ET WEB_SPECIFIC_APPS WordPress Plugin Pie Register SQL Injection

SID: 2025747Rev: 41 viewsHistory

Sourceet/open

CreatedJune 26, 2018

UpdatedNovember 4, 2020

Classificationweb-application-attack

alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS WordPress Plugin Pie Register SQL Injection"; flow:established,to_server; http.uri; content:"/wp-admin/admin.php?page=pie-invitation-codes&orderby="; nocase; content:"&order="; nocase; distance:0; pcre:"/^(?:[a-zA-Z0-9_])*[\x2c\x22\x27\x28]/Ri"; reference:url,www.exploit-db.com/exploits/44867/; classtype:web-application-attack; sid:2025747; rev:4; metadata:affected_product Wordpress_Plugins, attack_target Client_Endpoint, created_at 2018_06_26, cve cve_2018_10969, deployment Perimeter, performance_impact Low, signature_severity Major, updated_at 2020_11_04, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1190, mitre_technique_name Exploit_Public_Facing_Application;)

References

url	www.exploit-db.com/exploits/44867/

Metadata

affected productWordpress_Plugins

attack targetClient_Endpoint

created at2018_06_26

cveCVE-2018-10969

deploymentPerimeter

performance impactLow

signature severityMajor

updated at2020_11_04

mitre tactic idTA0001

mitre tactic nameInitial_Access

mitre technique idT1190

mitre technique nameExploit_Public_Facing_Application

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!