Versions (2)
Version DetailsCurrent
Rev: 36 • Jul 30, 2010, 12:00 PMET DELETED Exploit Suspected PHP Injection Attack (name=)
alert http $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET DELETED Exploit Suspected PHP Injection Attack (name=)"; flow:to_server,established; content:"GET "; nocase; depth:4; content:".php?"; http_uri; nocase; content:"name="; http_uri; nocase; pcre:"/name=(https?|ftps?|php)/Ui"; reference:cve,2002-0953; classtype:web-application-attack; sid:2001621; rev:36; metadata:created_at 2010_07_30, signature_severity Unknown, updated_at 2019_08_22;)
Jul 30, 2010, 12:00 PM
Aug 22, 2019, 12:00 PM
Sep 21, 2024, 3:00 AM
May 30, 2025, 12:04 AM
rules/emerging-deleted.rules