Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
owasp owasp modsecurity core rule set 3.1.0 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2018-16384
A SQL injection bypass (aka PL1 bypass) exists in OWASP ModSecurity Core Rule Set (owasp-modsecurity-crs) through v3.1.0-rc3 via {`a`b} where a is a special function name (such as "if") and b is the SQL statement to be executed.
Owasp Owasp Modsecurity Core Rule Set
Owasp Owasp Modsecurity Core Rule Set 3.1.0
4.3
CVSSv2
CVE-2019-11387
An issue exists in OWASP ModSecurity Core Rule Set (CRS) up to and including 3.1.0. /rules/REQUEST-942-APPLICATION-ATTACK-SQLI.conf allows remote malicious users to cause a denial of service (ReDOS) by entering a specially crafted string with nested repetition operators.
Modsecurity Owasp Modsecurity Core Rule Set
5
CVSSv2
CVE-2019-11388
An issue exists in OWASP ModSecurity Core Rule Set (CRS) up to and including 3.1.0. /rules/REQUEST-932-APPLICATION-ATTACK-RCE.conf allows remote malicious users to cause a denial of service (ReDOS) by entering a specially crafted string with nested repetition operators. NOTE: the...
Modsecurity Owasp Modsecurity Core Rule Set
5
CVSSv2
CVE-2019-11389
An issue exists in OWASP ModSecurity Core Rule Set (CRS) up to and including 3.1.0. /rules/REQUEST-933-APPLICATION-ATTACK-PHP.conf allows remote malicious users to cause a denial of service (ReDOS) by entering a specially crafted string with next# at the beginning and nested repe...
Modsecurity Owasp Modsecurity Core Rule Set
5
CVSSv2
CVE-2019-11390
An issue exists in OWASP ModSecurity Core Rule Set (CRS) up to and including 3.1.0. /rules/REQUEST-933-APPLICATION-ATTACK-PHP.conf allows remote malicious users to cause a denial of service (ReDOS) by entering a specially crafted string with set_error_handler# at the beginning an...
Modsecurity Owasp Modsecurity Core Rule Set
5
CVSSv2
CVE-2019-11391
An issue exists in OWASP ModSecurity Core Rule Set (CRS) up to and including 3.1.0. /rules/REQUEST-933-APPLICATION-ATTACK-PHP.conf allows remote malicious users to cause a denial of service (ReDOS) by entering a specially crafted string with $a# at the beginning and nested repeti...
Modsecurity Owasp Modsecurity Core Rule Set
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started