Sector Transportation

Timeframe: -28 days

Default Categories (62): Access Management Software, Accounting Software, Advertising Software, Anti-Malware Software, Anti-Spam Software, Application Server Software, Appointment Software, Automation Software, Backup Software, Billing Software, Business Process Management Software, Calendar Software, Cloud Software, Communications System, Connectivity Software, Customer Relationship Management System, Database Administration Software, Database Software, Directory Service Software, Document Management Software, Document Reader Software, E-Commerce Management Software, Enterprise Resource Planning Software, File Compression Software, File Transfer Software, Firewall Software, Groupware Software, Hardware Driver Software, Information Management Software, Log Management Software, Mail Client Software, Mail Server Software, Middleware, Multimedia Player Software, Network Attached Storage Software, Network Authentication Software, Network Management Software, Network Routing Software, Office Suite Software, Operating System, Presentation Software, Printing Software, Project Management Software, Remote Access Software, Reporting Software, Router Operating System, SCADA Software, Server Management Software, Service Management Software, Software Library, Spreadsheet Software, SSH Server Software, Ticket Tracking Software, Transport Management Software, Unified Communication Software, Video Surveillance Software, Virtualization Software, Web Browser, Web Server, Windowing System Software, Wireless LAN Software, Word Processing Software

Cronología

Proveedor

Producto

Linux Kernel448
Apple macOS82
Microsoft Windows58
Google Chrome32
Mozilla Firefox22

Contramedidas

Official Fix814
Temporary Fix0
Workaround0
Unavailable2
Not Defined180

Explotabilidad

High10
Functional0
Proof-of-Concept58
Unproven60
Not Defined868

Vector de acceso

Not Defined0
Physical2
Local130
Adjacent502
Network362

Autenticación

Not Defined0
High44
Low712
None240

La interacción del usuario

Not Defined0
Required150
None846

C3BM Index

CVSSv3 Base

≤10
≤20
≤318
≤444
≤5208
≤6332
≤7118
≤8210
≤958
≤108

CVSSv3 Temp

≤10
≤20
≤320
≤444
≤5232
≤6326
≤7142
≤8180
≤950
≤102

VulDB

≤10
≤20
≤334
≤496
≤5214
≤6302
≤7124
≤8192
≤926
≤108

NVD

≤1676
≤20
≤30
≤418
≤532
≤6130
≤720
≤858
≤942
≤1020

CNA

≤1628
≤20
≤34
≤48
≤522
≤634
≤772
≤8124
≤968
≤1036

Proveedor

≤1924
≤20
≤30
≤40
≤50
≤64
≤78
≤838
≤916
≤106

Explotar día 0

<1k64
<2k96
<5k294
<10k246
<25k196
<50k44
<100k38
≥100k18

Explotar hoy

<1k430
<2k188
<5k158
<10k132
<25k66
<50k20
<100k2
≥100k0

Explotar el volumen del mercado

IOB - Indicator of Behavior (1000)

Cronología

Idioma

en830
ru50
pt44
es18
ja12

País

Actores

Ocupaciones

Interesar

Cronología

Escribe

Proveedor

Producto

Microsoft Windows30
Kashipara Bus Ticket Reservation System10
SourceCodester School Log Management System8
SourceCodester Establishment Billing Management Sy ...4
code-projects Simple Ticket Booking4

