Sload Analysis

Activities

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

Lang

en23

Country

Actors

Activities

Interest

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTICVE
1vBulletin decodeArguments input validation7.37.3$0-$5k$0-$5kHighNot Defined0.03CVE-2015-7808
2vBulletin cross site scriting4.34.1$0-$5k$0-$5kProof-of-ConceptNot Defined0.05CVE-2004-1824
3Tapatalk Plugin XMLRPC API unsubscribe_forum.php sql injection8.57.7$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.04CVE-2014-2023
4phpBB Perl ucp_pm_options.php message_options cross-site request forgery6.36.0$0-$5k$0-$5kNot DefinedOfficial Fix0.05CVE-2015-1432
5vBulletin sql injection7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.03CVE-2014-5102
6PunBB cross site scripting4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.04CVE-2010-0455
7vBulletin redirector.php6.66.6$0-$5k$0-$5kNot DefinedNot Defined0.08CVE-2018-6200
8vBulletin Vbulletin Forum Remote Code Execution9.88.5$0-$5k$0-$5kUnprovenOfficial Fix0.04CVE-2012-4328
9phpBB install.php privileges management5.35.3$0-$5k$0-$5kNot DefinedNot Defined0.05CVE-2002-1707
10PunBB register.php sql injection7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.08CVE-2005-0569
11vBulletin moderation.php sql injection7.37.0$0-$5k$0-$5kHighOfficial Fix0.03CVE-2016-6195
12vBulletin XMLRPC API breadcrumbs_create.php sql injection6.36.3$0-$5k$0-$5kHighUnavailable0.04CVE-2014-2022
13vBulletin visitormessage.php code injection7.57.4$0-$5k$0-$5kHighUnavailable0.04CVE-2014-9463
14PunBB Password Reset moderate.php access control4.34.1$0-$5k$0-$5kProof-of-ConceptNot Defined0.06CVE-2008-1484
15phpBB modcp.php information disclosure7.37.3$0-$5k$0-$5kNot DefinedNot Defined0.03CVE-2008-7143
16PunBB profile.php sql injection7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.06CVE-2005-2193
17phpBB links.php sql injection7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.03CVE-2007-4653
18phpBB Remote Avatar server-side request forgery7.47.4$0-$5k$0-$5kNot DefinedNot Defined0.05CVE-2017-1000419
19phpBB information disclosure9.88.5$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.04CVE-2008-1766
20phpBB startup.php cross site scripting4.34.1$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2015-1431

IOC - Indicator of Compromise (3)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsConfidence
164.210.137.102SloadHigh
2XX.XX.XXX.XXXXxxxxHigh
3XXX.XXX.XX.XXxxx-xx-xxxx.xxxxx.xxxXxxxxHigh

TTP - Tactics, Techniques, Procedures (2)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilitiesAccess VectorConfidence
1T1059.007CWE-79, CWE-80Cross Site ScriptingHigh
2TXXXXCWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxHigh

IOA - Indicator of Attack (25)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorConfidence
1Fileajax/api/hook/decodeArgumentsHigh
2Filebreadcrumbs_create.phpHigh
3Fileforumrunner/includes/moderation.phpHigh
4Fileincludes/startup.phpHigh
5Filexxxxxxxx/xxx/xxx_xx_xxxxxxx.xxxHigh
6Filexxxxxxx.xxxMedium
7Filexxxxx.xxxMedium
8Filexxxxx.xxxMedium
9Filexxxxxxxx.xxxMedium
10Filexxxxxxx.xxxMedium
11Filexxxxxxxxxx.xxxHigh
12Filexxxxxxxx.xxxMedium
13Filexxxxxxxxxxx_xxxxx.xxxHigh
14Filexxxxxxxxxxxxxx.xxxHigh
15ArgumentxxxxxxxxxMedium
16ArgumentxxxxxxxxxMedium
17Argumentxxx_xxxxMedium
18Argumentxxxxx_xxxx_xxxHigh
19ArgumentxxxLow
20ArgumentxxxxxxxLow
21ArgumentxxxxLow
22ArgumentxxxxxxxxxxxxxxxxHigh
23ArgumentxxxxxLow
24ArgumentxxxxxxLow
25ArgumentxxxLow

References (3)

The following list contains external sources which discuss the actor and the associated activities:

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!