||||
* ...
|
||||
|
||||
There are 2 more country items available. Please use our online service to access the data.
|
||||
There are 4 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -53,7 +53,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
5 | T1059.007 | CWE-79 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 22 more TTP items available. Please use our online service to access the data.
|
||||
There are 21 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -62,37 +62,37 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `%PROGRAMDATA%\Razer\Synapse3\Service\bin` | High
|
||||
2 | File | `/admin.php/accessory/filesdel.html` | High
|
||||
3 | File | `/admin/index3.php` | High
|
||||
4 | File | `/admin_area/login_transfer.php` | High
|
||||
5 | File | `/adms/admin/?page=user/manage_user` | High
|
||||
6 | File | `/adms/admin/?page=vehicles/view_transaction` | High
|
||||
7 | File | `/ajax/update_certificate` | High
|
||||
8 | File | `/alphaware/details.php` | High
|
||||
9 | File | `/apply.cgi` | Medium
|
||||
10 | File | `/bsms_ci/index.php/book` | High
|
||||
11 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
12 | File | `/etc/shadow` | Medium
|
||||
13 | File | `/forum/away.php` | High
|
||||
14 | File | `/forums.php?action=post` | High
|
||||
15 | File | `/fudforum/adm/hlplist.php` | High
|
||||
16 | File | `/goform/formDefault` | High
|
||||
17 | File | `/goform/formSysCmd` | High
|
||||
18 | File | `/goform/fromSetWirelessRepeat` | High
|
||||
19 | File | `/index.php` | Medium
|
||||
20 | File | `/inxedu/demo_inxedu_open/src/main/resources/mybatis/inxedu/website/WebsiteImagesMapper.xml` | High
|
||||
21 | File | `/login/index.php` | High
|
||||
22 | File | `/Moosikay/order.php` | High
|
||||
23 | File | `/philosophy/admin/user/controller.php?action=add` | High
|
||||
24 | File | `/php-opos/signup.php` | High
|
||||
25 | File | `/SetNetworkSettings/SubnetMask` | High
|
||||
26 | File | `/setNTP.cgi` | Medium
|
||||
27 | File | `/textpattern/index.php` | High
|
||||
28 | File | `/tpts/manage_user.php` | High
|
||||
29 | File | `/u/username.json` | High
|
||||
2 | File | `/admin` | Low
|
||||
3 | File | `/admin.php/accessory/filesdel.html` | High
|
||||
4 | File | `/admin/index3.php` | High
|
||||
5 | File | `/admin_area/login_transfer.php` | High
|
||||
6 | File | `/adms/admin/?page=user/manage_user` | High
|
||||
7 | File | `/adms/admin/?page=vehicles/view_transaction` | High
|
||||
8 | File | `/ajax/update_certificate` | High
|
||||
9 | File | `/alphaware/details.php` | High
|
||||
10 | File | `/apply.cgi` | Medium
|
||||
11 | File | `/bsms_ci/index.php/book` | High
|
||||
12 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
13 | File | `/etc/shadow` | Medium
|
||||
14 | File | `/forum/away.php` | High
|
||||
15 | File | `/forums.php?action=post` | High
|
||||
16 | File | `/fudforum/adm/hlplist.php` | High
|
||||
17 | File | `/goform/formDefault` | High
|
||||
18 | File | `/goform/formSysCmd` | High
|
||||
19 | File | `/goform/fromSetWirelessRepeat` | High
|
||||
20 | File | `/index.php` | Medium
|
||||
21 | File | `/inxedu/demo_inxedu_open/src/main/resources/mybatis/inxedu/website/WebsiteImagesMapper.xml` | High
|
||||
22 | File | `/login/index.php` | High
|
||||
23 | File | `/Moosikay/order.php` | High
|
||||
24 | File | `/philosophy/admin/user/controller.php?action=add` | High
|
||||
25 | File | `/php-opos/signup.php` | High
|
||||
26 | File | `/SetNetworkSettings/SubnetMask` | High
|
||||
27 | File | `/setNTP.cgi` | Medium
|
||||
28 | File | `/textpattern/index.php` | High
|
||||
29 | File | `/tpts/manage_user.php` | High
|
||||
30 | ... | ... | ...
|
||||
|
||||
There are 255 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 259 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [RU](https://vuldb.com/?country.ru)
|
||||
* ...
|
||||
|
||||
There are 8 more country items available. Please use our online service to access the data.
|
||||
There are 9 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -60,20 +60,20 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/admin/edit.php` | High
|
||||
2 | File | `/debug/pprof` | Medium
|
||||
3 | File | `/sqfs/bin/sccd` | High
|
||||
4 | File | `/var/WEB-GUI/cgi-bin/downloadfile.cgi` | High
|
||||
5 | File | `/wp-content/plugins/updraftplus/admin.php` | High
|
||||
6 | File | `admin.php` | Medium
|
||||
7 | File | `admin/google_search_console/class-gsc-table.php` | High
|
||||
8 | File | `ajax.php` | Medium
|
||||
9 | File | `akocomments.php` | High
|
||||
10 | File | `auth.inc.php` | Medium
|
||||
11 | File | `bgpd/bgp_aspath.c` | High
|
||||
12 | File | `browser.php` | Medium
|
||||
2 | File | `/api/index.php` | High
|
||||
3 | File | `/debug/pprof` | Medium
|
||||
4 | File | `/sqfs/bin/sccd` | High
|
||||
5 | File | `/var/WEB-GUI/cgi-bin/downloadfile.cgi` | High
|
||||
6 | File | `/wp-content/plugins/updraftplus/admin.php` | High
|
||||
7 | File | `admin.php` | Medium
|
||||
8 | File | `admin/google_search_console/class-gsc-table.php` | High
|
||||
9 | File | `ajax.php` | Medium
|
||||
10 | File | `akocomments.php` | High
|
||||
11 | File | `auth.inc.php` | Medium
|
||||
12 | File | `bgpd/bgp_aspath.c` | High
|
||||
13 | ... | ... | ...
|
||||
|
||||
There are 98 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 104 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -19,7 +19,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [GB](https://vuldb.com/?country.gb)
|
||||
* ...
|
||||
|
||||
There are 14 more country items available. Please use our online service to access the data.
|
||||
There are 13 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -135,9 +135,10 @@ ID | Technique | Weakness | Description | Confidence
|
|||
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
5 | ... | ... | ... | ...
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 18 more TTP items available. Please use our online service to access the data.
|
||||
There are 19 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -145,33 +146,37 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `%ProgramData%\GOG.com` | High
|
||||
2 | File | `/.dbus-keyrings` | High
|
||||
3 | File | `/bin/boa` | Medium
|
||||
4 | File | `/bitrix/admin/ldap_server_edit.php` | High
|
||||
5 | File | `/blog/blog.php` | High
|
||||
6 | File | `/carbon/ndatasource/validateconnection/ajaxprocessor.jsp` | High
|
||||
7 | File | `/cgi-bin/wapopen` | High
|
||||
8 | File | `/cimom` | Low
|
||||
9 | File | `/data/wps.setup.json` | High
|
||||
10 | File | `/forum/away.php` | High
|
||||
11 | File | `/hrm/employeeview.php` | High
|
||||
12 | File | `/login/index.php` | High
|
||||
13 | File | `/officescan/console/html/cgi/fcgiOfcDDA.exe` | High
|
||||
14 | File | `/opt/Citrix/ICAClient/util/ctxwebhelper` | High
|
||||
15 | File | `/out.php` | Medium
|
||||
16 | File | `/rendering/wiki` | High
|
||||
17 | File | `/secure/QueryComponent!Default.jspa` | High
|
||||
18 | File | `/src/amf/amf-context.c` | High
|
||||
19 | File | `/storage/poc.svg` | High
|
||||
20 | File | `/system/sshkeys.js` | High
|
||||
21 | File | `/tmp/net-$DEVICE.conf` | High
|
||||
22 | File | `/usr/bin/pkexec` | High
|
||||
23 | File | `/vendor/htmlawed/htmlawed/htmLawedTest.php` | High
|
||||
24 | File | `/wp-admin/admin-ajax.php` | High
|
||||
25 | ... | ... | ...
|
||||
1 | File | `/.dbus-keyrings` | High
|
||||
2 | File | `/admin/delete_user.php` | High
|
||||
3 | File | `/bitrix/admin/ldap_server_edit.php` | High
|
||||
4 | File | `/blog/blog.php` | High
|
||||
5 | File | `/cimom` | Low
|
||||
6 | File | `/data/wps.setup.json` | High
|
||||
7 | File | `/etc/sudoers` | Medium
|
||||
8 | File | `/forum/away.php` | High
|
||||
9 | File | `/librarian/bookdetails.php` | High
|
||||
10 | File | `/login/index.php` | High
|
||||
11 | File | `/officescan/console/html/cgi/fcgiOfcDDA.exe` | High
|
||||
12 | File | `/opt/Citrix/ICAClient/util/ctxwebhelper` | High
|
||||
13 | File | `/out.php` | Medium
|
||||
14 | File | `/rom-0` | Low
|
||||
15 | File | `/secure/QueryComponent!Default.jspa` | High
|
||||
16 | File | `/storage/poc.svg` | High
|
||||
17 | File | `/tmp/net-$DEVICE.conf` | High
|
||||
18 | File | `/usr/bin/at` | Medium
|
||||
19 | File | `/vendor/htmlawed/htmlawed/htmLawedTest.php` | High
|
||||
20 | File | `/wabt/bin/poc.wasm` | High
|
||||
21 | File | `/wp-admin/admin-ajax.php` | High
|
||||
22 | File | `/wp-admin/options.php` | High
|
||||
23 | File | `/wp-json/oembed/1.0/embed?url` | High
|
||||
24 | File | `a2billing/customer/iridium_threed.php` | High
|
||||
25 | File | `Access.app/Contents/Resources/kcproxy` | High
|
||||
26 | File | `access_token.php` | High
|
||||
27 | File | `actionpack/lib/action_dispatch/middleware/templates/routes/_table.html.erb` | High
|
||||
28 | File | `adclick.php` | Medium
|
||||
29 | ... | ... | ...
|
||||
|
||||
There are 214 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 243 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -17,7 +17,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [ES](https://vuldb.com/?country.es)
|
||||
* [LA](https://vuldb.com/?country.la)
|
||||
* ...
|
||||
|
||||
There are 15 more country items available. Please use our online service to access the data.
|
||||
|
@ -47,7 +47,7 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-28 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-294 | Authentication Bypass by Capture-replay | High
|
||||
2 | T1040 | CWE-294, CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
|
@ -69,39 +69,43 @@ ID | Type | Indicator | Confidence
|
|||
6 | File | `/admin/submit-articles` | High
|
||||
7 | File | `/ad_js.php` | Medium
|
||||
8 | File | `/alphaware/summary.php` | High
|
||||
9 | File | `/api/v2/cli/commands` | High
|
||||
10 | File | `/app/options.py` | High
|
||||
11 | File | `/attachments` | Medium
|
||||
12 | File | `/boat/login.php` | High
|
||||
13 | File | `/bsms_ci/index.php/book` | High
|
||||
14 | File | `/cgi-bin/luci/api/wireless` | High
|
||||
15 | File | `/context/%2e/WEB-INF/web.xml` | High
|
||||
16 | File | `/dashboard/reports/logs/view` | High
|
||||
17 | File | `/dcim/sites/add/` | High
|
||||
18 | File | `/debian/patches/load_ppp_generic_if_needed` | High
|
||||
19 | File | `/debug/pprof` | Medium
|
||||
20 | File | `/etc/hosts` | Medium
|
||||
21 | File | `/forum/away.php` | High
|
||||
22 | File | `/goform/delAd` | High
|
||||
23 | File | `/goform/setmac` | High
|
||||
24 | File | `/goform/wizard_end` | High
|
||||
25 | File | `/manage-apartment.php` | High
|
||||
26 | File | `/medicines/profile.php` | High
|
||||
27 | File | `/modules/caddyhttp/rewrite/rewrite.go` | High
|
||||
28 | File | `/out.php` | Medium
|
||||
29 | File | `/pages/apply_vacancy.php` | High
|
||||
30 | File | `/pet_shop/admin/?page=maintenance/manage_category` | High
|
||||
31 | File | `/print.php` | Medium
|
||||
32 | File | `/proc/<PID>/mem` | High
|
||||
33 | File | `/proxy` | Low
|
||||
34 | File | `/reservation/add_message.php` | High
|
||||
35 | File | `/secure/admin/InsightDefaultCustomFieldConfig.jspa` | High
|
||||
36 | File | `/spip.php` | Medium
|
||||
37 | File | `/tmp` | Low
|
||||
38 | File | `/uncpath/` | Medium
|
||||
39 | ... | ... | ...
|
||||
9 | File | `/api/` | Low
|
||||
10 | File | `/api/admin/store/product/list` | High
|
||||
11 | File | `/api/v2/cli/commands` | High
|
||||
12 | File | `/attachments` | Medium
|
||||
13 | File | `/boat/login.php` | High
|
||||
14 | File | `/bsms_ci/index.php/book` | High
|
||||
15 | File | `/cgi-bin/luci/api/wireless` | High
|
||||
16 | File | `/context/%2e/WEB-INF/web.xml` | High
|
||||
17 | File | `/dashboard/reports/logs/view` | High
|
||||
18 | File | `/dcim/sites/add/` | High
|
||||
19 | File | `/debian/patches/load_ppp_generic_if_needed` | High
|
||||
20 | File | `/debug/pprof` | Medium
|
||||
21 | File | `/enginemanager/server/user/delete.htm` | High
|
||||
22 | File | `/etc/hosts` | Medium
|
||||
23 | File | `/forum/away.php` | High
|
||||
24 | File | `/goform/delAd` | High
|
||||
25 | File | `/goform/setmac` | High
|
||||
26 | File | `/goform/wizard_end` | High
|
||||
27 | File | `/manage-apartment.php` | High
|
||||
28 | File | `/medicines/profile.php` | High
|
||||
29 | File | `/modules/caddyhttp/rewrite/rewrite.go` | High
|
||||
30 | File | `/out.php` | Medium
|
||||
31 | File | `/owa/auth/logon.aspx` | High
|
||||
32 | File | `/pages/apply_vacancy.php` | High
|
||||
33 | File | `/pet_shop/admin/?page=maintenance/manage_category` | High
|
||||
34 | File | `/print.php` | Medium
|
||||
35 | File | `/probe?target` | High
|
||||
36 | File | `/proc/<PID>/mem` | High
|
||||
37 | File | `/proxy` | Low
|
||||
38 | File | `/reservation/add_message.php` | High
|
||||
39 | File | `/secure/admin/InsightDefaultCustomFieldConfig.jspa` | High
|
||||
40 | File | `/spip.php` | Medium
|
||||
41 | File | `/tmp` | Low
|
||||
42 | File | `/uncpath/` | Medium
|
||||
43 | ... | ... | ...
|
||||
|
||||
There are 336 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 368 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [RU](https://vuldb.com/?country.ru)
|
||||
* ...
|
||||
|
||||
There are 14 more country items available. Please use our online service to access the data.
