Month: March 2023

RapidLoad Power-Up for Autoptimize Plugin for WordPress cross-site request forgery | CVE-2023-1344

March 14, 2023

NAME__________RapidLoad Power-Up for Autoptimize Plugin for WordPress cross-site request forgeryPlatforms Affected:WordPress RapidLoad Power-Up for Autoptimize Plugin for WordPress 1.7.1Risk Level:4.3Exploitability:UnprovenConsequences:Gain...

Computer Parts Sales and Inventory System SQL injection | CVE-2023-1351

March 14, 2023

NAME__________Computer Parts Sales and Inventory System SQL injectionPlatforms Affected:Risk Level:6.3Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________Computer Parts Sales and Inventory System is vulnerable to...

Octopus Server information disclosure | CVE-2022-2258

March 14, 2023

NAME__________Octopus Server information disclosurePlatforms Affected:Risk Level:4.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Octopus Server could allow a remote authenticated attacker to obtain sensitive information, caused...

Octopus Server information disclosure | CVE-2022-2259

March 14, 2023

Hsycms cross-site scripting | CVE-2023-1349

March 14, 2023

NAME__________Hsycms cross-site scriptingPlatforms Affected:Risk Level:6.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Hsycms is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by...

Wolt Delivery: Food and more App for Android information disclosure | CVE-2023-22429

March 14, 2023

NAME__________Wolt Delivery: Food and more App for Android information disclosurePlatforms Affected:Wolt Wolt Delivery: Food and more App for AndroidRisk Level:4Exploitability:UnprovenConsequences:Obtain...

Simple Bakery Shop Management System SQL injection | CVE-2023-1357

March 14, 2023

NAME__________Simple Bakery Shop Management System SQL injectionPlatforms Affected:Risk Level:6.5Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________Simple Bakery Shop Management System is vulnerable to SQL injection....

TG Soft Vir.IT eXplorer denial of service | CVE-2023-1369

March 14, 2023

NAME__________TG Soft Vir.IT eXplorer denial of servicePlatforms Affected:TG Soft Vir.IT eXplorer 9.4.86.0Risk Level:5.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________TG Soft Vir.IT eXplorer is...

XHCMS SQL injection | CVE-2023-1368

March 14, 2023

NAME__________XHCMS SQL injectionPlatforms Affected:XHCMS XHCMS 1.0Risk Level:7.3Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________XHCMS is vulnerable to SQL injection. A remote attacker could send specially-crafted...

Sourcecodester Gadget Works Online Ordering System cross-site scripting | CVE-2023-1359

March 14, 2023

NAME__________Sourcecodester Gadget Works Online Ordering System cross-site scriptingPlatforms Affected:Risk Level:5.5Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Sourcecodester Gadget Works Online Ordering System is vulnerable to...

netplex json-smart-v2 denial of service | CVE-2023-1370

March 14, 2023

NAME__________netplex json-smart-v2 denial of servicePlatforms Affected:netplex json-smart-v2 2.4Risk Level:7.5Exploitability:Proof of ConceptConsequences:Denial of Service DESCRIPTION__________netplex json-smart-v2 is vulnerable to a denial...

Sourcecodester Gadget Works Online Ordering System SQL injection | CVE-2023-1358

March 14, 2023

NAME__________Sourcecodester Gadget Works Online Ordering System SQL injectionPlatforms Affected:Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Sourcecodester Gadget Works Online Ordering System is vulnerable to...

Daily Vulnerability Trends: Tue Mar 14 2023

March 14, 2023

Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2023-21768Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability.CVE-2023-23752An issue was...

Malware Analysis – djvu – 24964302d0f649f8c89a638c2fa15440

March 14, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:d6ef050131e7d5a1d595c51613328971, discovery, persistence, ransomware, spyware, stealerMD5: 24964302d0f649f8c89a638c2fa15440SHA1: 8ee3a9156b689713ecf5e2b8d7909227a7cc9d20ANALYSIS DATE: 2023-03-14T03:22:52ZTTPS: T1012, T1082, T1005, T1081,...

Malware Analysis – – 0acd5fdeb1332e99679f9c5403fd5dbe

March 14, 2023

Score: 1 MALWARE FAMILY: TAGS:MD5: 0acd5fdeb1332e99679f9c5403fd5dbeSHA1: 9941abbb97c285b8528830cae8762b251e16991aANALYSIS DATE: 2023-03-14T04:44:45ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...

