Author Topic: Rules Updates: Changelog  (Read 46717 times)

Offline SergeiP

  • Moderator
  • Comodo Loves me
  • *****
  • Posts: 178
Re: Rules Updates: Changelog
« Reply #165 on: October 04, 2018, 01:06:35 PM »
2018.10.04
Rules for modsecurity v2.x: Apache, LiteSpeed, Nginx, IIS
Rules for modsecurity v3.x: Nginx
Version 1.182


- XSS and SQLi vulnerability in Gift Vouchers plugin 2.0.1 and before for WordPress (CVE-2018-16159, CVE-2018-16609, CVE-2018-16610, CVE-2018-16611, CVE-2018-16612)
- XSS vulnerability in Subrion 4.2.1 (CVE-2018-16327)
- XSS vulnerability in Monstra CMS through 3.0.4 (CVE-2018-17024, CVE-2018-17025, CVE-2018-17026)
- XSS vulnerability in Dolibarr ERP/CRM 7.0.3 (CVE-2018-17239)
- SQLi vulnerability in Simple POS 4.0.24 (CVE-2018-17110)
- SQLi vulnerability in OpenEMR before 5.0.1.4 (CVE-2018-15149)
- XSS vulnerability in OpenEMR before 5.0.1.4 (CVE-2018-1000218, CVE-2018-1000219)
- XSS vulnerability in FV Flowplayer Video Player plugin 7.1.15.727 for WordPress
- XSS vulnerability in Dolibarr ERP/CRM 8.0.2
- bl_domains update

Offline SergeiP

  • Moderator
  • Comodo Loves me
  • *****
  • Posts: 178
Re: Rules Updates: Changelog
« Reply #166 on: October 10, 2018, 08:29:50 AM »
2018.10.10
Rules for modsecurity v2.x: Apache, LiteSpeed, Nginx, IIS
Rules for modsecurity v3.x: Nginx
Version 1.183


- SQL injection vulnerability in Collection Factory 4.1.9 component for Joomla (CVE-2018-17383)
- XSS vulnerability in WPtouch plugin 4.3.28 for WordPress (CVE-2018-17417)
- Local File Inclusion vulnerability in Wechat Broadcast 1.2.0 Plugin for WordPress(CVE-2018-16283)
- CSRF and XSS vulnerability in WP Fastest Cache 0.8.8.5 plugin for WordPress (CVE-2018-17583, CVE-2018-17584, CVE-2018-17585 and CVE-2018-17586)
- XSS vulnerability in Monstra CMS through 3.0.4 (CVE-2018-17024, CVE-2018-17025, CVE-2018-17026)
- XSS vulnerability in Navigate CMS 2.8 (CVE-2018-17255)
- SQLi vulnerability in OpenEMR before 5.0.1.4 (CVE-2018-15148)
- Local File Inclusion vulnerability in BigTree 4.2.23 (CVE-2018-17341)
- XSS vulnerability in the MODX Revolution v2.6.5-pl (CVE-2018-17556)
- SQL injection vulnerability in WUZHI CMS 4.1.0 (CVE-2018-17852)
- XSS vulnerability in Monstra CMS through 3.0.4 (CVE-2018-16819, CVE-2018-16820)
- XSS vulnerability in MetInfo 6.0.0 (CVE-2018-9928)
- bl_domains update

Offline SergeiP

  • Moderator
  • Comodo Loves me
  • *****
  • Posts: 178
Re: Rules Updates: Changelog
« Reply #167 on: October 18, 2018, 11:02:12 AM »
2018.10.18
Rules for modsecurity v2.x: Apache, LiteSpeed, Nginx, IIS
Rules for modsecurity v3.x: Nginx
Version 1.184


- XSS vulnerability in FooGallery plugin through 1.4.31 for WordPress (CVE-2018-17308)
- XSS vulnerability in Wp-Insert 2.4.2 plugin for WordPress (CVE-2018-17991)
- XSS vulnerability in Affiliates Manager plugin through 2.6.0 for WordPress (CVE-2018-17579)
- XSS vulnerability in Ultimate WordPress Auction plugin through 1.4.31 (CVE-2018-17576)
- SQLi and XSS vulnerability in Slideshow Gallery 1.6.8 plugin for WordPress (CVE-2018-18017, CVE-2018-18018 and CVE-2018-18019)
- XSS vulnerability in Tribulant Slideshow Gallery 1.6.8 plugin for WordPress (CVE-2018-17946)
- XSS vulnerability in LearnPress WordPress LMS Plugin through 3.0.12.1 (CVE-2018-17970, CVE-2018-17971)
- XSS vulerability in Affiliates Manager plugin 2.6.0 for WordPress (CVE-2018-17995)
- XSS vulnerability in Email Subscribers & Newsletters 3.5.13 for WordPress (CVE-2018-18063, CVE-2018-18076)
- XSS vulnerability in LimeSurvey 3.14.7 (CVE-2018-17003)
- XSS vulnerability in DiliCMS 2.4.0 (CVE-2018-10430)
- XSS vulnerability in GetSimple CMS 3.3.15 (CVE-2018-17835)
- XSS vulnerability in waimai Super Cms 20150505 (CVE-2018-15570)
- XSS vulnerability in waimai Super Cms 20150505 (CVE-2018-18082)
- FPs fix
- bl_domains update

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek