Signature update for Febuary 2019

New signatures rules are generated for the vulnerabilities identified in Febuary 2019. You can download and configure these signature rules to protect your appliance from security vulnerable attacks. The signature update includes the signature ID, signature version, and list of CVEs addressed.

Signature version

Signature version 27 applicable to NetScaler VPX 11.1, NetScaler 12.0, Citrix ADC 12.1, and Citrix ADC 13.0 platforms.

Common Vulnerability Entry (CVE) insight

Following is a list of signature rules, CVE IDs, and its description.

Signature rule CVE ID Description
999921 cve-2018-1002000 WEB-MISCWordpress Arigato Autoresponder and Newsletter SQL Injection vulnerability.
999920   WEB-MISCWordPress Plugin Corner Ad 1.0.7 - Stored Cross-Site Scripting
999919 cve-2018-1002009 WEB-MISCWordpress Arigato Autoresponder and Newsletter bft_unsubscribe XSS vulnerability.
999918 cve-2018-1002002 WEB-MISCWordpress Arigato Autoresponder and Newsletter multiple XSS vulnerability.
999918 cve-2018-1002003 WEB-MISCWordpress Arigato Autoresponder and Newsletter multiple XSS vulnerability.
999918 cve-2018-1002004 WEB-MISCWordpress Arigato Autoresponder and Newsletter multiple XSS vulnerability.
999918 cve-2018-1002005 WEB-MISCWordpress Arigato Autoresponder and Newsletter multiple XSS vulnerability.
999918 cve-2018-1002006 WEB-MISCWordpress Arigato Autoresponder and Newsletter multiple XSS vulnerability.
999918 cve-2018-1002007 WEB-MISCWordpress Arigato Autoresponder and Newsletter multiple XSS vulnerability.
999917 cve-2018-1002001 WEB-MISCWordpress Arigato Autoresponder and Newsletter multiple XSS vulnerability.
999917 cve-2018-1002008 WEB-MISCWordpress Arigato Autoresponder and Newsletter multiple XSS vulnerability.
999916 cve-2018-8719 WEB-MISCWordPress Plugin WP Security Audit Log - wp-content/uploads/wp-security-audit-log/* unrestricted access
999915 cve-2019-7743 WEB-MISC- Joomla phar:// stream wrapper object injection vulnerability execution of uploaded non-phar files
999914   WEB-MISCWordpress plugin E-mail Subscribers and Newsletters 3.4.7 information disclosure vulnerability
999913   WEB-MISCWordPress Plugin AD Manager WD v1.0.11 - wd_ads_admin_class.php Arbitrary File Download
999912   WEB-IISMicrosoft IIS - Short File/Folder Name Disclosure