Versions (3)
Version DetailsCurrent
Rev: 1 • Aug 4, 2020, 12:00 PMET WEB_SPECIFIC_APPS LifterLMS Arbitrary File Write Attempt Inbound (CVE-2020-6008)
alert http any any -> [$HTTP_SERVERS,$HOME_NET] any (msg:"ET WEB_SPECIFIC_APPS LifterLMS Arbitrary File Write Attempt Inbound (CVE-2020-6008)"; flow:established,to_server; http.method; content:"POST"; http.uri; content:"action=export_admin_table"; content:"&filename=../"; fast_pattern; reference:url,cpr-zero.checkpoint.com/vulns/cprid-2148/; reference:cve,2020-6008; classtype:attempted-admin; sid:2030644; rev:1; metadata:created_at 2020_08_04, cve CVE_2020_6008, deployment Perimeter, performance_impact Low, confidence High, signature_severity Major, updated_at 2020_08_04;)
Aug 4, 2020, 12:00 PM
Aug 4, 2020, 12:00 PM
Sep 21, 2024, 3:00 AM
Sep 21, 2024, 3:00 AM
rules/emerging-web_specific_apps.rules