ModSecurity Rules from Trustwave SpiderLabs include custom virtual patches for public vulnerabilities.
Release Summary
- Apache CouchDB 1.7.0 and before 2.1.1 - Remote Privilege Escalation CVE-2017-12635(2180045)
- Drupal avatar_uploader v7.x-1.0-beta8 - Arbitrary File Disclosure CVE-2018-9205(2180047)
- WordPress Plugin Google Drive 2.2 - RCE (2180064)
- WordPress Plugin Woo Import Export 1.0 - Arbitrary File Deletion (2180055)
- WordPress Simple Fields 0.2 - 0.3.5 LFI (2180056)
- Wordpress Background Takeover << 4.1.4 - Directory Traversal CVE-2018-9118(2180062)
- Joomla! Component Alexandria Book Library 3.1.2 SQLi CVE-2018-7312 (2180048)
- Joomla! Component CheckList 1.1.1 SQLi CVE-2018-7315(2180049)
- Joomla! Component CW Tags 2.0.6 SQLi' CVE-2018-7313(2180050)
- Joomla! Component Ek Rishta 2.9 SQLi CVE-2018-7315 (2180051)
- Joomla! Component JS Jobs 1.2.0 CSRF (2180052)
- Joomla! Component OS Property Real Estate 3.12.7 SQLi CVE-2018-7319(2180053)
- Joomla! Component PrayerCenter 3.0.2 SQLi CVE-2018-7314(2180057)
- Joomla! Component Saxum Astro 4.0.14 SQLi CVE-2018-7180(2180058)
- Joomla! Component Saxum Numerology 3.0.4 SQLi CVE-2018-7177(2180059)
- Joomla! Component Saxum Picker 3.2.10 SQLi CVE-2018-7178(2180060)
- Joomla! Component SquadManagement 1.0.3 SQLi CVE-2018-7179(2180061)
- Yahei PHP Prober 0.4.7 - XSS CVE-2018-9238(2180065)
- WordPress Plugin Relevanssi 4.0.4 - XSS CVE-2018-9034(2180054)
- WordPress File Upload 4.3.3 - Stored XSS CVE-2018-9844(2180063)