|
||||
There are 12 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -65,14 +65,14 @@ ID | Type | Indicator | Confidence
|
|||
-- | ---- | --------- | ----------
|
||||
1 | File | `/admin/?page=system_info/contact_info` | High
|
||||
2 | File | `/api/RecordingList/DownloadRecord?file=` | High
|
||||
3 | File | `/backups/` | Medium
|
||||
4 | File | `/blogengine/api/posts` | High
|
||||
5 | File | `/cgi-bin/wapopen` | High
|
||||
6 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
7 | File | `/client.php` | Medium
|
||||
8 | File | `/config/getuser` | High
|
||||
9 | File | `/controller/OnlinePreviewController.java` | High
|
||||
10 | File | `/controllers/MgrDiagnosticTools.php` | High
|
||||
3 | File | `/apply.cgi` | Medium
|
||||
4 | File | `/backups/` | Medium
|
||||
5 | File | `/blogengine/api/posts` | High
|
||||
6 | File | `/cgi-bin/wapopen` | High
|
||||
7 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
8 | File | `/client.php` | Medium
|
||||
9 | File | `/config/getuser` | High
|
||||
10 | File | `/controller/OnlinePreviewController.java` | High
|
||||
11 | File | `/dashboard/reports/logs/view` | High
|
||||
12 | File | `/dashboard/system/express/entities/forms/save_control/[GUID]` | High
|
||||
13 | File | `/EXCU_SHELL` | Medium
|
||||
|
@ -90,25 +90,23 @@ ID | Type | Indicator | Confidence
|
|||
25 | File | `/ms/file/uploadTemplate.do` | High
|
||||
26 | File | `/novel-admin/src/main/java/com/java2nb/common/controller/FileController.java` | High
|
||||
27 | File | `/ofrs/admin/?page=requests/view_request` | High
|
||||
28 | File | `/opt/IBM/es/lib/libffq.cryptionjni.so` | High
|
||||
29 | File | `/pages/processlogin.php` | High
|
||||
30 | File | `/pet_shop/classes/Master.php?f=delete_sub_category` | High
|
||||
31 | File | `/php/ajax.php` | High
|
||||
32 | File | `/ptipupgrade.cgi` | High
|
||||
33 | File | `/public/login.htm` | High
|
||||
34 | File | `/release-x64/otfccdump+0x6b6a8f` | High
|
||||
35 | File | `/see_more_details.php` | High
|
||||
36 | File | `/service/v1/createUser` | High
|
||||
37 | File | `/setSystemAdmin` | High
|
||||
38 | File | `/Storage/Emulated/0/Telegram/Telegram` | High
|
||||
39 | File | `/student/bookdetails.php` | High
|
||||
40 | File | `/sys/user/queryUserComponentData` | High
|
||||
41 | File | `/table_manager/view/cu_user_groups` | High
|
||||
42 | File | `/templates/header.inc.php` | High
|
||||
43 | File | `/thruk/#cgi-bin/extinfo.cgi?type=2` | High
|
||||
44 | ... | ... | ...
|
||||
28 | File | `/pages/processlogin.php` | High
|
||||
29 | File | `/pet_shop/classes/Master.php?f=delete_sub_category` | High
|
||||
30 | File | `/php/ajax.php` | High
|
||||
31 | File | `/ptipupgrade.cgi` | High
|
||||
32 | File | `/public/login.htm` | High
|
||||
33 | File | `/release-x64/otfccdump+0x6b6a8f` | High
|
||||
34 | File | `/service/v1/createUser` | High
|
||||
35 | File | `/setSystemAdmin` | High
|
||||
36 | File | `/Storage/Emulated/0/Telegram/Telegram` | High
|
||||
37 | File | `/student/bookdetails.php` | High
|
||||
38 | File | `/sys/user/queryUserComponentData` | High
|
||||
39 | File | `/table_manager/view/cu_user_groups` | High
|
||||
40 | File | `/templates/header.inc.php` | High
|
||||
41 | File | `/thruk/#cgi-bin/extinfo.cgi?type=2` | High
|
||||
42 | ... | ... | ...
|
||||
|
||||
There are 381 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 361 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -70,32 +70,32 @@ ID | Type | Indicator | Confidence
|
|||
1 | File | `.htaccess` | Medium
|
||||
2 | File | `.pref.xml` | Medium
|
||||
3 | File | `/admin/admin_login.php` | High
|
||||
4 | File | `/admin/profile/save_profile` | High
|
||||
5 | File | `/aux` | Low
|
||||
6 | File | `/bin/appmgr` | Medium
|
||||
7 | File | `/cgi-bin/koha/acqui/supplier.pl?op=enter` | High
|
||||
8 | File | `/cgi-bin/luci` | High
|
||||
9 | File | `/ClickAndBanexDemo/admin/admin.asp` | High
|
||||
10 | File | `/config.cgi?webmin` | High
|
||||
11 | File | `/config/getuser` | High
|
||||
12 | File | `/debug/pprof` | Medium
|
||||
13 | File | `/etc/config/rpcd` | High
|
||||
14 | File | `/etc/gsissh/sshd_config` | High
|
||||
15 | File | `/etc/passwd` | Medium
|
||||
16 | File | `/gateway/services/EdgeServiceImpl` | High
|
||||
17 | File | `/getcfg.php` | Medium
|
||||
18 | File | `/goform/dir_setWanWifi` | High
|
||||
19 | File | `/goform/telnet` | High
|
||||
20 | File | `/goform/WanParameterSetting` | High
|
||||
21 | File | `/HNAP1` | Low
|
||||
22 | File | `/include/makecvs.php` | High
|
||||
23 | File | `/includes/common.inc.php` | High
|
||||
24 | File | `/js/app.js` | Medium
|
||||
25 | File | `/knomi/analyze` | High
|
||||
26 | File | `/mgmt/tm/util/bash` | High
|
||||
27 | File | `/monitoring` | Medium
|
||||
28 | File | `/opt/pia/ruby/64/ruby` | High
|
||||
29 | File | `/out.php` | Medium
|
||||
4 | File | `/admin/edit-doc.php` | High
|
||||
5 | File | `/admin/profile/save_profile` | High
|
||||
6 | File | `/aux` | Low
|
||||
7 | File | `/bin/appmgr` | Medium
|
||||
8 | File | `/cgi-bin/koha/acqui/supplier.pl?op=enter` | High
|
||||
9 | File | `/cgi-bin/luci` | High
|
||||
10 | File | `/ClickAndBanexDemo/admin/admin.asp` | High
|
||||
11 | File | `/config.cgi?webmin` | High
|
||||
12 | File | `/config/getuser` | High
|
||||
13 | File | `/debug/pprof` | Medium
|
||||
14 | File | `/etc/config/rpcd` | High
|
||||
15 | File | `/etc/gsissh/sshd_config` | High
|
||||
16 | File | `/etc/passwd` | Medium
|
||||
17 | File | `/gateway/services/EdgeServiceImpl` | High
|
||||
18 | File | `/getcfg.php` | Medium
|
||||
19 | File | `/goform/dir_setWanWifi` | High
|
||||
20 | File | `/goform/telnet` | High
|
||||
21 | File | `/goform/WanParameterSetting` | High
|
||||
22 | File | `/HNAP1` | Low
|
||||
23 | File | `/include/makecvs.php` | High
|
||||
24 | File | `/includes/common.inc.php` | High
|
||||
25 | File | `/js/app.js` | Medium
|
||||
26 | File | `/knomi/analyze` | High
|
||||
27 | File | `/mgmt/tm/util/bash` | High
|
||||
28 | File | `/monitoring` | Medium
|
||||
29 | File | `/opt/pia/ruby/64/ruby` | High
|
||||
30 | File | `/Pwrchute` | Medium
|
||||
31 | File | `/reports/rwservlet` | High
|
||||
32 | File | `/scripts/iisadmin/bdir.htr` | High
|
||||
|
|
|
@ -45,7 +45,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
3 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 6 more TTP items available. Please use our online service to access the data.
|
||||
There are 8 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -53,12 +53,12 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/tmp/csman/0` | Medium
|
||||
2 | File | `/WebMstr7/servlet/mstrWeb` | High
|
||||
3 | File | `inc/config.php` | High
|
||||
1 | File | `/fax/fax_send.php` | High
|
||||
2 | File | `/tmp/csman/0` | Medium
|
||||
3 | File | `/WebMstr7/servlet/mstrWeb` | High
|
||||
4 | ... | ... | ...
|
||||
|
||||
There are 10 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 13 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -54,7 +54,7 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22 | Pathname Traversal | High
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23 | Pathname Traversal | High
|
||||
2 | T1055 | CWE-74 | Injection | High
|
||||
3 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
|
@ -74,20 +74,20 @@ ID | Type | Indicator | Confidence
|
|||
4 | File | `/baseOpLog.do` | High
|
||||
5 | File | `/cgi-bin/api-get_line_status` | High
|
||||
6 | File | `/cgi-bin/editBookmark` | High
|
||||
7 | File | `/cgi-bin/wapopen` | High
|
||||
8 | File | `/CMD_ACCOUNT_ADMIN` | High
|
||||
9 | File | `/controller/OnlinePreviewController.java` | High
|
||||
10 | File | `/debug/pprof` | Medium
|
||||
11 | File | `/export` | Low
|
||||
12 | File | `/getcfg.php` | Medium
|
||||
13 | File | `/includes/rrdtool.inc.php` | High
|
||||
14 | File | `/onvif/device_service` | High
|
||||
15 | File | `/SSOPOST/metaAlias/%realm%/idpv2` | High
|
||||
16 | File | `/uncpath/` | Medium
|
||||
17 | File | `ActiveMediaServer.exe` | High
|
||||
7 | File | `/cgi-bin/go` | Medium
|
||||
8 | File | `/cgi-bin/wapopen` | High
|
||||
9 | File | `/CMD_ACCOUNT_ADMIN` | High
|
||||
10 | File | `/controller/OnlinePreviewController.java` | High
|
||||
11 | File | `/debug/pprof` | Medium
|
||||
12 | File | `/export` | Low
|
||||
13 | File | `/getcfg.php` | Medium
|
||||
14 | File | `/includes/rrdtool.inc.php` | High
|
||||
15 | File | `/onvif/device_service` | High
|
||||
16 | File | `/SSOPOST/metaAlias/%realm%/idpv2` | High
|
||||
17 | File | `/uncpath/` | Medium
|
||||
18 | ... | ... | ...
|
||||
|
||||
There are 144 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 151 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -86,36 +86,33 @@ ID | Type | Indicator | Confidence
|
|||
25 | File | `/etc/passwd` | Medium
|
||||
26 | File | `/etc/shadow` | Medium
|
||||
27 | File | `/EXCU_SHELL` | Medium
|
||||
28 | File | `/goform/addressNat` | High
|
||||
29 | File | `/goform/AddSysLogRule` | High
|
||||
30 | File | `/goform/aspForm` | High
|
||||
31 | File | `/goform/NatStaticSetting` | High
|
||||
32 | File | `/goform/WifiBasicSet` | High
|
||||
33 | File | `/hocms/classes/Master.php?f=delete_collection` | High
|
||||
34 | File | `/index.php` | Medium
|
||||
35 | File | `/index.php?module=configuration/application` | High
|
||||
36 | File | `/index.php?route=extension/module/so_filter_shop_by/filter_data` | High
|
||||
37 | File | `/isomedia/box_funcs.c` | High
|
||||
38 | File | `/isomedia/meta.c` | High
|
||||
39 | File | `/pages/animals.php` | High
|
||||
40 | File | `/pages/apply_vacancy.php` | High
|
||||
41 | File | `/php-sms/admin/?page=services/manage_service` | High
|
||||
42 | File | `/php_action/editProductImage.php` | High
|
||||
43 | File | `/plesk-site-preview/` | High
|
||||
44 | File | `/project/PROJECTNAME/reports/` | High
|
||||
45 | File | `/sacco_shield/manage_loan.php` | High
|
||||
46 | File | `/scene_manager/scene_dump.c` | High
|
||||
47 | File | `/school/model/get_admin_profile.php` | High
|
||||
48 | File | `/services/view_service.php` | High
|
||||
49 | File | `/shell` | Low
|
||||
50 | File | `/spip.php` | Medium
|
||||
51 | File | `/student-grading-system/rms.php?page=grade` | High
|
||||
52 | File | `/timeline2.php` | High
|
||||
53 | File | `/userui/ticket_list.php` | High
|
||||
54 | File | `/user_operations/profile.php` | High
|
||||
55 | ... | ... | ...
|
||||
28 | File | `/forum/away.php` | High
|
||||
29 | File | `/goform/addressNat` | High
|
||||
30 | File | `/goform/AddSysLogRule` | High
|
||||
31 | File | `/goform/aspForm` | High
|
||||
32 | File | `/goform/NatStaticSetting` | High
|
||||
33 | File | `/goform/WifiBasicSet` | High
|
||||
34 | File | `/hocms/classes/Master.php?f=delete_collection` | High
|
||||
35 | File | `/index.php` | Medium
|
||||
36 | File | `/index.php?module=configuration/application` | High
|
||||
37 | File | `/index.php?route=extension/module/so_filter_shop_by/filter_data` | High
|
||||
38 | File | `/isomedia/box_funcs.c` | High
|
||||
39 | File | `/isomedia/meta.c` | High
|
||||
40 | File | `/kruxton/receipt.php` | High
|
||||
41 | File | `/pages/animals.php` | High
|
||||
42 | File | `/pages/apply_vacancy.php` | High
|
||||
43 | File | `/php-sms/admin/?page=services/manage_service` | High
|
||||
44 | File | `/php_action/editProductImage.php` | High
|
||||
45 | File | `/plesk-site-preview/` | High
|
||||
46 | File | `/project/PROJECTNAME/reports/` | High
|
||||
47 | File | `/sacco_shield/manage_loan.php` | High
|
||||
48 | File | `/scene_manager/scene_dump.c` | High
|
||||
49 | File | `/school/model/get_admin_profile.php` | High
|
||||
50 | File | `/services/view_service.php` | High
|
||||
51 | File | `/shell` | Low
|
||||
52 | ... | ... | ...
|
||||
|
||||
There are 477 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 453 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -54,7 +54,7 @@ ID | Type | Indicator | Confidence
|
|||
5 | File | `/opt/zimbra/jetty/webapps/zimbra/public` | High
|
||||
6 | ... | ... | ...
|
||||
|
||||
There are 41 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 42 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -9,8 +9,11 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
|
|||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Winter Vivern:
|
||||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [RU](https://vuldb.com/?country.ru)
|
||||
* [NL](https://vuldb.com/?country.nl)
|
||||
* [IL](https://vuldb.com/?country.il)
|
||||
* [PT](https://vuldb.com/?country.pt)
|
||||
* ...
|
||||
|
||||
There are 10 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -20,7 +23,10 @@ ID | IP address | Hostname | Campaign | Confidence
|
|||
-- | ---------- | -------- | -------- | ----------
|
||||
1 | [37.252.5.133](https://vuldb.com/?ip.37.252.5.133) | - | - | High
|
||||
2 | [37.252.9.123](https://vuldb.com/?ip.37.252.9.123) | gw.r-service.info | - | High
|
||||
3 | [185.238.169.57](https://vuldb.com/?ip.185.238.169.57) | - | - | High
|
||||
3 | [80.79.124.135](https://vuldb.com/?ip.80.79.124.135) | 80.79.124.135.wavecom.ee | - | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 5 more IOC items available. Please use our online service to access the data.
|
||||
|
||||
## TTP - Tactics, Techniques, Procedures
|
||||
|
||||
|
@ -29,11 +35,11 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-22 | Pathname Traversal | High
|
||||
2 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
3 | T1068 | CWE-264, CWE-284 | Execution with Unnecessary Privileges | High
|
||||
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 2 more TTP items available. Please use our online service to access the data.
