SQL injection Prevention - GET : suspicious combination of 'select' and 'sleep' statements in URL


Description   This alarm is raised when a suspicious combination of SQL known keywords is found in the URL.
     
Default
configuration 		 
Profiles High Medium Low Internet
Action Block Block Block Block
Alarm Level Major Minor Minor Minor
     
References  
     
Available since   ASQ v5.0.0
     
Protects   Joomla Third-Party Plugins Multiple SQL Injection Vulnerabilities
Joomla Third-Party Plugins Multiple Vulnerabilities
Joomla Third-Party Plugins Multiple Vulnerabilities
Dolibarr Multiple Vulnerabilities
Joomla Third-Party Plugins Multiple Vulnerabilities
WordPress Third-Party Plugins Multiple Vulnerabilities
Joomla Core SQL Injection Vulnerability Fixed by 3.7.1
Joomla Third-Party Plugins Multiple Vulnerabilities
Joomla Third-Party Plugins Multiple SQL Injection Vulnerabilities
Joomla Third-Party Plugins Multiple Vulnerabilities
Joomla Third-Party Plugins Multiple SQL Injection Vulnerabilities
WordPress Third-Party Plugins Multiple Vulnerabilities
Joomla Third-Party Plugins Multiple Vulnerabilities
Joomla Third-Party Plugins Multiple Vulnerabilities
WordPress Third-Party Plugins Multiple Vulnerabilities
WordPress Third-Party Plugins Multiple Vulnerabilities
Joomla Third-Party Plugins Multiple Vulnerabilities
WordPress Third-Party Plugins Multiple Vulnerabilities
Joomla "DT Register" Plugin SQL Injection Vulnerability
WordPress Third-Party Plugins Multiple Vulnerabilities
WordPress Third-Party Modules Multiple Vulnerabilities
WordPress Third-Party Modules Multiple Vulnerabilities
Cisco Identity Services Engine SQL Injection Vulnerability
WordPress Third Party Modules Multiple Vulnerabilities
AlienVault Unified Security Management Multiple Vulnerabilities Fixed by 5.3.2
Joomla Third-Party Plugins Multiple Vulnerabilities
SAP Adaptive Server Enterprise (ASE) Multiple Vulnerabilities Fixed by September 2016 Patch Day
Joomla Third-Party Plugins Multiple Vulnerabilities
Joomla Third-Party Plugins Multiple Vulnerabilities
Zabbix Latest Data SQL Injection Vulnerability
Joomla "Event Registration Pro" SQL Injection Vulnerability
Joomla Third-Party Plugins Multiple Vulnerabilities
Joomla Third-Party Plugins Multiple Vulnerabilities
Joomla Third-Party Plugins Multiple Vulnerabilities
Red Hat JBoss BPM Suite Dashbuilder SQL Injection Vulnerability
Joomla Third-Party Plugins Multiple Vulnerabilities
Drupal 'menupereid' SQL injection Vulnerability
Riverbed SteelCentral NetProfiler Multiple Vulnerabilities Fixed by 10.9.0
Cisco Prime Collaboration Deployment SQL Injection Vulnerability
Joomla Third-Party Plugins Multiple Vulnerabilities
Nagios XI Multiple Vulnerabilities
Joomla Third-Party Plugins Multiple Vulnerabilities
phpMyAdmin Multiple Vulnerabilities Fixed by 4.6.2 and 4.4.15.6
GLPI "ajax/getDropdownConnect.php" SQL Injection Vulnerability Fixed by 0.90.3
Wordpress Multiple Third Party Plugins Multiple Vulnerabilities
Joomla Third-Party Modules Multiple Vulnerabilities
Cacti "tree.php" SQL Injection Vulnerability
Cacti "graph_template" Parameter "graphs_new.php" SQL Injection Vulnerability
Wordpress Multiple Third Party Plugins Multiple Vulnerabilities
Wordpress Multiple Third Party Plugins Multiple Vulnerabilities
BlackBerry Enterprise Server Management Console Multiple Vulnerabilities Fixed by 12.4
Joomla Third-Party Modules Multiple SQL Injection Vulnerabilities
Wordpress Multiple Third Party Plugins Multiple Vulnerabilities
Wordpress Multiple Third Party Plugins Multiple Vulnerabilities
Joomla Third-Party Modules Multiple Vulnerabilities
TestLink SQL Injection Vulnerability Fixed by 1.9.15
Atlassian Confluence Multiple Vulnerabilities Fixed by 5.8.17
Joomla Third-Party Modules Multiple Vulnerabilities
Cacti Multiple SQL Injection Vulnerabilities
Wordpress Multiple Third Party Plugins Multiple Vulnerabilities
Wordpress Multiple Third Party Plugins Multiple Vulnerabilities
Wordpress Multiple Third Party Plugins Multiple Vulnerabilities
100 last CVE   CVE-2018-7717
CVE-2018-17397
CVE-2018-17394
CVE-2018-17385
CVE-2018-17384
CVE-2018-17383
CVE-2018-17382
CVE-2018-17380
CVE-2018-17379
CVE-2018-17378
CVE-2018-17377
CVE-2018-17376
CVE-2018-17375
CVE-2017-9337
CVE-2017-9336
CVE-2017-8917
CVE-2017-6098
CVE-2017-6097
CVE-2017-6096
CVE-2017-6095
CVE-2017-2550
CVE-2017-2168
CVE-2017-18345
CVE-2017-17900
CVE-2017-17899
CVE-2017-17898
CVE-2017-17897
CVE-2017-15966
CVE-2017-15965
CVE-2017-1002022
CVE-2017-1002021
CVE-2017-1002020
CVE-2017-1002019
CVE-2017-1002018
CVE-2017-1002017
CVE-2016-8583
CVE-2016-8582
CVE-2016-8581
CVE-2016-8580
CVE-2016-6453
CVE-2016-5099
CVE-2016-5098
CVE-2016-5097
CVE-2016-4999
CVE-2016-3659
CVE-2016-3172
CVE-2016-1915
CVE-2016-1914
CVE-2016-1437
CVE-2016-10134
CVE-2016-1000271
CVE-2016-1000124
CVE-2016-0770
CVE-2016-0769
CVE-2016-0765
CVE-2015-8399
CVE-2015-8398
CVE-2015-8377
CVE-2015-8369
CVE-2015-7527
CVE-2015-7517
CVE-2014-9309



 
 
 
 
 Risk level 
Moderate