Malware Analysis – djvu – c61c969e170f1129d7f3ebf17eae8b9e

March 14, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:d6ef050131e7d5a1d595c51613328971, discovery, persistence, ransomware, spyware, stealerMD5: c61c969e170f1129d7f3ebf17eae8b9eSHA1: 49d1641ed44e0434545d32e8dc80b917f6e4d22aANALYSIS DATE: 2023-03-14T04:41:43ZTTPS: T1222, T1012, T1082, T1005,...

Malware Analysis – amadey – 865bf9397d1eea350eb911915c194fc7

March 14, 2023

Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:laplas, family:pseudomanuscrypt, family:redline, family:smokeloader, family:vidar, botnet:d6ef050131e7d5a1d595c51613328971, botnet:pub1, backdoor, clipper, discovery, infostealer, loader, persistence, ransomware,...

Malware Analysis – djvu – 13fd90197ba55324bd01b9fa97f5295a

March 14, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:d6ef050131e7d5a1d595c51613328971, discovery, persistence, ransomware, spyware, stealerMD5: 13fd90197ba55324bd01b9fa97f5295aSHA1: 313ac91a6ea6e75c0fe75f65d1254905491b59f6ANALYSIS DATE: 2023-03-14T05:40:09ZTTPS: T1005, T1081, T1082, T1012,...

Malware Analysis – djvu – 8ecd12d813461fdaa46d3ed56c2ec8ae

March 14, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:d6ef050131e7d5a1d595c51613328971, discovery, persistence, ransomware, spyware, stealerMD5: 8ecd12d813461fdaa46d3ed56c2ec8aeSHA1: 76c2f600ece9e0ee250dba1bcb350b2b3a5fb03cANALYSIS DATE: 2023-03-14T04:45:52ZTTPS: T1053, T1005, T1081, T1222,...

Malware Analysis – djvu – 6b325bdc2e5bfd7e188312ba41ac587d

March 14, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:d6ef050131e7d5a1d595c51613328971, discovery, persistence, ransomware, spyware, stealerMD5: 6b325bdc2e5bfd7e188312ba41ac587dSHA1: c56314a56bd5a04d6eca107e56592ed29076dd6eANALYSIS DATE: 2023-03-14T05:40:32ZTTPS: T1005, T1081, T1012, T1082,...

Malware Analysis – smokeloader – ba85b4a968d98696297a40b45f831e64

March 14, 2023

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: ba85b4a968d98696297a40b45f831e64SHA1: 0eea4648c30ddc480b7de428c99e49205b1537baANALYSIS DATE: 2023-03-14T05:08:09ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Month: March 2023

RapidLoad Power-Up for Autoptimize Plugin for WordPress cross-site request forgery | CVE-2023-1344

Computer Parts Sales and Inventory System SQL injection | CVE-2023-1351

Octopus Server information disclosure | CVE-2022-2258

Octopus Server information disclosure | CVE-2022-2259

Hsycms cross-site scripting | CVE-2023-1349

Wolt Delivery: Food and more App for Android information disclosure | CVE-2023-22429

Simple Bakery Shop Management System SQL injection | CVE-2023-1357

TG Soft Vir.IT eXplorer denial of service | CVE-2023-1369

XHCMS SQL injection | CVE-2023-1368

Sourcecodester Gadget Works Online Ordering System cross-site scripting | CVE-2023-1359

netplex json-smart-v2 denial of service | CVE-2023-1370

Sourcecodester Gadget Works Online Ordering System SQL injection | CVE-2023-1358

Daily Vulnerability Trends: Tue Mar 14 2023

Malware Analysis – djvu – 24964302d0f649f8c89a638c2fa15440

Malware Analysis – – 0acd5fdeb1332e99679f9c5403fd5dbe

Malware Analysis – djvu – c61c969e170f1129d7f3ebf17eae8b9e

Malware Analysis – amadey – 865bf9397d1eea350eb911915c194fc7

Malware Analysis – djvu – 13fd90197ba55324bd01b9fa97f5295a

Malware Analysis – djvu – 8ecd12d813461fdaa46d3ed56c2ec8ae

Malware Analysis – djvu – 6b325bdc2e5bfd7e188312ba41ac587d

Malware Analysis – smokeloader – ba85b4a968d98696297a40b45f831e64

Cl0p Ransomware Victim: ZISSERFAMILYLAW[.]COM

Cl0p Ransomware Victim: ORBITELECTRIC[.]COM

Cl0p Ransomware Victim: JDAVIDTAXLAW[.]COM

CVE Alert: CVE-2024-9511

CVE Alert: CVE-2024-11446

CVE Alert: CVE-2024-9635

CVE Alert: CVE-2024-11330

CVE Alert: CVE-2024-9659

You may have missed