|
||||
There are 11 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -41,12 +47,16 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `asm/preproc.c` | High
|
||||
2 | File | `listpics.asp` | Medium
|
||||
3 | File | `wc/store/products/collection-data?calculate_attribute_counts[][taxonomy]` | High
|
||||
4 | ... | ... | ...
|
||||
1 | File | `/admin/scripts/pi-hole/phpqueryads.php` | High
|
||||
2 | File | `/etc/gsissh/sshd_config` | High
|
||||
3 | File | `/goform/WifiBasicSet` | High
|
||||
4 | File | `/login/index.php` | High
|
||||
5 | File | `/out.php` | Medium
|
||||
6 | File | `/spip.php` | Medium
|
||||
7 | File | `/web/IndexController.java` | High
|
||||
8 | ... | ... | ...
|
||||
|
||||
There are 3 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 55 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
@ -54,6 +64,7 @@ The following list contains _external sources_ which discuss the actor and the a
|
|||
|
||||
* https://lab52.io/blog/winter-vivern-all-summer/
|
||||
* https://www.domaintools.com/resources/blog/winter-vivern-a-look-at-re-crafted-government-maldocs
|
||||
* https://www.sentinelone.com/labs/winter-vivern-uncovering-a-wave-of-global-espionage/
|
||||
|
||||
## Literature
|
||||
|
||||
|
|
|
@ -59,15 +59,16 @@ ID | Type | Indicator | Confidence
|
|||
2 | File | `/baseOpLog.do` | High
|
||||
3 | File | `/bcms/admin/?page=user/list` | High
|
||||
4 | File | `/upload` | Low
|
||||
5 | File | `ast/parser.go` | High
|
||||
6 | File | `authent.php4` | Medium
|
||||
7 | File | `boardData103.php/boardDataJP.php/boardDataNA.php/boardDataWW.php` | High
|
||||
8 | File | `catalog.asp` | Medium
|
||||
9 | File | `controllers/Weixin.php` | High
|
||||
10 | File | `dapur/index.php` | High
|
||||
11 | ... | ... | ...
|
||||
5 | File | `/youthappam/add-food.php` | High
|
||||
6 | File | `ast/parser.go` | High
|
||||
7 | File | `authent.php4` | Medium
|
||||
8 | File | `boardData103.php/boardDataJP.php/boardDataNA.php/boardDataWW.php` | High
|
||||
9 | File | `catalog.asp` | Medium
|
||||
10 | File | `controllers/Weixin.php` | High
|
||||
11 | File | `dapur/index.php` | High
|
||||
12 | ... | ... | ...
|
||||
|
||||
There are 88 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 90 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -9,11 +9,7 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
|
|||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with njRAT:
|
||||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [ES](https://vuldb.com/?country.es)
|
||||
* [FR](https://vuldb.com/?country.fr)
|
||||
* ...
|
||||
|
||||
There are 21 more country items available. Please use our online service to access the data.
|
||||
* [DE](https://vuldb.com/?country.de)
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -25,25 +21,25 @@ ID | IP address | Hostname | Campaign | Confidence
|
|||
2 | [2.91.138.211](https://vuldb.com/?ip.2.91.138.211) | - | - | High
|
||||
3 | [3.17.202.129](https://vuldb.com/?ip.3.17.202.129) | ec2-3-17-202-129.us-east-2.compute.amazonaws.com | - | Medium
|
||||
4 | [3.19.114.185](https://vuldb.com/?ip.3.19.114.185) | ec2-3-19-114-185.us-east-2.compute.amazonaws.com | - | Medium
|
||||
5 | [23.3.13.88](https://vuldb.com/?ip.23.3.13.88) | a23-3-13-88.deploy.static.akamaitechnologies.com | - | High
|
||||
6 | [23.3.13.154](https://vuldb.com/?ip.23.3.13.154) | a23-3-13-154.deploy.static.akamaitechnologies.com | - | High
|
||||
7 | [31.13.66.19](https://vuldb.com/?ip.31.13.66.19) | xx-fbcdn-shv-01-iad3.fbcdn.net | - | High
|
||||
8 | [41.42.68.235](https://vuldb.com/?ip.41.42.68.235) | host-41.42.68.235.tedata.net | - | High
|
||||
9 | [41.97.3.243](https://vuldb.com/?ip.41.97.3.243) | - | - | High
|
||||
10 | [41.102.39.1](https://vuldb.com/?ip.41.102.39.1) | - | - | High
|
||||
11 | [41.102.190.225](https://vuldb.com/?ip.41.102.190.225) | - | - | High
|
||||
12 | [41.141.118.138](https://vuldb.com/?ip.41.141.118.138) | - | - | High
|
||||
13 | [41.200.44.39](https://vuldb.com/?ip.41.200.44.39) | - | - | High
|
||||
14 | [41.200.143.212](https://vuldb.com/?ip.41.200.143.212) | - | - | High
|
||||
15 | [41.226.95.248](https://vuldb.com/?ip.41.226.95.248) | - | - | High
|
||||
16 | [41.235.176.195](https://vuldb.com/?ip.41.235.176.195) | host-41.235.176.195.tedata.net | - | High
|
||||
17 | [43.229.151.64](https://vuldb.com/?ip.43.229.151.64) | - | - | High
|
||||
18 | [46.105.201.240](https://vuldb.com/?ip.46.105.201.240) | - | - | High
|
||||
19 | [46.243.150.150](https://vuldb.com/?ip.46.243.150.150) | - | - | High
|
||||
20 | [46.246.13.73](https://vuldb.com/?ip.46.246.13.73) | c-46-246-13-73.ip4.frootvpn.com | - | High
|
||||
5 | [13.107.21.200](https://vuldb.com/?ip.13.107.21.200) | - | - | High
|
||||
6 | [23.3.13.88](https://vuldb.com/?ip.23.3.13.88) | a23-3-13-88.deploy.static.akamaitechnologies.com | - | High
|
||||
7 | [23.3.13.154](https://vuldb.com/?ip.23.3.13.154) | a23-3-13-154.deploy.static.akamaitechnologies.com | - | High
|
||||
8 | [31.13.66.19](https://vuldb.com/?ip.31.13.66.19) | xx-fbcdn-shv-01-iad3.fbcdn.net | - | High
|
||||
9 | [41.42.68.235](https://vuldb.com/?ip.41.42.68.235) | host-41.42.68.235.tedata.net | - | High
|
||||
10 | [41.97.3.243](https://vuldb.com/?ip.41.97.3.243) | - | - | High
|
||||
11 | [41.102.39.1](https://vuldb.com/?ip.41.102.39.1) | - | - | High
|
||||
12 | [41.102.190.225](https://vuldb.com/?ip.41.102.190.225) | - | - | High
|
||||
13 | [41.141.118.138](https://vuldb.com/?ip.41.141.118.138) | - | - | High
|
||||
14 | [41.200.44.39](https://vuldb.com/?ip.41.200.44.39) | - | - | High
|
||||
15 | [41.200.143.212](https://vuldb.com/?ip.41.200.143.212) | - | - | High
|
||||
16 | [41.226.95.248](https://vuldb.com/?ip.41.226.95.248) | - | - | High
|
||||
17 | [41.235.176.195](https://vuldb.com/?ip.41.235.176.195) | host-41.235.176.195.tedata.net | - | High
|
||||
18 | [43.229.151.64](https://vuldb.com/?ip.43.229.151.64) | - | - | High
|
||||
19 | [46.105.201.240](https://vuldb.com/?ip.46.105.201.240) | - | - | High
|
||||
20 | [46.243.150.150](https://vuldb.com/?ip.46.243.150.150) | - | - | High
|
||||
21 | ... | ... | ... | ...
|
||||
|
||||
There are 78 more IOC items available. Please use our online service to access the data.
|
||||
There are 81 more IOC items available. Please use our online service to access the data.
|
||||
|
||||
## TTP - Tactics, Techniques, Procedures
|
||||
|
||||
|
@ -51,12 +47,8 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-22 | Pathname Traversal | High
|
||||
2 | T1055 | CWE-74 | Injection | High
|
||||
3 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 14 more TTP items available. Please use our online service to access the data.
|
||||
1 | T1055 | CWE-74 | Injection | High
|
||||
2 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -64,29 +56,8 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `.cfm` | Low
|
||||
2 | File | `/admin/login.php` | High
|
||||
3 | File | `/api/RecordingList/DownloadRecord?file=` | High
|
||||
4 | File | `/cgi-bin/logo_extra_upload.cgi` | High
|
||||
5 | File | `/classes/profile.class.php` | High
|
||||
6 | File | `/dashboard/menu-list.php` | High
|
||||
7 | File | `/DataHandler/AM/AM_Handler.ashx` | High
|
||||
8 | File | `/dotproject/index.php` | High
|
||||
9 | File | `/etc/gsissh/sshd_config` | High
|
||||
10 | File | `/redpass.cgi` | Medium
|
||||
11 | File | `/see_more_details.php` | High
|
||||
12 | File | `/server-status` | High
|
||||
13 | File | `/tour/admin/update_packages.php` | High
|
||||
14 | File | `/uncpath/` | Medium
|
||||
15 | File | `/var/log/nginx` | High
|
||||
16 | File | `/WebMstr7/servlet/mstrWeb` | High
|
||||
17 | File | `/wp-admin/admin-ajax.php` | High
|
||||
18 | File | `/wp-content/plugins/woocommerce/templates/emails/plain/` | High
|
||||
19 | File | `adclick.php` | Medium
|
||||
20 | File | `admin.php` | Medium
|
||||
21 | ... | ... | ...
|
||||
|
||||
There are 172 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
1 | File | `inc/config.php` | High
|
||||
2 | Argument | `basePath` | Medium
|
||||
|
||||
## References
|
||||
|
||||
|
@ -111,6 +82,7 @@ The following list contains _external sources_ which discuss the actor and the a
|
|||
* https://blog.talosintelligence.com/2021/04/threat-roundup-0423-0430.html
|
||||
* https://blog.talosintelligence.com/2021/08/threat-roundup-0730-0806.html
|
||||
* https://blog.talosintelligence.com/threat-roundup-0217-0224/
|
||||
* https://blog.talosintelligence.com/threat-roundup-0310-0317/
|
||||
* https://blogs.blackberry.com/en/2021/08/threat-thursday-dont-let-njrat-take-your-cheddar
|
||||
* https://github.com/executemalware/Malware-IOCs/blob/main/2021-08-20%20njRAT%20IOCs
|
||||
* https://s3.amazonaws.com/talos-intelligence-site/production/document_files/files/000/095/594/original/Network_IOCs_list_for_coverage.txt?1625657479
|
||||
|
|
|
@ -51,7 +51,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
5 | T1059.007 | CWE-79, CWE-80, CWE-87 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 21 more TTP items available. Please use our online service to access the data.
|
||||
There are 22 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -76,44 +76,44 @@ ID | Type | Indicator | Confidence
|
|||
15 | File | `/admin/renewaldue.php` | High
|
||||
16 | File | `/admin/students/manage.php` | High
|
||||
17 | File | `/admin/students/view_student.php` | High
|
||||
18 | File | `/admin/usermanagement.php` | High
|
||||
19 | File | `/adms/admin/?page=vehicles/view_transaction` | High
|
||||
20 | File | `/api/addusers` | High
|
||||
21 | File | `/api/user/upsert/<uuid>` | High
|
||||
22 | File | `/appliance/users?action=edit` | High
|
||||
23 | File | `/backup.pl` | Medium
|
||||
24 | File | `/bits/stl_vector.h` | High
|
||||
25 | File | `/bsms_ci/index.php` | High
|
||||
26 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
27 | File | `/dashboard/add-portfolio.php` | High
|
||||
28 | File | `/dashboard/updatelogo.php` | High
|
||||
29 | File | `/designer/add/layout` | High
|
||||
30 | File | `/edoc/doctor/patient.php` | High
|
||||
31 | File | `/etc/gsissh/sshd_config` | High
|
||||
32 | File | `/etc/ldap.conf` | High
|
||||
33 | File | `/etc/shadow` | Medium
|
||||
34 | File | `/face-recognition-php/facepay-master/camera.php` | High
|
||||
35 | File | `/filemanager/upload/drop` | High
|
||||
36 | File | `/foms/place-order.php` | High
|
||||
37 | File | `/forum/away.php` | High
|
||||
38 | File | `/goform/wizard_end` | High
|
||||
39 | File | `/h/calendar` | Medium
|
||||
40 | File | `/h/compose` | Medium
|
||||
41 | File | `/h/search?action=voicemail&action=listen` | High
|
||||
42 | File | `/hrm/employeeview.php` | High
|
||||
43 | File | `/htmldoc/htmldoc/html.cxx` | High
|
||||
44 | File | `/index.php` | Medium
|
||||
45 | File | `/login.php` | Medium
|
||||
46 | File | `/loginVaLidation.php` | High
|
||||
47 | File | `/manage-apartment.php` | High
|
||||
48 | File | `/manager/index.php` | High
|
||||
49 | File | `/mcategory.php` | High
|
||||
50 | File | `/mkshop/Men/profile.php` | High
|
||||
51 | File | `/Noxen-master/users.php` | High
|
||||
52 | File | `/opac/Actions.php?a=login` | High
|
||||
18 | File | `/adms/admin/?page=vehicles/view_transaction` | High
|
||||
19 | File | `/api/addusers` | High
|
||||
20 | File | `/api/user/upsert/<uuid>` | High
|
||||
21 | File | `/appliance/users?action=edit` | High
|
||||
22 | File | `/backup.pl` | Medium
|
||||
23 | File | `/bits/stl_vector.h` | High
|
||||
24 | File | `/bsms_ci/index.php` | High
|
||||
25 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
26 | File | `/dashboard/add-portfolio.php` | High
|
||||
27 | File | `/dashboard/updatelogo.php` | High
|
||||
28 | File | `/edoc/doctor/patient.php` | High
|
||||
29 | File | `/etc/gsissh/sshd_config` | High
|
||||
30 | File | `/etc/ldap.conf` | High
|
||||
31 | File | `/etc/shadow` | Medium
|
||||
32 | File | `/face-recognition-php/facepay-master/camera.php` | High
|
||||
33 | File | `/foms/place-order.php` | High
|
||||
34 | File | `/forum/away.php` | High
|
||||
35 | File | `/goform/wizard_end` | High
|
||||
36 | File | `/h/calendar` | Medium
|
||||
37 | File | `/h/compose` | Medium
|
||||
38 | File | `/h/search?action=voicemail&action=listen` | High
|
||||
39 | File | `/hrm/employeeview.php` | High
|
||||
40 | File | `/htmldoc/htmldoc/html.cxx` | High
|
||||
41 | File | `/index.php` | Medium
|
||||
42 | File | `/login.php` | Medium
|
||||
43 | File | `/loginVaLidation.php` | High
|
||||
44 | File | `/manage-apartment.php` | High
|
||||
45 | File | `/manager/index.php` | High
|
||||
46 | File | `/mcategory.php` | High
|
||||
47 | File | `/mkshop/Men/profile.php` | High
|
||||
48 | File | `/Noxen-master/users.php` | High
|
||||
49 | File | `/opac/Actions.php?a=login` | High
|
||||
50 | File | `/pages/animals.php` | High
|
||||
51 | File | `/pet_shop/admin/orders/update_status.php` | High
|
||||
52 | File | `/php-scrm/login.php` | High
|
||||
53 | ... | ... | ...
