Author Topic: Rules Updates: Changelog  (Read 42483 times)

Offline SergeiP

  • Moderator
  • Comodo Loves me
  • *****
  • Posts: 143
Re: Rules Updates: Changelog
« Reply #150 on: May 22, 2018, 11:14:58 AM »
2018.05.22
Rules for modsecurity v2.x: Apache, LiteSpeed, Nginx, IIS
Rules for modsecurity v3.x: Nginx
Version 1.166


- XSS vulnerability in PixelYourSite plugin prior to version 5.3.0 for WordPress (CVE-2018-0578)
- XSS vulnerability in WP Live Chat Support plugin before 8.0.08 for WordPress (CVE-2018-11105)
- XSS vulnerability in Dolibarr ERP/CRM before 5.0.4 (CVE-2017-9838)
- XSS vulnerability in frog cms 0.9.5 (CVE-2018-10806)
- Directory traversal vulnerability in NoneCms through 1.3.0 (CVE-2018-6022)
- XSS vulnerability  in Z-BlogPHP 2.0.0 (CVE-2018-11208)
- bl_domains update

Offline SergeiP

  • Moderator
  • Comodo Loves me
  • *****
  • Posts: 143
Re: Rules Updates: Changelog
« Reply #151 on: June 07, 2018, 06:32:40 PM »
2018.06.08
Rules for modsecurity v2.x: Apache, LiteSpeed, Nginx, IIS
Rules for modsecurity v3.x: Nginx
Version 1.167


- SQLi vulnerability in HRSALE The Ultimate HRM v1.0.2 (CVE-2018-10256)
- SQLi vulnerability in OpenEMR before v5_0_1_1 (CVE-2018-9250)
- Directory Traversal vulnerability in ASUSTOR AS6202T ADM 3.1.0.RFQ3 (CVE-2018-11342)
- XSS vulnerability in DomainMod v4.09.03 (CVE-2018-11403 and CVE-2018-11404)
- XSS vulnerability in Dolibarr ERP/CRM before 7.0.1 (CVE-2018-10095)
- XSS vulnerability in Z-BlogPHP 1.5.1 (CVE-2018-9169)
- Directory Traversal vulnerability in ASUSTOR AS6202T ADM 3.1.0.RFQ3 (CVE-2018-11344)
- bl_domains update

Offline SergeiP

  • Moderator
  • Comodo Loves me
  • *****
  • Posts: 143
Re: Rules Updates: Changelog
« Reply #152 on: June 12, 2018, 12:59:13 PM »
2018.06.12
Rules for modsecurity v2.x: Apache, LiteSpeed, Nginx, IIS
Rules for modsecurity v3.x: Nginx
Version 1.168


- SQLi vulnerability in Dolibarr ERP/CRM before 7.0.1 (CVE-2018-10094)
- Directory Traversal vulnerability in ASUSTOR AS6202T ADM 3.1.0.RFQ3 (CVE-2018-11341)
- XSS And SQLi vulnerability in EasyService Billing 1.0. (CVE-2018-11443 and CVE-2018-11444)
- XSS vulnerability in the Moderator Log Notes plugin 1.1 for MyBB (CVE-2018-11430)
- XSS vulnerability in ASUSTOR soundsgood (CVE-2018-11343)
- XSS vulnerability in DomainMod v4.10.0 (CVE-2018-11558 and CVE-2018-11559)
- SQLi vulnerability in iScripts eSwap v2.4 (CVE-2018-11372 and CVE-2018-11373)
- bl_domains update

Offline SergeiP

  • Moderator
  • Comodo Loves me
  • *****
  • Posts: 143
Re: Rules Updates: Changelog
« Reply #153 on: June 20, 2018, 11:42:19 AM »
2018.06.20
Rules for modsecurity v2.x: Apache, LiteSpeed, Nginx, IIS
Rules for modsecurity v3.x: Nginx
Version 1.169


