alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB_SPECIFIC_APPS WordPress? WP-Cumulus Plugin tagcloud.swf Cross-Site Scripting Attempt"; flow:established,to_server; uricontent:"/wp-content/plugins/wp-cumulus/tagcloud.swf"; nocase; uricontent:"mode=tags"; nocase; uricontent:"tagcloud="; nocase; pcre:"/tagcloud\x3D.+(script|alert|onmouse[a-z]+|onkey[a-z]+|onload|onunload|ondragdrop|onblur|onfocus|onclick|ondblclick|onsubmit|onreset|onselect|onchange)/Ui"; reference:url,doc.emergingthreats.net/2011107; classtype:web-application-attack; sid:2011107; rev:2;)

Added 2011-10-12 19:31:20 UTC

alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB_SPECIFIC_APPS WordPress? WP-Cumulus Plugin tagcloud.swf Cross-Site Scripting Attempt"; flow:established,to_server; uricontent:"/wp-content/plugins/wp-cumulus/tagcloud.swf"; nocase; uricontent:"mode=tags"; nocase; uricontent:"tagcloud="; nocase; pcre:"/tagcloud\x3D.+(script|alert|onmouse[a-z]+|onkey[a-z]+|onload|onunload|ondragdrop|onblur|onfocus|onclick|ondblclick|onsubmit|onreset|onselect|onchange)/Ui"; classtype:web-application-attack; reference:url,doc.emergingthreats.net/2011107; sid:2011107; rev:2;)

Added 2011-09-14 22:44:31 UTC

alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB_SPECIFIC_APPS WordPress? WP-Cumulus Plugin tagcloud.swf Cross-Site Scripting Attempt"; flow:established,to_server; uricontent:"/wp-content/plugins/wp-cumulus/tagcloud.swf"; nocase; uricontent:"mode=tags"; nocase; uricontent:"tagcloud="; nocase; pcre:"/tagcloud\x3D.+(script|alert|onmouse[a-z]+|onkey[a-z]+|onload|onunload|ondragdrop|onblur|onfocus|onclick|ondblclick|onsubmit|onreset|onselect|onchange)/Ui"; classtype:web-application-attack; reference:url,doc.emergingthreats.net/2011107; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_Wordpress; sid:2011107; rev:2;)

Added 2011-02-04 17:30:51 UTC

alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB_SPECIFIC_APPS WordPress? WP-Cumulus Plugin tagcloud.swf Cross-Site Scripting Attempt"; flow:established,to_server; uricontent:"/wp-content/plugins/wp-cumulus/tagcloud.swf"; nocase; uricontent:"mode=tags"; nocase; uricontent:"tagcloud="; nocase; pcre:"/tagcloud\x3D.+(script|alert|onmouse[a-z]+|onkey[a-z]+|onload|onunload|ondragdrop|onblur|onfocus|onclick|ondblclick|onsubmit|onreset|onselect|onchange)/Ui"; classtype:web-application-attack; reference:url,doc.emergingthreats.net/2011107; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_Wordpress; sid:2011107; rev:2;)

Added 2010-05-16 15:45:58 UTC

alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB_SPECIFIC_APPS WordPress? WP-Cumulus Plugin tagcloud.swf Cross-Site Scripting Attempt"; flow:established,to_server; uricontent:"/wp-content/plugins/wp-cumulus/tagcloud.swf"; nocase; uricontent:"mode=tags"; nocase; uricontent:"tagcloud="; nocase; pcre:"/tagcloud\x3D.+(script|alert|onmouse[a-z]+|onkey[a-z]+|onload|onunload|ondragdrop|onblur|onfocus|onclick|ondblclick|onsubmit|onreset|onselect|onchange)/Ui"; classtype:web-application-attack; reference:url,doc.emergingthreats.net/2011107; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_Wordpress; sid:2011107; rev:2;)

Added 2010-05-16 15:45:58 UTC

alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB_SPECIFIC_APPS WordPress? WP-Cumulus Plugin tagcloud.swf Cross-Site Scripting Attempt"; flow:established,to_server; uricontent:"/wp-content/plugins/wp-cumulus/tagcloud.swf"; nocase; uricontent:"mode=tags"; nocase; uricontent:"tagcloud="; nocase; pcre:"/tagcloud\x3D.+(script|alert|onmouse[a-z]+|onkey[a-z]+|onload|onunload|ondragdrop|onblur|onfocus|onclick|ondblclick|onsubmit|onreset|onselect|onchange)/Ui"; classtype:web-application-attack; sid:2011107; rev:1;)

Added 2010-05-15 21:07:53 UTC