SERVER-WEBAPP -- Snort has detected traffic exploiting vulnerabilities in web based applications on servers.
SERVER-WEBAPP SPIP PHP code injection attempt
This rule looks for PHP code injection in the 'oubli' HTTP parameter
This rule alerts when Snort detects an unsafe deserialization exploit attempt against SPIP.
No public information
No known false positives
Cisco Talos Intelligence Group
Rule Categories::Server::Web Applications
MITRE::ATT&CK Framework::Enterprise::Initial Access::Exploit Public-Facing Application
Insecure Deserialization
Insecure Deserialization relates to web application security. Applications turn an object into data through serialization; the reverse of that process, deserialization, can be vulnerable to attacks when the application trusts the data that is being deserialized. Serialized data is machine readable and not encrypted; serialized user-supplied data should not be trusted. Deserialization attacks can lead to remote code execution.
CVE-2023-27372 |
Loading description
|