[Snort-sigs] CubeCart SQL Injection and XSS attack

Ureleet Ureleet ureleet at ...2420...
Thu Aug 17 18:06:01 EDT 2006


Also seemed easy

alert tcp $EXTERNAL_NET any -> $HOME_NET $HTTP_PORTS (msg:"COMMUNITY
WEB-PHP CubeCart XSS attack"; flow:to_server,established;
uricontent:"/admin/filemanager/preview.php?file="; nocase;
pcre:"/((1)?&(x|y)=)?/Ri";
reference:url,retrogod.altervista.org/cubecart_3011_adv.html;)

alert tcp $EXTERNAL_NET any -> $HOME_NET $HTTP_PORTS (msg:"COMMUNITY
WEB-PHP CubeCart XSS attack"; flow:to_server,established;
uricontent:"/admin/login.php?email="; nocase;
reference:url,retrogod.altervista.org/cubecart_3011_adv.html;)




More information about the Snort-sigs mailing list