Vulnerabilidad

#VulnerabilidadBaseTemp0dayHoyExpConEPSSCTICVE
1code-projects Pharmacy Management System index.php sql injection6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.0000010.00-CVE-2024-8147
2code-projects Pharmacy Management System Parameter index.php editManager sql injection7.57.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.000005.40CVE-2024-8138
3code-projects Pharmacy Management System index.php sql injection6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.000005.97-CVE-2024-8146
4itsourcecode E-Commerce Website search_list.php sql injection6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.000005.00CVE-2024-8139
5itsourcecode Billing System addbill.php sql injection8.17.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.000631.13CVE-2024-7839
6code-projects Job Portal logindbc.php sql injection8.17.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.001201.05CVE-2024-7808
7itsourcecode Billing System addclient1.php sql injection7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.001200.97CVE-2024-7913
8itsourcecode Project Expense Monitoring System execute.php sql injection7.57.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.000630.97CVE-2024-7934
9itsourcecode Project Expense Monitoring System printtransfer.php sql injection6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.13CVE-2024-7937
10Microsoft Windows Routing/Remote Access Service desbordamiento de búfer8.88.1$100k y más$25k-$100kUnprovenOfficial Fix0.001330.53CVE-2024-38154
11itsourcecode Project Expense Monitoring System transferred_report.php sql injection6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.08CVE-2024-7936
12Microsoft Windows Routing/Remote Access Service desbordamiento de búfer8.88.1$100k y más$25k-$100kUnprovenOfficial Fix0.001330.49CVE-2024-38128
13itsourcecode Project Expense Monitoring System Backend Login login1.php sql injection8.17.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.000630.21CVE-2024-7933
14itsourcecode Project Expense Monitoring System print.php sql injection7.57.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.000760.17CVE-2024-7935
15Microsoft Edge desbordamiento de búfer6.36.1$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000460.76CVE-2024-38207
16SonicWALL SonicOS Management escalada de privilegios7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.000430.77CVE-2024-40766
17SourceCodester E-Commerce System popup_Item.php sql injection6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.77CVE-2024-8087
18SourceCodester E-Commerce System Admin Login login.php sql injection7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.77CVE-2024-8086
19SourceCodester E-Commerce System controller.php escalada de privilegios6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.65CVE-2024-8089
20Microsoft Windows TCP/IP desbordamiento de búfer9.88.9$100k y más$25k-$100kUnprovenOfficial Fix0.001250.21CVE-2024-38063

IOC - Indicator of Compromise (20)

These indicators of compromise highlight associated network ranges which are known to be part of research and attack activities.

IDIP rangeActorEscribeConfianza
15.196.197.0/24ContipredictiveAlto
245.94.31.0/24Orcus RATpredictiveAlto
3XX.XX.XX.X/XXXxxxxxxxpredictiveAlto
4XX.XX.XXX.X/XXXxxxxxxxpredictiveAlto
5XX.XX.XXX.X/XXXxxxxxxpredictiveAlto
6XX.XX.XXX.X/XXXxxxxxxxpredictiveAlto
7XX.XXX.XX.X/XXXxxxxxxxpredictiveAlto
8XXX.XXX.XXX.X/XXXxxxxxxxpredictiveAlto
9XXX.XX.XXX.X/XXXxxxxxxxpredictiveAlto
10XXX.XXX.X.X/XXXxxxxxxpredictiveAlto
11XXX.XXX.XXX.X/XXXxxxxxxpredictiveAlto
12XXX.XXX.XX.X/XXXxxxxxpredictiveAlto
13XXX.XXX.XX.X/XXXxxxxxxpredictiveAlto
14XXX.XXX.XXX.X/XXXxxxx XxxxxxxpredictiveAlto
15XXX.XXX.XX.X/XXXxxxxxxxxxpredictiveAlto
16XXX.XX.XX.X/XXXxxxxpredictiveAlto
17XXX.XX.XXX.X/XXXxxxxxpredictiveAlto
18XXX.XX.XXX.X/XXXxxxxxpredictiveAlto
19XXX.XXX.XXX.X/XXXxxxxxxxxpredictiveAlto
20XXX.XXX.XX.X/XXXxxxxxxxxxpredictiveAlto

TTP - Tactics, Techniques, Procedures (25)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueClaseVulnerabilidadVector de accesoEscribeConfianza
1T1006CAPEC-126CWE-22Path TraversalpredictiveAlto
2T1040CAPEC-102CWE-294, CWE-319Authentication Bypass by Capture-replaypredictiveAlto
3T1055CAPEC-10CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveAlto
4T1059CAPEC-242CWE-94Argument InjectionpredictiveAlto
5T1059.007CAPEC-209CWE-79Cross Site ScriptingpredictiveAlto
6TXXXXCAPEC-58CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveAlto
7TXXXXCAPEC-95CWE-XXX, CWE-XXXXxxx Xxx Xxxxxxxxx Xxxxxxxxxxx XxxxxxxxpredictiveAlto
8TXXXX.XXXCAPEC-191CWE-XXXXxxx-xxxxx XxxxxxxxxxxpredictiveAlto
9TXXXXCAPEC-136CWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveAlto
10TXXXX.XXXCAPEC-178CWE-XXXXxxx XxxxxxxxpredictiveAlto
11TXXXXCAPEC-CWE-XXX7xx Xxxxxxxx XxxxxxxxpredictiveAlto
12TXXXXCAPEC-CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx XxxxxxpredictiveAlto
13TXXXXCAPEC-108CWE-XXXxx XxxxxxxxxpredictiveAlto
14TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveAlto
15TXXXXCAPEC-102CWE-XXX, CWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveAlto
16TXXXXCAPEC-37CWE-XXX, CWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx XxxxxxxxxxxpredictiveAlto
17TXXXX.XXXCAPEC-220CWE-XXXXxxxxxxxx XxxxxxxxxpredictiveAlto
18TXXXX.XXXCAPEC-154CWE-XXXXxxxxxxxxxxxpredictiveAlto
19TXXXXCAPEC-38CWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveAlto
20TXXXX.XXXCAPEC-459CWE-XXX, CWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveAlto
21TXXXXCAPEC-116CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveAlto
22TXXXXCAPEC-157CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveAlto
23TXXXX.XXXCAPEC-112CWE-XXX, CWE-XXXXxx Xxxxxxxxxx XxxxxpredictiveAlto
24TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveAlto
25TXXXXCAPEC-CWE-XXXXxxxxxxxxxx XxxxxxpredictiveAlto

