Signature Detail

Short Name	HTTP:SQL:INJ:UNION-SELECT
Severity	High
Recommended	Yes
Recommended Action	Drop
Category	HTTP
Keywords	SQL 'union...select' Command Injection in URL
Release Date	2010/09/15
Update Number	1773
Supported Platforms	di-5.3+, idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: SQL 'union...select' Command Injection in URL

This signature detects SQL commands within a URL. Because SQL commands are not normally used in HTTP connections, this can indicate a SQL injection attack. However, it can be a false positive. To reduce false positives, it is strongly recommended that these signatures only be used to inspect traffic from the Internet to your organization's Web servers that use SQL backend databases to generate content and not to inspect traffic going from your organization to the Internet.

References

URL: http://www.vul.kr/plume-cms-1-2-3-multiple-sql-injection-vulnerabilities

Signature Detail

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

HTTP: SQL 'union...select' Command Injection in URL

References