|
||||
|
||||
There are 462 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 459 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -106,7 +106,7 @@ ID | Type | Indicator | Confidence
|
|||
46 | File | `advancedsearch.php` | High
|
||||
47 | ... | ... | ...
|
||||
|
||||
There are 409 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 404 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -107,7 +107,7 @@ ID | Type | Indicator | Confidence
|
|||
45 | File | `admin/index.php` | High
|
||||
46 | ... | ... | ...
|
||||
|
||||
There are 400 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 398 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -97,7 +97,7 @@ ID | Type | Indicator | Confidence
|
|||
10 | File | `admin/admin.shtml` | High
|
||||
11 | ... | ... | ...
|
||||
|
||||
There are 84 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 86 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [RU](https://vuldb.com/?country.ru)
|
||||
* ...
|
||||
|
||||
There are 32 more country items available. Please use our online service to access the data.
|
||||
There are 31 more country items available. Please use our online service to access the data.
|
||||
|
||||
## Actors
|
||||
|
||||
|
@ -72,52 +72,52 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/+CSCOE+/logon.html` | High
|
||||
2 | File | `/addnews.html` | High
|
||||
3 | File | `/admin/admin.php` | High
|
||||
4 | File | `/admin/user/manage_user.php` | High
|
||||
5 | File | `/api/trackedEntityInstances` | High
|
||||
6 | File | `/bin/login.php` | High
|
||||
7 | File | `/cgi-bin/hi3510/param.cgi` | High
|
||||
8 | File | `/cgi-bin/system_mgr.cgi` | High
|
||||
9 | File | `/cgi/sshcheck.cgi` | High
|
||||
10 | File | `/common/logViewer/logViewer.jsf` | High
|
||||
11 | File | `/ConsoleHelp/` | High
|
||||
12 | File | `/etc/sudoers` | Medium
|
||||
13 | File | `/export` | Low
|
||||
14 | File | `/horde/imp/search.php` | High
|
||||
15 | File | `/index.php` | Medium
|
||||
16 | File | `/jsoa/hntdCustomDesktopActionContent` | High
|
||||
17 | File | `/LEPTON_stable_2.2.2/upload/admins/media/index.php` | High
|
||||
18 | File | `/login` | Low
|
||||
19 | File | `/modules/projects/vw_files.php` | High
|
||||
20 | File | `/news.dtl.php` | High
|
||||
21 | File | `/opensis/modules/grades/InputFinalGrades.php` | High
|
||||
22 | File | `/opensis/modules/users/Staff.php` | High
|
||||
23 | File | `/plesk-site-preview/` | High
|
||||
24 | File | `/proc/self/environ` | High
|
||||
25 | File | `/rest/api/2/user/picker` | High
|
||||
26 | File | `/s/` | Low
|
||||
27 | File | `/secure/admin/InsightDefaultCustomFieldConfig.jspa` | High
|
||||
28 | File | `/secure/QueryComponent!Default.jspa` | High
|
||||
29 | File | `/sendrcpackage?keyid=-2544&keysymbol=-4081` | High
|
||||
30 | File | `/services` | Medium
|
||||
31 | File | `/system?action=ServiceAdmin` | High
|
||||
32 | File | `/var/WEB-GUI/cgi-bin/downloadfile.cgi` | High
|
||||
33 | File | `/vicidial/user_stats.php` | High
|
||||
34 | File | `/websocket/exec` | High
|
||||
35 | File | `14all.cgi/14all-1.1.cgi/traffic.cgi/mrtg.cgi` | High
|
||||
36 | File | `access.conf` | Medium
|
||||
37 | File | `adclick.php` | Medium
|
||||
38 | File | `addentry.php` | Medium
|
||||
39 | File | `admin.php?m=backup&c=backup&a=doback` | High
|
||||
40 | File | `admin/admin_users.php` | High
|
||||
41 | File | `admin/login.php` | High
|
||||
42 | File | `admin/upload.php` | High
|
||||
43 | File | `administers` | Medium
|
||||
44 | File | `Administrator_list.php` | High
|
||||
45 | File | `advancedsetup_websiteblocking.html` | High
|
||||
46 | File | `ajax_mail_autoreply.php` | High
|
||||
47 | File | `ajax_save_name.php` | High
|
||||
2 | File | `/admin/admin.php` | High
|
||||
3 | File | `/admin/user/manage_user.php` | High
|
||||
4 | File | `/api/trackedEntityInstances` | High
|
||||
5 | File | `/bin/login.php` | High
|
||||
6 | File | `/cgi-bin/system_mgr.cgi` | High
|
||||
7 | File | `/cgi/sshcheck.cgi` | High
|
||||
8 | File | `/common/logViewer/logViewer.jsf` | High
|
||||
9 | File | `/ConsoleHelp/` | High
|
||||
10 | File | `/etc/sudoers` | Medium
|
||||
11 | File | `/export` | Low
|
||||
12 | File | `/horde/imp/search.php` | High
|
||||
13 | File | `/index.php` | Medium
|
||||
14 | File | `/jsoa/hntdCustomDesktopActionContent` | High
|
||||
15 | File | `/LEPTON_stable_2.2.2/upload/admins/media/index.php` | High
|
||||
16 | File | `/login` | Low
|
||||
17 | File | `/messageboard/view.php` | High
|
||||
18 | File | `/modules/projects/vw_files.php` | High
|
||||
19 | File | `/opensis/modules/grades/InputFinalGrades.php` | High
|
||||
20 | File | `/opensis/modules/users/Staff.php` | High
|
||||
21 | File | `/plesk-site-preview/` | High
|
||||
22 | File | `/proc/self/environ` | High
|
||||
23 | File | `/rest/api/2/user/picker` | High
|
||||
24 | File | `/s/` | Low
|
||||
25 | File | `/secure/admin/InsightDefaultCustomFieldConfig.jspa` | High
|
||||
26 | File | `/secure/QueryComponent!Default.jspa` | High
|
||||
27 | File | `/sendrcpackage?keyid=-2544&keysymbol=-4081` | High
|
||||
28 | File | `/services` | Medium
|
||||
29 | File | `/system?action=ServiceAdmin` | High
|
||||
30 | File | `/var/WEB-GUI/cgi-bin/downloadfile.cgi` | High
|
||||
31 | File | `/vicidial/user_stats.php` | High
|
||||
32 | File | `/websocket/exec` | High
|
||||
33 | File | `access.conf` | Medium
|
||||
34 | File | `adclick.php` | Medium
|
||||
35 | File | `admin.php` | Medium
|
||||
36 | File | `admin.php?m=backup&c=backup&a=doback` | High
|
||||
37 | File | `admin.remository.php` | High
|
||||
38 | File | `admin/admin_users.php` | High
|
||||
39 | File | `admin/login.php` | High
|
||||
40 | File | `admin/upload.php` | High
|
||||
41 | File | `administers` | Medium
|
||||
42 | File | `Administrator_list.php` | High
|
||||
43 | File | `advancedsetup_websiteblocking.html` | High
|
||||
44 | File | `affich.php` | Medium
|
||||
45 | File | `ajax_mail_autoreply.php` | High
|
||||
46 | File | `ajax_save_name.php` | High
|
||||
47 | File | `album_portal.php` | High
|
||||
48 | File | `allocator.cc` | Medium
|
||||
49 | File | `announcements.php` | High
|
||||
50 | File | `ap1.com` | Low
|
||||
|
@ -128,9 +128,12 @@ ID | Type | Indicator | Confidence
|
|||
55 | File | `AppCompatCache.exe` | High
|
||||
56 | File | `application.php` | High
|
||||
57 | File | `apply.cgi` | Medium
|
||||
58 | ... | ... | ...
|
||||
58 | File | `asp:.jpg` | Medium
|
||||
59 | File | `authfiles/login.asp` | High
|
||||
60 | File | `bb_usage_stats.php` | High
|
||||
61 | ... | ... | ...
|
||||
|
||||
There are 503 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 534 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -9,8 +9,8 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
|
|||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with BlackEnergy:
|
||||
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
* [ES](https://vuldb.com/?country.es)
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [ES](https://vuldb.com/?country.es)
|
||||
* ...
|
||||
|
||||
There are 15 more country items available. Please use our online service to access the data.
|
||||
|
@ -47,7 +47,7 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-28 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-294 | Authentication Bypass by Capture-replay | High
|
||||
2 | T1040 | CWE-294, CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
|
@ -69,37 +69,39 @@ ID | Type | Indicator | Confidence
|
|||
6 | File | `/admin/submit-articles` | High
|
||||
7 | File | `/ad_js.php` | Medium
|
||||
8 | File | `/alphaware/summary.php` | High
|
||||
9 | File | `/api/v2/cli/commands` | High
|
||||
10 | File | `/app/options.py` | High
|
||||
11 | File | `/attachments` | Medium
|
||||
12 | File | `/boat/login.php` | High
|
||||
13 | File | `/bsms_ci/index.php/book` | High
|
||||
14 | File | `/cgi-bin/luci/api/wireless` | High
|
||||
15 | File | `/ci_hms/massage_room/edit/1` | High
|
||||
16 | File | `/context/%2e/WEB-INF/web.xml` | High
|
||||
17 | File | `/dashboard/reports/logs/view` | High
|
||||
18 | File | `/debian/patches/load_ppp_generic_if_needed` | High
|
||||
19 | File | `/debug/pprof` | Medium
|
||||
20 | File | `/etc/hosts` | Medium
|
||||
21 | File | `/forum/away.php` | High
|
||||
22 | File | `/goform/setmac` | High
|
||||
23 | File | `/goform/wizard_end` | High
|
||||
24 | File | `/manage-apartment.php` | High
|
||||
25 | File | `/medicines/profile.php` | High
|
||||
26 | File | `/modules/caddyhttp/rewrite/rewrite.go` | High
|
||||
27 | File | `/out.php` | Medium
|
||||
28 | File | `/pages/apply_vacancy.php` | High
|
||||
29 | File | `/pet_shop/admin/?page=maintenance/manage_category` | High
|
||||
30 | File | `/proc/<PID>/mem` | High
|
||||
31 | File | `/proxy` | Low
|
||||
32 | File | `/reservation/add_message.php` | High
|
||||
33 | File | `/spip.php` | Medium
|
||||
34 | File | `/tmp` | Low
|
||||
35 | File | `/uncpath/` | Medium
|
||||
36 | File | `/upload` | Low
|
||||
37 | ... | ... | ...
|
||||
9 | File | `/api/` | Low
|
||||
10 | File | `/api/admin/store/product/list` | High
|
||||
11 | File | `/api/v2/cli/commands` | High
|
||||
12 | File | `/app/options.py` | High
|
||||
13 | File | `/attachments` | Medium
|
||||
14 | File | `/boat/login.php` | High
|
||||
15 | File | `/bsms_ci/index.php/book` | High
|
||||
16 | File | `/cgi-bin/luci/api/wireless` | High
|
||||
17 | File | `/context/%2e/WEB-INF/web.xml` | High
|
||||
18 | File | `/dashboard/reports/logs/view` | High
|
||||
19 | File | `/debian/patches/load_ppp_generic_if_needed` | High
|
||||
20 | File | `/debug/pprof` | Medium
|
||||
21 | File | `/etc/hosts` | Medium
|
||||
22 | File | `/forum/away.php` | High
|
||||
23 | File | `/goform/setmac` | High
|
||||
24 | File | `/goform/wizard_end` | High
|
||||
25 | File | `/manage-apartment.php` | High
|
||||
26 | File | `/medicines/profile.php` | High
|
||||
27 | File | `/modules/caddyhttp/rewrite/rewrite.go` | High
|
||||
28 | File | `/out.php` | Medium
|
||||
29 | File | `/owa/auth/logon.aspx` | High
|
||||
30 | File | `/pages/apply_vacancy.php` | High
|
||||
31 | File | `/pet_shop/admin/?page=maintenance/manage_category` | High
|
||||
32 | File | `/proc/<PID>/mem` | High
|
||||
33 | File | `/proxy` | Low
|
||||
34 | File | `/reservation/add_message.php` | High
|
||||
35 | File | `/spip.php` | Medium
|
||||
36 | File | `/tmp` | Low
|
||||
37 | File | `/uncpath/` | Medium
|
||||
38 | File | `/upload` | Low
|
||||
39 | ... | ... | ...
|
||||
|
||||
There are 314 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 338 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -10,7 +10,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
|
||||
* [VN](https://vuldb.com/?country.vn)
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [NO](https://vuldb.com/?country.no)
|
||||
* [NL](https://vuldb.com/?country.nl)
|
||||
* ...
|
||||
|
||||
There are 8 more country items available. Please use our online service to access the data.
|
||||
|
@ -182,45 +182,48 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/.env` | Low
|
||||
2 | File | `//` | Low
|
||||
3 | File | `/?ajax-request=jnews` | High
|
||||
4 | File | `/admin` | Low
|
||||
5 | File | `/admin/patient.php` | High
|
||||
6 | File | `/api/jmeter/download/files` | High
|
||||
7 | File | `/api/upload` | Medium
|
||||
8 | File | `/api/v1/attack/falco` | High
|
||||
9 | File | `/APR/login.php` | High
|
||||
10 | File | `/as/authorization.oauth2` | High
|
||||
11 | File | `/backup.pl` | Medium
|
||||
12 | File | `/cgi-bin/luci/api/auth` | High
|
||||
13 | File | `/cgi-bin/supervisor/PwdGrp.cgi` | High
|
||||
14 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
15 | File | `/churchcrm/EventAttendance.php` | High
|
||||
16 | File | `/DXR.axd` | Medium
|
||||
17 | File | `/edoc/doctor/patient.php` | High
|
||||
18 | File | `/filemanager/php/connector.php` | High
|
||||
19 | File | `/files/import` | High
|
||||
20 | File | `/forum/away.php` | High
|
||||
21 | File | `/j_security_check` | High
|
||||
22 | File | `/librarian/bookdetails.php` | High
|
||||
23 | File | `/mhds/clinic/view_details.php` | High
|
||||
24 | File | `/modules/projects/vw_files.php` | High
|
||||
25 | File | `/Moosikay/order.php` | High
|
||||
26 | File | `/out.php` | Medium
|
||||
27 | File | `/php-scrm/login.php` | High
|
||||
28 | File | `/reservation/add_message.php` | High
|
||||
29 | File | `/reviewer_0/admins/assessments/pretest/questions-view.php` | High
|
||||
30 | File | `/rukovoditel/index.php?module=users/login` | High
|
||||
31 | File | `/secure/QueryComponent!Default.jspa` | High
|
||||
32 | File | `/static/ueditor/php/controller.php` | High
|
||||
33 | File | `/tmp/boa-temp` | High
|
||||
34 | File | `/var/WEB-GUI/cgi-bin/telnet.cgi` | High
|
||||
35 | File | `/wp-admin/admin-ajax.php` | High
|
||||
36 | File | `/wp-admin/options.php` | High
|
||||
37 | ... | ... | ...
