""ET WEB_SPECIFIC_APPS WordPress wp-admin/admin.php Module Configuration Security Bypass Attempt""
SID: 2010728
Revision: 3
Class Type: web-application-attack
Metadata: affected_product Wordpress, affected_product Wordpress_Plugins, attack_target Web_Server, created_at 2010_07_30, cve CVE_2009_2334, deployment Datacenter, signature_severity Major, tag Wordpress, updated_at 2019_08_22
Reference:
-
cve
-
2009-2334
Protocol: tcp
Source Network: $EXTERNAL_NET
Source Port: any
Destination Network: $HTTP_SERVERS
Destination Port: $HTTP_PORTS
Flow: established,to_server
Contents:
-
Value: "/wp-admin/admin.php"
-
Value: "page="
Within:
PCRE: "/\x2Fwp\x2Dadmin\x2Fadmin\x2Ephp.+page\x3D(\x2Fcollapsing\x2Darchives\x2Foptions\x2Etxt|akismet\x2Freadme\x2Etxt|related\x2Dways\x2Dto\x2Dtake\x2Daction\x2Foptions\x2Ephp|wp\x2Dsecurity\x2Dscan\x2Fsecurityscan\x2Ephp)/Ui"
Special Options:
-
http_uri
-
nocase
-
nocase