MATA Analysis

Activities

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

Lang

en71
fr7
zh2
es2
de2

Country

us42
la23
cn10
ca7
co1

Actors

Activities

Interest

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need you unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTICVE
1WordPress AdServe adclick.php sql injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.00CVE-2008-0507
2TP-LINK TL-WR940N PingIframeRpm.htm ipAddrDispose memory corruption7.57.4$0-$5k$0-$5kNot DefinedWorkaround0.07CVE-2019-6989
3PHPWind goto.php redirect6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.21CVE-2015-4134
4LogicBoard CMS away.php redirect6.36.1$0-$5k$0-$5kNot DefinedUnavailable0.36
5phpMyAdmin Redirect url.php 7pk security7.37.0$25k-$100k$0-$5kNot DefinedOfficial Fix0.06CVE-2015-7873
6All in One SEO Best WordPress SEO Plugin Import/Export code injection5.55.3$0-$5k$0-$5kNot DefinedOfficial Fix0.04CVE-2021-24307
7Microsoft Office memory corruption7.57.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.03CVE-2018-0851
8Microsoft Outlook S/MIME resource management6.36.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.03CVE-2013-3870
9Sophos Firewall User Portal/Webadmin improper authentication8.58.5$0-$5k$0-$5kNot DefinedNot Defined0.11CVE-2022-1040
10Progress Telerik UI for ASP.NET AJAX Telerik.Web.UI.WebResource.axd command injection8.08.0$0-$5k$0-$5kNot DefinedNot Defined0.07CVE-2021-28141
11Photo Gallery by 10Web Plugin SQL Statement bwg_frontend_data sql injection7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.04CVE-2022-0169
12Mongoose mg_mqtt.c parse_mqtt memory corruption8.58.2$0-$5k$0-$5kNot DefinedOfficial Fix0.08CVE-2019-12951
13Yii Framework Exception Error ErrorHandler.php information disclosure6.45.6$0-$5k$0-$5kNot DefinedOfficial Fix0.04CVE-2018-6010
14Qualcomm Snapdragon Mobile Thermal Engine use after free6.56.5$5k-$25k$5k-$25kNot DefinedNot Defined0.04CVE-2017-18157
15SonicWALL Secure Remote Access cross site scripting3.53.5$0-$5k$0-$5kNot DefinedNot Defined0.03CVE-2021-20028
16WP Super Cache Plugin Cache Settings wp-cache-config.php code injection6.36.0$0-$5k$0-$5kNot DefinedOfficial Fix0.03CVE-2021-24209
17Rocklobster Contact Form 7 unrestricted upload6.36.3$0-$5k$0-$5kNot DefinedOfficial Fix0.07CVE-2020-35489
18GNU Mailman cross-site request forgery8.88.4$0-$5k$0-$5kNot DefinedOfficial Fix0.05CVE-2016-7123
19WordPress WP_Query sql injection6.36.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.46CVE-2022-21661
20Ecommerce-CodeIgniter-Bootstrap blog.php cross site scripting5.45.1$0-$5k$0-$5kNot DefinedOfficial Fix0.05CVE-2020-25093

IOC - Indicator of Compromise (18)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (5)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (63)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorConfidence
1File/forum/away.phpHigh
2File/out.phpMedium
3File/phppath/phpMedium
4File/systemrw/Medium
5Fileadclick.phpMedium
6Fileapplication/modules/admin/views/ecommerce/products.phpHigh
7Filebase/ErrorHandler.phpHigh
8Fileblog.phpMedium
9Filecategory.phpMedium
10Filexxxxxx.xxxMedium
11Filexxxx-xxxxxx.xxxHigh
12Filexxxx.xxxMedium
13Filexxx/xxxx/xxxx_xxxxxx.xHigh
14Filexxxxxxx.xxxMedium
15Filexxxxx.xxxMedium
16Filexxxx.xxxMedium
17Filexxxxx.xxxMedium
18Filexxxxx.xxx/xxxxxx.xxx/xxxxxxxxxxxxx.xxx/xxxxxxxx.xxxHigh
19Filexxxxxxxx/xxxxxxxx_xxxxxxx_xxxxxx/xxxxx.xxxHigh
20Filexxxx_xxxx.xxxHigh
21Filexxxxxx/xxxxxxxxx.xxxHigh
22Filexx_xxxx.xMedium
23Filexxxxxxxxxxxxx.xxxHigh
24Filexxxxx.xxxMedium
25Filexxxx.xxxMedium
26Filexxxxxxxx.xxxMedium
27Filexxxxxxxxxx.xxxHigh
28Filexxxxxxxx.xxMedium
29Filexxxxxxxxxxxxxx.xxxHigh
30Filexxxx_xxxxxxx_xxxxxxxx.xxxHigh
31Filexxxxxxx.xxx.xx.xxxxxxxxxxx.xxxHigh
32Filexxx.xxxLow
33Filexxxxxxxx.xxxMedium
34Filexxxxxxxxx.xxxHigh
35Filexx-xxxxx-xxxxxx.xxxHigh
36Filexx-xxxxxxxxx.xxxHigh
37File_xxxxxxxx/xxxx?xxxxHigh
38File~/xxx/xxxx-xxxxxxxxx.xxxHigh
39Libraryxxxxxx.xxxMedium
40Libraryxxxxxx.xxxMedium
41Argumentxxx_xxx_xx_xxx_xxxxxxxxxx_xHigh
42Argumentxxxxx_xxxxMedium
43ArgumentxxxLow
44ArgumentxxxxxxxxxMedium
45Argumentxxx_xxLow
46ArgumentxxxLow
47ArgumentxxxLow
48Argumentxxxx_xxLow
49ArgumentxxxxxxxxMedium
50ArgumentxxxxxxxxxMedium
51ArgumentxxLow
52Argumentxxxx/xxxxxxxxHigh
53ArgumentxxxxxxxLow
54ArgumentxxxxLow
55Argumentxxxxxx_xxxxxMedium
56ArgumentxxxLow
57ArgumentxxxxxxxLow
58Argumentxx_xxLow
59Argumentxxxxx_xxMedium
60ArgumentxxxLow
61ArgumentxxxxxxLow
62Argument_xxx_xxxxxxxxxxx_High
63Network Portxxx/xxxxxMedium

References (2)

The following list contains external sources which discuss the actor and the associated activities:

Do you know our Splunk app?

Download it now for free!