- XSS vulnerability in MULTIDOTS WooCommerce Quick Reports plugin 1.0.6 and earlier for WordPress (CVE-2018-11485)
- CSRF vulnerability in Add Social Share Messenger Buttons Whatsapp and Viber plugin 1.0.8 for WordPress (CVE-2018-11632)
- CSRF vulnerability in Woo Checkout for Digital Goods plugin 2.1 for WordPress (CVE-2018-11633)
- SQL injection vulnerability in the Pie Register plugin before 3.0.10 for WordPress (CVE-2018-10969)
- RCE vulerability in Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 (CVE-2018-7600, CVE-2018-7602)
- XSS vulnerability in the MODX Revolution 2.6.3 (CVE-2018-10382)
- bl_domains update

Offline SergeiP

  • Moderator
  • Comodo Loves me
  • *****
  • Posts: 143
Re: Rules Updates: Changelog
« Reply #154 on: July 06, 2018, 08:24:28 AM »
2018.07.06
Rules for modsecurity v2.x: Apache, LiteSpeed, Nginx, IIS
Rules for modsecurity v3.x: Nginx
Version 1.171


- SQL injection vulnerability in CW Tags 2.0.6 component for Joomla (CVE-2018-7313)
- XSS vulnerability in Balbooa Gridbox extension version 2.4.0 and previous versions for Joomla (CVE-2018-11690)
- SQLi vulnerability in The iThemes Security (better-wp-security) plugin before 7.0.3 for WordPress (CVE-2018-12636)
- XSS vulnerability in MULTIDOTS WooCommerce Quick Reports plugin 1.0.6 and earlier for WordPress (CVE-2018-11485)
- SQL Injection vulnerability in  Quick Chat plugin before 4.00 for WordPress (CVE-2018-12534)
- XSS vulnerability in the User Profile & Membership plugin before 2.0.11 for WordPress (CVE-2018-10234)
- XSS vulnerability in the WP Statistics plugin 12.0.2-12.0.5 for WordPress (CVE-2018-1000556)
- XSS vulnerability in Events Manager plugin prior to version 5.9 for WordPress (CVE-2018-0576)
- Unrestricted file upload vulnerability in Ultimate Member plugin prior to version 2.0.4 for WordPress (CVE-2018-0587)
- CSRF & XSS vulnerability in SLiMS 8 Akasia through 8.3.1 (CVE-2017-12584, CVE-2018-12659)
- bl_domains update

Offline SergeiP

  • Moderator
  • Comodo Loves me
  • *****
  • Posts: 143
Re: Rules Updates: Changelog
« Reply #155 on: Today at 12:20:00 PM »
2018.07.16
Rules for modsecurity v2.x: Apache, LiteSpeed, Nginx, IIS
Rules for modsecurity v3.x: Nginx
Version 1.172


- SQL Injection vulnerability in JB Bus 2.3 component for Joomla (CVE-2018-6372)
- SQL injection vulnerability in DT Register 3.2.7 component for Joomla (CVE-2018-6584)
- Unrestricted file upload vulnerability in WP Live Chat Support Pro plugin before 8.0.07 for WordPress (CVE-2018-12426)
- SQL injection vulnerability in the MemberMouse plugin 2.2.8 and prior for WordPress (CVE-2018-11309)
- XSS vulnerability in Open Graph for Facebook, Google+ and Twitter Card Tags plugin prior to version 2.2.4.1 for WordPress (CVE-2018-0579)
- XSS vulnerability in WP Google Map Plugin prior to version 4.0.4 for WordPress (CVE-2018-0577)
- XSS vulnerability in SLiMS 8 Akasia through 8.3.1 (CVE-2018-12654, CVE-2018-12655, CVE-2018-12656, CVE-2018-12657, CVE-2018-12658)
- XSS Vulnerability in ClipperCMS 1.3.3 (CVE-2018-11572)
- XSS vulnerability in Chevereto Free before 1.0.13 (CVE-2018-12030)
- SQL Injection vulnerability in iCMS V7.0.8 (CVE-2018-12498)
- Directory Traversal vulnerability in in YXcms 1.4.7 (CVE-2018-13025)
- XSS vulnerability in BigTree-CMS (CVE-2018-1000521)
- XSS vulnerability in CMS Made Simple in 2.2.6 (CVE-2018-7893, CVE-2018-8058)
- bl_domains update

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek