ET WEB_SPECIFIC_APPS WordPress LeagueManager plugin season parameter Cross-Site Scripting Attempt

SID: 2014813Rev: 50 views

Sourceet/open

CreatedMay 25, 2012

UpdatedMarch 19, 2024

Classificationweb-application-attack

alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS WordPress LeagueManager plugin season parameter Cross-Site Scripting Attempt"; flow:established,to_server; http.uri; content:"/wp-admin/admin.php?"; nocase; content:"page=leaguemanager"; nocase; content:"subpage="; nocase; content:"edit="; nocase; content:"season="; nocase; pcre:"/^.+(?:s(?:cript|tyle\x3D)|on(?:mouse[a-z]|key[a-z]|load|unload|dragdrop|blur|focus|click|dblclick|submit|reset|select|change))/Ri"; reference:url,packetstormsecurity.org/files/112698/WordPress-LeagueManager-3.7-Cross-Site-Scripting.html; classtype:web-application-attack; sid:2014813; rev:5; metadata:affected_product Wordpress, affected_product Wordpress_Plugins, attack_target Web_Server, created_at 2012_05_25, deployment Datacenter, deprecation_reason Relevance, signature_severity Major, tag Wordpress, updated_at 2024_03_19, reviewed_at 2024_03_19;)

References

url	packetstormsecurity.org/files/112698/WordPress-LeagueManager-3.7-Cross-Site-Scripting.html

Metadata

affected productWordpress_Plugins

attack targetWeb_Server

created at2012_05_25

deploymentDatacenter

deprecation reasonRelevance

signature severityMajor

tagWordpress

updated at2024_03_19

reviewed at2024_03_19

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!