Web Application Security – ModSecurity Commercial Rules, Update for May 2018

May 31, 2018

ModSecurity Rules from Trustwave SpiderLabs include custom virtual patches for public vulnerabilities.

Release Summary

• Joomla! Component ccNewsletter 2.x.x SQLi CVE-2018-5989(2180066)
• Joomla! Component Advertisement Board 3.1.0 SQLi CVE-2018-5982(2180067)
• Joomla! Component EkRishta 2.10 SQLi (2180068)
• Joomla! Component InviteX 3.0.5 SQLi CVE-2018-6394(2180069)
• Joomla! Component JB Bus 2.3 SQLi CVE-2018-6372(2180070)
• Joomla! Component jGive 2.0.9 SQLi CVE-2018-5970(2180071)
• Joomla! Component JomEstate PRO <= 3.7 SQLi CVE-2018-6368(2180072)
• Joomla! Component JquickContact 1.3.2.2.1 SQLi CVE-2018-5983(2180073)
• Joomla! Component JS Autoz 1.0.9 SQLi CVE-2018-6006(2180074)
• Joomla! Component JS Jobs 1.1.9 SQLi CVE-2018-5994(2180075)
• phpMyAdmin 4.8.0-1 SQLi CVE-2018-6609 CVE-2018-10188(2180076)
• Joomla! Component JSP Tickets 1.1 SQLi CVE-2018-6609(2180077)
• Joomla! Component JTicketing 2.0.16 SQLi CVE-2018-6585(2180078)
• Joomla! Component MediaLibrary Free 4.0.12 SQLi CVE-2018-5971(2180079)
• Joomla! Component Project Log 1.5.3 SQLi CVE-2018-6024(2180080)
• Joomla! Component SimpleCalendar 3.1.9 SQLi CVE-2018-5974(2180081)
• Joomla! Component Smart Shoutbox 3.0.0 SQLi CVE-2018-5975(2180082)
• Joomla! Component Staff Master 1.0 RC 1 SQLi CVE-2018-5992(2180083)
• Joomla! Component Timetable Responsive Schedule 1.5 SQLi CVE-2018-6583(2180084)
• Joomla! Component Pinterest Clone Social Pinboard 2.0 SQLi CVE-2018-5987(2180085)
• WordPress Plugin Metronet Tag Manager 1.2.7 CSRF (2180086)