ID SECURITYVULNS:VULN:6373
Type securityvulns
Reporter
Modified 2006-07-13T00:00:00
Description
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
{"id": "SECURITYVULNS:VULN:6373", "bulletinFamily": "software", "title": "Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)", "description": "PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.", "published": "2006-07-13T00:00:00", "modified": "2006-07-13T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:6373", "reporter": " ", "references": ["https://vulners.com/securityvulns/securityvulns:doc:13510", "https://vulners.com/securityvulns/securityvulns:doc:13516", "https://vulners.com/securityvulns/securityvulns:doc:13511", "https://vulners.com/securityvulns/securityvulns:doc:13508", "https://vulners.com/securityvulns/securityvulns:doc:13509"], "cvelist": [], "type": "securityvulns", "lastseen": "2018-08-31T11:09:21", "edition": 1, "viewCount": 3, "enchantments": {"score": {"value": 4.5, "vector": "NONE", "modified": "2018-08-31T11:09:21", "rev": 2}, "dependencies": {"references": [{"type": "nessus", "idList": ["REDHAT-RHSA-2020-1931.NASL"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:4B74DA24B7505C5F55AFBF1A7620EDBC", "EXPLOITPACK:F621118341D879407783886ED852B057", "EXPLOITPACK:A98473219D36471F6A75D73F29D2D5D2", "EXPLOITPACK:29950E3ABC44C16878E6D80219305417"]}, {"type": "zdt", "idList": ["1337DAY-ID-29817", "1337DAY-ID-33826", "1337DAY-ID-30436"]}, {"type": "exploitdb", "idList": ["EDB-ID:44109", "EDB-ID:47934", "EDB-ID:44712", "EDB-ID:44711"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:147824", "PACKETSTORM:146439", "PACKETSTORM:155968"]}, {"type": "qualysblog", "idList": ["QUALYSBLOG:D57DEDE8164E21BF8EE0C81B50AAA328"]}, {"type": "joomla", "idList": ["JVEL:599"]}, {"type": "cve", "idList": ["CVE-2018-6373"]}, {"type": "ossfuzz", "idList": ["OSSFUZZ-6373"]}, {"type": "mmpc", "idList": ["MMPC:B2C49931BD69E40A51EC353F1F5FD2E2"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:13516", "SECURITYVULNS:DOC:13509", "SECURITYVULNS:DOC:13510", "SECURITYVULNS:DOC:13508", "SECURITYVULNS:DOC:13511"]}], "modified": "2018-08-31T11:09:21", "rev": 2}, "vulnersScore": 4.5}, "affectedSoftware": [{"name": "FLV Players", "operator": "eq", "version": "8"}, {"name": "Lazarus Guestbook", "operator": "eq", "version": "1.6"}, {"name": "SQuery", "operator": "eq", "version": "4.5"}, {"name": "CMS Mundo", "operator": "eq", "version": "1.0"}, {"name": "TOPo", "operator": "eq", "version": "2.2"}]}
{"rst": [{"lastseen": "2021-02-26T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **223[.]99.6.176** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **13**.\n First seen: 2020-12-21T03:00:00, Last seen: 2021-02-26T03:00:00.\n IOC tags: **generic**.\nASN 24444: (First IP 223.96.154.0, Last IP 223.99.39.255).\nASN Name \"CMNETV4SHANDONGASAP\" and Organisation \"Shandong Mobile Communication Company Limited\".\nASN hosts 5657 domains.\nGEO IP information: City \"Zaozhuang\", Country \"China\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-12-21T00:00:00", "id": "RST:99037AD0-6373-3444-B6D7-4B9365A6BBA8", "href": "", "published": "2021-02-27T00:00:00", "title": "RST Threat feed. IOC: 223.99.6.176", "type": "rst", "cvss": {}}, {"lastseen": "2021-02-26T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **163[.]172.214.148** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **13**.\n First seen: 2020-12-22T03:00:00, Last seen: 2021-02-26T03:00:00.\n IOC tags: **generic**.\nASN 12876: (First IP 163.172.185.133, Last IP 163.172.223.255).\nASN Name \"\" and Organisation \"Online SAS\".\nASN hosts 484941 domains.\nGEO IP information: City \"Amsterdam\", Country \"Netherlands\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-12-22T00:00:00", "id": "RST:CB722DB0-6373-31EC-9254-49B700CE4ED6", "href": "", "published": "2021-02-27T00:00:00", "title": "RST Threat feed. IOC: 163.172.214.148", "type": "rst", "cvss": {}}, {"lastseen": "2021-02-26T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **60[.]191.11.251** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **10**.\n First seen: 2020-12-26T03:00:00, Last seen: 2021-02-26T03:00:00.\n IOC tags: **generic**.\nASN 4134: (First IP 60.190.244.0, Last IP 60.191.56.255).\nASN Name \"CHINANETBACKBONE\" and Organisation \"No31Jinrong Street\".\nASN hosts 1235891 domains.\nGEO IP information: City \"Hangzhou\", Country \"China\".\nIOC could be a **False Positive** (Cloud provider IP).