Security Resources

Software Updates

Web Application Security – ModSecurity Commercial Rules, Update for May 2018

May 31, 2018

ModSecurity Rules from Trustwave SpiderLabs include custom virtual patches for public vulnerabilities.

Release Summary

  • Joomla! Component ccNewsletter 2.x.x SQLi CVE-2018-5989(2180066)
  • Joomla! Component Advertisement Board 3.1.0 SQLi CVE-2018-5982(2180067)
  • Joomla! Component EkRishta 2.10 SQLi (2180068)
  • Joomla! Component InviteX 3.0.5 SQLi CVE-2018-6394(2180069)
  • Joomla! Component JB Bus 2.3 SQLi CVE-2018-6372(2180070)
  • Joomla! Component jGive 2.0.9 SQLi CVE-2018-5970(2180071)
  • Joomla! Component JomEstate PRO <= 3.7 SQLi CVE-2018-6368(2180072)
  • Joomla! Component JquickContact 1.3.2.2.1 SQLi CVE-2018-5983(2180073)
  • Joomla! Component JS Autoz 1.0.9 SQLi CVE-2018-6006(2180074)
  • Joomla! Component JS Jobs 1.1.9 SQLi CVE-2018-5994(2180075)
  • phpMyAdmin 4.8.0-1 SQLi CVE-2018-6609 CVE-2018-10188(2180076)
  • Joomla! Component JSP Tickets 1.1 SQLi CVE-2018-6609(2180077)
  • Joomla! Component JTicketing 2.0.16 SQLi CVE-2018-6585(2180078)
  • Joomla! Component MediaLibrary Free 4.0.12 SQLi CVE-2018-5971(2180079)
  • Joomla! Component Project Log 1.5.3 SQLi CVE-2018-6024(2180080)
  • Joomla! Component SimpleCalendar 3.1.9 SQLi CVE-2018-5974(2180081)
  • Joomla! Component Smart Shoutbox 3.0.0 SQLi CVE-2018-5975(2180082)
  • Joomla! Component Staff Master 1.0 RC 1 SQLi CVE-2018-5992(2180083)
  • Joomla! Component Timetable Responsive Schedule 1.5 SQLi CVE-2018-6583(2180084)
  • Joomla! Component Pinterest Clone Social Pinboard 2.0 SQLi CVE-2018-5987(2180085)
  • WordPress Plugin Metronet Tag Manager 1.2.7 CSRF (2180086)