Urelas Analys

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (129)

Lang

en	48
it	26
pl	22
de	18
sv	8

Land

jp	98
pl	4
it	4
es	4
fr	2

Skådespelare

Urelas	1

Intressera

Typ

Content Management System	20
Joomla Component	6
Photo Gallery Software	2
Database Administration Software	2
Programming Language Software	2

Säljare

Joomla	18
Not Defined	6
Huge-IT	6
DTH	2

Produkt

Joomla CMS	18
Smart Related Articles Extension	2
DTH DT Register Extension	2
Huge-IT Catalog	2
Huge-IT Gallery	2

Sårbarheter

#	Sårbarhet	Base	Temp	0day	I dag	Utn	Rem	EPSS	CTI	CVE
1	Joomla CMS com_frontpage sql injektion	6.3	6.1	$5k-$25k	$5k-$25k	Not Defined	Not Defined	0.00000	0.00
2	Joomla CMS com_news sql injektion	6.3	6.1	$5k-$25k	$5k-$25k	Not Defined	Not Defined	0.00000	0.00
3	ms Package Regex förnekande av tjänsten	6.4	6.3	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00154	0.00	CVE-2015-8315
4	aWeb Cart Watching System for Virtuemart sql injektion	8.5	7.7	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.00208	0.00	CVE-2016-10114
5	Joomla CMS com_carocci sql injektion	6.3	6.1	$5k-$25k	$5k-$25k	Not Defined	Not Defined	0.00000	0.03
6	Joomla CMS com_webgrouper sql injektion	6.3	6.1	$5k-$25k	$0-$5k	Not Defined	Not Defined	0.00000	0.02
7	Huge-IT Catalog Extension cross site scripting	7.2	7.2	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00287	0.00	CVE-2016-1000119
8	Huge-IT Catalog ajax_url.php sql injektion	9.8	8.9	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00159	0.00	CVE-2016-1000125
9	Ruby Onigmo regparse.c parse_char_class privilegier eskalering	6.4	6.4	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00389	0.02	CVE-2017-6181
10	Joomla CMS com_kide sql injektion	6.3	6.1	$5k-$25k	$5k-$25k	Not Defined	Not Defined	0.00000	0.00
11	Huge-IT Video Gallery ajax_url.php sql injektion	7.3	7.1	$0-$5k	$0-$5k	High	Not Defined	0.00485	0.00	CVE-2016-1000123
12	Smart Related Articles Extension dialog.php sql injektion	8.5	8.5	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00144	0.00	CVE-2017-7628
13	Joomla CMS com_kunena sql injektion	6.3	6.1	$5k-$25k	$5k-$25k	Not Defined	Not Defined	0.00000	0.00
14	Joomla CMS com_filecabinet sql injektion	6.3	6.1	$5k-$25k	$5k-$25k	Not Defined	Not Defined	0.00000	0.00
15	Joomla CMS com_blog_calendar index.php sql injektion	6.3	6.1	$5k-$25k	$0-$5k	Not Defined	Not Defined	0.00000	0.03
16	Rwcards Component index.php sql injektion	7.3	6.9	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.13753	0.00	CVE-2007-1703
17	DTH DT Register Extension index.php sql injektion	6.3	6.0	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00000	0.02
18	Joomla CMS com_fidecalendar sql injektion	6.3	6.1	$5k-$25k	$5k-$25k	Not Defined	Not Defined	0.00000	0.00
19	Joomla CMS com_sngevents sql injektion	6.3	6.1	$5k-$25k	$5k-$25k	Not Defined	Not Defined	0.00000	0.00
20	Joomla CMS com_virtuemart sql injektion	6.3	6.1	$5k-$25k	$5k-$25k	Not Defined	Not Defined	0.00000	0.00

IOC - Indicator of Compromise (4)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	IP-adress	Hostname	Skådespelare	Identified	Typ	Förtroende
1	1.234.83.146	campustown.co.kr	Urelas	08/04/2022	verified	Hög
2	XXX.XXX.XXX.XXX	xxx-xxx-xxxxx.xx.xxxxxx.xx.xx	Xxxxxx	08/04/2022	verified	Hög
3	XXX.XX.XX.XXX		Xxxxxx	08/04/2022	verified	Hög
4	XXX.XX.XX.XXX		Xxxxxx	08/04/2022	verified	Hög

TTP - Tactics, Techniques, Procedures (2)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	Klass	Sårbarheter	Åtkomstvektor	Typ	Förtroende
1	T1059.007	CAPEC-209	CWE-79	Cross Site Scripting	predictive	Hög
2	TXXXX	CAPEC-108	CWE-XX	Xxx Xxxxxxxxx	predictive	Hög

IOA - Indicator of Attack (21)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	Klass	Indicator	Typ	Förtroende
1	File	/index.php	predictive	Medium
2	File	ajax_url.php	predictive	Medium
3	File	dialog.php	predictive	Medium
4	File	index.php	predictive	Medium
5	File	xxxxxxxxxx.xxx.xxx	predictive	Hög
6	File	xxxxxxxx.x	predictive	Medium
7	Library	xxxxxxxx_xxxxxxxxx.xxx.xxx	predictive	Hög
8	Argument	xxx	predictive	Låg
9	Argument	xxxxxxxxxxxxxx/xxxxxxxxxxx	predictive	Hög
10	Argument	xxxxxxxx_xx	predictive	Medium
11	Argument	xxx[x]	predictive	Låg
12	Argument	xxx[xxxxxx][xxxxxxxxx]	predictive	Hög
13	Argument	xxx	predictive	Låg
14	Argument	xxx	predictive	Låg
15	Argument	xx	predictive	Låg
16	Argument	xxxx	predictive	Låg
17	Argument	xxxxxx	predictive	Låg
18	Argument	xxxxx	predictive	Låg
19	Argument	xxxxxx_xxxx	predictive	Medium
20	Argument	xxxx	predictive	Låg
21	Input Value	x) xx x-- -	predictive	Medium

Referenser (2)

The following list contains external sources which discuss the actor and the associated activities:

◂ TidigareÖversiktNästa ▸

Interested in the pricing of exploits?

See the underground prices here!