IOA - Indicator of Attack (179)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClaseIndicatorEscribeConfianza
1File/addclient1.phppredictiveAlto
2File/admin/ajax.php?action=loginpredictiveAlto
3File/admin/ajax.php?action=save_settingspredictiveAlto
4File/admin/ajax.php?action=save_studentpredictiveAlto
5File/admin/manage_complaint.phppredictiveAlto
6File/admin/manage_station.phppredictiveAlto
7File/admin/manage_user.phppredictiveAlto
8File/admin/print_barcode.phppredictiveAlto
9File/admin_schedule.phppredictiveAlto
10File/ajax.php?action=delete_blockpredictiveAlto
11File/deleteTicket.phppredictiveAlto
12File/devices/virtual/input/input4predictiveAlto
13File/drivers/cdrom/cdrom.cpredictiveAlto
14File/ecommerce/admin/login.phppredictiveAlto
15File/ecommerce/admin/products/controller.phppredictiveAlto
16File/ecommerce/popup_Item.phppredictiveAlto
17File/etc/asterisk/predictiveAlto
18File/history.phppredictiveMedio
19File/index.php/basedata/contact/delete?action=deletepredictiveAlto
20File/index.php/basedata/inventory/delete?action=deletepredictiveAlto
21File/index.php?action=editManagerpredictiveAlto
22File/index.php?action=editPharmacistpredictiveAlto
23File/index.php?action=editSalesmanpredictiveAlto
24File/xxxxx.xxxpredictiveMedio
25File/xxxxxx_xxxxxxx.xxxpredictiveAlto
26File/xxxxxx_xxxxx.xxxpredictiveAlto
27File/xxxxxx_xxxxxxx.xxxpredictiveAlto
28File/xxxxxx_xxxxxx.xxxpredictiveAlto
29File/xxxxxx_xxxx.xxxpredictiveAlto
30File/xxx/xxx/.xxxxxxxxxxxpredictiveAlto
31File/xxxxx-xxx/xxx.xxxx#/xxxxxx/xxxxxpredictiveAlto
32File/xxxxxxxx.xxxpredictiveAlto
33File/xxxx.xxxpredictiveMedio
34File/xxxx_xxxxxpredictiveMedio
35File/xxxx_xxxx.xxxpredictiveAlto
36Filexxxxxxx.xxxpredictiveMedio
37Filexxx/xxxx/xxxxxxxxxxx/xxxxxxxxxxxxxx.xxxpredictiveAlto
38Filexxxxxxxxxxxx.xxxpredictiveAlto
39Filexxx-xxx/xxxxxxxxxxxx.xxxpredictiveAlto
40Filexxxxxxxx_xxxxxx_xxxx.xxxpredictiveAlto
41Filexxxxxx.xpredictiveMedio
42Filexxxxxxx/xx/xx-xxxx.xpredictiveAlto
43Filexxxxxxx/xxx/xxxx.xpredictiveAlto
44Filexxxxxxx/xxx/xxxxxxxx/xxxxxxxxx/xxx-xxx-xxxx.xpredictiveAlto
45Filexxxxxxx/xxx/xxxxxxxx/xxxxxxxxx/xxx-xxx-xxxx.xpredictiveAlto
46Filexxxxxxx/xxx/xxxx/xxx.xpredictiveAlto
47Filexxxxxxx.xxxpredictiveMedio
48Filexxxx.xxxpredictiveMedio
49Filexxx_xxxxx_xxxxxxxx.xxxpredictiveAlto
50Filexx/xxxxx/xxxxxx-xxxx.xpredictiveAlto
51Filexx/xxxxx/xxxxxx_xx.xpredictiveAlto
52Filexx/xxxxx/xxxxxx.xpredictiveAlto
53Filexx/xxxxx/xxxxxxxxxx.xpredictiveAlto