|
||||
1 | File | `.FBCIndex` | Medium
|
||||
2 | File | `/.env` | Low
|
||||
3 | File | `//` | Low
|
||||
4 | File | `/?ajax-request=jnews` | High
|
||||
5 | File | `/admin` | Low
|
||||
6 | File | `/admin/login.php` | High
|
||||
7 | File | `/admin/patient.php` | High
|
||||
8 | File | `/api/jmeter/download/files` | High
|
||||
9 | File | `/api/upload` | Medium
|
||||
10 | File | `/api/v1/attack/falco` | High
|
||||
11 | File | `/APR/login.php` | High
|
||||
12 | File | `/as/authorization.oauth2` | High
|
||||
13 | File | `/backup.pl` | Medium
|
||||
14 | File | `/cgi-bin/luci/api/auth` | High
|
||||
15 | File | `/cgi-bin/supervisor/PwdGrp.cgi` | High
|
||||
16 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
17 | File | `/churchcrm/EventAttendance.php` | High
|
||||
18 | File | `/DXR.axd` | Medium
|
||||
19 | File | `/edoc/doctor/patient.php` | High
|
||||
20 | File | `/filemanager/php/connector.php` | High
|
||||
21 | File | `/files/import` | High
|
||||
22 | File | `/forum/away.php` | High
|
||||
23 | File | `/j_security_check` | High
|
||||
24 | File | `/librarian/bookdetails.php` | High
|
||||
25 | File | `/mhds/clinic/view_details.php` | High
|
||||
26 | File | `/modules/projects/vw_files.php` | High
|
||||
27 | File | `/Moosikay/order.php` | High
|
||||
28 | File | `/out.php` | Medium
|
||||
29 | File | `/php-scrm/login.php` | High
|
||||
30 | File | `/plain` | Low
|
||||
31 | File | `/public/launchNewWindow.jsp` | High
|
||||
32 | File | `/reservation/add_message.php` | High
|
||||
33 | File | `/reviewer_0/admins/assessments/pretest/questions-view.php` | High
|
||||
34 | File | `/rukovoditel/index.php?module=users/login` | High
|
||||
35 | File | `/static/ueditor/php/controller.php` | High
|
||||
36 | File | `/tmp/boa-temp` | High
|
||||
37 | File | `/var/WEB-GUI/cgi-bin/telnet.cgi` | High
|
||||
38 | File | `/wp-admin/admin-ajax.php` | High
|
||||
39 | File | `/wp-admin/options.php` | High
|
||||
40 | ... | ... | ...
|
||||
|
||||
There are 319 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 342 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -113,27 +113,28 @@ ID | Type | Indicator | Confidence
|
|||
45 | File | `/editbrand.php` | High
|
||||
46 | File | `/edituser.php` | High
|
||||
47 | File | `/employeeview.php` | High
|
||||
48 | File | `/forum/away.php` | High
|
||||
49 | File | `/fos/admin/index.php?page=menu` | High
|
||||
50 | File | `/goform/AddSysLogRule` | High
|
||||
51 | File | `/goform/SafeEmailFilter` | High
|
||||
52 | File | `/goform/SetIpMacBind` | High
|
||||
53 | File | `/goform/setSnmpInfo` | High
|
||||
54 | File | `/goform/setUplinkInfo` | High
|
||||
55 | File | `/goform/SysToolReboot` | High
|
||||
56 | File | `/goform/WifiBasicSet` | High
|
||||
57 | File | `/graphql` | Medium
|
||||
58 | File | `/hrm/employeeview.php` | High
|
||||
59 | File | `/hss/?page=categories` | High
|
||||
60 | File | `/hss/admin/brands/manage_brand.php` | High
|
||||
61 | File | `/index.asp` | Medium
|
||||
62 | File | `/index.php` | Medium
|
||||
63 | File | `/index.php?module=help_pages/pages&entities_id=24` | High
|
||||
64 | File | `/jsoa/hntdCustomDesktopActionContent` | High
|
||||
65 | File | `/librarian/bookdetails.php` | High
|
||||
66 | ... | ... | ...
|
||||
48 | File | `/files/list-file` | High
|
||||
49 | File | `/forum/away.php` | High
|
||||
50 | File | `/fos/admin/index.php?page=menu` | High
|
||||
51 | File | `/goform/AddSysLogRule` | High
|
||||
52 | File | `/goform/SafeEmailFilter` | High
|
||||
53 | File | `/goform/SetIpMacBind` | High
|
||||
54 | File | `/goform/setSnmpInfo` | High
|
||||
55 | File | `/goform/setUplinkInfo` | High
|
||||
56 | File | `/goform/SysToolReboot` | High
|
||||
57 | File | `/goform/WifiBasicSet` | High
|
||||
58 | File | `/graphql` | Medium
|
||||
59 | File | `/hrm/employeeview.php` | High
|
||||
60 | File | `/hss/?page=categories` | High
|
||||
61 | File | `/hss/admin/brands/manage_brand.php` | High
|
||||
62 | File | `/index.asp` | Medium
|
||||
63 | File | `/index.php` | Medium
|
||||
64 | File | `/index.php?module=help_pages/pages&entities_id=24` | High
|
||||
65 | File | `/jsoa/hntdCustomDesktopActionContent` | High
|
||||
66 | File | `/librarian/bookdetails.php` | High
|
||||
67 | ... | ... | ...
|
||||
|
||||
There are 578 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 583 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -129,9 +129,10 @@ ID | Type | Indicator | Confidence
|
|||
37 | File | `add_comment.php` | High
|
||||
38 | File | `add_vhost.php` | High
|
||||
39 | File | `admin.php` | Medium
|
||||
40 | ... | ... | ...
|
||||
40 | File | `admin/conf_users_edit.php` | High
|
||||
41 | ... | ... | ...
|
||||
|
||||
There are 348 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 350 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -61,46 +61,46 @@ ID | Type | Indicator | Confidence
|
|||
7 | File | `/admin/posts.php` | High
|
||||
8 | File | `/adms/admin/?page=vehicles/sell_vehicle` | High
|
||||
9 | File | `/ci_ssms/index.php/orders/create` | High
|
||||
10 | File | `/edoc/doctor/patient.php` | High
|
||||
11 | File | `/fw.login.php` | High
|
||||
12 | File | `/home/masterConsole` | High
|
||||
13 | File | `/index.php` | Medium
|
||||
14 | File | `/membres/modif_profil.php` | High
|
||||
15 | File | `/NotrinosERP/sales/customer_delivery.php` | High
|
||||
16 | File | `/ordering/admin/category/index.php?view=edit` | High
|
||||
17 | File | `/pet_shop/admin/orders/update_status.php` | High
|
||||
18 | File | `/pms/index.php` | High
|
||||
19 | File | `/pms/update_user.php?user_id=1` | High
|
||||
20 | File | `/SimpleBusTicket/index.php` | High
|
||||
21 | File | `/transcation.php` | High
|
||||
22 | File | `/uncpath/` | Medium
|
||||
23 | File | `/usr/bin/pkexec` | High
|
||||
24 | File | `/var/run/docker.sock` | High
|
||||
25 | File | `/wp-admin/admin-ajax.php` | High
|
||||
26 | File | `/xpdf/Stream.cc` | High
|
||||
27 | File | `14all.cgi/14all-1.1.cgi/traffic.cgi/mrtg.cgi` | High
|
||||
28 | File | `addpost_newpoll.php` | High
|
||||
29 | File | `adm-index.php` | High
|
||||
30 | File | `Admin.PHP` | Medium
|
||||
31 | File | `admin.php` | Medium
|
||||
32 | File | `admin.php&r=article/AdminContent/edit` | High
|
||||
33 | File | `admin/expense_report.php` | High
|
||||
34 | File | `admin/index.php` | High
|
||||
35 | File | `admin/ops/reports/ops/forum.php` | High
|
||||
36 | File | `admincp/attachment.php` | High
|
||||
37 | File | `adminedit.pl` | Medium
|
||||
38 | File | `ajax/api/hook/getHookList` | High
|
||||
39 | File | `App\Manage\Controller\ArticleController.class.php` | High
|
||||
40 | File | `archive/index.php` | High
|
||||
41 | File | `auth-gss2.c` | Medium
|
||||
42 | File | `backend/groups/index.php` | High
|
||||
43 | File | `bbs/member_confirm.php` | High
|
||||
44 | File | `bottom.php` | Medium
|
||||
45 | File | `breadcrumbs_create.php` | High
|
||||
46 | File | `C:\Program Files\FileZilla FTP Client\uninstall.exe` | High
|
||||
10 | File | `/CPE` | Low
|
||||
11 | File | `/edoc/doctor/patient.php` | High
|
||||
12 | File | `/fw.login.php` | High
|
||||
13 | File | `/home/masterConsole` | High
|
||||
14 | File | `/index.php` | Medium
|
||||
15 | File | `/membres/modif_profil.php` | High
|
||||
16 | File | `/NotrinosERP/sales/customer_delivery.php` | High
|
||||
17 | File | `/ordering/admin/category/index.php?view=edit` | High
|
||||
18 | File | `/pet_shop/admin/orders/update_status.php` | High
|
||||
19 | File | `/pms/index.php` | High
|
||||
20 | File | `/pms/update_user.php?user_id=1` | High
|
||||
21 | File | `/SimpleBusTicket/index.php` | High
|
||||
22 | File | `/transcation.php` | High
|
||||
23 | File | `/uncpath/` | Medium
|
||||
24 | File | `/usr/bin/pkexec` | High
|
||||
25 | File | `/var/run/docker.sock` | High
|
||||
26 | File | `/wp-admin/admin-ajax.php` | High
|
||||
27 | File | `/xpdf/Stream.cc` | High
|
||||
28 | File | `14all.cgi/14all-1.1.cgi/traffic.cgi/mrtg.cgi` | High
|
||||
29 | File | `addpost_newpoll.php` | High
|
||||
30 | File | `adm-index.php` | High
|
||||
31 | File | `Admin.PHP` | Medium
|
||||
32 | File | `admin.php` | Medium
|
||||
33 | File | `admin.php&r=article/AdminContent/edit` | High
|
||||
34 | File | `admin/expense_report.php` | High
|
||||
35 | File | `admin/index.php` | High
|
||||
36 | File | `admin/ops/reports/ops/forum.php` | High
|
||||
37 | File | `admincp/attachment.php` | High
|
||||
38 | File | `adminedit.pl` | Medium
|
||||
39 | File | `ajax/api/hook/getHookList` | High
|
||||
40 | File | `App\Manage\Controller\ArticleController.class.php` | High
|
||||
41 | File | `archive/index.php` | High
|
||||
42 | File | `auth-gss2.c` | Medium
|
||||
43 | File | `backend/groups/index.php` | High
|
||||
44 | File | `bbs/member_confirm.php` | High
|
||||
45 | File | `bottom.php` | Medium
|
||||
46 | File | `breadcrumbs_create.php` | High
|
||||
47 | ... | ... | ...
|
||||
|
||||
There are 404 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 407 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -71,7 +71,7 @@ ID | Type | Indicator | Confidence
|
|||
13 | File | `/var/log/nginx` | High
|
||||
14 | ... | ... | ...
|
||||
|
||||
There are 109 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 111 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -98,7 +98,7 @@ ID | IP address | Hostname | Actor | Confidence
|
|||
61 | [45.147.229.23](https://vuldb.com/?ip.45.147.229.23) | - | [Cobalt Strike](https://vuldb.com/?actor.cobalt_strike) | High
|
||||
62 | ... | ... | ... | ...
|
||||
|
||||
There are 242 more IOC items available. Please use our online service to access the data.
|
||||
There are 243 more IOC items available. Please use our online service to access the data.
|
||||
|
||||
## TTP - Tactics, Techniques, Procedures
|
||||
|
||||
|
@ -106,13 +106,13 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22 | Pathname Traversal | High
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
|
||||
5 | ... | ... | ... | ...
|
||||
|
||||
There are 17 more TTP items available. Please use our online service to access the data.
|
||||
There are 18 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -121,46 +121,50 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/admin` | Low
|
||||
2 | File | `/admin/` | Low
|
||||
3 | File | `/admin/patient.php` | High
|
||||
4 | File | `/APR/login.php` | High
|
||||
5 | File | `/APR/signup.php` | High
|
||||
6 | File | `/cgi-bin/supervisor/PwdGrp.cgi` | High
|
||||
7 | File | `/cgi-bin/wapopen` | High
|
||||
8 | File | `/churchcrm/EventAttendance.php` | High
|
||||
9 | File | `/DXR.axd` | Medium
|
||||
10 | File | `/filemanager/php/connector.php` | High
|
||||
11 | File | `/forum/away.php` | High
|
||||
12 | File | `/HNAP1/SetClientInfo` | High
|
||||
13 | File | `/mhds/clinic/view_details.php` | High
|
||||
14 | File | `/mims/login.php` | High
|
||||
15 | File | `/modules/projects/vw_files.php` | High
|
||||
16 | File | `/php-scrm/login.php` | High
|
||||
17 | File | `/public/launchNewWindow.jsp` | High
|
||||
18 | File | `/rukovoditel/index.php?module=users/login` | High
|
||||
19 | File | `/squashfs-root/www/HNAP1/control/SetMasterWLanSettings.php` | High
|
||||
20 | File | `/static/ueditor/php/controller.php` | High
|
||||
21 | File | `/textpattern/index.php` | High
|
||||
22 | File | `/tmp` | Low
|
||||
23 | File | `/var/WEB-GUI/cgi-bin/telnet.cgi` | High
|
||||
24 | File | `/wp-admin/admin-ajax.php` | High
|
||||
25 | File | `/wp-admin/options.php` | High
|
||||
26 | File | `/wp-content/plugins/woocommerce/templates/emails/plain/` | High
|
||||
27 | File | `account/signup.php` | High
|
||||
28 | File | `Acl.asp` | Low
|
||||
29 | File | `activenews_view.asp` | High
|
||||
30 | File | `adclick.php` | Medium
|
||||
31 | File | `addentry.php` | Medium
|
||||
32 | File | `addressbook/backends/ldap/e-book-backend-ldap.c` | High
|
||||
33 | File | `admin.php` | Medium
|
||||
34 | File | `admin/admin_editor.php` | High
|
||||
35 | File | `admin/TemplateController.java` | High
|
||||
36 | File | `admincp.php` | Medium
|
||||
37 | File | `adminer.php` | Medium
|
||||
38 | File | `affich.php` | Medium
|
||||
39 | ... | ... | ...
