Signature Detail
Short Name |
HTTP:SQL:INJ:MYSQL-TABLE-NAME |
|---|---|
Severity |
Medium |
Recommended |
Yes |
Category |
HTTP |
Keywords |
MySQL Table Name in URL Variable |
Release Date |
2012/07/11 |
Update Number |
2160 |
Supported Platforms |
di-5.3+, idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: MySQL Table Name in URL Variable
This signature detects MySQL table names being sent in HTTP URL variables. Such activity could be an SQL Command Injection attempt. It could also detect non-malicious references to MySQL table names, such as in a blog posting, or for websites that use SQL commands in their URL's as a part of that website's normal functionality (not recommended).
References