54Filexx/xxxxx/xxxxxxx.xpredictiveAlto
55Filexx/xxxxx/xxxxx.xpredictiveAlto
56Filexx/xxxx/xxxxx.xpredictiveAlto
57Filexx/xx-xxxxxxxxx.xpredictiveAlto
58Filexx/xxxxxx/xxxxx.xpredictiveAlto
59Filexx/xxx/xxxxxx/xxxxxx.xpredictiveAlto
60Filexx/xxx/xxxxxx/xxxxxxx.xpredictiveAlto
61Filexxxx.xxxpredictiveMedio
62Filexxxxxxx/xxxxx/xxxxxxxxxxxx.xpredictiveAlto
63Filexxxxxxxx/xxxxxxxxx.xxxpredictiveAlto
64Filexxxxx.xxxpredictiveMedio
65Filexx_xxxxx/xx_xxxxx.xpredictiveAlto
66Filexxxxxx/xxx/xxxxxx.xpredictiveAlto
67Filexxxx_xxxxxxx.xxxpredictiveAlto
68Filexxxxx.xxxpredictiveMedio
69Filexxxxxx.xxxpredictiveMedio
70Filexxxxxxxx.xxxpredictiveMedio
71Filexx/xxxxx/xxxxxx.xpredictiveAlto
72Filexx/xxxxxx.xpredictiveMedio
73Filexx/xxxx.xpredictiveMedio
74Filexx/xxxxxxxx.xpredictiveAlto
75Filexxx/xxxxxxxxx/xxx.xpredictiveAlto
76Filexxx/xxxx/xxx.xpredictiveAlto
77Filexxx/xxxx/xxx_xxxxx.xpredictiveAlto
78Filexxx/xxxx/xxxx_xxxxxxxxx.xpredictiveAlto
79Filexxx/xxxx/xxxxxx.xpredictiveAlto
80Filexxx/xxxx/xxx.xpredictiveAlto
81Filexxx/xxxx/xxx_xxxx.xpredictiveAlto
82Filexxx/xxxx/xxx.xpredictiveAlto
83Filexxx/xxxxxxxx/xxxxxx-xxx.xpredictiveAlto
84Filexxx/xxxxxxxx/xxxx.xpredictiveAlto
85Filexxx/xxxxx/xxxxxxxx.xpredictiveAlto
86Filexxx/xxxxxxxxx/xxxx/xx_xx_xxx.xpredictiveAlto
87Filexxx/xxxxxxxx/xxxx.xpredictiveAlto
88Filexxxxx.xxxpredictiveMedio
89Filexxxxxxxxxxxxx.xxxpredictiveAlto
90Filexxxxxxx.xxxpredictiveMedio
91Filexxxxxxx/xxxxxxx/xxxx/xxxx.xxxpredictiveAlto
92Filexxxxxxxxxxxxxxxxxx.xxxpredictiveAlto
93Filexxx/xxxxxxxx.xxxpredictiveAlto
94Filexxxxxxxx.xxxpredictiveMedio
95Filexxxxxxxxxxx.xxxpredictiveAlto
96Filexxxxxxxx_xxxxxx.xxxpredictiveAlto
97Filexx_x_xxx.xxxpredictiveMedio
98Filexxxxxx_xxxx.xxxpredictiveAlto
99Filexxx_xxxxxxx.xpredictiveAlto
100Filexxxxx/xxx/xxxxxxxx/xxxxxx/xxx-xxxxxxxxx-xxxxxx.xpredictiveAlto
101Filexxx/xxxxx.xpredictiveMedio
102Filexxxx_xx/xx.xpredictiveMedio
103Filexxxxxxxxxxx_xxxxxx.xxxpredictiveAlto
104Filexxxxxx_xxx_xxxxxx.xpredictiveAlto
105Filexxx/xxxx/xxxxx.xxxpredictiveAlto
106FilexxxxxxxxxxxxxpredictiveAlto
107Library/xxxxxxx/xxx-xxxxxxx/xxxxxxxx.xpredictiveAlto
108Libraryxxx_xxxx_xxxx.xpredictiveAlto
109Libraryxxxx.xxxpredictiveMedio
110Libraryxxxx.xpredictiveBajo
111Libraryxxxxxxx/xxxxx/xxxxxxxxxxxx.xpredictiveAlto
112Libraryxxxxxxx/xxxxx/xxxxxxxxx.xpredictiveAlto
113Libraryxxxxxxx/xxxxx/xxxx_xxx.xpredictiveAlto
114Libraryxxxxxxx/xxxxx/xxxxxxxxxx.xpredictiveAlto
115Libraryxxxxxxx/xxxxx/xxxxx/xx.xpredictiveAlto