|
||||
2 | File | `/admin-ajax.php?action=eps_redirect_save` | High
|
||||
3 | File | `/admin/` | Low
|
||||
4 | File | `/admin/login.php` | High
|
||||
5 | File | `/admin/patient.php` | High
|
||||
6 | File | `/api/gen/clients/{language}` | High
|
||||
7 | File | `/APR/login.php` | High
|
||||
8 | File | `/APR/signup.php` | High
|
||||
9 | File | `/cgi-bin/supervisor/PwdGrp.cgi` | High
|
||||
10 | File | `/cgi-bin/wapopen` | High
|
||||
11 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
12 | File | `/churchcrm/EventAttendance.php` | High
|
||||
13 | File | `/DXR.axd` | Medium
|
||||
14 | File | `/filemanager/php/connector.php` | High
|
||||
15 | File | `/forum/away.php` | High
|
||||
16 | File | `/HNAP1/SetClientInfo` | High
|
||||
17 | File | `/licenses` | Medium
|
||||
18 | File | `/mhds/clinic/view_details.php` | High
|
||||
19 | File | `/mims/login.php` | High
|
||||
20 | File | `/modules/projects/vw_files.php` | High
|
||||
21 | File | `/plain` | Low
|
||||
22 | File | `/public/launchNewWindow.jsp` | High
|
||||
23 | File | `/rukovoditel/index.php?module=users/login` | High
|
||||
24 | File | `/squashfs-root/www/HNAP1/control/SetMasterWLanSettings.php` | High
|
||||
25 | File | `/static/ueditor/php/controller.php` | High
|
||||
26 | File | `/textpattern/index.php` | High
|
||||
27 | File | `/tmp` | Low
|
||||
28 | File | `/var/WEB-GUI/cgi-bin/telnet.cgi` | High
|
||||
29 | File | `/wp-admin/admin-ajax.php` | High
|
||||
30 | File | `/wp-admin/options.php` | High
|
||||
31 | File | `/wp-content/plugins/woocommerce/templates/emails/plain/` | High
|
||||
32 | File | `account/signup.php` | High
|
||||
33 | File | `Acl.asp` | Low
|
||||
34 | File | `activenews_view.asp` | High
|
||||
35 | File | `adclick.php` | Medium
|
||||
36 | File | `addentry.php` | Medium
|
||||
37 | File | `addressbook/backends/ldap/e-book-backend-ldap.c` | High
|
||||
38 | File | `admin-ajax.php` | High
|
||||
39 | File | `admin.php` | Medium
|
||||
40 | File | `admin/admin_editor.php` | High
|
||||
41 | File | `admin/TemplateController.java` | High
|
||||
42 | File | `admincp.php` | Medium
|
||||
43 | ... | ... | ...
|
||||
|
||||
There are 339 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 373 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
@ -257,6 +261,7 @@ The following list contains _external sources_ which discuss the campaign and th
|
|||
* https://www.trendmicro.com/de_de/research/22/e/patch-your-wso2-cve-2022-29464-exploited-to-install-linux-compatible-cobalt-strike-beacons-other-malware.html
|
||||
* https://www.trendmicro.com/de_de/research/22/i/play-ransomware-s-attack-playbook-unmasks-it-as-another-hive-aff.html
|
||||
* https://www.welivesecurity.com/2021/03/10/exchange-servers-under-siege-10-apt-groups/
|
||||
* https://www.zscaler.com/blogs/security-research/warhawk-new-backdoor-arsenal-sidewinder-apt-group-0
|
||||
|
||||
## Literature
|
||||
|
||||
|
|
|
@ -118,42 +118,42 @@ ID | Type | Indicator | Confidence
|
|||
55 | File | `admin/manage-news.php` | High
|
||||
56 | File | `admin/plugin-settings.php` | High
|
||||
57 | File | `admin:de` | Medium
|
||||
58 | File | `admincp/auth/secure.php` | High
|
||||
59 | File | `administrator/components/com_media/helpers/media.php` | High
|
||||
60 | File | `administrator/index.php` | High
|
||||
61 | File | `admin_login.asp` | High
|
||||
62 | File | `ajax_url.php` | Medium
|
||||
63 | File | `album_portal.php` | High
|
||||
64 | File | `al_initialize.php` | High
|
||||
65 | File | `anjel.index.php` | High
|
||||
66 | File | `annonces-p-f.php` | High
|
||||
67 | File | `announce.php` | Medium
|
||||
68 | File | `announcement.php` | High
|
||||
69 | File | `announcements.php` | High
|
||||
70 | File | `app/admin/routing/edit-bgp-mapping-search.php` | High
|
||||
71 | File | `app/models/user.rb` | High
|
||||
72 | File | `application/config/config.php` | High
|
||||
73 | File | `application/controllers/basedata/inventory.php` | High
|
||||
74 | File | `apply.cgi` | Medium
|
||||
75 | File | `apps/app_article/controller/rating.php` | High
|
||||
76 | File | `article.php` | Medium
|
||||
77 | File | `articles.php` | Medium
|
||||
78 | File | `artikel_anzeige.php` | High
|
||||
79 | File | `AudioFlinger.cpp` | High
|
||||
80 | File | `auktion.cgi` | Medium
|
||||
81 | File | `auth.php` | Medium
|
||||
82 | File | `authfiles/login.asp` | High
|
||||
83 | File | `avahi-core/socket.c` | High
|
||||
84 | File | `basket.php` | Medium
|
||||
85 | File | `books.php` | Medium
|
||||
86 | File | `browse.php` | Medium
|
||||
87 | File | `browse_videos.php` | High
|
||||
88 | File | `BrudaNews/BrudaGB` | High
|
||||
89 | File | `bwlist_inc.html` | High
|
||||
90 | File | `calendar.php` | Medium
|
||||
58 | File | `administrator/components/com_media/helpers/media.php` | High
|
||||
59 | File | `administrator/index.php` | High
|
||||
60 | File | `admin_login.asp` | High
|
||||
61 | File | `ajax_url.php` | Medium
|
||||
62 | File | `album_portal.php` | High
|
||||
63 | File | `al_initialize.php` | High
|
||||
64 | File | `anjel.index.php` | High
|
||||
65 | File | `annonces-p-f.php` | High
|
||||
66 | File | `announce.php` | Medium
|
||||
67 | File | `announcement.php` | High
|
||||
68 | File | `announcements.php` | High
|
||||
69 | File | `app/admin/routing/edit-bgp-mapping-search.php` | High
|
||||
70 | File | `app/models/user.rb` | High
|
||||
71 | File | `application/config/config.php` | High
|
||||
72 | File | `application/controllers/basedata/inventory.php` | High
|
||||
73 | File | `apply.cgi` | Medium
|
||||
74 | File | `apps/app_article/controller/rating.php` | High
|
||||
75 | File | `article.php` | Medium
|
||||
76 | File | `articles.php` | Medium
|
||||
77 | File | `artikel_anzeige.php` | High
|
||||
78 | File | `AudioFlinger.cpp` | High
|
||||
79 | File | `auktion.cgi` | Medium
|
||||
80 | File | `auth.php` | Medium
|
||||
81 | File | `authfiles/login.asp` | High
|
||||
82 | File | `avahi-core/socket.c` | High
|
||||
83 | File | `basket.php` | Medium
|
||||
84 | File | `books.php` | Medium
|
||||
85 | File | `browse.php` | Medium
|
||||
86 | File | `browse_videos.php` | High
|
||||
87 | File | `BrudaNews/BrudaGB` | High
|
||||
88 | File | `bwlist_inc.html` | High
|
||||
89 | File | `calendar.php` | Medium
|
||||
90 | File | `calenderServer.cpp` | High
|
||||
91 | ... | ... | ...
|
||||
|
||||
There are 801 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 799 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -47,7 +47,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
3 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 6 more TTP items available. Please use our online service to access the data.
|
||||
There are 8 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -55,12 +55,12 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/tmp/csman/0` | Medium
|
||||
2 | File | `/WebMstr7/servlet/mstrWeb` | High
|
||||
3 | File | `inc/config.php` | High
|
||||
1 | File | `/fax/fax_send.php` | High
|
||||
2 | File | `/tmp/csman/0` | Medium
|
||||
3 | File | `/WebMstr7/servlet/mstrWeb` | High
|
||||
4 | ... | ... | ...
|
||||
|
||||
There are 10 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 13 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -61,18 +61,18 @@ ID | Type | Indicator | Confidence
|
|||
-- | ---- | --------- | ----------
|
||||
1 | File | `.htaccess` | Medium
|
||||
2 | File | `.kdbgrc` | Low
|
||||
3 | File | `/admin/index.php` | High
|
||||
4 | File | `/api /v3/auth` | High
|
||||
5 | File | `/app/Http/Controllers/Admin/NEditorController.php` | High
|
||||
6 | File | `/auth` | Low
|
||||
7 | File | `/balance/service/list` | High
|
||||
8 | File | `/config/getuser` | High
|
||||
9 | File | `/secure/admin/InsightDefaultCustomFieldConfig.jspa` | High
|
||||
10 | File | `/SiteServer/Ajax/ajaxOtherService.aspx` | High
|
||||
11 | File | `/uncpath/` | Medium
|
||||
3 | File | `/admin/assign/assign.php` | High
|
||||
4 | File | `/admin/index.php` | High
|
||||
5 | File | `/api /v3/auth` | High
|
||||
6 | File | `/app/Http/Controllers/Admin/NEditorController.php` | High
|
||||
7 | File | `/auth` | Low
|
||||
8 | File | `/balance/service/list` | High
|
||||
9 | File | `/config/getuser` | High
|
||||
10 | File | `/secure/admin/InsightDefaultCustomFieldConfig.jspa` | High
|
||||
11 | File | `/SiteServer/Ajax/ajaxOtherService.aspx` | High
|
||||
12 | ... | ... | ...
|
||||
|
||||
There are 95 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 97 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -47,7 +47,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
3 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 11 more TTP items available. Please use our online service to access the data.
|
||||
There are 12 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -65,7 +65,7 @@ ID | Type | Indicator | Confidence
|
|||
8 | File | `/uncpath/` | Medium
|
||||
9 | ... | ... | ...
|
||||
|
||||
There are 63 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 64 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -100,7 +100,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
2 | T1040 | CWE-294, CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | T1068 | CWE-264, CWE-269, CWE-284 | Execution with Unnecessary Privileges | High
|
||||
7 | ... | ... | ... | ...
|
||||
|
||||
|
@ -114,41 +114,42 @@ ID | Type | Indicator | Confidence
|
|||
-- | ---- | --------- | ----------
|
||||
1 | File | `/admin/ajax.php?action=delete_uploads` | High
|
||||
2 | File | `/admin/ajax.php?action=delete_user` | High
|
||||
3 | File | `/app/dao/CustomerDAO.php` | High
|
||||
4 | File | `/apply.cgi` | Medium
|
||||
5 | File | `/cgi-bin/mainfunction.cgi` | High
|
||||
6 | File | `/config/api/v1/reboot` | High
|
||||
7 | File | `/etc/shadow` | Medium
|
||||
8 | File | `/food` | Low
|
||||
9 | File | `/forum/away.php` | High
|
||||
10 | File | `/forum/PostPrivateMessage` | High
|
||||
11 | File | `/forums.php?action=post` | High
|
||||
12 | File | `/fos/admin/ajax.php?action=login` | High
|
||||
13 | File | `/fos/admin/index.php?page=menu` | High
|
||||
14 | File | `/hss/admin/?page=client/manage_client` | High
|
||||
15 | File | `/hss/classes/Users.php?f=delete` | High
|
||||
16 | File | `/index/user/user_edit.html` | High
|
||||
17 | File | `/login/index.php` | High
|
||||
18 | File | `/opt/Citrix/ICAClient/util/ctxwebhelper` | High
|
||||
19 | File | `/param.file.tgz` | High
|
||||
20 | File | `/rest/api/2/user/picker` | High
|
||||
21 | File | `/royal_event/userregister.php` | High
|
||||
22 | File | `/rrdp` | Low
|
||||
23 | File | `/Session` | Medium
|
||||
24 | File | `/setNTP.cgi` | Medium
|
||||
25 | File | `/tpts/manage_user.php` | High
|
||||
26 | File | `/u/username.json` | High
|
||||
27 | File | `/user/s.php` | Medium
|
||||
28 | File | `/user/updatePwd` | High
|
||||
29 | File | `/usr/etc/restore0.9` | High
|
||||
30 | File | `/VerAyari` | Medium
|
||||
31 | File | `/wireless/guestnetwork.asp` | High
|
||||
32 | File | `01article.php` | High
|
||||
33 | File | `acl.c` | Low
|
||||
34 | File | `acloudCosAction.php.SQL` | High
|
||||
35 | ... | ... | ...
|
||||
3 | File | `/api/baskets/{name}` | High
|
||||
4 | File | `/app/dao/CustomerDAO.php` | High
|
||||
5 | File | `/apply.cgi` | Medium
|
||||
6 | File | `/cgi-bin/mainfunction.cgi` | High
|
||||
7 | File | `/config/api/v1/reboot` | High
|
||||
8 | File | `/etc/shadow` | Medium
|
||||
9 | File | `/food` | Low
|
||||
10 | File | `/forum/away.php` | High
|
||||
11 | File | `/forum/PostPrivateMessage` | High
|
||||
12 | File | `/forums.php?action=post` | High
|
||||
13 | File | `/fos/admin/ajax.php?action=login` | High
|
||||
14 | File | `/fos/admin/index.php?page=menu` | High
|
||||
15 | File | `/hss/admin/?page=client/manage_client` | High
|
||||
16 | File | `/hss/classes/Users.php?f=delete` | High
|
||||
17 | File | `/index/user/user_edit.html` | High
|
||||
18 | File | `/login/index.php` | High
|
||||
19 | File | `/opt/Citrix/ICAClient/util/ctxwebhelper` | High
|
||||
20 | File | `/owa/auth/logon.aspx` | High
|
||||
21 | File | `/param.file.tgz` | High
|
||||
22 | File | `/rest/api/2/user/picker` | High
|
||||
23 | File | `/royal_event/userregister.php` | High
|
||||
24 | File | `/rrdp` | Low
|
||||
25 | File | `/Session` | Medium
|
||||
26 | File | `/setNTP.cgi` | Medium
|
||||
27 | File | `/tpts/manage_user.php` | High
|
||||
28 | File | `/u/username.json` | High
|
||||
29 | File | `/user/s.php` | Medium
|
||||
30 | File | `/user/updatePwd` | High
|
||||
31 | File | `/usr/etc/restore0.9` | High
|
||||
32 | File | `/VerAyari` | Medium
|
||||
33 | File | `/wireless/guestnetwork.asp` | High
|
||||
34 | File | `/zm/index.php` | High
|
||||
35 | File | `01article.php` | High
|
||||
36 | ... | ... | ...
|
||||
|
||||
There are 299 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 306 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -9,8 +9,8 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
|
|||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with MAZE:
|
||||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [PL](https://vuldb.com/?country.pl)
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
* [PL](https://vuldb.com/?country.pl)
|
||||
* ...
|
||||
|
||||
There are 8 more country items available. Please use our online service to access the data.
|
||||
|
|
|
@ -8,12 +8,12 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
|
|||
|
||||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Middle East:
|
||||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [VN](https://vuldb.com/?country.vn)
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
* ...
|
||||
|
||||
There are 7 more country items available. Please use our online service to access the data.
|
||||
There are 8 more country items available. Please use our online service to access the data.
|
||||
|
||||
## Actors
|
||||
|
||||
|
@ -95,38 +95,39 @@ ID | Type | Indicator | Confidence
|
|||
12 | File | `/debug/pprof` | Medium
|
||||
13 | File | `/ecshop/admin/template.php` | High
|
||||
14 | File | `/example/editor` | High
|
||||
15 | File | `/forum/away.php` | High
|
||||
16 | File | `/forum/PostPrivateMessage` | High
|
||||
17 | File | `/HNAP1` | Low
|
||||
18 | File | `/home/www/cgi-bin/login.cgi` | High
|
||||
19 | File | `/index` | Low
|
||||
20 | File | `/iu-application/controllers/administration/auth.php` | High
|
||||
21 | File | `/Kofax/KFS/ThinClient/document/upload/` | High
|
||||
22 | File | `/leave_system/classes/Master.php?f=delete_department` | High
|
||||
23 | File | `/module/module_frame/index.php` | High
|
||||
24 | File | `/net-banking/customer_transactions.php` | High
|
||||
25 | File | `/obs/book.php` | High
|
||||
26 | File | `/ossn/administrator/com_installer` | High
|
||||
27 | File | `/pms/update_user.php?user_id=1` | High
|
||||
28 | File | `/sre/params.php` | High
|
||||
29 | File | `/tensorflow/core/grappler/optimizers/arithmetic_optimizer.cc` | High
|
||||
30 | File | `/tmp` | Low
|
||||
31 | File | `/tmp/xbindkeysrc-tmp` | High
|
||||
32 | File | `/user/upload/upload` | High
|
||||
33 | File | `/Users` | Low
|
||||
34 | File | `/var/spool/hylafax` | High
|
||||
35 | File | `/vendor` | Low
|
||||
36 | File | `/whbs/?page=my_bookings` | High
|
||||
37 | File | `access_rules/rules_form` | High
|
||||
38 | File | `accountrecoveryendpoint/recoverpassword.do` | High
|
||||
39 | File | `action/addproject.php` | High
|
||||
40 | File | `adclick.php` | Medium
|
||||
41 | File | `add_contestant.php` | High
|
||||
42 | File | `admin.php` | Medium
|
||||
43 | File | `admin/ajax.attachment.php` | High
|
||||
44 | ... | ... | ...
