ET DELETED Pre Projects E-Smart Cart login.asp Arbitrary SQL Command Injection Attempt

SID: 2011826Rev: 20 views
History
Sourceet/open
CreatedOctober 19, 2010
UpdatedJuly 26, 2019
Classificationweb-application-attack
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET DELETED Pre Projects E-Smart Cart login.asp Arbitrary SQL Command Injection Attempt"; flow:established,to_server; content:"POST"; http_method; content:"/embadmin/login.asp"; http_uri; nocase; content:"%27"; depth:300; reference:url,juniper-federal.org/security/auto/vulnerabilities/vuln37418.html; reference:url,exploit-db.com/exploits/14376; classtype:web-application-attack; sid:2011826; rev:2; metadata:created_at 2010_10_19, signature_severity Unknown, updated_at 2019_07_26, mitre_tactic_id TA0008, mitre_tactic_name Lateral_Movement, mitre_technique_id T1210, mitre_technique_name Exploitation_Of_Remote_Services;)

References

urljuniper-federal.org/security/auto/vulnerabilities/vuln37418.html
urlexploit-db.com/exploits/14376

Metadata

created at2010_10_19
signature severityUnknown
updated at2019_07_26
mitre tactic idTA0008
mitre tactic nameLateral_Movement
mitre technique idT1210
mitre technique nameExploitation_Of_Remote_Services

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!