116Libraryxxxxxxx/xxx/xxxxxxxxx/xx_xxxxxx.xpredictiveAlto
117Libraryxxx/xxxxxxx.xpredictiveAlto
118Libraryxxx/xxxx_xxxxx.xpredictiveAlto
119Libraryxxx/xxx_xxxx.xpredictiveAlto
120Libraryxxx/xxxx_xxxxx.xpredictiveAlto
121Libraryxxx/xxxxxx.xpredictiveMedio
122Libraryxxx/xxxxxx.xpredictiveMedio
123Libraryxxx/xxxxxxxx.xpredictiveAlto
124Libraryxxx/xxxxxx.xpredictiveMedio
125Libraryxxxxxx.xxxpredictiveMedio
126Argument/xxxxxxx-xxpredictiveMedio
127ArgumentxxxxxxpredictiveBajo
128ArgumentxxxxxxxxxxxxxxxxpredictiveAlto
129ArgumentxxxxxxxxxxxpredictiveMedio
130Argumentxxx_xxxx_xxxx_xxxxxxxxpredictiveAlto
131Argumentxxxx_xxxxpredictiveMedio
132ArgumentxxxxpredictiveBajo
133ArgumentxxxxxpredictiveBajo
134Argumentxxx.xxxxxxpredictiveMedio
135ArgumentxxxxpredictiveBajo
136Argumentxxxxxxxxxxxxxxx/xxxxx/xxxxxpredictiveAlto
137ArgumentxxxxxpredictiveBajo
138ArgumentxxxxxpredictiveBajo
139Argumentxxxxx/xxxxxxxxpredictiveAlto
140Argumentxxx_xxxxxxxxpredictiveMedio
141ArgumentxxxxxxxxpredictiveMedio
142Argumentxxxxxx[xx]predictiveMedio
143ArgumentxxpredictiveBajo
144ArgumentxxxxxpredictiveBajo
145ArgumentxxxxxxxxpredictiveMedio
146Argumentx_xxx/x_xxxpredictiveMedio
147ArgumentxxxxxxpredictiveBajo
148Argumentxxxxx/xxxxx/xx/xxxxxxx/xxxxxxx/xxxxxxxxxxxpredictiveAlto
149Argumentxxxxxxx_xxxxpredictiveMedio
150Argumentxxx_xxpredictiveBajo
151Argumentxxxxx_xxxxxxpredictiveMedio
152ArgumentxxxxpredictiveBajo
153Argumentxxxx/xxxxx/xxx/xxxxxxxx/xxxxxx/xxxxxpredictiveAlto
154Argumentxxxx/xxxxx/xxxxxpredictiveAlto
155ArgumentxxxxxxxpredictiveBajo
156Argumentxxxxxxx_xxxx_xxx_xxxxxxxpredictiveAlto
157ArgumentxxxxxxpredictiveBajo
158Argumentxxxxxx_xxpredictiveMedio
159ArgumentxxxxxpredictiveBajo
160Argumentxxxx_xxxxpredictiveMedio
161Argumentxxxxxxxx_xxpredictiveMedio
162ArgumentxxxpredictiveBajo
163ArgumentxxxxxxxxxxxxxxxxxxxpredictiveAlto
164ArgumentxxxxxxxpredictiveBajo
165Argumentxxx_xxxpredictiveBajo
166ArgumentxxxpredictiveBajo
167Argumentxxxxx/xxx/xxxxxxxxpredictiveAlto
168ArgumentxxxxxpredictiveBajo
169ArgumentxxxxxxxpredictiveBajo
170Argumentxxxx_xxxpredictiveMedio
171ArgumentxxxpredictiveBajo
172Argumentxxxx_xxpredictiveBajo
173ArgumentxxxpredictiveBajo
174Argumentxxxxxxxx_xxpredictiveMedio
175ArgumentxxxxpredictiveBajo
176ArgumentxxxxxxxxpredictiveMedio
177Argumentxxxx_xxxxxpredictiveMedio
178Argumentx-xxxxxxxxx-xxxpredictiveAlto
179Input ValuexxxxxxxpredictiveBajo

Do you want to use VulDB in your project?

Use the official API to access entries easily!