|
||||
15 | File | `/file/upload/1` | High
|
||||
16 | File | `/forum/away.php` | High
|
||||
17 | File | `/forum/PostPrivateMessage` | High
|
||||
18 | File | `/HNAP1` | Low
|
||||
19 | File | `/home/www/cgi-bin/login.cgi` | High
|
||||
20 | File | `/index` | Low
|
||||
21 | File | `/iu-application/controllers/administration/auth.php` | High
|
||||
22 | File | `/Kofax/KFS/ThinClient/document/upload/` | High
|
||||
23 | File | `/leave_system/classes/Master.php?f=delete_department` | High
|
||||
24 | File | `/module/module_frame/index.php` | High
|
||||
25 | File | `/multi-vendor-shopping-script/product-list.php` | High
|
||||
26 | File | `/net-banking/customer_transactions.php` | High
|
||||
27 | File | `/obs/book.php` | High
|
||||
28 | File | `/ossn/administrator/com_installer` | High
|
||||
29 | File | `/pms/update_user.php?user_id=1` | High
|
||||
30 | File | `/requests.php` | High
|
||||
31 | File | `/spip.php` | Medium
|
||||
32 | File | `/sre/params.php` | High
|
||||
33 | File | `/tensorflow/core/grappler/optimizers/arithmetic_optimizer.cc` | High
|
||||
34 | File | `/tmp` | Low
|
||||
35 | File | `/tmp/xbindkeysrc-tmp` | High
|
||||
36 | File | `/user/upload/upload` | High
|
||||
37 | File | `/Users` | Low
|
||||
38 | File | `/var/spool/hylafax` | High
|
||||
39 | File | `/vendor` | Low
|
||||
40 | File | `/whbs/?page=my_bookings` | High
|
||||
41 | File | `access_rules/rules_form` | High
|
||||
42 | File | `accountrecoveryendpoint/recoverpassword.do` | High
|
||||
43 | File | `action/addproject.php` | High
|
||||
44 | File | `adclick.php` | Medium
|
||||
45 | ... | ... | ...
|
||||
|
||||
There are 378 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 390 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [RU](https://vuldb.com/?country.ru)
|
||||
* ...
|
||||
|
||||
There are 19 more country items available. Please use our online service to access the data.
|
||||
There are 20 more country items available. Please use our online service to access the data.
|
||||
|
||||
## Actors
|
||||
|
||||
|
@ -83,40 +83,41 @@ ID | Type | Indicator | Confidence
|
|||
16 | File | `/admin/submit-articles` | High
|
||||
17 | File | `/ad_js.php` | Medium
|
||||
18 | File | `/alphaware/summary.php` | High
|
||||
19 | File | `/api/RecordingList/DownloadRecord?file=` | High
|
||||
20 | File | `/apply.cgi` | Medium
|
||||
21 | File | `/artist-display.php` | High
|
||||
22 | File | `/attachments` | Medium
|
||||
23 | File | `/boat/login.php` | High
|
||||
24 | File | `/bsms_ci/index.php` | High
|
||||
25 | File | `/bsms_ci/index.php/book` | High
|
||||
26 | File | `/cgi-bin/luci/api/wireless` | High
|
||||
27 | File | `/cgi-bin/nightled.cgi` | High
|
||||
28 | File | `/common/info.cgi` | High
|
||||
29 | File | `/context/%2e/WEB-INF/web.xml` | High
|
||||
30 | File | `/dashboard/reports/logs/view` | High
|
||||
31 | File | `/debian/patches/load_ppp_generic_if_needed` | High
|
||||
32 | File | `/debug/pprof` | Medium
|
||||
33 | File | `/etc/hosts` | Medium
|
||||
34 | File | `/foms/place-order.php` | High
|
||||
35 | File | `/forum/away.php` | High
|
||||
36 | File | `/goform/setmac` | High
|
||||
37 | File | `/goform/wizard_end` | High
|
||||
38 | File | `/index.php` | Medium
|
||||
39 | File | `/jsoa/hntdCustomDesktopActionContent` | High
|
||||
40 | File | `/manage-apartment.php` | High
|
||||
41 | File | `/management/api/rcx_management/global_config_query` | High
|
||||
42 | File | `/mcategory.php` | High
|
||||
43 | File | `/medicines/profile.php` | High
|
||||
44 | File | `/modules/caddyhttp/rewrite/rewrite.go` | High
|
||||
45 | File | `/multi-vendor-shopping-script/product-list.php` | High
|
||||
46 | File | `/pages/apply_vacancy.php` | High
|
||||
47 | File | `/php-sms/admin/` | High
|
||||
48 | File | `/proc/<PID>/mem` | High
|
||||
49 | File | `/product/savenewproduct.php?flag=1` | High
|
||||
50 | ... | ... | ...
|
||||
19 | File | `/api/` | Low
|
||||
20 | File | `/api/admin/store/product/list` | High
|
||||
21 | File | `/api/RecordingList/DownloadRecord?file=` | High
|
||||
22 | File | `/apply.cgi` | Medium
|
||||
23 | File | `/artist-display.php` | High
|
||||
24 | File | `/attachments` | Medium
|
||||
25 | File | `/boat/login.php` | High
|
||||
26 | File | `/bsms_ci/index.php` | High
|
||||
27 | File | `/bsms_ci/index.php/book` | High
|
||||
28 | File | `/cgi-bin/luci/api/wireless` | High
|
||||
29 | File | `/cgi-bin/nightled.cgi` | High
|
||||
30 | File | `/common/info.cgi` | High
|
||||
31 | File | `/context/%2e/WEB-INF/web.xml` | High
|
||||
32 | File | `/dashboard/reports/logs/view` | High
|
||||
33 | File | `/debian/patches/load_ppp_generic_if_needed` | High
|
||||
34 | File | `/debug/pprof` | Medium
|
||||
35 | File | `/etc/hosts` | Medium
|
||||
36 | File | `/foms/place-order.php` | High
|
||||
37 | File | `/forum/away.php` | High
|
||||
38 | File | `/goform/setmac` | High
|
||||
39 | File | `/goform/wizard_end` | High
|
||||
40 | File | `/index.php` | Medium
|
||||
41 | File | `/jsoa/hntdCustomDesktopActionContent` | High
|
||||
42 | File | `/manage-apartment.php` | High
|
||||
43 | File | `/management/api/rcx_management/global_config_query` | High
|
||||
44 | File | `/mcategory.php` | High
|
||||
45 | File | `/medicines/profile.php` | High
|
||||
46 | File | `/modules/caddyhttp/rewrite/rewrite.go` | High
|
||||
47 | File | `/multi-vendor-shopping-script/product-list.php` | High
|
||||
48 | File | `/pages/apply_vacancy.php` | High
|
||||
49 | File | `/php-sms/admin/` | High
|
||||
50 | File | `/proc/<PID>/mem` | High
|
||||
51 | ... | ... | ...
|
||||
|
||||
There are 433 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 440 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [GB](https://vuldb.com/?country.gb)
|
||||
* ...
|
||||
|
||||
There are 25 more country items available. Please use our online service to access the data.
|
||||
There are 24 more country items available. Please use our online service to access the data.
|
||||
|
||||
## Actors
|
||||
|
||||
|
@ -127,42 +127,43 @@ ID | Type | Indicator | Confidence
|
|||
16 | File | `/boat/login.php` | High
|
||||
17 | File | `/bsms_ci/index.php/book` | High
|
||||
18 | File | `/cgi-bin/wapopen` | High
|
||||
19 | File | `/context/%2e/WEB-INF/web.xml` | High
|
||||
20 | File | `/debug/pprof` | Medium
|
||||
21 | File | `/dev/block/mmcblk0rpmb` | High
|
||||
22 | File | `/DocSystem/Repos/getReposAllUsers.do` | High
|
||||
23 | File | `/etc/hosts` | Medium
|
||||
24 | File | `/face-recognition-php/facepay-master/camera.php` | High
|
||||
25 | File | `/forum/away.php` | High
|
||||
26 | File | `/fos/admin/ajax.php?action=login` | High
|
||||
27 | File | `/fos/admin/index.php?page=menu` | High
|
||||
28 | File | `/home/masterConsole` | High
|
||||
29 | File | `/home/sendBroadcast` | High
|
||||
30 | File | `/hrm/employeeadd.php` | High
|
||||
31 | File | `/hrm/employeeview.php` | High
|
||||
32 | File | `/jsoa/hntdCustomDesktopActionContent` | High
|
||||
33 | File | `/lookin/info` | Medium
|
||||
34 | File | `/medicines/profile.php` | High
|
||||
35 | File | `/modules/caddyhttp/rewrite/rewrite.go` | High
|
||||
36 | File | `/mygym/admin/index.php?view_exercises` | High
|
||||
37 | File | `/out.php` | Medium
|
||||
38 | File | `/php-opos/index.php` | High
|
||||
39 | File | `/proxy` | Low
|
||||
40 | File | `/public/launchNewWindow.jsp` | High
|
||||
41 | File | `/Redcock-Farm/farm/category.php` | High
|
||||
42 | File | `/reports/rwservlet` | High
|
||||
43 | File | `/reservation/add_message.php` | High
|
||||
44 | File | `/spip.php` | Medium
|
||||
45 | File | `/tmp` | Low
|
||||
46 | File | `/uncpath/` | Medium
|
||||
47 | File | `/vendor/htmlawed/htmlawed/htmLawedTest.php` | High
|
||||
48 | File | `/video-sharing-script/watch-video.php` | High
|
||||
49 | File | `/wireless/security.asp` | High
|
||||
50 | File | `/wp-admin/admin-ajax.php` | High
|
||||
51 | File | `01article.php` | High
|
||||
52 | ... | ... | ...
|
||||
19 | File | `/debug/pprof` | Medium
|
||||
20 | File | `/dev/block/mmcblk0rpmb` | High
|
||||
21 | File | `/DocSystem/Repos/getReposAllUsers.do` | High
|
||||
22 | File | `/etc/hosts` | Medium
|
||||
23 | File | `/face-recognition-php/facepay-master/camera.php` | High
|
||||
24 | File | `/forum/away.php` | High
|
||||
25 | File | `/fos/admin/ajax.php?action=login` | High
|
||||
26 | File | `/fos/admin/index.php?page=menu` | High
|
||||
27 | File | `/home/masterConsole` | High
|
||||
28 | File | `/home/sendBroadcast` | High
|
||||
29 | File | `/hrm/employeeadd.php` | High
|
||||
30 | File | `/hrm/employeeview.php` | High
|
||||
31 | File | `/jsoa/hntdCustomDesktopActionContent` | High
|
||||
32 | File | `/lookin/info` | Medium
|
||||
33 | File | `/medicines/profile.php` | High
|
||||
34 | File | `/modules/caddyhttp/rewrite/rewrite.go` | High
|
||||
35 | File | `/mygym/admin/index.php?view_exercises` | High
|
||||
36 | File | `/out.php` | Medium
|
||||
37 | File | `/php-opos/index.php` | High
|
||||
38 | File | `/proxy` | Low
|
||||
39 | File | `/public/launchNewWindow.jsp` | High
|
||||
40 | File | `/Redcock-Farm/farm/category.php` | High
|
||||
41 | File | `/reports/rwservlet` | High
|
||||
42 | File | `/reservation/add_message.php` | High
|
||||
43 | File | `/spip.php` | Medium
|
||||
44 | File | `/tmp` | Low
|
||||
45 | File | `/uncpath/` | Medium
|
||||
46 | File | `/vendor/htmlawed/htmlawed/htmLawedTest.php` | High
|
||||
47 | File | `/video-sharing-script/watch-video.php` | High
|
||||
48 | File | `/wireless/security.asp` | High
|
||||
49 | File | `/wp-admin/admin-ajax.php` | High
|
||||
50 | File | `01article.php` | High
|
||||
51 | File | `AbstractScheduleJob.java` | High
|
||||
52 | File | `AcquisiAction.class.php` | High
|
||||
53 | ... | ... | ...
|
||||
|
||||
There are 457 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 461 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -61,7 +61,7 @@ ID | Type | Indicator | Confidence
|
|||
3 | File | `data/gbconfiguration.dat` | High
|
||||
4 | ... | ... | ...
|
||||
|
||||
There are 6 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 7 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -84,7 +84,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-37 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
|
@ -114,22 +114,22 @@ ID | Type | Indicator | Confidence
|
|||
16 | File | `/php-opos/index.php` | High
|
||||
17 | File | `/rest/api/latest/projectvalidate/key` | High
|
||||
18 | File | `/reviewer_0/admins/assessments/pretest/questions-view.php` | High
|
||||
19 | File | `/search.php` | Medium
|
||||
20 | File | `/ServletAPI/accounts/login` | High
|
||||
21 | File | `/tourism/rate_review.php` | High
|
||||
22 | File | `/uncpath/` | Medium
|
||||
23 | File | `/user/login/oauth` | High
|
||||
24 | File | `/usr/bin/pkexec` | High
|
||||
25 | File | `/usr/www/ja/mnt_cmd.cgi` | High
|
||||
26 | File | `/var/log/messages` | High
|
||||
27 | File | `/vendor/htmlawed/htmlawed/htmLawedTest.php` | High
|
||||
28 | File | `/websocket/exec` | High
|
||||
29 | File | `/wp-admin/admin-ajax.php` | High
|
||||
30 | File | `/x_program_center/jaxrs/invoke` | High
|
||||
31 | File | `/zm/index.php` | High
|
||||
19 | File | `/ServletAPI/accounts/login` | High
|
||||
20 | File | `/tourism/rate_review.php` | High
|
||||
21 | File | `/uncpath/` | Medium
|
||||
22 | File | `/usr/www/ja/mnt_cmd.cgi` | High
|
||||
23 | File | `/var/log/messages` | High
|
||||
24 | File | `/vendor/htmlawed/htmlawed/htmLawedTest.php` | High
|
||||
25 | File | `/websocket/exec` | High
|
||||
26 | File | `/wp-admin/admin-ajax.php` | High
|
||||
27 | File | `/x_program_center/jaxrs/invoke` | High
|
||||
28 | File | `14all.cgi/14all-1.1.cgi/traffic.cgi/mrtg.cgi` | High
|
||||
29 | File | `action-visitor.php` | High
|
||||
30 | File | `action.php` | Medium
|
||||
31 | File | `adclick.php` | Medium
|
||||
32 | ... | ... | ...
