Modsecurity Owasp Modsecurity Core Rule Set — known CVE vulnerabilities
Every CVE whose affected-product data names Modsecurity Owasp Modsecurity Core Rule Set, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2019-13464 — CVSS 7.5 (high): An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) 3.0.2. Use of X.Filename instead of X_Filename can bypass some PHP Script…
CVE-2019-11387 — CVSS 5.3 (medium): An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) through 3.1.0. /rules/REQUEST-942-APPLICATION-ATTACK-SQLI.conf allows…
CVE-2019-11388 — CVSS 5.3 (medium): An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) through 3.1.0. /rules/REQUEST-932-APPLICATION-ATTACK-RCE.conf allows…
CVE-2019-11389 — CVSS 5.3 (medium): An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) through 3.1.0. /rules/REQUEST-933-APPLICATION-ATTACK-PHP.conf allows…
CVE-2019-11390 — CVSS 5.3 (medium): An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) through 3.1.0. /rules/REQUEST-933-APPLICATION-ATTACK-PHP.conf allows…
CVE-2019-11391 — CVSS 5.3 (medium): An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) through 3.1.0. /rules/REQUEST-933-APPLICATION-ATTACK-PHP.conf allows…