""ET WEB_SPECIFIC_APPS Possible AIOCP cp_html2xhtmlbasic.php Remote File Inclusion Attempt""

SID: 2010080

Revision: 6

Class Type: web-application-attack

Metadata: created_at 2010_07_30, updated_at 2022_05_03

Reference:

• Link

Protocol: tcp

Source Network: $EXTERNAL_NET

Source Port: any

Destination Network: $HTTP_SERVERS

Destination Port: $HTTP_PORTS

Flow: established,to_server

Contents:

• Value: "/public/code/cp_html2xhtmlbasic.php?"

Within:

PCRE: "/\x2Ephp\x3F.{0,300}\x3D(http\x3A|ftp\x3A|https\x3A|ftps\x3A)/Ui"

Special Options:

• nocase

• http_uri

source