|
||||
|
||||
There are 268 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 272 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -101,7 +101,7 @@ ID | Type | Indicator | Confidence
|
|||
27 | File | `/services/prefs.php` | High
|
||||
28 | ... | ... | ...
|
||||
|
||||
There are 239 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 241 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -74,32 +74,32 @@ ID | Type | Indicator | Confidence
|
|||
1 | File | `.htaccess` | Medium
|
||||
2 | File | `.pref.xml` | Medium
|
||||
3 | File | `/admin/admin_login.php` | High
|
||||
4 | File | `/admin/profile/save_profile` | High
|
||||
5 | File | `/aux` | Low
|
||||
6 | File | `/bin/appmgr` | Medium
|
||||
7 | File | `/cgi-bin/koha/acqui/supplier.pl?op=enter` | High
|
||||
8 | File | `/cgi-bin/luci` | High
|
||||
9 | File | `/ClickAndBanexDemo/admin/admin.asp` | High
|
||||
10 | File | `/config.cgi?webmin` | High
|
||||
11 | File | `/config/getuser` | High
|
||||
12 | File | `/debug/pprof` | Medium
|
||||
13 | File | `/etc/config/rpcd` | High
|
||||
14 | File | `/etc/gsissh/sshd_config` | High
|
||||
15 | File | `/etc/passwd` | Medium
|
||||
16 | File | `/gateway/services/EdgeServiceImpl` | High
|
||||
17 | File | `/getcfg.php` | Medium
|
||||
18 | File | `/goform/dir_setWanWifi` | High
|
||||
19 | File | `/goform/telnet` | High
|
||||
20 | File | `/goform/WanParameterSetting` | High
|
||||
21 | File | `/HNAP1` | Low
|
||||
22 | File | `/include/makecvs.php` | High
|
||||
23 | File | `/includes/common.inc.php` | High
|
||||
24 | File | `/js/app.js` | Medium
|
||||
25 | File | `/knomi/analyze` | High
|
||||
26 | File | `/mgmt/tm/util/bash` | High
|
||||
27 | File | `/monitoring` | Medium
|
||||
28 | File | `/opt/pia/ruby/64/ruby` | High
|
||||
29 | File | `/out.php` | Medium
|
||||
4 | File | `/admin/edit-doc.php` | High
|
||||
5 | File | `/admin/profile/save_profile` | High
|
||||
6 | File | `/aux` | Low
|
||||
7 | File | `/bin/appmgr` | Medium
|
||||
8 | File | `/cgi-bin/koha/acqui/supplier.pl?op=enter` | High
|
||||
9 | File | `/cgi-bin/luci` | High
|
||||
10 | File | `/ClickAndBanexDemo/admin/admin.asp` | High
|
||||
11 | File | `/config.cgi?webmin` | High
|
||||
12 | File | `/config/getuser` | High
|
||||
13 | File | `/debug/pprof` | Medium
|
||||
14 | File | `/etc/config/rpcd` | High
|
||||
15 | File | `/etc/gsissh/sshd_config` | High
|
||||
16 | File | `/etc/passwd` | Medium
|
||||
17 | File | `/gateway/services/EdgeServiceImpl` | High
|
||||
18 | File | `/getcfg.php` | Medium
|
||||
19 | File | `/goform/dir_setWanWifi` | High
|
||||
20 | File | `/goform/telnet` | High
|
||||
21 | File | `/goform/WanParameterSetting` | High
|
||||
22 | File | `/HNAP1` | Low
|
||||
23 | File | `/include/makecvs.php` | High
|
||||
24 | File | `/includes/common.inc.php` | High
|
||||
25 | File | `/js/app.js` | Medium
|
||||
26 | File | `/knomi/analyze` | High
|
||||
27 | File | `/mgmt/tm/util/bash` | High
|
||||
28 | File | `/monitoring` | Medium
|
||||
29 | File | `/opt/pia/ruby/64/ruby` | High
|
||||
30 | File | `/Pwrchute` | Medium
|
||||
31 | File | `/reports/rwservlet` | High
|
||||
32 | File | `/scripts/iisadmin/bdir.htr` | High
|
||||
|
|
|
@ -60,12 +60,12 @@ ID | Type | Indicator | Confidence
|
|||
3 | File | `/config/getuser` | High
|
||||
4 | File | `/lan.asp` | Medium
|
||||
5 | File | `/opt/zimbra/jetty/webapps/zimbra/public` | High
|
||||
6 | File | `/rapi/read_url` | High
|
||||
7 | File | `/SysInfo.htm` | Medium
|
||||
8 | File | `admin.php` | Medium
|
||||
6 | File | `/public/launchNewWindow.jsp` | High
|
||||
7 | File | `/rapi/read_url` | High
|
||||
8 | File | `/SysInfo.htm` | Medium
|
||||
9 | ... | ... | ...
|
||||
|
||||
There are 67 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 68 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -58,48 +58,48 @@ ID | Type | Indicator | Confidence
|
|||
-- | ---- | --------- | ----------
|
||||
1 | File | `.htaccess` | Medium
|
||||
2 | File | `.pref.xml` | Medium
|
||||
3 | File | `/bin/appmgr` | Medium
|
||||
4 | File | `/cgi-bin/editBookmark` | High
|
||||
5 | File | `/cgi-bin/koha/acqui/supplier.pl?op=enter` | High
|
||||
6 | File | `/cgi-bin/luci` | High
|
||||
7 | File | `/cgi-bin/pass` | High
|
||||
8 | File | `/cgi/ansi` | Medium
|
||||
9 | File | `/ClickAndBanexDemo/admin/admin.asp` | High
|
||||
10 | File | `/config/getuser` | High
|
||||
11 | File | `/debug/pprof` | Medium
|
||||
12 | File | `/etc/gsissh/sshd_config` | High
|
||||
13 | File | `/etc/passwd` | Medium
|
||||
14 | File | `/etc/sudoers` | Medium
|
||||
15 | File | `/getcfg.php` | Medium
|
||||
16 | File | `/goform/GetNewDir` | High
|
||||
17 | File | `/goform/telnet` | High
|
||||
18 | File | `/goform/WanParameterSetting` | High
|
||||
19 | File | `/hnap.cgi` | Medium
|
||||
20 | File | `/HNAP1` | Low
|
||||
21 | File | `/include/makecvs.php` | High
|
||||
22 | File | `/includes/common.inc.php` | High
|
||||
23 | File | `/js/app.js` | Medium
|
||||
24 | File | `/knomi/analyze` | High
|
||||
25 | File | `/mgmt/tm/util/bash` | High
|
||||
26 | File | `/monitoring` | Medium
|
||||
27 | File | `/out.php` | Medium
|
||||
28 | File | `/outgoing.php` | High
|
||||
29 | File | `/scripts/iisadmin/bdir.htr` | High
|
||||
30 | File | `/tmp` | Low
|
||||
31 | File | `/tmp/csman/0` | Medium
|
||||
32 | File | `/ui/cbpc/login` | High
|
||||
33 | File | `/var/avamar/f_cache.dat` | High
|
||||
34 | File | `/var/hnap/timestamp` | High
|
||||
35 | File | `/var/run/storage_account_root` | High
|
||||
36 | File | `/webmail/` | Medium
|
||||
37 | File | `/wp-content/plugins/forum-server/feed.php` | High
|
||||
38 | File | `/{ADMIN-FILE}/` | High
|
||||
39 | File | `a2billing/customer/iridium_threed.php` | High
|
||||
40 | File | `address.html` | Medium
|
||||
41 | File | `adm/systools.asp` | High
|
||||
3 | File | `/admin/edit-doc.php` | High
|
||||
4 | File | `/bin/appmgr` | Medium
|
||||
5 | File | `/cgi-bin/editBookmark` | High
|
||||
6 | File | `/cgi-bin/koha/acqui/supplier.pl?op=enter` | High
|
||||
7 | File | `/cgi-bin/luci` | High
|
||||
8 | File | `/cgi-bin/pass` | High
|
||||
9 | File | `/cgi/ansi` | Medium
|
||||
10 | File | `/ClickAndBanexDemo/admin/admin.asp` | High
|
||||
11 | File | `/config/getuser` | High
|
||||
12 | File | `/debug/pprof` | Medium
|
||||
13 | File | `/etc/gsissh/sshd_config` | High
|
||||
14 | File | `/etc/passwd` | Medium
|
||||
15 | File | `/etc/sudoers` | Medium
|
||||
16 | File | `/getcfg.php` | Medium
|
||||
17 | File | `/goform/GetNewDir` | High
|
||||
18 | File | `/goform/telnet` | High
|
||||
19 | File | `/goform/WanParameterSetting` | High
|
||||
20 | File | `/hnap.cgi` | Medium
|
||||
21 | File | `/HNAP1` | Low
|
||||
22 | File | `/include/makecvs.php` | High
|
||||
23 | File | `/includes/common.inc.php` | High
|
||||
24 | File | `/js/app.js` | Medium
|
||||
25 | File | `/knomi/analyze` | High
|
||||
26 | File | `/mgmt/tm/util/bash` | High
|
||||
27 | File | `/monitoring` | Medium
|
||||
28 | File | `/out.php` | Medium
|
||||
29 | File | `/outgoing.php` | High
|
||||
30 | File | `/scripts/iisadmin/bdir.htr` | High
|
||||
31 | File | `/tmp` | Low
|
||||
32 | File | `/tmp/csman/0` | Medium
|
||||
33 | File | `/ui/cbpc/login` | High
|
||||
34 | File | `/var/avamar/f_cache.dat` | High
|
||||
35 | File | `/var/hnap/timestamp` | High
|
||||
36 | File | `/var/run/storage_account_root` | High
|
||||
37 | File | `/webmail/` | Medium
|
||||
38 | File | `/wp-content/plugins/forum-server/feed.php` | High
|
||||
39 | File | `/{ADMIN-FILE}/` | High
|
||||
40 | File | `a2billing/customer/iridium_threed.php` | High
|
||||
41 | File | `address.html` | Medium
|
||||
42 | ... | ... | ...
|
||||
|
||||
There are 360 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 364 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -927,51 +927,51 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `//` | Low
|
||||
2 | File | `/admin.php/accessory/filesdel.html` | High
|
||||
3 | File | `/admin/?page=user/manage` | High
|
||||
4 | File | `/admin/add-new.php` | High
|
||||
5 | File | `/admin/doctors.php` | High
|
||||
6 | File | `/admin/index2.html` | High
|
||||
7 | File | `/adms/admin/?page=vehicles/sell_vehicle` | High
|
||||
8 | File | `/adms/admin/?page=vehicles/view_transaction` | High
|
||||
9 | File | `/alphaware/summary.php` | High
|
||||
10 | File | `/api/jmeter/download/files` | High
|
||||
11 | File | `/api/upload` | Medium
|
||||
12 | File | `/APR/login.php` | High
|
||||
13 | File | `/bin/httpd` | Medium
|
||||
14 | File | `/boat/login.php` | High
|
||||
15 | File | `/bsms_ci/index.php/book` | High
|
||||
16 | File | `/cgi-bin/wapopen` | High
|
||||
17 | File | `/debug/pprof` | Medium
|
||||
18 | File | `/DXR.axd` | Medium
|
||||
19 | File | `/files/import` | High
|
||||
20 | File | `/forum/away.php` | High
|
||||
21 | File | `/fos/admin/ajax.php?action=login` | High
|
||||
22 | File | `/fos/admin/index.php?page=menu` | High
|
||||
23 | File | `/home/masterConsole` | High
|
||||
24 | File | `/home/sendBroadcast` | High
|
||||
25 | File | `/librarian/bookdetails.php` | High
|
||||
26 | File | `/medicines/profile.php` | High
|
||||
27 | File | `/Moosikay/order.php` | High
|
||||
28 | File | `/mygym/admin/index.php?view_exercises` | High
|
||||
29 | File | `/out.php` | Medium
|
||||
30 | File | `/param.file.tgz` | High
|
||||
31 | File | `/php-opos/index.php` | High
|
||||
32 | File | `/public/launchNewWindow.jsp` | High
|
||||
33 | File | `/reservation/add_message.php` | High
|
||||
34 | File | `/spip.php` | Medium
|
||||
35 | File | `/tmp/boa-temp` | High
|
||||
36 | File | `/uncpath/` | Medium
|
||||
37 | File | `/vendor/htmlawed/htmlawed/htmLawedTest.php` | High
|
||||
38 | File | `/video-sharing-script/watch-video.php` | High
|
||||
39 | File | `/wireless/security.asp` | High
|
||||
40 | File | `/wp-json` | Medium
|
||||
41 | File | `01article.php` | High
|
||||
42 | File | `14all.cgi/14all-1.1.cgi/traffic.cgi/mrtg.cgi` | High
|
||||
1 | File | `.FBCIndex` | Medium
|
||||
2 | File | `//` | Low
|
||||
3 | File | `/admin.php/accessory/filesdel.html` | High
|
||||
4 | File | `/admin/?page=user/manage` | High
|
||||
5 | File | `/admin/add-new.php` | High
|
||||
6 | File | `/admin/doctors.php` | High
|
||||
7 | File | `/admin/index2.html` | High
|
||||
8 | File | `/adms/admin/?page=vehicles/sell_vehicle` | High
|
||||
9 | File | `/adms/admin/?page=vehicles/view_transaction` | High
|
||||
10 | File | `/alphaware/summary.php` | High
|
||||
11 | File | `/api/` | Low
|
||||
12 | File | `/api/admin/store/product/list` | High
|
||||
13 | File | `/api/jmeter/download/files` | High
|
||||
14 | File | `/api/upload` | Medium
|
||||
15 | File | `/APR/login.php` | High
|
||||
16 | File | `/bin/httpd` | Medium
|
||||
17 | File | `/boat/login.php` | High
|
||||
18 | File | `/cgi-bin/wapopen` | High
|
||||
19 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
20 | File | `/debug/pprof` | Medium
|
||||
21 | File | `/DXR.axd` | Medium
|
||||
22 | File | `/files/import` | High
|
||||
23 | File | `/forum/away.php` | High
|
||||
24 | File | `/home/masterConsole` | High
|
||||
25 | File | `/home/sendBroadcast` | High
|
||||
26 | File | `/j_security_check` | High
|
||||
27 | File | `/librarian/bookdetails.php` | High
|
||||
28 | File | `/Moosikay/order.php` | High
|
||||
29 | File | `/mygym/admin/index.php?view_exercises` | High
|
||||
30 | File | `/out.php` | Medium
|
||||
31 | File | `/owa/auth/logon.aspx` | High
|
||||
32 | File | `/param.file.tgz` | High
|
||||
33 | File | `/php-opos/index.php` | High
|
||||
34 | File | `/public/launchNewWindow.jsp` | High
|
||||
35 | File | `/reservation/add_message.php` | High
|
||||
36 | File | `/spip.php` | Medium
|
||||
37 | File | `/tmp/boa-temp` | High
|
||||
38 | File | `/uncpath/` | Medium
|
||||
39 | File | `/vendor/htmlawed/htmlawed/htmLawedTest.php` | High
|
||||
40 | File | `/video-sharing-script/watch-video.php` | High
|
||||
41 | File | `/wireless/security.asp` | High
|
||||
42 | File | `/wp-json` | Medium
|
||||
43 | ... | ... | ...
|
||||
|
||||
There are 376 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 374 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
Loading…
Reference in New Issue