\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-12-26T00:00:00", "id": "RST:9853DD2E-6373-3106-BACE-D1AFA1D9AEBC", "href": "", "published": "2021-02-27T00:00:00", "title": "RST Threat feed. IOC: 60.191.11.251", "type": "rst", "cvss": {}}, {"lastseen": "2021-02-26T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **202[.]143.115.85** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **6**.\n First seen: 2020-10-06T03:00:00, Last seen: 2021-02-26T03:00:00.\n IOC tags: **generic**.\nASN 38713: (First IP 202.143.112.0, Last IP 202.143.123.255).\nASN Name \"CONNECT2BASPK\" and Organisation \"Broadband ISP FTTH and Cable Service Provider\".\nASN hosts 37 domains.\nGEO IP information: City \"Karachi\", Country \"Pakistan\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-10-06T00:00:00", "id": "RST:478D4DBC-6373-3102-B27A-56EA4874918C", "href": "", "published": "2021-02-27T00:00:00", "title": "RST Threat feed. IOC: 202.143.115.85", "type": "rst", "cvss": {}}, {"lastseen": "2021-02-26T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **intepsymp[.]world** in [RST Threat Feed](https://rstcloud.net/profeed) with score **10**.\n First seen: 2020-10-23T03:00:00, Last seen: 2021-02-26T03:00:00.\n IOC tags: **spam**.\nDomain has DNS A records: 172[.]67.173.182,104.21.64.3\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-10-23T00:00:00", "id": "RST:9E8AD564-6373-304D-B7B8-CEEA876E57B5", "href": "", "published": "2021-02-27T00:00:00", "title": "RST Threat feed. IOC: intepsymp.world", "type": "rst", "cvss": {}}, {"lastseen": "2021-02-26T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **tozofix[.]co.tv** in [RST Threat Feed](https://rstcloud.net/profeed) with score **20**.\n First seen: 2019-12-15T03:00:00, Last seen: 2021-02-26T03:00:00.\n IOC tags: **spam**.\nWhois:\n Created: 2002-08-12 22:02:14, \n Registrar: ENOM INC, \n Registrant: Whois Agent.\nIOC could be a **False Positive** (Domain not resolved, but Whois records found).\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2019-12-15T00:00:00", "id": "RST:414FD1DE-6373-35F6-9447-EC8DAAA8EA44", "href": "", "published": "2021-02-27T00:00:00", "title": "RST Threat feed. IOC: tozofix.co.tv", "type": "rst", "cvss": {}}, {"lastseen": "2021-01-17T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **acesutah[.]onlycash.ddns.net** in [RST Threat Feed](https://rstcloud.net/profeed) with score **10**.\n First seen: 2020-03-17T03:00:00, Last seen: 2021-01-17T03:00:00.\n IOC tags: **cryptomining**.\nIOC could be a **False Positive** (Domain not resolved. Whois records not found).\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-03-17T00:00:00", "id": "RST:AF7A9323-6373-3FE3-B2B9-7F90CAAC99C3", "href": "", "published": "2021-02-24T00:00:00", "title": "RST Threat feed. IOC: acesutah.onlycash.ddns.net", "type": "rst", "cvss": {}}, {"lastseen": "2021-02-23T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **0[.]0.0.0 damiao.em.bitcoin.co.pt** in [RST Threat Feed](https://rstcloud.net/profeed) with score **10**.\n First seen: 2021-02-23T03:00:00, Last seen: 2021-02-23T03:00:00.\n IOC tags: **cryptomining**.\nIOC could be a **False Positive** (Domain not resolved. Whois records not found).\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2021-02-23T00:00:00", "id": "RST:115ACAB4-6373-39DC-BE1D-E945581E00FF", "href": "", "published": "2021-02-23T00:00:00", "title": "RST Threat feed. IOC: 0.0.0.0 damiao.em.bitcoin.co.pt", "type": "rst", "cvss": {}}, {"lastseen": "2021-02-23T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **0[.]0.0.0 sari.bitcoin.com** in [RST Threat Feed](https://rstcloud.net/profeed) with score **48**.\n First seen: 2021-02-23T03:00:00, Last seen: 2021-02-23T03:00:00.\n IOC tags: **cryptomining**.\nDomain has DNS A records: 194[.]14.246.72\nWhois:\n Created: 2008-01-04 14:15:06, \n Registrar: unknown, \n Registrant: NAMECHEAP INC.\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2021-02-23T00:00:00", "id": "RST:99F5157A-6373-3187-ACFB-BE67B51F29E2", "href": "", "published": "2021-02-23T00:00:00", "title": "RST Threat feed. IOC: 0.0.0.0 sari.bitcoin.com", "type": "rst", "cvss": {}}, {"lastseen": "2021-02-22T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **42[.]2.78.22** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **43**.\n First seen: 2021-02-16T03:00:00, Last seen: 2021-02-22T03:00:00.\n IOC tags: **shellprobe**.\nASN 4760: (First IP 42.2.0.0, Last IP 42.3.225.255).\nASN Name \"HKTIMSAP\" and Organisation \"HKT Limited\".\nASN hosts 11803 domains.\nGEO IP information: City \"Central\", Country \"Hong Kong\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2021-02-16T00:00:00", "id": "RST:6F1B6589-6373-382D-AB02-3B5DC949ABF5", "href": "", "published": "2021-02-23T00:00:00", "title": "RST Threat feed. IOC: 42.2.78.22", "type": "rst", "cvss": {}}]}
