OnePercent Analysis

Activities

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

Lang

en144
de8
it7
fr3
es3

Country

us132
ir13
ru9
it5
cn3

Actors

Activities

Interest

Product

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need you unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTICVE
1Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25k$0-$5kHighWorkaround0.05CVE-2007-1192
2Tiki TikiWiki tiki-editpage.php input validation7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.05CVE-2004-1386
3Apple Mac OS X TCP/IP Stack denial of service5.35.1$0-$5k$0-$5kNot DefinedOfficial Fix0.09CVE-2004-0171
4MGB OpenSource Guestbook email.php sql injection7.37.3$0-$5k$0-$5kHighUnavailable0.38CVE-2007-0354
5DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.60CVE-2010-0966
6OpenSSH Authentication Username information disclosure5.34.8$5k-$25k$0-$5kHighOfficial Fix0.38CVE-2016-6210
7Microsoft IIS cross site scripting5.24.7$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.66CVE-2017-0055
8Microsoft IIS IP/Domain Restriction access control6.55.7$25k-$100k$0-$5kUnprovenOfficial Fix0.14CVE-2014-4078
9PHP phpinfo cross site scriting4.33.9$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.05CVE-2007-1287
10PHP phpinfo cross site scripting6.35.7$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.06CVE-2006-0996
11Oracle GlassFish Server Java Server Faces path traversal5.35.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.05CVE-2013-3827
12Microsoft Windows Kernel Privilege Escalation8.37.3$100k and more$25k-$100kUnprovenOfficial Fix0.04CVE-2021-42285
13SourceCodester Complaint Management System Parameter complaint-details.php sql injection8.07.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.06CVE-2020-24932
14Profile Builder Plugin password recovery5.55.3$0-$5k$0-$5kNot DefinedOfficial Fix0.03CVE-2021-24527
15Huawei Mobile Broadband HL Service VERSION.dll access control7.87.8$25k-$100k$5k-$25kNot DefinedNot Defined0.05CVE-2016-2855
16Backdoor.Win32.Kurbadur.a Service Port 21220 dataexchange.dll stack-based overflow6.36.0$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.03
17Microsoft Windows SNMP GET Remote Code Execution7.37.0$25k-$100k$0-$5kNot DefinedOfficial Fix0.05CVE-1999-0517
18Sun Solaris SNMP Account improper authentication7.37.1$5k-$25k$0-$5kNot DefinedWorkaround0.00CVE-1999-0517
19Dxproscripts DXShopCart product_detail.php sql injection7.37.1$0-$5k$0-$5kHighUnavailable0.00CVE-2008-4744
20MetInfo sql injection7.57.5$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2019-13969

IOC - Indicator of Compromise (7)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (4)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilitiesAccess VectorTypeConfidence
1T1059.007CWE-79, CWE-80Cross Site ScriptingpredictiveHigh
2TXXXXCWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
3TXXXXCWE-XXX7xx Xxxxxxxx XxxxxxxxpredictiveHigh
4TXXXXCWE-XXXXxxxxxxxxxx Xxxxxxx Xx XxxxxxxxxxxpredictiveHigh

IOA - Indicator of Attack (62)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/+CSCOE+/logon.htmlpredictiveHigh
2File/downloadpredictiveMedium
3File/forum/away.phppredictiveHigh
4File/uncpath/predictiveMedium
5Fileadclick.phppredictiveMedium
6Fileadd_comment.phppredictiveHigh
7Fileadmin/index.php?n=ui_set&m=admin&c=index&a=doget_text_content&table=lang&field=1predictiveHigh
8Fileapi.phppredictiveLow
9Filexxxxxxxxxxxxxxxxx.xxxpredictiveHigh
10Filexxxx-xxxx.xpredictiveMedium
11Filexxxxxxxxxxx.xxxpredictiveHigh
12Filexxx.xxxpredictiveLow
13Filexxxxxxxxx-xxxxxxx.xxxpredictiveHigh
14Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
15Filexxxxx.xpredictiveLow
16Filexxxxxxx/xxx/xxx/xxx_xxxx.xpredictiveHigh
17Filexxxxx.xxxpredictiveMedium
18Filexxxx.xxxpredictiveMedium
19Filexxx/xxxxxx.xxxpredictiveHigh
20Filexxxxxxx/xxxxxx/xxxxxxx/xxxxxx/xxx.xxxpredictiveHigh
21Filexxxxx.xxxpredictiveMedium
22Filexxxx.xxxpredictiveMedium
23Filexxxxxxx.xxxpredictiveMedium
24Filexxxxxxx_xxxxxx.xxxpredictiveHigh
25Filexxxxxxxx.xxpredictiveMedium
26Filexxxxxxxx_xxxxxx.xxxpredictiveHigh
27Filexxxxx.xxxpredictiveMedium
28Filexxxxxx.xxxpredictiveMedium
29Filexxxxxxxxxxxx.xxxpredictiveHigh
30Filexxxx-xxxxxxxx.xxxpredictiveHigh
31Filexxxxxx.xxxpredictiveMedium
32Filexxxxxx.xxxpredictiveMedium
33Filexxxxxx.xxxpredictiveMedium
34Filexx-xxxxx/xxxxx-xxxx.xxxpredictiveHigh
35Filexx-xxxxx/xxxxxxxx/xxxxx-xx-xxxxxx.xxxpredictiveHigh
36Filexx-xxxxxxxxx.xxxpredictiveHigh
37Libraryxxxxxxxxxxxx.xxxpredictiveHigh
38Libraryxxx/xxx.xpredictiveMedium
39Libraryxxx/xxx.xpredictiveMedium
40Libraryxxxxxxx.xxxpredictiveMedium
41Argumentxxxxx_xxxxxxxxpredictiveHigh
42ArgumentxxxxxxxxpredictiveMedium
43ArgumentxxxxxpredictiveLow
44ArgumentxxxpredictiveLow
45ArgumentxxxxxxxxpredictiveMedium
46ArgumentxxxxxxxxxxxxxxxxxxxxxpredictiveHigh
47Argumentxxxxxxxxx xxxxpredictiveHigh
48ArgumentxxxxxxpredictiveLow
49ArgumentxxxxpredictiveLow
50ArgumentxxxxxxxxxpredictiveMedium
51ArgumentxxpredictiveLow
52ArgumentxxxxpredictiveLow
53ArgumentxxxxxxxpredictiveLow
54ArgumentxxxxxxxxpredictiveMedium
55Argumentxxxx_xxxxpredictiveMedium
56ArgumentxxxpredictiveLow
57Argumentxxxxxx_xxxxpredictiveMedium
58Argumentxx_xxpredictiveLow
59Argumentxxxxx_xxpredictiveMedium
60Argumentxxxxxxxx/xxxxpredictiveHigh
61ArgumentxxxxxpredictiveLow
62Network Portxxx/xxx (xxx)predictiveHigh

References (2)

The following list contains external sources which discuss the actor and the associated activities:

Might our Artificial Intelligence support you?

Check our Alexa App!